Active Google/Yahoo or insert search engine redirect!

PinotNoir · 2009/12/16

[Active] Google/Yahoo or *insert search engine* redirect!

Hi,
I joined this forum because I have the redirect problem like many of the other folks here. I downladed and used various anti-virus/spyware programs.I forgot some of their names but some of them are:
-Norton Antivirus (I have a subscription)
-Webroot Spysweeper
-Hijack This
-Malwarebyte

Norton detected some viruses such as "Hacktool ", "Trojan.Pidief.D" and another trojan and it says it either removed or blocked these applications.I'm not sure if they are related to the redirecting virus.Also Malwarebyte detected and removed some trojans and it also removed the virus "c.exe ",however I believe the problem started after it removed c.exe.I ran all these AV programs twice after the c.exe was deleted and they don't come up with anything new. Hijack this came up with some entries but I didn't know if any of those were malicious so I didn't touch any of the registry entries.

I have both Firefox and IE but I usually use Firefox.The problem exists in both programs.In Firefox it directed me to a certain website but since I removed it from my computer to re-install it later I lost the website's name.

Here is the DDS results:

DDS (Ver_09-12-01.01) - NTFSx86
Run by Parad0xx86 at 3:16:01.34 on Wed 12/16/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_14
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.3061.856 [GMT -6:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AGI\common\win32\PythonService.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\hasplms.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Webshots\webshots.scr
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\ProgramData\Norton\NUA.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe

============== Pseudo HJT Report ===============

uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6080807
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = www.proxy.nyit.edu:80
uURLSearchHooks: AGSearchHook Class: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AGSearchHook Class: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.0\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
uRun: [ehTray.exe] "c:\windows\ehome\ehTray.exe "
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot
uRun: [googletalk] "c:\users\parad0xx86\appdata\roaming\google\google talk\googletalk.exe" /autostart
uRun: [WMPNSCFG] "c:\program files\windows media player\WMPNSCFG.exe "
uRun: [NortonUpdateAgent] "c:\programdata\norton\NUA.exe "
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [ECenter] "c:\dell\e-center\EULALauncher.exe "
mRun: [Apoint] "c:\program files\delltpad\Apoint.exe "
mRun: [OEM02Mon.exe] "c:\windows\OEM02Mon.exe "
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe "
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe "
mRun: [Persistence] "c:\windows\system32\igfxpers.exe "
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe "
mRun: [Broadcom Wireless Manager UI] "c:\windows\system32\WLTRAY.exe "
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe "
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe "
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 4.0\apdproxy.exe "
mRun: [LogitechVideoRepair] "c:\program files\logitech\video\ISStart.exe" /RegAll
mRun: [LogitechVideoTray] "c:\program files\logitech\video\LogiTray.exe "
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe_ID0ENQBO] "c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE "
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeperUI.exe" /startintray
dRunOnce: [<NO NAME>]
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Microsoft Excel'e GÃ¶&nder - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\goec62~1.dll

============= SERVICES / DRIVERS ===============

R? Adobe Version Cue CS4;Adobe Version Cue CS4
R? AESTFilters;Andrea ST Filters Service
R? COH_Mon;COH_Mon
S? AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7
S? AGWinService;AG Windows Service
S? EraserUtilRebootDrv;EraserUtilRebootDrv
S? hasplms;HASP License Manager
S? IDSvix86;Symantec Intrusion Prevention Driver
S? IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service
S? LiveUpdate Notice;LiveUpdate Notice
S? ssfs0bbc;ssfs0bbc
S? Symantec Core LC;Symantec Core LC
S? SYMNDISV;SYMNDISV
S? Viewpoint Manager Service;Viewpoint Manager Service
S? WebrootSpySweeperService;Webroot Spy Sweeper Engine
S? WRConsumerService;Webroot Client Service

=============== Created Last 30 ================

2009-12-16 07:56:39 9216 ----a-w- c:\windows\system32\rzdzeziztz.exe
2009-12-16 04:50:31 132096 --sha-r- c:\windows\system32\TR2468.dll
2009-12-16 04:48:01 0 d-----w- c:\programdata\TEMP
2009-12-16 04:31:06 32 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-16 04:31:06 2211360 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-16 04:23:27 0 d-----w- c:\programdata\ParetoLogic
2009-12-16 04:23:27 0 d-----w- c:\program files\common files\ParetoLogic
2009-12-16 04:08:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 04:08:15 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 03:53:32 0 d-----w- c:\program files\Trend Micro
2009-12-16 03:48:19 0 d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-12-16 00:47:41 0 d-----w- c:\programdata\Norton
2009-12-15 04:33:53 0 d-----w- c:\users\parad0~1\appdata\roaming\Malwarebytes
2009-12-15 04:33:44 0 d-----w- c:\programdata\Malwarebytes
2009-12-15 04:33:43 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-14 07:56:25 132096 --sha-r- c:\windows\system32\pcasvcx.dll
2009-12-07 01:36:39 1331595 ----a-w- c:\users\parad0xx86\casedismissed.zip
2009-12-03 07:43:08 0 d-----w- c:\program files\Alarm Clock
2009-12-02 07:21:00 2722754 ----a-w- c:\users\parad0xx86\copyright 2007 pinar tuzun.psd
2009-11-29 08:56:47 0 d-----w- c:\users\parad0xx86\{0c2e1e1c-5a8f-42a9-bb2e-fa8805f696e1}
2009-11-29 08:53:31 0 d-----w- c:\program files\HP Photosmart 11
2009-11-19 08:08:32 0 d-----w- c:\program files\vghd
2009-11-19 03:37:10 48789 ----a-w- c:\users\parad0xx86\n546646874_334152_3169.jpg

==================== Find3M ====================

2009-11-29 08:59:11 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-29 08:59:11 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-11-29 08:59:10 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-19 08:08:33 152904 ----a-w- c:\windows\system32\vghd.scr
2009-10-20 04:58:59 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-08-30 19:11:02 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-08-07 16:18:25 76 --sh--r- c:\windows\CT4CET.bin
2008-08-07 18:58:14 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 3:21:36.86 ===============

And here is the Attach.txt contents:

DDS (Ver_09-12-01.01)

Microsoft® Windows Vistaâ„¢ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 8/7/2008 6:05:25 AM
System Uptime: 12/15/2009 2:07:21 PM (13 hours ago)

Motherboard: Dell Inc. | | 0U990C
Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz | Microprocessor | 2000/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 221 GiB total, 124.377 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.479 GiB free.
E: is CDROM (UDF)

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_0951&PID_1603\00147854488ESK8705000554
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_0951&PID_1603\00147854488ESK8705000554
Service: USBSTOR

==== System Restore Points ===================

==== Installed Programs ======================

AAC Decoder
Acrobat.com
Adobe AIR
Adobe Anchor Service CS4
Adobe Asset Services CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe Creative Suite 4 Design Premium
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Center 2.0
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Photoshop Elements 4.0
Adobe Photoshop Elements 7.0
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 7.0
Adobe Premiere Elements 7.0 Templates
Adobe Reader 9
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe Version Cue CS4 Server
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Advanced Audio FX Engine
Advanced Video FX Engine
AIM 6
Alarm Clock v1.0
Any Video Converter 2.7.8
AppCore
Apple Mobile Device Support
Apple Software Update
AutoCAD 2007 - English
Autodesk DWF Viewer
AutoUpdate
BitLord 1.1
Bonjour
Browser Address Error Redirector
Canon Utilities File Viewer Utility 1.2
Canon Utilities RemoteCapture 2.7
ccCommon
Chief Architect X2
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Component Framework
Conexant HDA D330 MDC V.92 Modem
Connect
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
EDocs
File Viewer Utility 1.2.1
Google Desktop
Google Earth
Google Talk (remove only)
Google Updater
GoToAssist 8.0.0.514
H.264 Decoder
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Print Diagnostic Utility
Intel(R) Matrix Storage Manager
iTunes
Java(TM) 6 Update 14
Java(TM) 6 Update 5
kuler
Laptop Integrated Webcam Driver (1.04.01.1011)
Last.fm 1.5.4.24567
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
LiveUpdate (Symantec Corporation)
Logitech QuickCam Software
Mahjongg Tiles of Time
Malwarebytes' Anti-Malware
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 8.0 Support DLLs
Microsoft Works
MKV Splitter
Modem Diagnostic Tool
Mozilla Thunderbird (2.0.0.23)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
Music, Photos & Videos Launcher
NetWaiting
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
OutlookAddinSetup
PDF Settings CS4
Photoshop Camera Raw
PhotoshopdotcomInspirationBrowser
Picasa 3
Pixel Bender Toolkit
Product Documentation Launcher
QuickSet
QuickTime
RemoteCapture 2.7.1
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
SmartSound Quicktracks for Premiere Elements
SPBBC 32bit
Spy Sweeper
Spy Sweeper Core
Suite Shared Configuration CS4
Symantec Real Time Storage Protection Component
SymNet
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC80CRTRedist - 8.0.50727.762
Viewpoint Media Player
Webshots Desktop
Windows Live installer
Windows Live Messenger
Windows Live Photo Gallery
Windows Media Player Firefox Plugin
WinRAR archiver
Xvid 1.2.2 final uninstall
Yahoo! Messenger

==== End Of File ===========================

Please help me get rid of this pest.
Thank you in advance.

broni · 2009/12/16

Print these instructions out.

NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

***VERY IMPORTANT! Make sure, you update Superantispyware, and Malwarebytes before running the scans.***

STEP 1. Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes ". If not, update the definitions before scanning by selecting "Check for Updates ". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
* Close SUPERAntiSpyware.

PHYSICALLY DISCONNECT FROM THE INTERNET

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; select Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Click Scan your Computer... button.
* Click Scanning Preferences/Control Center... button.
* Under General and Startup tab, make sure, Start SUPERAntiSpyware when Windows starts option is UN-checked.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):

Close browsers before scanning.

Terminate memory threats before quarantining.

* Click the Close button to leave the control center screen.
* On the left, make sure you check C:\Fixed Drive.
* On the right, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click OK.
* Make sure everything has a checkmark next to it and click Next.
* A notification will appear that Quarantine and Removal is Complete. Click OK and then click the Finish button to return to the main menu.
* If asked if you want to reboot, click Yes.
* To retrieve the removal information after reboot, launch SUPERAntispyware again.

Click Preferences, then click the Statistics/Logs tab.

Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.

Please copy and paste the Scan Log results in your next reply.

* Click Close to exit the program.
Post SUPERAntiSpyware log.

RECONNECT TO THE INTERNET

RESTART COMPUTER!

STEP 2. Download Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 3. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

RESTART COMPUTER

STEP 4. Download HijackThis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
by clicking on Download HijackThis Installer
Install, and run it.
Post HijackThis log.
NOTE. If you're using Vista, right click on HijackThis, and click Run as Administrator
Do NOT attempt to "fix" anything!

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

PinotNoir · 2009/12/17

Ok so I did the scans with SuperAntispyware and Malwarebyte and saved the logs as text files but I can't scan the computer with GMER because the computer automatically restarts and I get a windows unexpectedly shutdown message.It happened twice.I tried to scan it in safe mode and this time the program shut itself down in the middle of the scan then I had problems because the computer locked up or didn't respond when I turned it on.Now it is working fine but how can I correct this problem?
Thanks.

broni · 2009/12/17

Post Super and 'Bytes logs along with HJT log, please.

PinotNoir · 2009/12/17

1) SUPERAntiSpyware Scan Log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/17/2009 at 03:36 AM

Application Version : 4.31.1000

Core Rules Database Version : 4383
Trace Rules Database Version: 2221

Scan type : Complete Scan
Total Scan Time : 02:10:00

Memory items scanned : 281
Memory threats detected : 0
Registry items scanned : 8411
Registry threats detected : 0
File items scanned : 276271
File threats detected : 0

2) Malwarebytes Scan Log:

Malwarebytes' Anti-Malware 1.42
Database version: 3379
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

12/17/2009 3:19:38 PM
mbam-log-2009-12-17 (15-19-38).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 392034
Time elapsed: 2 hour(s), 45 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\ZagrebLand (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Videocan (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

3) Hijackthis Scan Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:17 PM, on 12/17/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Windows\ehome\ehtray.exe
C:\ProgramData\Norton\NUA.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Webshots\webshots.scr
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = file://c:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = file://c:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = www.proxy.nyit.edu:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ECenter] "C:\Dell\E-Center\EULALauncher.exe "
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\DellTPad\Apoint.exe "
O4 - HKLM\..\Run: [OEM02Mon.exe] "C:\Windows\OEM02Mon.exe "
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe "
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe "
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe "
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe "
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] "C:\Windows\system32\WLTRAY.exe "
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe "
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe "
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe "
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe "
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] "C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "
O4 - HKCU\..\Run: [ehTray.exe] "C:\Windows\ehome\ehTray.exe "
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [googletalk] "C:\Users\Parad0xx86\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe "
O4 - HKCU\..\Run: [NortonUpdateAgent] "C:\ProgramData\Norton\NUA.exe "
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Microsoft Excel'e GÃ¶&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O13 - Gopher Prefix:
O20 - AppInit_DLLs: c:\progra~1\google\google~2\goec62~1.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\system32\aestsrv.exe (file missing)
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\Windows\system32\hasplms.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12355 bytes

broni · 2009/12/18

Please download ComboFix from [color= "Red"]Here[/color] to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE. If Combofix asks you to install Recovery Console, please allow it.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

PinotNoir · 2009/12/20

COMBO FIX LOG:

ComboFix 09-12-18.03 - Parad0xx86 12/20/2009 0:33.1.2 - x86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.3061.2138 [GMT -6:00]
Running from: c:\users\Parad0xx86\Desktop\KittyFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *disabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2773397201-2855733099-4214572315-500
c:\$recycle.bin\S-1-5-21-4176673291-612658962-1742634878-500
c:\progra~1\Webroot\SPYSWE~1\Backup\ntSVc.ocx
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\windows\Cursors\aero_link.cur
c:\windows\system32\oem8.inf

.
((((((((((((((((((((((((( Files Created from 2009-11-20 to 2009-12-20 )))))))))))))))))))))))))))))))
.

2009-12-20 06:44 . 2009-12-20 06:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-20 05:21 . 2009-12-09 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\CCERASER.DLL
2009-12-20 05:21 . 2009-09-22 08:00 259440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\ECMSVR32.DLL
2009-12-20 05:21 . 2009-08-26 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\EECTRL.SYS
2009-12-20 05:21 . 2009-08-26 08:00 102448 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\ERASER.SYS
2009-12-20 05:21 . 2009-08-25 08:00 84912 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\NAVENG.SYS
2009-12-20 05:21 . 2009-08-25 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\NAVENG32.DLL
2009-12-20 05:21 . 2009-08-25 08:00 1647984 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\NAVEX32A.DLL
2009-12-20 05:21 . 2009-08-25 08:00 1323568 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.020\NAVEX15.SYS
2009-12-20 01:23 . 2009-12-09 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\CCERASER.DLL
2009-12-20 01:23 . 2009-09-22 08:00 259440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\ECMSVR32.DLL
2009-12-20 01:23 . 2009-08-26 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\EECTRL.SYS
2009-12-20 01:23 . 2009-08-26 08:00 102448 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\ERASER.SYS
2009-12-20 01:23 . 2009-08-25 08:00 84912 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\NAVENG.SYS
2009-12-20 01:23 . 2009-08-25 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\NAVENG32.DLL
2009-12-20 01:23 . 2009-08-25 08:00 1647984 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\NAVEX32A.DLL
2009-12-20 01:23 . 2009-08-25 08:00 1323568 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091219.003\NAVEX15.SYS
2009-12-19 07:50 . 2009-11-20 03:02 268664 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\SymIDSCo.sys
2009-12-19 07:50 . 2009-11-20 03:02 732536 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\Scxpx86.dll
2009-12-19 07:50 . 2009-11-20 03:02 286768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDSvix86.sys
2009-12-19 07:50 . 2009-11-20 03:02 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\SymIDSI.dll
2009-12-19 07:50 . 2009-11-20 03:02 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDSxpx86.dll
2009-12-19 07:50 . 2009-11-20 03:02 396336 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDSviA64.sys
2009-12-19 07:50 . 2008-08-09 00:58 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDS9xx86.dll
2009-12-18 12:23 . 2009-12-18 12:23 -------- d-----w- c:\programdata\McAfee Security Scan
2009-12-18 12:23 . 2009-12-18 12:23 -------- d-----w- c:\program files\McAfee Security Scan
2009-12-17 21:43 . 2009-11-20 03:02 268664 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\SymIDSCo.sys
2009-12-17 21:43 . 2009-11-20 03:02 732536 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\Scxpx86.dll
2009-12-17 21:43 . 2009-11-20 03:02 286768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDSvix86.sys
2009-12-17 21:43 . 2009-11-20 03:02 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\SymIDSI.dll
2009-12-17 21:43 . 2009-11-20 03:02 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDSxpx86.dll
2009-12-17 21:43 . 2009-11-20 03:02 396336 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDSviA64.sys
2009-12-17 21:43 . 2008-08-09 00:58 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDS9xx86.dll
2009-12-17 07:13 . 2009-12-17 07:13 117760 ----a-w- c:\users\Parad0xx86\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-17 07:13 . 2009-12-17 07:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-12-17 07:13 . 2009-12-17 07:13 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-17 07:13 . 2009-12-17 07:13 -------- d-----w- c:\users\Parad0xx86\AppData\Roaming\SUPERAntiSpyware.com
2009-12-17 07:12 . 2009-12-17 07:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-16 09:21 . 2009-10-29 09:41 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-16 09:10 . 2009-11-09 13:22 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-16 09:09 . 2009-11-09 11:04 411136 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-16 09:09 . 2009-11-09 13:20 31232 ----a-w- c:\windows\system32\httpapi.dll
2009-12-16 07:56 . 2006-11-02 09:45 9216 ----a-w- c:\windows\system32\rzdzeziztz.exe
2009-12-16 04:50 . 2009-12-14 07:56 132096 --sha-r- c:\windows\system32\TR2468.dll
2009-12-16 04:31 . 2009-12-16 04:32 125952 ----a-w- c:\programdata\ParetoLogic\UUS2\Temp\Update.exe
2009-12-16 04:31 . 2009-12-16 10:13 2369056 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-16 04:23 . 2009-12-16 05:40 -------- d-----w- c:\programdata\ParetoLogic
2009-12-16 04:23 . 2009-12-16 05:40 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-12-16 04:22 . 2009-12-16 04:22 -------- d-----w- c:\users\Parad0xx86\AppData\Local\Downloaded Installations
2009-12-16 04:08 . 2009-12-03 22:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 04:08 . 2009-12-03 22:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 03:53 . 2009-12-16 03:53 -------- d-----w- c:\program files\Trend Micro
2009-12-16 03:48 . 2009-12-16 03:48 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-12-16 00:47 . 2009-12-11 02:29 1782128 ----a-w- c:\programdata\Norton\NUA.exe
2009-12-16 00:47 . 2009-12-17 06:16 -------- d-----w- c:\programdata\Norton
2009-12-15 20:40 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-15 20:40 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-12-15 20:40 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-12-15 20:40 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-12-15 20:40 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-12-15 20:40 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-12-15 20:40 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-12-15 20:40 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-12-15 20:40 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-12-15 20:40 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-12-15 20:37 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-12-15 20:37 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-12-15 20:37 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-12-15 20:37 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-15 20:37 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2009-12-15 20:37 . 2009-08-10 11:00 1257472 ----a-w- c:\windows\system32\msxml3.dll
2009-12-15 20:36 . 2009-09-10 17:30 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-12-15 20:36 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-12-15 20:36 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-12-15 20:36 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-12-15 20:36 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-12-15 20:36 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-12-15 20:36 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll
2009-12-15 20:36 . 2009-08-05 14:22 3597896 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-15 20:36 . 2009-08-05 14:22 3546184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-15 20:34 . 2009-08-31 13:55 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-12-15 20:34 . 2009-08-31 13:55 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-12-15 20:34 . 2009-08-14 13:53 2035712 ----a-w- c:\windows\system32\win32k.sys
2009-12-15 20:34 . 2009-09-04 12:24 61440 ----a-w- c:\windows\system32\msasn1.dll
2009-12-15 20:33 . 2009-10-07 12:41 244224 ----a-w- c:\windows\system32\rastls.dll
2009-12-15 20:33 . 2009-10-07 12:41 281600 ----a-w- c:\windows\system32\raschap.dll
2009-12-15 20:33 . 2009-09-14 09:44 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-15 20:33 . 2009-08-10 13:05 351232 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-15 20:33 . 2009-04-02 12:37 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-12-15 20:32 . 2009-09-10 15:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-15 20:32 . 2009-09-10 15:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-15 04:33 . 2009-12-15 04:33 -------- d-----w- c:\users\Parad0xx86\AppData\Roaming\Malwarebytes
2009-12-15 04:33 . 2009-12-15 04:33 -------- d-----w- c:\programdata\Malwarebytes
2009-12-15 04:33 . 2009-12-16 04:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-14 07:56 . 2009-12-14 07:56 132096 --sha-r- c:\windows\system32\pcasvcx.dll
2009-12-07 01:36 . 2009-12-07 01:36 1331595 ----a-w- c:\users\Parad0xx86\casedismissed.zip
2009-12-05 08:33 . 2009-12-05 08:33 658184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-03 07:43 . 2009-12-03 07:43 -------- d-----w- c:\program files\Alarm Clock
2009-11-29 08:56 . 2009-11-29 08:57 -------- d-----w- c:\users\Parad0xx86\{0c2e1e1c-5a8f-42a9-bb2e-fa8805f696e1}
2009-11-29 08:53 . 2009-11-29 08:54 -------- d-----w- c:\program files\HP Photosmart 11
2009-11-26 01:00 . 2009-11-26 01:00 0 ----a-w- c:\windows\nsreg.dat
2009-11-26 01:00 . 2009-11-26 01:01 -------- d-----w- c:\users\Parad0xx86\AppData\Local\Thunderbird
2009-11-26 01:00 . 2009-11-26 01:00 -------- d-----w- c:\users\Parad0xx86\AppData\Roaming\Thunderbird
2009-11-26 01:00 . 2009-12-19 08:12 -------- d-----w- c:\program files\Mozilla Thunderbird

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 08:36 . 2008-08-30 21:30 -------- d-----w- c:\programdata\Google Updater
2009-12-17 23:33 . 2008-08-30 19:13 1356 ----a-w- c:\users\Parad0xx86\AppData\Local\d3d9caps.dat
2009-12-17 06:33 . 2008-08-07 16:24 -------- d-----w- c:\program files\Google
2009-12-16 10:13 . 2009-12-16 04:31 32804 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-16 10:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-24 20:27 . 2009-11-19 08:08 -------- d-----w- c:\program files\vghd
2009-11-23 08:41 . 2008-12-17 21:54 -------- d-----w- c:\programdata\WinZip
2009-11-20 03:02 . 2009-11-20 03:02 268664 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\symidsco.sys
2009-11-20 03:02 . 2009-11-20 03:02 732536 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\scxpx86.dll
2009-11-20 03:02 . 2009-11-20 03:02 286768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\IDSvix86.sys
2009-11-20 03:02 . 2009-11-20 03:02 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\SymIDSI.dll
2009-11-20 03:02 . 2009-11-20 03:02 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\idsxpx86.dll
2009-11-20 03:02 . 2009-11-20 03:02 396336 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\IDSvia64.sys
2009-11-19 08:13 . 2009-01-21 06:44 5 ----a-w- c:\windows\sbacknt.bin
2009-11-19 08:08 . 2009-01-21 06:43 152904 ----a-w- c:\windows\system32\vghd.scr
2009-10-27 13:20 . 2009-12-15 20:35 833024 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 13:16 . 2009-12-15 20:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-27 10:55 . 2009-12-15 20:35 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-20 16:54 . 2009-10-20 16:54 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe
2009-09-30 19:58 . 2008-01-09 10:43 9576 ----a-w- c:\programdata\Symantec\LiveUpdate\LuRegManifests\Static\CCMSLLUM.DLL
2009-09-30 12:15 . 2009-09-30 12:15 103532648 ----a-w- c:\programdata\Norton\{NIS_Production_94_136_NUC}\NIS10UPM.exe
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-08-07 16:18 . 2008-08-07 16:18 76 --sh--r- c:\windows\CT4CET.bin
2008-08-07 18:58 . 2008-08-07 18:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0BC6E3FA-78EF-4886-842C-5A1258C4455A} "= "c:\program files\AGI\common\agcutils.dll" [2009-12-20 43520]

[HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
[HKEY_CLASSES_ROOT\agcutils.AGSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{647B16D8-AD7B-4983-82D7-82A270FC9E6D}]
[HKEY_CLASSES_ROOT\agcutils.AGSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
2009-12-20 01:05 43520 ----a-w- c:\program files\AGI\common\agcutils.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-07 68856]
"ehTray.exe "= "c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Messenger (Yahoo!) "= "c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4363504]
"LogitechSoftwareUpdate "= "c:\program files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608]
"googletalk "= "c:\users\Parad0xx86\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"WMPNSCFG "= "c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender "= "c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"ECenter "= "c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"Apoint "= "c:\program files\DellTPad\Apoint.exe" [2008-05-04 167936]
"OEM02Mon.exe "= "c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2008-03-06 133656]
"DELL Webcam Manager "= "c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"IAAnotif "= "c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Broadcom Wireless Manager UI "= "c:\windows\system32\WLTRAY.exe" [2008-05-19 3444736]
"Google Desktop Search "= "c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-19 30192]
"dscactivate "= "c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"PCMService "= "c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"ccApp "= "c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"AppleSyncNotifier "= "c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-23 116040]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Adobe Photo Downloader "= "c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344]
"LogitechVideoRepair "= "c:\program files\Logitech\Video\ISStart.exe" [2005-01-18 458752]
"LogitechVideoTray "= "c:\program files\Logitech\Video\LogiTray.exe" [2005-01-18 217088]
"AdobeCS4ServiceManager "= "c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 148888]
"Malwarebytes Anti-Malware (reboot) "= "c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-12-03 1394000]

c:\users\Parad0xx86\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Webshots.lnk - c:\program files\Webshots\Launcher.exe [2008-11-11 157000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-8-7 50688]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle "= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-08-07 16:34 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4 "=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@= "Driver "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@= "Service "

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

R0 ssfs0bbc;ssfs0bbc;c:\windows\System32\drivers\ssfs0bbc.sys [4/21/2009 5:27 PM 29808]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20091217.002\IDSvix86.sys [12/19/2009 1:50 AM 286768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [11/23/2009 8:43 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [11/23/2009 8:43 AM 74480]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 11:03 AM 169312]
R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [11/11/2008 10:35 PM 10240]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [1/9/2008 4:43 AM 149352]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/29/2008 10:11 PM 24652]
R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\Spy Sweeper\WRConsumerService.exe [7/3/2009 10:44 PM 1205760]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/26/2009 8:28 PM 102448]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [8/7/2008 12:59 PM 111616]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2/19/2009 12:31 PM 41008]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe --> c:\windows\system32\aestsrv.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/17/2009 12:31 AM 135664]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 4:46 AM 284016]
S3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [1/9/2008 4:36 AM 23888]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [8/7/2008 10:24 AM 30192]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [11/23/2009 8:43 AM 7408]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = www.proxy.nyit.edu:80
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Microsoft Excel'e GÃ¶&nder - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-20 00:44
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
Completion time: 2009-12-20 00:47:48
ComboFix-quarantined-files.txt 2009-12-20 06:47

Pre-Run: 127,570,178,048 bytes free
Post-Run: 127,688,962,048 bytes free

- - End Of File - - 48E3C6504E5F26040CA8FE2060D3FE27

HIJACKTHIS LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:50 AM, on 12/20/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Webshots\webshots.scr
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\notepad.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\rundll32.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = file://c:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = file://c:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = www.proxy.nyit.edu:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ECenter] "C:\Dell\E-Center\EULALauncher.exe "
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\DellTPad\Apoint.exe "
O4 - HKLM\..\Run: [OEM02Mon.exe] "C:\Windows\OEM02Mon.exe "
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe "
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe "
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe "
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe "
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] "C:\Windows\system32\WLTRAY.exe "
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe "
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe "
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe "
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe "
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] "C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "
O4 - HKCU\..\Run: [ehTray.exe] "C:\Windows\ehome\ehTray.exe "
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [googletalk] "C:\Users\Parad0xx86\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe "
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Microsoft Excel'e GÃ¶&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\system32\aestsrv.exe (file missing)
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\Windows\system32\hasplms.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11767 bytes

Combofix deleted a Spysweeper backup file.I shut down Spysweeper befre the scan..How can I fix that situation?

broni · 2009/12/20

Combofix deleted a Spysweeper backup file.I shut down Spysweeper befre the scan..How can I fix that situation?
Click to expand...

Maybe, it saw some bad script inside. We can get it back, if you sure, you want to do it.

1. Please open Notepad

Click Start , then Run

Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:
Code:
File::
c:\windows\system32\rzdzeziztz.exe
c:\windows\system32\TR2468.dll
c:\windows\system32\vghd.scr


Folder::

Driver::

Registry::

RegLockDel::
3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

Combofix.txt

A new HijackThis log.

PinotNoir · 2009/12/22

Maybe, it saw some bad script inside. We can get it back, if you sure, you want to do it.
Click to expand...

I don't know if it is a necessary file for SpySweeper to function.If it is,then yes I'd like to get it back. I purchased the program so I'm not sure if I can
just uninstall and reinstall it..

I can't copy/paste the Combofix results here because the file is too big and the website doesn't allow me to copy all the text.Can I attach it somewhere? And how can I attach it?

Here is the Hijackthis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:27:00 AM, on 12/22/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\notepad.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = file://c:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = file://c:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = www.proxy.nyit.edu:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ECenter] "C:\Dell\E-Center\EULALauncher.exe "
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\DellTPad\Apoint.exe "
O4 - HKLM\..\Run: [OEM02Mon.exe] "C:\Windows\OEM02Mon.exe "
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe "
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe "
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe "
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe "
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] "C:\Windows\system32\WLTRAY.exe "
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe "
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe "
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe "
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe "
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] "C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "
O4 - HKCU\..\Run: [ehTray.exe] "C:\Windows\ehome\ehTray.exe "
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [googletalk] "C:\Users\Parad0xx86\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe "
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Microsoft Excel'e GÃ¶&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\system32\aestsrv.exe (file missing)
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\Windows\system32\hasplms.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11678 bytes

broni · 2009/12/22

I took another look at that removed file and it doesn't look legit to me. Surely, it doesn't look like any native Spysweeper file, so we better leave it alone.
As for the log being too big, you have to split it into two replies.

PinotNoir · 2009/12/22

Ok. Combofix Log Part 1

ComboFix 09-12-21.04 - Parad0xx86 12/22/2009 7:11.2.2 - x86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.3061.2079 [GMT -6:00]
Running from: c:\users\Parad0xx86\Desktop\ComboFix.exe
Command switches used :: c:\users\Parad0xx86\Desktop\CFScript.txt
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *disabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\windows\system32\rzdzeziztz.exe "
"c:\windows\system32\TR2468.dll "
"c:\windows\system32\vghd.scr "
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\rzdzeziztz.exe
c:\windows\system32\TR2468.dll
c:\windows\system32\vghd.scr

.
((((((((((((((((((((((((( Files Created from 2009-11-22 to 2009-12-22 )))))))))))))))))))))))))))))))
.

2009-12-22 13:21 . 2009-12-22 13:21 -------- d-----w- c:\users\Parad0xx86\AppData\Local\temp
2009-12-22 13:21 . 2009-12-22 13:21 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-22 13:21 . 2009-12-22 13:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-22 12:58 . 2009-12-22 12:59 -------- d-----w- C:\KittyFix
2009-12-22 09:27 . 2009-08-26 08:00 102448 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\ERASER.SYS
2009-12-22 09:27 . 2009-08-25 08:00 84912 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\NAVENG.SYS
2009-12-22 09:27 . 2009-08-25 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\NAVENG32.DLL
2009-12-22 09:27 . 2009-08-25 08:00 1647984 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\NAVEX32A.DLL
2009-12-22 09:27 . 2009-08-25 08:00 1323568 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\NAVEX15.SYS
2009-12-22 09:27 . 2009-12-09 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\CCERASER.DLL
2009-12-22 09:27 . 2009-09-22 08:00 259440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\ECMSVR32.DLL
2009-12-22 09:27 . 2009-08-26 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.050\EECTRL.SYS
2009-12-22 05:40 . 2009-12-09 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\CCERASER.DLL
2009-12-22 05:40 . 2009-09-22 08:00 259440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\ECMSVR32.DLL
2009-12-22 05:40 . 2009-08-26 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\EECTRL.SYS
2009-12-22 05:40 . 2009-08-26 08:00 102448 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\ERASER.SYS
2009-12-22 05:40 . 2009-08-25 08:00 84912 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\NAVENG.SYS
2009-12-22 05:40 . 2009-08-25 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\NAVENG32.DLL
2009-12-22 05:40 . 2009-08-25 08:00 1647984 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\NAVEX32A.DLL
2009-12-22 05:40 . 2009-08-25 08:00 1323568 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20091221.038\NAVEX15.SYS
2009-12-19 07:50 . 2009-11-20 03:02 268664 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\SymIDSCo.sys
2009-12-19 07:50 . 2009-11-20 03:02 732536 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\Scxpx86.dll
2009-12-19 07:50 . 2009-11-20 03:02 286768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDSvix86.sys
2009-12-19 07:50 . 2009-11-20 03:02 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\SymIDSI.dll
2009-12-19 07:50 . 2009-11-20 03:02 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDSxpx86.dll
2009-12-19 07:50 . 2009-11-20 03:02 396336 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDSviA64.sys
2009-12-19 07:50 . 2008-08-09 00:58 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091217.002\IDS9xx86.dll
2009-12-18 12:23 . 2009-12-18 12:23 -------- d-----w- c:\programdata\McAfee Security Scan
2009-12-18 12:23 . 2009-12-18 12:23 -------- d-----w- c:\program files\McAfee Security Scan
2009-12-17 21:43 . 2009-11-20 03:02 268664 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\SymIDSCo.sys
2009-12-17 21:43 . 2009-11-20 03:02 732536 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\Scxpx86.dll
2009-12-17 21:43 . 2009-11-20 03:02 286768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDSvix86.sys
2009-12-17 21:43 . 2009-11-20 03:02 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\SymIDSI.dll
2009-12-17 21:43 . 2009-11-20 03:02 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDSxpx86.dll
2009-12-17 21:43 . 2009-11-20 03:02 396336 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDSviA64.sys
2009-12-17 21:43 . 2008-08-09 00:58 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20091216.001\IDS9xx86.dll
2009-12-17 07:13 . 2009-12-17 07:13 117760 ----a-w- c:\users\Parad0xx86\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-17 07:13 . 2009-12-17 07:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-12-17 07:13 . 2009-12-17 07:13 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-17 07:13 . 2009-12-17 07:13 -------- d-----w- c:\users\Parad0xx86\AppData\Roaming\SUPERAntiSpyware.com
2009-12-17 07:12 . 2009-12-17 07:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-16 09:21 . 2009-10-29 09:41 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-16 09:10 . 2009-11-09 13:22 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-16 09:09 . 2009-11-09 11:04 411136 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-16 09:09 . 2009-11-09 13:20 31232 ----a-w- c:\windows\system32\httpapi.dll
2009-12-16 04:31 . 2009-12-16 04:32 125952 ----a-w- c:\programdata\ParetoLogic\UUS2\Temp\Update.exe
2009-12-16 04:31 . 2009-12-16 10:13 2369056 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-16 04:23 . 2009-12-16 05:40 -------- d-----w- c:\programdata\ParetoLogic
2009-12-16 04:23 . 2009-12-16 05:40 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-12-16 04:22 . 2009-12-16 04:22 -------- d-----w- c:\users\Parad0xx86\AppData\Local\Downloaded Installations
2009-12-16 04:08 . 2009-12-03 22:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 04:08 . 2009-12-03 22:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 03:53 . 2009-12-16 03:53 -------- d-----w- c:\program files\Trend Micro
2009-12-16 03:48 . 2009-12-16 03:48 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-12-16 00:47 . 2009-12-11 02:29 1782128 ----a-w- c:\programdata\Norton\NUA.exe
2009-12-16 00:47 . 2009-12-17 06:16 -------- d-----w- c:\programdata\Norton
2009-12-15 20:40 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-15 20:40 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-12-15 20:40 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-12-15 20:40 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-12-15 20:40 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-12-15 20:40 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-12-15 20:40 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-12-15 20:40 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-12-15 20:40 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-12-15 20:40 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-12-15 20:37 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-12-15 20:37 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-12-15 20:37 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-12-15 20:37 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-15 20:37 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2009-12-15 20:37 . 2009-08-10 11:00 1257472 ----a-w- c:\windows\system32\msxml3.dll
2009-12-15 20:36 . 2009-09-10 17:30 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-12-15 20:36 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-12-15 20:36 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-12-15 20:36 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-12-15 20:36 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-12-15 20:36 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-12-15 20:36 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll
2009-12-15 20:36 . 2009-08-05 14:22 3597896 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-15 20:36 . 2009-08-05 14:22 3546184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-15 20:34 . 2009-08-31 13:55 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-12-15 20:34 . 2009-08-31 13:55 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-12-15 20:34 . 2009-08-14 13:53 2035712 ----a-w- c:\windows\system32\win32k.sys
2009-12-15 20:34 . 2009-09-04 12:24 61440 ----a-w- c:\windows\system32\msasn1.dll
2009-12-15 20:33 . 2009-10-07 12:41 244224 ----a-w- c:\windows\system32\rastls.dll
2009-12-15 20:33 . 2009-10-07 12:41 281600 ----a-w- c:\windows\system32\raschap.dll
2009-12-15 20:33 . 2009-09-14 09:44 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-15 20:33 . 2009-08-10 13:05 351232 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-15 20:33 . 2009-04-02 12:37 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-12-15 20:32 . 2009-09-10 15:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-15 20:32 . 2009-09-10 15:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-15 04:33 . 2009-12-15 04:33 -------- d-----w- c:\users\Parad0xx86\AppData\Roaming\Malwarebytes
2009-12-15 04:33 . 2009-12-15 04:33 -------- d-----w- c:\programdata\Malwarebytes
2009-12-15 04:33 . 2009-12-16 04:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-14 07:56 . 2009-12-14 07:56 132096 --sha-r- c:\windows\system32\pcasvcx.dll
2009-12-07 01:36 . 2009-12-07 01:36 1331595 ----a-w- c:\users\Parad0xx86\casedismissed.zip
2009-12-05 08:33 . 2009-12-05 08:33 658184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-03 07:43 . 2009-12-03 07:43 -------- d-----w- c:\program files\Alarm Clock
2009-11-29 08:56 . 2009-11-29 08:57 -------- d-----w- c:\users\Parad0xx86\{0c2e1e1c-5a8f-42a9-bb2e-fa8805f696e1}
2009-11-29 08:53 . 2009-11-29 08:54 -------- d-----w- c:\program files\HP Photosmart 11
2009-11-26 01:00 . 2009-11-26 01:00 0 ----a-w- c:\windows\nsreg.dat
2009-11-26 01:00 . 2009-11-26 01:01 -------- d-----w- c:\users\Parad0xx86\AppData\Local\Thunderbird
2009-11-26 01:00 . 2009-11-26 01:00 -------- d-----w- c:\users\Parad0xx86\AppData\Roaming\Thunderbird
2009-11-26 01:00 . 2009-12-19 08:12 -------- d-----w- c:\program files\Mozilla Thunderbird

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 08:36 . 2008-08-30 21:30 -------- d-----w- c:\programdata\Google Updater
2009-12-17 23:33 . 2008-08-30 19:13 1356 ----a-w- c:\users\Parad0xx86\AppData\Local\d3d9caps.dat
2009-12-17 06:33 . 2008-08-07 16:24 -------- d-----w- c:\program files\Google
2009-12-16 10:13 . 2009-12-16 04:31 32804 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-16 10:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-24 20:27 . 2009-11-19 08:08 -------- d-----w- c:\program files\vghd
2009-11-23 08:41 . 2008-12-17 21:54 -------- d-----w- c:\programdata\WinZip
2009-11-20 03:02 . 2009-11-20 03:02 268664 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\symidsco.sys
2009-11-20 03:02 . 2009-11-20 03:02 732536 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\scxpx86.dll
2009-11-20 03:02 . 2009-11-20 03:02 286768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\IDSvix86.sys
2009-11-20 03:02 . 2009-11-20 03:02 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\SymIDSI.dll
2009-11-20 03:02 . 2009-11-20 03:02 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\idsxpx86.dll
2009-11-20 03:02 . 2009-11-20 03:02 396336 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\BinHub\IDSvia64.sys
2009-11-19 08:13 . 2009-01-21 06:44 5 ----a-w- c:\windows\sbacknt.bin
2009-10-27 13:20 . 2009-12-15 20:35 833024 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 13:16 . 2009-12-15 20:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-27 10:55 . 2009-12-15 20:35 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-20 16:54 . 2009-10-20 16:54 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe
2009-09-30 19:58 . 2008-01-09 10:43 9576 ----a-w- c:\programdata\Symantec\LiveUpdate\LuRegManifests\Static\CCMSLLUM.DLL
2009-09-30 12:15 . 2009-09-30 12:15 103532648 ----a-w- c:\programdata\Norton\{NIS_Production_94_136_NUC}\NIS10UPM.exe
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-08-07 16:18 . 2008-08-07 16:18 76 --sh--r- c:\windows\CT4CET.bin
2008-08-07 18:58 . 2008-08-07 18:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

PinotNoir · 2009/12/22

Part 2

((((((((((((((((((((((((((((( SnapShot@2009-12-20_06.44.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 02:23 . 2008-01-21 02:23 54272 c:\windows\winsxs\x86_wsdscdrv.inf_31bf3856ad364e35_6.0.6001.18000_none_d03e46f3c9815a07\WSDScPrx.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 16896 c:\windows\winsxs\x86_wsdprint.inf_31bf3856ad364e35_6.0.6002.18005_none_173ab75eae68bace\WSDPrint.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 56320 c:\windows\winsxs\x86_wsdprint.inf_31bf3856ad364e35_6.0.6001.18000_none_154f3e52b146ef82\WSDPrPxy.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 16896 c:\windows\winsxs\x86_wsdprint.inf_31bf3856ad364e35_6.0.6001.18000_none_154f3e52b146ef82\WSDPrint.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 39936 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdUsb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 60928 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdMtpUS.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 66560 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdMtpIP.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 33280 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdConns.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 39936 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6001.18000_none_1f9a45a386b09d41\WpdUsb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 60928 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6001.18000_none_1f9a45a386b09d41\WpdMtpUS.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 66560 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6001.18000_none_1f9a45a386b09d41\WpdMtpIP.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 33280 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6001.18000_none_1f9a45a386b09d41\WpdConns.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 31616 c:\windows\winsxs\x86_winusb.inf_31bf3856ad364e35_6.0.6001.18000_none_f7f4e48615a15a51\winusb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20480 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\wmcoinst.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 14848 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\wcescpxy.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 16384 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\tcp2udp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 14848 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\rapispxy.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 91136 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\rapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\dtptdns.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 65536 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\ceutil.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 22016 c:\windows\winsxs\x86_winmobil.inf_31bf3856ad364e35_6.0.6001.18000_none_9f841f055f7e71c2\btplugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 73216 c:\windows\winsxs\x86_windowssideshowenhanceddriver.inf_31bf3856ad364e35_6.0.6001.18000_none_a4bddb83ceadd56c\AuxiliaryDisplayEnhancedDriver.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 76800 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6001.18000_none_4a1873b72f5a2088\SearchFilterHost.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 65536 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6001.18000_none_4a1873b72f5a2088\propdefs.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 52224 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6001.18000_none_4a1873b72f5a2088\msstrc.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 32256 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6001.18000_none_4a1873b72f5a2088\mssprxy.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 98304 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6001.18000_none_4a1873b72f5a2088\mssitlb.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 51200 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6001.18000_none_4a1873b72f5a2088\msscntrs.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 23552 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6001.18000_none_4a1873b72f5a2088\msscb.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 73088 c:\windows\winsxs\x86_wdma_usb.inf_31bf3856ad364e35_6.0.6001.18000_none_6d17dba1b6dae561\USBAUDIO.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 22072 c:\windows\winsxs\x86_wd.inf_31bf3856ad364e35_6.0.6001.18000_none_13ae4ead610a7b3a\wd.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 31616 c:\windows\winsxs\x86_wceusbsh.inf_31bf3856ad364e35_6.0.6001.18000_none_1ed992ec561f20c5\winusb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 27136 c:\windows\winsxs\x86_viafir2k.inf_31bf3856ad364e35_6.0.6001.18000_none_a12e756a5b8b0d97\viairda.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 55296 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 23552 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.18005_none_bfadd87f00af6ca2\usbuhci.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 15872 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.18005_none_bfadd87f00af6ca2\hcrstco.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 23552 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbuhci.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 19456 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbohci.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 39424 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbehci.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 15872 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\hcrstco.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 68608 c:\windows\winsxs\x86_usbcir.inf_31bf3856ad364e35_6.0.6001.18000_none_9e47973ffc820d99\usbcir.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_usbccid.inf_31bf3856ad364e35_6.0.6001.18000_none_3738b59cac24d81c\usbccid.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6002.18005_none_cce3e0020b941ebb\usbccgp.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6001.18000_none_caf866f60e72536f\usbccgp.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 34816 c:\windows\winsxs\x86_umbus.inf_31bf3856ad364e35_6.0.6001.18000_none_0bdbc8d7c49fa65d\umbus.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 51712 c:\windows\winsxs\x86_umb_31bf3856ad364e35_6.0.6001.18000_none_86b7486b17cbe4d9\umb.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 31616 c:\windows\winsxs\x86_transfercable.inf_31bf3856ad364e35_6.0.6001.18000_none_609fa33191d7d709\x86\winusb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 45624 c:\windows\winsxs\x86_tpm.inf_31bf3856ad364e35_6.0.6001.18000_none_ac22eb370727a62a\tpm.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 49664 c:\windows\winsxs\x86_tdibth.inf_31bf3856ad364e35_6.0.6001.18000_none_2dc5774d938e5bea\rfcomm.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10240 c:\windows\winsxs\x86_tape.inf_31bf3856ad364e35_6.0.6001.18000_none_e67ad7997d7e1e1f\dlttape.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13824 c:\windows\winsxs\x86_tape.inf_31bf3856ad364e35_6.0.6001.18000_none_e67ad7997d7e1e1f\4mmdat.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 41728 c:\windows\winsxs\x86_stusb2ir.inf_31bf3856ad364e35_6.0.6001.18000_none_02edc9968ab857ff\stusb2ir.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 89088 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\wiafbdrv.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 35328 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 14848 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\scsiscan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 19968 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\WSDScan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 89088 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\wiafbdrv.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 35328 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 14848 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\scsiscan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 30720 c:\windows\winsxs\x86_smscirda.inf_31bf3856ad364e35_6.0.6001.18000_none_dce6111669c17531\smscirda.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 22016 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\stcusb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 22528 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\SCR111.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 21504 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\scmstcs.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 18432 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\pscr.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 31232 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 22528 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\gpr400.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 56448 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\cxbp0wdm.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20608 c:\windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\cmbp0wdm.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 74808 c:\windows\winsxs\x86_sisraid4.inf_31bf3856ad364e35_6.0.6001.18000_none_28424a1bb82e4340\sisraid4.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 41016 c:\windows\winsxs\x86_sisraid2.inf_31bf3856ad364e35_6.0.6001.18000_none_273025b185f1ca6e\sisraid2.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13312 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6002.18005_none_a627020ee70bbf15\sffdisk.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6001.18000_none_a43b8902e9e9f3c9\sffp_sd.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 12288 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6001.18000_none_a43b8902e9e9f3c9\sffp_mmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13312 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6001.18000_none_a43b8902e9e9f3c9\sffdisk.sys
+ 2006-11-02 12:34 . 2006-11-02 12:34 11368 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MsMpLics.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 58936 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpRtPlug.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 90680 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpOAV.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 16488 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpAsDesc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 11368 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MsMpLics.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 58936 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MpRtPlug.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 90680 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MpOAV.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 16488 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MpAsDesc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 65640 c:\windows\winsxs\x86_security-malware-windows-defender-events_31bf3856ad364e35_6.0.6000.16386_none_b3613e39beae266f\MpEvMsg.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 88576 c:\windows\winsxs\x86_sdbus.inf_31bf3856ad364e35_6.0.6001.18000_none_71e2bcc3ca5711da\sdbus.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 81464 c:\windows\winsxs\x86_sbp2.inf_31bf3856ad364e35_6.0.6001.18000_none_4538a4ecf623396e\sbp2port.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 53248 c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6001.18000_none_171424a31584df11\RegAsm.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 22528 c:\windows\winsxs\x86_ramdisk.inf_31bf3856ad364e35_6.0.6001.18000_none_b8ecbe6bda091ffc\ramdisk.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 79872 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZPRLHN.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 89600 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZPPLHN.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 37376 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZLLLHN.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 20992 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZISN12.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 34304 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZIPT12.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 37376 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZIPR12.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 52736 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZIPM12.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 43008 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZINW12.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 53248 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZIDR12.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPZ3LLHN.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 90624 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPVUD50.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 49152 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPOEMUI.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 96768 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPFUD50.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 19968 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPFRES50.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 90624 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPCCLJUI.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 50176 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPCCLJ1.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 41984 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPCABOUT.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPBPROPS.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 39936 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPBPRO.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPBOIDPS.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 29184 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPBOID.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 28160 c:\windows\winsxs\x86_prnhp001.inf_31bf3856ad364e35_6.0.6001.18000_none_d2d06b9620b04c9a\I386\HPBMIAPI.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 45112 c:\windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17408 c:\windows\winsxs\x86_ntprint.inf_31bf3856ad364e35_6.0.6001.18000_none_3b009d01bab2e138\I386\PJLMON.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 47104 c:\windows\winsxs\x86_netvgx86.inf_31bf3856ad364e35_6.0.6001.18000_none_644cd6f3df223fbb\getnd6.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 15872 c:\windows\winsxs\x86_netrndis.inf_31bf3856ad364e35_6.0.6001.18000_none_c7c28f2a45cca308\usb8023x.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 33280 c:\windows\winsxs\x86_netrndis.inf_31bf3856ad364e35_6.0.6001.18000_none_c7c28f2a45cca308\rndismpx.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20992 c:\windows\winsxs\x86_netirsir.inf_31bf3856ad364e35_6.0.6001.18000_none_26c98065851e3463\irsir.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 16896 c:\windows\winsxs\x86_netfx-sbscmp10_dll_31bf3856ad364e35_6.0.6002.18005_none_76f179ae021db881\sbscmp10.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 16896 c:\windows\winsxs\x86_netfx-sbscmp10_dll_31bf3856ad364e35_6.0.6001.18000_none_750600a204fbed35\sbscmp10.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 14376 c:\windows\winsxs\x86_netfx-sbs_sys_enterprisesvc_dll_31bf3856ad364e35_6.0.6001.18000_none_6129598b25d1a492\sbs_system.enterpriseservices.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 18936 c:\windows\winsxs\x86_netfx-fusion_dll_b03f5f7f11d50a3a_6.0.6001.18000_none_02d163e30a9a53bf\fusion.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 36344 c:\windows\winsxs\x86_netfx-dw_b03f5f7f11d50a3a_6.0.6001.18000_none_cd9c6ed91b392d43\dw20.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 32776 c:\windows\winsxs\x86_netfx-aspnet_regiis_exe_b03f5f7f11d50a3a_6.0.6001.18000_none_1227bc6721fa6fa4\aspnet_regiis.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 62976 c:\windows\winsxs\x86_netft.inf_31bf3856ad364e35_6.0.6001.18000_none_bcc81b9337f201b4\Netft.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 50048 c:\windows\winsxs\x86_mstape.inf_31bf3856ad364e35_6.0.6001.18000_none_2e09336815547761\mstape.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 83456 c:\windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17920 c:\windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serenum.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 79360 c:\windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\parport.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 19968 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\sermouse.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 15872 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\mouhid.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 34360 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\mouclass.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 54784 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 19968 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\sermouse.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 15872 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\mouhid.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 34360 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\mouclass.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 54784 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 19968 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\sermouse.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 15872 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\mouhid.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 34360 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\mouclass.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 54784 c:\windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20024 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\viaide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17976 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\intelide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 19000 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\cmdide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17976 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\amdide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17464 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\aliide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20024 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\viaide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 45112 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\pciidex.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 16440 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\pciide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 28728 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\msahci.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17976 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\intelide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 19000 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\cmdide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 21560 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17976 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\amdide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 17464 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\aliide.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 52608 c:\windows\winsxs\x86_msdv.inf_31bf3856ad364e35_6.0.6001.18000_none_2736ff65812bdc6d\msdv.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 94776 c:\windows\winsxs\x86_msdsm.inf_31bf3856ad364e35_6.0.6001.18000_none_ca4742b4db8b917d\msdsm.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 41984 c:\windows\winsxs\x86_monitor.inf_31bf3856ad364e35_6.0.6001.18000_none_4303417980442e51\monitor.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 18432 c:\windows\winsxs\x86_modemcsa.inf_31bf3856ad364e35_6.0.6001.18000_none_1a2c07344ad1390e\MODEMCSA.sys
+ 2006-11-02 08:55 . 2006-11-02 09:46 39936 c:\windows\winsxs\x86_microsoft.windows.h..uetooth-driverclass_31bf3856ad364e35_6.0.6001.18000_none_84e4ea4562dcf212\bthserv.dll
+ 2006-11-02 08:54 . 2006-11-02 09:46 15360 c:\windows\winsxs\x86_microsoft.windows.h..monitor-driverclass_31bf3856ad364e35_6.0.6000.16386_none_57aa5b7f14b4d358\montr_ci.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 35328 c:\windows\winsxs\x86_microsoft.windows.h..display-driverclass_31bf3856ad364e35_6.0.6000.20734_none_4217a653ac61f6c0\dispci.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 35328 c:\windows\winsxs\x86_microsoft.windows.h..display-driverclass_31bf3856ad364e35_6.0.6000.16609_none_41b37abe932781d6\dispci.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 12800 c:\windows\winsxs\x86_microsoft.windows.h..battery-driverclass_31bf3856ad364e35_6.0.6000.20734_none_1864c95162e4e77d\batt.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 12800 c:\windows\winsxs\x86_microsoft.windows.h..battery-driverclass_31bf3856ad364e35_6.0.6000.16609_none_18009dbc49aa7293\batt.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 95744 c:\windows\winsxs\x86_microsoft-windows-xwizards-win32plugin_31bf3856ad364e35_6.0.6001.18000_none_39bbc53b223763a3\xwtpw32.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 79360 c:\windows\winsxs\x86_microsoft-windows-xwizards-registration_31bf3856ad364e35_6.0.6000.16386_none_16e20c08ebb573de\xwreg.dll
+ 2006-11-02 09:16 . 2006-11-02 09:46 20992 c:\windows\winsxs\x86_microsoft-windows-wsd-challengecomponent_31bf3856ad364e35_6.0.6000.16386_none_2240e747a669f6a5\wsdchngr.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 36864 c:\windows\winsxs\x86_microsoft-windows-wpd-legacywmdmapi_31bf3856ad364e35_6.0.6001.18000_none_59aa91436faa8e2e\wmdmps.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 31744 c:\windows\winsxs\x86_microsoft-windows-wpd-legacywmdmapi_31bf3856ad364e35_6.0.6001.18000_none_59aa91436faa8e2e\wmdmlog.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 17976 c:\windows\winsxs\x86_microsoft-windows-wmilib_31bf3856ad364e35_6.0.6001.18000_none_5954fa57042cb14a\wmilib.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 70656 c:\windows\winsxs\x86_microsoft-windows-wmi-jobobject-provider_31bf3856ad364e35_6.0.6001.18000_none_64ef989d2802ec40\WMIPJOBJ.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 66048 c:\windows\winsxs\x86_microsoft-windows-wmi-iproute-provider_31bf3856ad364e35_6.0.6001.18000_none_4d22da062788010c\WMIPIPRT.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 19968 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\mofcomp.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 83968 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\wmiutils.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 74752 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WMICOOKR.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 49152 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\wbemsvc.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\wbemprox.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 37888 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\unsecapp.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 57856 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\NCProv.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 19968 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\mofcomp.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\gatherWirelessInfo.vbs
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\gatherWirelessInfo.vbs
+ 2008-01-21 02:23 . 2008-01-21 02:23 64512 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\wlanapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\gatherWirelessInfo.vbs
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\gatherWirelessInfo.vbs
+ 2008-01-21 02:23 . 2008-01-21 02:23 68096 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\wlanhlp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 64512 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\wlanapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\gatherWirelessInfo.vbs
+ 2008-01-21 02:23 . 2008-01-21 02:23 68096 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18000_none_9c44425304e62138\wlanhlp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 64512 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18000_none_9c44425304e62138\wlanapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18000_none_9c44425304e62138\gatherWirelessInfo.vbs
+ 2006-11-02 08:55 . 2006-11-02 09:46 14848 c:\windows\winsxs\x86_microsoft-windows-wlancoinstaller_31bf3856ad364e35_6.0.6000.16386_none_4c8534fe5ef30d7c\wlaninst.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 92160 c:\windows\winsxs\x86_microsoft-windows-wlan-netsh-helper_31bf3856ad364e35_6.0.6001.18000_none_149de8326444937e\wlancfg.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 74240 c:\windows\winsxs\x86_microsoft-windows-wlan-extension_31bf3856ad364e35_6.0.6001.18000_none_f9e32f2e235988fc\wlanext.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 15360 c:\windows\winsxs\x86_microsoft-windows-winsock-legacy_31bf3856ad364e35_6.0.6001.18000_none_e36536a91186bed0\wsock32.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 96768 c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
+ 2006-11-02 08:49 . 2006-11-02 09:46 15360 c:\windows\winsxs\x86_microsoft-windows-whhelper_31bf3856ad364e35_6.0.6000.16386_none_6f1a1a0e40672825\whhelper.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 48640 c:\windows\winsxs\x86_microsoft-windows-webdavredir-davclient_31bf3856ad364e35_6.0.6000.16386_none_9196a743555429b0\davclnt.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 35896 c:\windows\winsxs\x86_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6001.18000_none_7653183a1dec18ea\WdfLdr.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 35384 c:\windows\winsxs\x86_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6000.20734_none_74da07c339f7e0f2\WdfLdr.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 35384 c:\windows\winsxs\x86_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6000.16609_none_7475dc2e20bd6c08\WdfLdr.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 69120 c:\windows\winsxs\x86_microsoft-windows-wcn-config-registrar_31bf3856ad364e35_6.0.6001.18000_none_2d1cb3d0c1e9c6a5\fdWCN.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 41984 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.0.6002.18005_none_570ee68146eaef3c\wabimp.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 41984 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.0.6001.18000_none_55236d7549c923f0\wabimp.dll
+ 2006-11-02 08:48 . 2006-11-02 09:45 66048 c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6002.18005_none_4494d68cd4b469ae\wabmig.exe
+ 2006-11-02 08:48 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6002.18005_none_4494d68cd4b469ae\wabfind.dll
+ 2006-11-02 08:48 . 2006-11-02 09:45 66048 c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6001.18000_none_42a95d80d7929e62\wabmig.exe
+ 2006-11-02 08:48 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6001.18000_none_42a95d80d7929e62\wabfind.dll
+ 2006-11-02 09:13 . 2006-11-02 09:46 32256 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wups2.dll
+ 2006-11-02 09:13 . 2006-11-02 09:46 41472 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 88064 c:\windows\winsxs\x86_microsoft-windows-w..sition-uicomponents_31bf3856ad364e35_6.0.6001.18000_none_cef47f55854b9614\wiaacmgr.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 12800 c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiatrace.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 32768 c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiarpc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 12800 c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiatrace.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 32768 c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiarpc.dll
+ 2006-11-02 09:13 . 2006-11-02 09:46 30720 c:\windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_6.0.6000.16386_none_3cc795796625f35c\wuapp.exe
+ 2006-11-02 09:13 . 2006-11-02 09:46 22016 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_6.0.6000.16386_none_92bcd538c06ec160\wups.dll
+ 2006-11-02 09:13 . 2006-11-02 09:46 76800 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_6.0.6000.16386_none_92bcd538c06ec160\wudriver.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 14336 c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\wshelper.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 48640 c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\winsockhc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 31232 c:\windows\winsxs\x86_microsoft-windows-w..ion-twaincomponents_31bf3856ad364e35_6.0.6000.16386_none_86fb724c5f4594fa\twunk_32.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 49680 c:\windows\winsxs\x86_microsoft-windows-w..ion-twaincomponents_31bf3856ad364e35_6.0.6000.16386_none_86fb724c5f4594fa\twunk_16.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 50688 c:\windows\winsxs\x86_microsoft-windows-w..ion-twaincomponents_31bf3856ad364e35_6.0.6000.16386_none_86fb724c5f4594fa\twain_32.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 94784 c:\windows\winsxs\x86_microsoft-windows-w..ion-twaincomponents_31bf3856ad364e35_6.0.6000.16386_none_86fb724c5f4594fa\twain.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 70144 c:\windows\winsxs\x86_microsoft-windows-w..etwork-setup-wizard_31bf3856ad364e35_6.0.6001.18000_none_94dd2b64446742ed\wzcdlg.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 13312 c:\windows\winsxs\x86_microsoft-windows-w..etwork-setup-wizard_31bf3856ad364e35_6.0.6001.18000_none_94dd2b64446742ed\setupSNK.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 41472 c:\windows\winsxs\x86_microsoft-windows-w..amanagerhelperclass_31bf3856ad364e35_6.0.6001.18000_none_6b14417d83c760fb\WlanMmHC.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 26112 c:\windows\winsxs\x86_microsoft-windows-vssproxystub_31bf3856ad364e35_6.0.6001.18000_none_30bc205a29f15ef2\vss_ps.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 61168 c:\windows\winsxs\x86_microsoft-windows-video-for-windows16_31bf3856ad364e35_6.0.6000.16386_none_5dc33d5d7a504f78\msacm.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 28160 c:\windows\winsxs\x86_microsoft-windows-video-for-windows16_31bf3856ad364e35_6.0.6000.16386_none_5dc33d5d7a504f78\mciwave.drv
+ 2006-11-02 12:34 . 2006-11-02 12:34 25264 c:\windows\winsxs\x86_microsoft-windows-video-for-windows16_31bf3856ad364e35_6.0.6000.16386_none_5dc33d5d7a504f78\mciseq.drv
+ 2006-11-02 12:34 . 2006-11-02 12:34 73376 c:\windows\winsxs\x86_microsoft-windows-video-for-windows16_31bf3856ad364e35_6.0.6000.16386_none_5dc33d5d7a504f78\mciavi.drv
+ 2006-11-02 12:34 . 2006-11-02 12:34 69584 c:\windows\winsxs\x86_microsoft-windows-video-for-windows16_31bf3856ad364e35_6.0.6000.16386_none_5dc33d5d7a504f78\avicap.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 12800 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18049_none_93f62b2f8600b455\msrle32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18049_none_93f62b2f8600b455\mciavi32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18049_none_93f62b2f8600b455\avicap32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 12800 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18270_none_91e6450388fad1ce\msrle32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18270_none_91e6450388fad1ce\mciavi32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18270_none_91e6450388fad1ce\avicap32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 12800 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18000_none_9231f0ab88c213e9\msrle32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18000_none_9231f0ab88c213e9\mciavi32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18000_none_9231f0ab88c213e9\avicap32.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 81920 c:\windows\winsxs\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6000.16386_none_6a6bff15db84b924\iccvid.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 12288 c:\windows\winsxs\x86_microsoft-windows-v..re-driver-tvdigital_31bf3856ad364e35_6.0.6001.18000_none_cf4bc15a4aac0fbe\bdasup.sys
+ 2006-11-02 12:34 . 2006-11-02 12:34 28160 c:\windows\winsxs\x86_microsoft-windows-v..or-windows16-system_31bf3856ad364e35_6.0.6000.16386_none_154ebb74cbcd1be0\mciwave.drv
+ 2006-11-02 12:34 . 2006-11-02 12:34 25264 c:\windows\winsxs\x86_microsoft-windows-v..or-windows16-system_31bf3856ad364e35_6.0.6000.16386_none_154ebb74cbcd1be0\mciseq.drv
+ 2006-11-02 12:34 . 2006-11-02 12:34 73376 c:\windows\winsxs\x86_microsoft-windows-v..or-windows16-system_31bf3856ad364e35_6.0.6000.16386_none_154ebb74cbcd1be0\mciavi.drv
+ 2006-11-02 12:34 . 2006-11-02 12:34 69584 c:\windows\winsxs\x86_microsoft-windows-v..or-windows16-system_31bf3856ad364e35_6.0.6000.16386_none_154ebb74cbcd1be0\avicap.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 37888 c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpapi.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 41472 c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\udhisapi.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 17408 c:\windows\winsxs\x86_microsoft-windows-unimodem-voice_31bf3856ad364e35_6.0.6000.16386_none_4253ec0651d61b6b\umdmxfrm.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 18432 c:\windows\winsxs\x86_microsoft-windows-unimodem-voice_31bf3856ad364e35_6.0.6000.16386_none_4253ec0651d61b6b\serwvdrv.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 16384 c:\windows\winsxs\x86_microsoft-windows-unimodem-core_31bf3856ad364e35_6.0.6001.18000_none_949832cbd48def6a\uniplat.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 58880 c:\windows\winsxs\x86_microsoft-windows-unimodem-core-atmini_31bf3856ad364e35_6.0.6000.16386_none_87f7eece4e445729\unimdmat.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 34816 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\uicom.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15360 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 34816 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\uicom.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15360 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 27136 c:\windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.0.6000.20734_none_8f94230d69327e03\TrustedInstaller.exe
+ 2008-01-21 02:09 . 2008-01-21 02:09 27136 c:\windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.0.6000.16609_none_8f2ff7784ff80919\TrustedInstaller.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 80384 c:\windows\winsxs\x86_microsoft-windows-thumbnailcache_31bf3856ad364e35_6.0.6001.18000_none_3f1a865d192726e4\thumbcache.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 57856 c:\windows\winsxs\x86_microsoft-windows-telnet-server_31bf3856ad364e35_6.0.6001.18000_none_9307dcf14f15ce10\tlntadmn.exe
+ 2006-11-02 08:58 . 2006-11-02 09:45 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\NETSTAT.EXE
+ 2006-11-02 08:58 . 2006-11-02 09:45 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\MRINFO.EXE
+ 2006-11-02 08:58 . 2006-11-02 09:45 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\finger.exe
+ 2006-11-02 08:58 . 2006-11-02 09:44 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\ARP.EXE
+ 2006-11-02 08:58 . 2006-11-02 09:45 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18000_none_32c6f3aa4ede22b3\NETSTAT.EXE
+ 2006-11-02 08:58 . 2006-11-02 09:45 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18000_none_32c6f3aa4ede22b3\MRINFO.EXE
+ 2006-11-02 08:58 . 2006-11-02 09:45 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18000_none_32c6f3aa4ede22b3\finger.exe
+ 2006-11-02 08:58 . 2006-11-02 09:44 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18000_none_32c6f3aa4ede22b3\ARP.EXE
+ 2006-11-02 09:16 . 2006-11-02 09:45 10752 c:\windows\winsxs\x86_microsoft-windows-tapisetup_31bf3856ad364e35_6.0.6001.18000_none_69f32ac39b2a05e1\TapiUnattend.exe
+ 2006-11-02 09:16 . 2006-11-02 09:46 28160 c:\windows\winsxs\x86_microsoft-windows-tapicore_31bf3856ad364e35_6.0.6000.16386_none_e203168e49ab8983\tapilua.dll
+ 2006-11-02 09:16 . 2006-11-02 09:45 31232 c:\windows\winsxs\x86_microsoft-windows-tapicore_31bf3856ad364e35_6.0.6000.16386_none_e203168e49ab8983\dialer.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 51712 c:\windows\winsxs\x86_microsoft-windows-takeown_31bf3856ad364e35_6.0.6001.18000_none_f9eb65ca159e19fb\takeown.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 52224 c:\windows\winsxs\x86_microsoft-windows-tabletpc-tabbtn_31bf3856ad364e35_6.0.6001.18000_none_73555a094153bc03\TabbtnEx.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 94208 c:\windows\winsxs\x86_microsoft-windows-tabletpc-tabbtn_31bf3856ad364e35_6.0.6001.18000_none_73555a094153bc03\Tabbtn.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6001.18000_none_17b18851a49835e5\NBMapTIP.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 61952 c:\windows\winsxs\x86_microsoft-windows-tabletpc-controlpanel_31bf3856ad364e35_6.0.6001.18000_none_df7372285af14383\tabcal.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 67584 c:\windows\winsxs\x86_microsoft-windows-t..rvices-registryapis_31bf3856ad364e35_6.0.6001.18000_none_a45227d221fbad53\regapi.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 49664 c:\windows\winsxs\x86_microsoft-windows-t..recognition-gesture_31bf3856ad364e35_6.0.6000.16386_none_b227edadd7b11824\mshwgst.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 68096 c:\windows\winsxs\x86_microsoft-windows-t..platform-input-core_31bf3856ad364e35_6.0.6002.18005_none_d2fbc584d9efb14a\TabSvc.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 68096 c:\windows\winsxs\x86_microsoft-windows-t..platform-input-core_31bf3856ad364e35_6.0.6001.18000_none_d1104c78dccde5fe\TabSvc.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6001.18000_none_4d983a117ea4cea6\jnwppr.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6001.18000_none_4d983a117ea4cea6\jnwmon.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 26624 c:\windows\winsxs\x86_microsoft-windows-t..on-languagemodel.zh_31bf3856ad364e35_6.0.6000.16386_none_1d464831f0b7c62c\imchxlm.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 19456 c:\windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6002.18005_none_41978c01c3760094\TabIpsps.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 19456 c:\windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\TabIpsps.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 22016 c:\windows\winsxs\x86_microsoft-windows-t..nputpanel-languages_31bf3856ad364e35_6.0.6000.16386_none_bd2cb5e8ffb6e224\tipresx.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 63488 c:\windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_4ddc4d9521178ffe\tscupgrd.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 39936 c:\windows\winsxs\x86_microsoft-windows-t..latform-input-proxy_31bf3856ad364e35_6.0.6000.16386_none_b782b05e0e0751d7\tpcps.dll
+ 2006-11-02 09:02 . 2006-11-02 09:46 17920 c:\windows\winsxs\x86_microsoft-windows-t..inalservices-drprov_31bf3856ad364e35_6.0.6000.16386_none_cba2057f1c57e33a\drprov.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 47104 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6001.18000_none_4264ef6a4d057d2c\PDIALOG.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6001.18000_none_4264ef6a4d057d2c\jnwppr.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6001.18000_none_4264ef6a4d057d2c\jnwmon.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 17408 c:\windows\winsxs\x86_microsoft-windows-t..-deployment-package_31bf3856ad364e35_6.0.6000.16386_none_5c96ddb586a46863\TFTP.EXE
+ 2006-11-02 08:47 . 2006-11-02 09:45 81920 c:\windows\winsxs\x86_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.0.6000.16386_none_929e808d0ee289c4\SystemPropertiesRemote.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 11264 c:\windows\winsxs\x86_microsoft-windows-sysprep-spwinsat_31bf3856ad364e35_6.0.6000.16386_none_50fdbf058097a590\spwinsat.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 75776 c:\windows\winsxs\x86_microsoft-windows-synceng_31bf3856ad364e35_6.0.6001.18000_none_bc684a2c3dd95883\synceng.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 28160 c:\windows\winsxs\x86_microsoft-windows-spp-main_31bf3856ad364e35_6.0.6002.18005_none_e6326fcda9fe9b59\sxproxy.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 28160 c:\windows\winsxs\x86_microsoft-windows-spp-main_31bf3856ad364e35_6.0.6001.18000_none_e446f6c1acdcd00d\sxproxy.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 99328 c:\windows\winsxs\x86_microsoft-windows-speechengine_31bf3856ad364e35_6.0.6002.18005_none_f0a9964297040c1c\spsrx.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 99328 c:\windows\winsxs\x86_microsoft-windows-speechengine_31bf3856ad364e35_6.0.6001.18000_none_eebe1d3699e240d0\spsrx.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 16384 c:\windows\winsxs\x86_microsoft-windows-speech-userexperience_31bf3856ad364e35_6.0.6002.18005_none_1df5691748ee6b08\SpeechUXPS.DLL
+ 2006-11-02 12:34 . 2006-11-02 12:34 16384 c:\windows\winsxs\x86_microsoft-windows-speech-userexperience_31bf3856ad364e35_6.0.6001.18000_none_1c09f00b4bcc9fbc\SpeechUXPS.DLL
+ 2008-01-21 02:23 . 2008-01-21 02:23 46592 c:\windows\winsxs\x86_microsoft-windows-soundrecorder_31bf3856ad364e35_6.0.6001.18000_none_9f0945a332e359bf\WavDest.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 15872 c:\windows\winsxs\x86_microsoft-windows-sonic-sbeserverps_31bf3856ad364e35_6.0.6000.16386_none_fbdac61bd29bda2d\SBEServerPS.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 40960 c:\windows\winsxs\x86_microsoft-windows-sonic-createdisc_31bf3856ad364e35_6.0.6000.16386_none_3dbfc4bbf1adf534\CreateDisc.dll
+ 2006-11-02 08:58 . 2006-11-02 09:45 12800 c:\windows\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6001.18000_none_cf8afedd3f67da88\snmptrap.exe
+ 2006-11-02 08:58 . 2006-11-02 07:46 43131 c:\windows\winsxs\x86_microsoft-windows-snmp-mgmt-api_31bf3856ad364e35_6.0.6000.16386_none_e9559d75b69c210f\mib.bin
+ 2006-11-02 08:58 . 2006-11-02 09:46 18944 c:\windows\winsxs\x86_microsoft-windows-snmp-mgmt-api_31bf3856ad364e35_6.0.6000.16386_none_e9559d75b69c210f\mgmtapi.dll

PinotNoir · 2009/12/22

Part 3:

+ 2006-11-02 12:35 . 2006-11-02 12:35 93696 c:\windows\winsxs\x86_microsoft-windows-snmp-evntwin_31bf3856ad364e35_6.0.6000.16386_none_b49a0215089117a2\evntwin.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 20480 c:\windows\winsxs\x86_microsoft-windows-snmp-evntcmd_31bf3856ad364e35_6.0.6000.16386_none_b6ce05a5071a11c0\evntcmd.exe
+ 2006-11-02 08:58 . 2006-11-02 09:46 22528 c:\windows\winsxs\x86_microsoft-windows-snmp-common-api_31bf3856ad364e35_6.0.6000.16386_none_30e5332772078b0d\snmpapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 64000 c:\windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 98304 c:\windows\winsxs\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.18000_none_03d62e34102716b7\srvnet.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 83456 c:\windows\winsxs\x86_microsoft-windows-smbhelperclasses_31bf3856ad364e35_6.0.6001.18000_none_ea3d257fd622815a\SMBHelperClass.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 82432 c:\windows\winsxs\x86_microsoft-windows-smartcardplugins_31bf3856ad364e35_6.0.6001.18000_none_1b6c91e91f56d25d\axaltocm.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6002.18005_none_d0c824c923c9e622\sbunattend.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 66048 c:\windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6002.18005_none_d0c824c923c9e622\sbdrop.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6001.18000_none_cedcabbd26a81ad6\sbunattend.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 66048 c:\windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6001.18000_none_cedcabbd26a81ad6\sbdrop.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 68608 c:\windows\winsxs\x86_microsoft-windows-shgina_31bf3856ad364e35_6.0.6001.18000_none_c877333c1fe43ebc\shgina.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 26112 c:\windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.0.6001.18000_none_433d652300dea5df\prevhost.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 81920 c:\windows\winsxs\x86_microsoft-windows-shacct_31bf3856ad364e35_6.0.6001.18000_none_c60233aa21754c22\shacct.dll
+ 2008-01-21 02:03 . 2008-01-21 02:03 51712 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\wrpint.dll
+ 2008-01-21 02:03 . 2008-01-21 02:03 83968 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\wmiutils.dll
+ 2008-01-21 02:03 . 2008-01-21 02:03 30208 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\wbemprox.dll
+ 2008-01-21 02:03 . 2008-01-21 02:03 35328 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\mspatcha.dll
+ 2008-01-21 02:03 . 2008-01-21 02:03 99840 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\DrUpdate.dll
+ 2008-01-21 02:03 . 2008-01-21 02:03 22016 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\CbsMsg.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 18432 c:\windows\winsxs\x86_microsoft-windows-servicingstack-msg_31bf3856ad364e35_6.0.6000.20734_none_3d26597c47132f8e\CbsMsg.dll
+ 2008-01-21 01:58 . 2008-01-21 01:58 18432 c:\windows\winsxs\x86_microsoft-windows-servicingstack-msg_31bf3856ad364e35_6.0.6000.20728_none_3d352a90470778f9\CbsMsg.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 18432 c:\windows\winsxs\x86_microsoft-windows-servicingstack-msg_31bf3856ad364e35_6.0.6000.16609_none_3cc22de72dd8baa4\CbsMsg.dll
+ 2008-01-21 01:58 . 2008-01-21 01:58 18432 c:\windows\winsxs\x86_microsoft-windows-servicingstack-msg_31bf3856ad364e35_6.0.6000.16603_none_3cbc2c2b2dde229a\CbsMsg.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 21504 c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 69632 c:\windows\winsxs\x86_microsoft-windows-sendmail_31bf3856ad364e35_6.0.6001.18000_none_5ae97a611c032ddd\sendmail.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 61440 c:\windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.0.6001.18000_none_1a405db2b218d641\wscsvc.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 17408 c:\windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.0.6001.18000_none_1a405db2b218d641\wscisvif.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 33792 c:\windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.0.6001.18000_none_1a405db2b218d641\wscapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 27648 c:\windows\winsxs\x86_microsoft-windows-security-syskey_31bf3856ad364e35_6.0.6001.18000_none_186298e2258219d5\syskey.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 27136 c:\windows\winsxs\x86_microsoft-windows-search-profilenotify_31bf3856ad364e35_6.0.6001.18000_none_e6f922fb02587029\wsepno.dll
+ 2006-11-02 08:48 . 2006-11-02 09:44 10240 c:\windows\winsxs\x86_microsoft-windows-scrnsave_31bf3856ad364e35_6.0.6000.16386_none_df08df07dd79c713\scrnsave.scr
+ 2006-11-02 09:11 . 2006-11-02 09:46 57856 c:\windows\winsxs\x86_microsoft-windows-scripto_31bf3856ad364e35_6.0.6000.16386_none_3fabc387d4b1774a\scripto.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 36864 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_4a53cc21fd7bbcc7\wshcon.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 32768 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_4a53cc21fd7bbcc7\dispex.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 36864 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\wshcon.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 32768 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\dispex.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 36864 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_486853160059f17b\wshcon.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 32768 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_486853160059f17b\dispex.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 69632 c:\windows\winsxs\x86_microsoft-windows-scheduleui_31bf3856ad364e35_6.0.6001.18000_none_74c2b60311bb0379\loghours.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 88064 c:\windows\winsxs\x86_microsoft-windows-scanprofiles_31bf3856ad364e35_6.0.6002.18005_none_4952ad655043b399\wiascanprofiles.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 88064 c:\windows\winsxs\x86_microsoft-windows-scanprofiles_31bf3856ad364e35_6.0.6001.18000_none_476734595321e84d\wiascanprofiles.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 98816 c:\windows\winsxs\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6002.18005_none_26f5355863ea5f18\sdshext.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 98816 c:\windows\winsxs\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6001.18000_none_2509bc4c66c893cc\sdshext.dll
+ 2006-11-02 08:47 . 2006-11-02 09:45 81920 c:\windows\winsxs\x86_microsoft-windows-s..ropertiesprotection_31bf3856ad364e35_6.0.6000.16386_none_617b94d21f98a2cd\SystemPropertiesProtection.exe
+ 2006-11-02 08:47 . 2006-11-02 09:45 81920 c:\windows\winsxs\x86_microsoft-windows-s..pertiescomputername_31bf3856ad364e35_6.0.6000.16386_none_2e3c70553f52ed2a\SystemPropertiesComputerName.exe
+ 2006-11-02 08:47 . 2006-11-02 09:45 81920 c:\windows\winsxs\x86_microsoft-windows-s..opertiesperformance_31bf3856ad364e35_6.0.6000.16386_none_589feb3405ef2c5a\SystemPropertiesPerformance.exe
+ 2006-11-02 08:47 . 2006-11-02 09:45 81920 c:\windows\winsxs\x86_microsoft-windows-s..mpropertieshardware_31bf3856ad364e35_6.0.6000.16386_none_3ec3c343d60f49b4\SystemPropertiesHardware.exe
+ 2006-11-02 08:47 . 2006-11-02 09:45 81920 c:\windows\winsxs\x86_microsoft-windows-s..mpropertiesadvanced_31bf3856ad364e35_6.0.6000.16386_none_f511c5dbe75b5b10\SystemPropertiesAdvanced.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 43520 c:\windows\winsxs\x86_microsoft-windows-s..mib-extension-agent_31bf3856ad364e35_6.0.6000.16386_none_7644b9541de460a1\hostmib.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 90112 c:\windows\winsxs\x86_microsoft-windows-s..ing-shell-extension_31bf3856ad364e35_6.0.6001.18000_none_0a81d724244385d6\wshext.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 35840 c:\windows\winsxs\x86_microsoft-windows-s..ib2-extension-agent_31bf3856ad364e35_6.0.6000.16386_none_8ea574a4160d7100\lmmib2.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 58880 c:\windows\winsxs\x86_microsoft-windows-s..gevolumewmiprovider_31bf3856ad364e35_6.0.6001.18000_none_17d3c60709ecb009\dfrgifc.exe
+ 2006-11-02 08:47 . 2006-11-02 09:45 81920 c:\windows\winsxs\x86_microsoft-windows-s..executionprevention_31bf3856ad364e35_6.0.6000.16386_none_c7aca7a727ae5f8e\SystemPropertiesDataExecutionPrevention.exe
+ 2006-11-02 12:41 . 2006-11-02 12:41 34797 c:\windows\winsxs\x86_microsoft-windows-s..chrecognizerenu.ale_31bf3856ad364e35_6.0.6000.16386_en-us_cbfb04a3abf30016\wp1033.bin
+ 2006-11-02 12:41 . 2006-11-02 12:41 34500 c:\windows\winsxs\x86_microsoft-windows-s..chrecognizereng.ale_31bf3856ad364e35_6.0.6000.16386_en-gb_857893b11436ae5f\wp2057.bin
+ 2006-11-02 08:48 . 2006-11-02 09:45 57856 c:\windows\winsxs\x86_microsoft-windows-runlegacycplelevated_31bf3856ad364e35_6.0.6000.16386_none_0ed54d21f861c4c1\RunLegacyCPLElevated.exe
+ 2006-11-02 08:48 . 2006-11-02 09:45 44544 c:\windows\winsxs\x86_microsoft-windows-rundll32_31bf3856ad364e35_6.0.6000.16386_none_d5ce8f93adff8210\rundll32.exe
+ 2006-11-02 08:50 . 2006-11-02 09:46 43520 c:\windows\winsxs\x86_microsoft-windows-rpchelperclass_31bf3856ad364e35_6.0.6000.16386_none_bf3d525ec35ee9cd\RPCNDFP.dll
+ 2006-11-02 08:50 . 2006-11-02 09:46 27648 c:\windows\winsxs\x86_microsoft-windows-rpc-netsh_31bf3856ad364e35_6.0.6000.16386_none_b99a3fa3762195a0\rpcnsh.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 14848 c:\windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6002.18005_none_5669453d850ccabc\wshrm.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 14848 c:\windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6001.18069_none_5445ef4388138b25\wshrm.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 14848 c:\windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6001.18000_none_547dcc3187eaff70\wshrm.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 15360 c:\windows\winsxs\x86_microsoft-windows-restore-acl-cmdline_31bf3856ad364e35_6.0.6000.16386_none_110e275ba0762f06\DDACLSys.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 40960 c:\windows\winsxs\x86_microsoft-windows-remoteassistance-exe_31bf3856ad364e35_6.0.6001.18000_none_3758172c01e5ce47\racpldlg.dll
+ 2006-11-02 09:00 . 2006-11-02 09:45 14336 c:\windows\winsxs\x86_microsoft-windows-regsvr32_31bf3856ad364e35_6.0.6000.16386_none_76205b553298875e\regsvr32.exe
+ 2006-11-02 08:57 . 2006-11-02 09:46 36352 c:\windows\winsxs\x86_microsoft-windows-rasrtutils_31bf3856ad364e35_6.0.6001.18000_none_0d159410ea7a8f9d\rtutils.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 29696 c:\windows\winsxs\x86_microsoft-windows-rasriplistener_31bf3856ad364e35_6.0.6000.16386_none_f97caf5c5fe6262f\iprip.dll
+ 2006-11-02 08:58 . 2006-11-02 09:45 16896 c:\windows\winsxs\x86_microsoft-windows-rasclienttools_31bf3856ad364e35_6.0.6001.18000_none_6f46cfc8a8b142a0\rasdial.exe
+ 2006-11-02 08:58 . 2006-11-02 09:46 22016 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\rasser.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 32768 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\rasmxs.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 22016 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6001.18000_none_0de067e17a6f4519\rasser.dll
+ 2006-11-02 08:58 . 2006-11-02 09:46 32768 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6001.18000_none_0de067e17a6f4519\rasmxs.dll
+ 2006-11-02 08:58 . 2006-11-02 09:45 16896 c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasautou.exe
+ 2006-11-02 08:58 . 2006-11-02 09:46 10240 c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 56320 c:\windows\winsxs\x86_microsoft-windows-r..stion-resolver-core_31bf3856ad364e35_6.0.6000.16386_none_9ec6c9da735276d0\radarrs.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 71680 c:\windows\winsxs\x86_microsoft-windows-r..stion-detector-core_31bf3856ad364e35_6.0.6000.16386_none_f6b1972f132d111c\radardt.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 17920 c:\windows\winsxs\x86_microsoft-windows-r..management-apilayer_31bf3856ad364e35_6.0.6000.16386_none_b5ca7c64c2f0aa05\rsmps.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 44032 c:\windows\winsxs\x86_microsoft-windows-r..management-apilayer_31bf3856ad364e35_6.0.6000.16386_none_b5ca7c64c2f0aa05\ntmsapi.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 54272 c:\windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsmui.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 22016 c:\windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsmsink.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 26624 c:\windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsmmllsv.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 43008 c:\windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsm.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 17408 c:\windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmsevt.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_microsoft-windows-r..eak-diagnostic-core_31bf3856ad364e35_6.0.6001.18000_none_5b11a3037d624890\rdrleakdiag.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 60416 c:\windows\winsxs\x86_microsoft-windows-r..-commandline-editor_31bf3856ad364e35_6.0.6001.18000_none_319433fd2aaf78e5\reg.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 31232 c:\windows\winsxs\x86_microsoft-windows-qwave_31bf3856ad364e35_6.0.6001.18000_none_58aa19c148bb06a8\qwavedrv.sys
+ 2006-11-02 08:57 . 2006-11-02 09:46 13824 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6002.18005_none_b036e19c54c66d2f\wshqos.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6002.18005_none_b036e19c54c66d2f\traffic.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 15360 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6002.18005_none_b036e19c54c66d2f\pacerprf.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 13824 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18046_none_ae262a9c57bfa9b1\wshqos.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18046_none_ae262a9c57bfa9b1\traffic.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 13824 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18000_none_ae4b689057a4a1e3\wshqos.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18000_none_ae4b689057a4a1e3\traffic.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 15360 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18000_none_ae4b689057a4a1e3\pacerprf.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 42496 c:\windows\winsxs\x86_microsoft-windows-pnpdevicemanager_31bf3856ad364e35_6.0.6002.18005_none_15c2137e1ca283f9\dmocx.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 42496 c:\windows\winsxs\x86_microsoft-windows-pnpdevicemanager_31bf3856ad364e35_6.0.6001.18000_none_13d69a721f80b8ad\dmocx.dll
+ 2006-11-02 08:58 . 2006-11-02 09:45 12288 c:\windows\winsxs\x86_microsoft-windows-ping-utilities_31bf3856ad364e35_6.0.6001.18000_none_a931a5078fdac855\TRACERT.EXE
+ 2006-11-02 08:58 . 2006-11-02 09:45 13312 c:\windows\winsxs\x86_microsoft-windows-ping-utilities_31bf3856ad364e35_6.0.6001.18000_none_a931a5078fdac855\PATHPING.EXE
+ 2006-11-02 12:34 . 2006-11-02 12:34 35328 c:\windows\winsxs\x86_microsoft-windows-pifmgr_31bf3856ad364e35_6.0.6000.16386_none_ad32533cf1b734d9\pifmgr.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 18944 c:\windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_717f15b322749509\pnrpperf.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 10752 c:\windows\winsxs\x86_microsoft-windows-panmap_31bf3856ad364e35_6.0.6000.16386_none_67259240223a18cd\panmap.dll
+ 2006-11-02 09:20 . 2006-11-02 09:20 30674 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6001.18000_none_7185fd57fee6c971\perfd.dat
+ 2006-11-02 09:20 . 2006-11-02 09:20 30674 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6001.18000_none_7185fd57fee6c971\perfc.dat
+ 2008-01-21 02:09 . 2008-01-21 02:09 32256 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.20734_none_700cece11af29179\unlodctr.exe
+ 2008-01-21 02:09 . 2008-01-21 02:09 17408 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.20734_none_700cece11af29179\prflbmsg.dll
+ 2006-11-02 09:20 . 2006-11-02 09:20 30674 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.20734_none_700cece11af29179\perfd.dat
+ 2006-11-02 09:20 . 2006-11-02 09:20 30674 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.20734_none_700cece11af29179\perfc.dat
+ 2008-01-21 02:09 . 2008-01-21 02:09 39424 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.20734_none_700cece11af29179\lodctr.exe
+ 2008-01-21 02:09 . 2008-01-21 02:09 32256 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16609_none_6fa8c14c01b81c8f\unlodctr.exe
+ 2008-01-21 02:09 . 2008-01-21 02:09 17408 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16609_none_6fa8c14c01b81c8f\prflbmsg.dll
+ 2006-11-02 09:20 . 2006-11-02 09:20 30674 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16609_none_6fa8c14c01b81c8f\perfd.dat
+ 2006-11-02 09:20 . 2006-11-02 09:20 30674 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16609_none_6fa8c14c01b81c8f\perfc.dat
+ 2008-01-21 02:09 . 2008-01-21 02:09 39424 c:\windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16609_none_6fa8c14c01b81c8f\lodctr.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 11776 c:\windows\winsxs\x86_microsoft-windows-p..ting-lprportmonitor_31bf3856ad364e35_6.0.6001.18000_none_b403a1813dce9905\lprmonui.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 20992 c:\windows\winsxs\x86_microsoft-windows-p..ting-lprportmonitor_31bf3856ad364e35_6.0.6001.18000_none_b403a1813dce9905\lprmon.dll
+ 2006-11-02 12:41 . 2006-11-02 12:41 30674 c:\windows\winsxs\x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_en-us_62e599a3beff4160\perfd.dat
+ 2006-11-02 12:41 . 2006-11-02 12:41 30674 c:\windows\winsxs\x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_en-us_62e599a3beff4160\perfc.dat
+ 2006-11-02 09:15 . 2006-11-02 09:46 60928 c:\windows\winsxs\x86_microsoft-windows-p..standardportmonitor_31bf3856ad364e35_6.0.6000.16386_none_a18fd44cdc57e0ee\tcpmonui.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 18944 c:\windows\winsxs\x86_microsoft-windows-p..sexemptionrequestor_31bf3856ad364e35_6.0.6000.16386_none_4712cc634ea4b26a\wpcer.exe
+ 2006-11-02 09:15 . 2006-11-02 09:46 28160 c:\windows\winsxs\x86_microsoft-windows-p..rtmonitor-tcpmibdll_31bf3856ad364e35_6.0.6000.16386_none_53f5288613b806ac\tcpmib.dll
+ 2006-11-02 09:15 . 2006-11-02 09:45 61440 c:\windows\winsxs\x86_microsoft-windows-p..randprintui-ntprint_31bf3856ad364e35_6.0.6002.18005_none_f1eef3487a8e01f0\ntprint.exe
+ 2006-11-02 09:15 . 2006-11-02 09:45 61440 c:\windows\winsxs\x86_microsoft-windows-p..randprintui-ntprint_31bf3856ad364e35_6.0.6001.18000_none_f0037a3c7d6c36a4\ntprint.exe
+ 2006-11-02 09:15 . 2006-11-02 09:46 33792 c:\windows\winsxs\x86_microsoft-windows-p..ommunicationsupport_31bf3856ad364e35_6.0.6000.16386_none_18b5529cf6c37cc5\bidispl.dll
+ 2006-11-02 09:15 . 2006-11-02 09:45 60416 c:\windows\winsxs\x86_microsoft-windows-p..installerandprintui_31bf3856ad364e35_6.0.6002.18005_none_d83fb8abf30e1638\printui.exe
+ 2006-11-02 09:15 . 2006-11-02 09:45 60416 c:\windows\winsxs\x86_microsoft-windows-p..installerandprintui_31bf3856ad364e35_6.0.6001.18000_none_d6543f9ff5ec4aec\printui.exe
+ 2006-11-02 12:40 . 2006-11-02 12:40 51462 c:\windows\winsxs\x86_microsoft-windows-p..inscripts.resources_31bf3856ad364e35_6.0.6000.16386_en-us_0c769dfa4f6541a8\prnqctl.vbs
+ 2006-11-02 12:40 . 2006-11-02 12:40 56756 c:\windows\winsxs\x86_microsoft-windows-p..inscripts.resources_31bf3856ad364e35_6.0.6000.16386_en-us_0c769dfa4f6541a8\prnport.vbs
+ 2006-11-02 12:40 . 2006-11-02 12:40 81048 c:\windows\winsxs\x86_microsoft-windows-p..inscripts.resources_31bf3856ad364e35_6.0.6000.16386_en-us_0c769dfa4f6541a8\prnmngr.vbs
+ 2006-11-02 12:40 . 2006-11-02 12:40 69882 c:\windows\winsxs\x86_microsoft-windows-p..inscripts.resources_31bf3856ad364e35_6.0.6000.16386_en-us_0c769dfa4f6541a8\prnjobs.vbs
+ 2006-11-02 12:40 . 2006-11-02 12:40 51312 c:\windows\winsxs\x86_microsoft-windows-p..inscripts.resources_31bf3856ad364e35_6.0.6000.16386_en-us_0c769dfa4f6541a8\prndrvr.vbs

broni · 2009/12/22

One more part?

PinotNoir · 2009/12/22

Part 4:

+ 2006-11-02 09:16 . 2006-11-02 09:45 12800 c:\windows\winsxs\x86_microsoft-windows-optionaltsps_31bf3856ad364e35_6.0.6000.16386_none_dfc57c48cbf7b6e2\tcmsetup.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 97280 c:\windows\winsxs\x86_microsoft-windows-optionalfeatures_31bf3856ad364e35_6.0.6001.18000_none_6666fa49edaef003\OptionalFeatures.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 88576 c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
+ 2006-11-02 08:50 . 2006-11-02 09:46 66560 c:\windows\winsxs\x86_microsoft-windows-o..mation-asyncfilters_31bf3856ad364e35_6.0.6000.16386_none_7492a829bc3619c8\asycfilt.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 15872 c:\windows\winsxs\x86_microsoft-windows-ntlanui2_31bf3856ad364e35_6.0.6000.16386_none_33ee9248e187743f\ntlanui2.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 23552 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6000.20734_none_7234166d908635c1\nshhttp.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 23552 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6000.16609_none_71cfead8774bc0d7\nshhttp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 34816 c:\windows\winsxs\x86_microsoft-windows-npfs_31bf3856ad364e35_6.0.6001.18000_none_a67184dd1ceb330f\npfs.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 48128 c:\windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_6785f5c70aea4565\nlaapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 93184 c:\windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_6785f5c70aea4565\ncsi.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 89600 c:\windows\winsxs\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6002.18005_none_e5b2fc3deddef89d\NetProj.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 51712 c:\windows\winsxs\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6002.18005_none_e5b2fc3deddef89d\CRPPresentation.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 89600 c:\windows\winsxs\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6001.18000_none_e3c78331f0bd2d51\NetProj.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 51712 c:\windows\winsxs\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6001.18000_none_e3c78331f0bd2d51\CRPPresentation.dll
+ 2006-11-02 08:59 . 2006-11-02 09:46 16384 c:\windows\winsxs\x86_microsoft-windows-networkprofile_31bf3856ad364e35_6.0.6001.18000_none_789b515a7625c7d5\npmproxy.dll
+ 2006-11-02 08:59 . 2006-11-02 09:46 11264 c:\windows\winsxs\x86_microsoft-windows-networkprofile_31bf3856ad364e35_6.0.6001.18000_none_789b515a7625c7d5\nlmsprep.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 54784 c:\windows\winsxs\x86_microsoft-windows-networking-eqossnapin_31bf3856ad364e35_6.0.6000.16386_none_153496b792a2cf3a\eqossnap.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15360 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_09d569e703376473\bridgeunattend.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 61952 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_09d569e703376473\bridgemigplugin.dll
+ 2006-11-02 08:56 . 2006-11-02 09:46 24064 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_09d569e703376473\brdgcfg.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15360 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\bridgeunattend.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 61952 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\bridgemigplugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 93696 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\bridge.sys
+ 2006-11-02 08:56 . 2006-11-02 09:46 24064 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\brdgcfg.dll
+ 2006-11-02 08:58 . 2006-11-02 09:45 98304 c:\windows\winsxs\x86_microsoft-windows-netsh_31bf3856ad364e35_6.0.6000.16386_none_5d6a3441faedc17e\netsh.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 25600 c:\windows\winsxs\x86_microsoft-windows-netplwiz-exe_31bf3856ad364e35_6.0.6001.18000_none_ed56b4c61061e91c\Netplwiz.exe
+ 2006-11-02 08:57 . 2006-11-02 09:46 11264 c:\windows\winsxs\x86_microsoft-windows-netbios_31bf3856ad364e35_6.0.6001.18000_none_59e1b82a6b1f4ec0\wshnetbs.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 42496 c:\windows\winsxs\x86_microsoft-windows-ndishelperclass_31bf3856ad364e35_6.0.6000.16386_none_68ccb814843a95fa\ndishc.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 19968 c:\windows\winsxs\x86_microsoft-windows-ncdprop_31bf3856ad364e35_6.0.6001.18000_none_53b5bc3310033b9a\NcdProp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 15360 c:\windows\winsxs\x86_microsoft-windows-nbtstat_31bf3856ad364e35_6.0.6001.18000_none_9e1084721e5ef25a\nbtstat.exe
+ 2006-11-02 08:56 . 2006-11-02 09:46 11776 c:\windows\winsxs\x86_microsoft-windows-n..iagnosticsframework_31bf3856ad364e35_6.0.6001.18000_none_dc5ac24ae0ca36fc\ndproxystub.dll
+ 2006-11-02 09:13 . 2006-11-02 09:46 47104 c:\windows\winsxs\x86_microsoft-windows-mulanttsvoicecommon_31bf3856ad364e35_6.0.6001.18000_none_e1e971f061eb63bb\MSTTSDecWrp.dll
+ 2006-11-02 09:13 . 2006-11-02 09:46 34304 c:\windows\winsxs\x86_microsoft-windows-mulanttsvoicecommon_31bf3856ad364e35_6.0.6001.18000_none_e1e971f061eb63bb\MSTTSCommon.dll
+ 2006-11-02 08:47 . 2006-11-02 09:46 16896 c:\windows\winsxs\x86_microsoft-windows-msswch_31bf3856ad364e35_6.0.6000.16386_none_cce3ad34a3847e73\msswch.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 44032 c:\windows\winsxs\x86_microsoft-windows-msports_31bf3856ad364e35_6.0.6000.16386_none_8ae6587cf259a8c2\msports.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 13824 c:\windows\winsxs\x86_microsoft-windows-msmq-admin_31bf3856ad364e35_6.0.6002.18005_none_b9397aaa3a8e3002\mqcertui.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 13824 c:\windows\winsxs\x86_microsoft-windows-msmq-admin_31bf3856ad364e35_6.0.6001.18000_none_b74e019e3d6c64b6\mqcertui.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 22528 c:\windows\winsxs\x86_microsoft-windows-msfs_31bf3856ad364e35_6.0.6001.18000_none_a670403b1cec669b\msfs.sys
+ 2006-11-02 09:11 . 2006-11-02 09:46 59904 c:\windows\winsxs\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.16386_none_c52353cea8765257\msasn1.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 23040 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18000_none_f261ec400d1da6d8\WMM2EXT.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6001.18000_none_f29824c60705c394\msmmsp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 57400 c:\windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6001.18000_none_f29824c60705c394\mountmgr.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 95744 c:\windows\winsxs\x86_microsoft-windows-mobsyncexe_31bf3856ad364e35_6.0.6001.18000_none_ef50d98e54551dfd\mobsync.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 54272 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\usmt2xtr.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 87552 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\MXEAgent.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 54272 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6001.18000_none_58a7d7b2db3ffcd4\usmt2xtr.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 87552 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6001.18000_none_58a7d7b2db3ffcd4\MXEAgent.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 23552 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmpenc_31bf3856ad364e35_6.0.6000.16386_none_a1ed725e2af09684\wmpenc.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 16384 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-ssetup_31bf3856ad364e35_6.0.6001.18000_none_13b1244660e5fd4e\wmssetup.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 66560 c:\windows\winsxs\x86_microsoft-windows-mapi_31bf3856ad364e35_6.0.6000.16386_none_a9167f531cd49e51\mapistub.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 66560 c:\windows\winsxs\x86_microsoft-windows-mapi_31bf3856ad364e35_6.0.6000.16386_none_a9167f531cd49e51\mapi32.dll
+ 2006-11-02 09:11 . 2006-11-02 09:45 13824 c:\windows\winsxs\x86_microsoft-windows-mapi_31bf3856ad364e35_6.0.6000.16386_none_a9167f531cd49e51\fixmapi.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 81408 c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\oeimport.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 24064 c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\DirectDB.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 81408 c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\oeimport.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 24064 c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\DirectDB.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 95232 c:\windows\winsxs\x86_microsoft-windows-m..tion-isolationlayer_31bf3856ad364e35_6.0.6001.18000_none_5df0020f085cef40\migisol.dll
+ 2006-11-02 09:11 . 2006-11-02 09:45 32768 c:\windows\winsxs\x86_microsoft-windows-m..s-mdac-odbcconf-exe_31bf3856ad364e35_6.0.6000.16386_none_0b401880f532252e\odbcconf.exe
+ 2006-11-02 09:10 . 2006-11-02 09:46 20480 c:\windows\winsxs\x86_microsoft-windows-m..r-setup-thunking-32_31bf3856ad364e35_6.0.6000.16386_none_14f10136d036e8bd\ds32gt.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 82944 c:\windows\winsxs\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\MIGUIRes.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 94776 c:\windows\winsxs\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\MigAutoPlay.exe
+ 2006-11-02 09:10 . 2006-11-02 09:46 57344 c:\windows\winsxs\x86_microsoft-windows-m..onents-mdac-ado15-r_31bf3856ad364e35_6.0.6000.16386_none_f2a6132640eb0fe6\msador15.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 65536 c:\windows\winsxs\x86_microsoft-windows-m..nents-mdac-ado15-rh_31bf3856ad364e35_6.0.6000.16386_none_319f51d451ac5ce0\msadrh15.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 32768 c:\windows\winsxs\x86_microsoft-windows-m..mdac-sql-netlibs-np_31bf3856ad364e35_6.0.6000.16386_none_eca52d097d8ce1de\dbnmpntw.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 20480 c:\windows\winsxs\x86_microsoft-windows-m..mdac-odbc-jet-pdx32_31bf3856ad364e35_6.0.6000.16386_none_8fc4fbbd9a180723\odpdx32.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 20480 c:\windows\winsxs\x86_microsoft-windows-m..mdac-odbc-jet-fox32_31bf3856ad364e35_6.0.6000.16386_none_78addae6966c26ba\odfox32.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 20480 c:\windows\winsxs\x86_microsoft-windows-m..mdac-odbc-jet-exl32_31bf3856ad364e35_6.0.6000.16386_none_93faf5cc79d2b18e\odexl32.dll
+ 2006-11-02 09:10 . 2006-11-02 09:46 40960 c:\windows\winsxs\x86_microsoft-windows-m..factory-handler-dll_31bf3856ad364e35_6.0.6000.16386_none_69248399beb45d4d\msdfmap.dll
+ 2006-11-02 09:10 . 2006-11-02 09:46 94208 c:\windows\winsxs\x86_microsoft-windows-m..ents-mdac-oledb-rll_31bf3856ad364e35_6.0.6000.16386_none_f6295ac2fc51a016\oledb32r.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 20480 c:\windows\winsxs\x86_microsoft-windows-m..dac-odbc-jet-text32_31bf3856ad364e35_6.0.6000.16386_none_66037e52a9f00e3a\odtext32.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 20480 c:\windows\winsxs\x86_microsoft-windows-m..dac-odbc-jet-dbse32_31bf3856ad364e35_6.0.6000.16386_none_e9a970fc37acc4d1\oddbse32.dll
+ 2006-11-02 09:10 . 2006-11-02 09:46 28672 c:\windows\winsxs\x86_microsoft-windows-m..ace-remoting-xactps_31bf3856ad364e35_6.0.6000.16386_none_7eda9e7011697d45\msxactps.dll
+ 2006-11-02 09:11 . 2006-11-02 09:44 40960 c:\windows\winsxs\x86_microsoft-windows-m..ac-sql-cliconfg-exe_31bf3856ad364e35_6.0.6000.16386_none_6de684dc59c6d3c0\cliconfg.exe
+ 2006-11-02 09:11 . 2006-11-02 09:46 86016 c:\windows\winsxs\x86_microsoft-windows-m..ac-sql-cliconfg-dll_31bf3856ad364e35_6.0.6000.16386_none_684896085d6b4762\cliconfg.dll
+ 2006-11-02 09:10 . 2006-11-02 09:45 86016 c:\windows\winsxs\x86_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_6.0.6000.16386_none_4219256240cbfb59\odbcad32.exe
+ 2006-11-02 09:10 . 2006-11-02 09:46 24576 c:\windows\winsxs\x86_microsoft-windows-m..-mdac-oledb-stub-rb_31bf3856ad364e35_6.0.6000.16386_none_ef1c266373955dd7\msdatt.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 24576 c:\windows\winsxs\x86_microsoft-windows-m..-mdac-odbc-jet-ji32_31bf3856ad364e35_6.0.6000.16386_none_4c0420a2687a4210\odbcji32.dll
+ 2006-11-02 09:10 . 2006-11-02 09:46 28672 c:\windows\winsxs\x86_microsoft-windows-m..-mdac-odbc-cpxl-dll_31bf3856ad364e35_6.0.6000.16386_none_c0f6a967ca54809c\mscpxl32.dLL
+ 2006-11-02 09:10 . 2006-11-02 09:46 24576 c:\windows\winsxs\x86_microsoft-windows-m..-driver-thunking-32_31bf3856ad364e35_6.0.6000.16386_none_22181a345c9f7dbb\odbc32gt.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 98304 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\TapiMigPlugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 31232 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\TableTextServiceMig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\SxsMigPlugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 89088 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\nlscoremig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 59904 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\msdtcstp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 22528 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\imtcmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 31744 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\imscmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 35328 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\imjpmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 87552 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\icfupgd.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 87552 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\CscMig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 55808 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\commig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 56320 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\cmmigr.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 73216 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\BthMigPlugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 61952 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\bridgemigplugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 60928 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\bitsmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 89088 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\adammigrate.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 98304 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\TapiMigPlugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 31232 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\TableTextServiceMig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\SxsMigPlugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 79872 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\shmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 89088 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\nlscoremig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 59904 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\msdtcstp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 22528 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\imtcmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 31744 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\imscmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 38912 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\imkrmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 35328 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\imjpmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 87552 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\icfupgd.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 41984 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\EscMigPlugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 87552 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\CscMig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 55808 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\commig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 56320 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\cmmigr.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 73216 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\BthMigPlugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 61952 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\bridgemigplugin.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 60928 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\bitsmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 89088 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\adammigrate.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 10240 c:\windows\winsxs\x86_microsoft-windows-lpksetup_31bf3856ad364e35_6.0.6001.18000_none_215961096c78771c\MUILanguageCleanup.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 18944 c:\windows\winsxs\x86_microsoft-windows-lmhsvc_31bf3856ad364e35_6.0.6000.16386_none_508a266af36b2a0f\lmhsvc.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 63488 c:\windows\winsxs\x86_microsoft-windows-live-services_31bf3856ad364e35_6.0.6000.16386_none_d374c2238ee40be9\wlsrvc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 22016 c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 47616 c:\windows\winsxs\x86_microsoft-windows-l2na_31bf3856ad364e35_6.0.6001.18000_none_aac3e0c11a0cf8a9\l2nacp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6001.18000_none_861d3607056cfa8c\tcpipreg.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13824 c:\windows\winsxs\x86_microsoft-windows-ktmutil_31bf3856ad364e35_6.0.6001.18000_none_8889f81e0128d870\ktmutil.exe
+ 2006-11-02 08:57 . 2006-11-02 09:46 17920 c:\windows\winsxs\x86_microsoft-windows-irmon_31bf3856ad364e35_6.0.6000.16386_none_57d2403a7f30e933\irmon.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 13312 c:\windows\winsxs\x86_microsoft-windows-irdaircomm_31bf3856ad364e35_6.0.6001.18000_none_28917c0b24a96889\irenum.sys
+ 2006-11-02 08:57 . 2006-11-02 09:46 10752 c:\windows\winsxs\x86_microsoft-windows-irdacoreprotocol_31bf3856ad364e35_6.0.6000.16386_none_e5cdd6d9cc8cecdd\wshirda.dll
+ 2006-11-02 08:57 . 2006-11-02 09:46 15360 c:\windows\winsxs\x86_microsoft-windows-irdacoreprotocol_31bf3856ad364e35_6.0.6000.16386_none_e5cdd6d9cc8cecdd\irclass.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 26624 c:\windows\winsxs\x86_microsoft-windows-ipconfig_31bf3856ad364e35_6.0.6001.18000_none_4c39f10017eea251\ipconfig.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 57856 c:\windows\winsxs\x86_microsoft-windows-international-nlsbuild_31bf3856ad364e35_6.0.6001.18000_none_93ccb4c205f81f36\nlsbres.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 19456 c:\windows\winsxs\x86_microsoft-windows-installer-sip_31bf3856ad364e35_6.0.6001.18000_none_332fc8fb18444ddf\msisip.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 78336 c:\windows\winsxs\x86_microsoft-windows-ime-korean-hanjadic_31bf3856ad364e35_6.0.6001.18000_none_faf9e0d30e1acded\imkrhjd.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\wamregps.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18000_none_10e972c4b4d2574c\wamregps.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 19968 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\iscomlog.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 16384 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\infoadmn.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 19968 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6001.18000_none_3931f7d521f321a6\iscomlog.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 16384 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6001.18000_none_3931f7d521f321a6\infoadmn.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 22528 c:\windows\winsxs\x86_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_6.0.6002.18005_none_830c4d13af27c916\InetMgr6.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 22528 c:\windows\winsxs\x86_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_6.0.6001.18000_none_8120d407b205fdca\InetMgr6.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 41401 c:\windows\winsxs\x86_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.0.6001.18000_none_7e466ce97736febd\IIsExt.vbs
+ 2006-11-02 12:36 . 2006-11-02 12:36 98133 c:\windows\winsxs\x86_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.0.6001.18000_none_7e466ce97736febd\adsutil.vbs
+ 2006-11-02 08:49 . 2006-11-02 09:45 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\ieUnatt.exe
+ 2006-11-02 08:49 . 2006-11-02 09:45 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\ieUnatt.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 45568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_6.0.6001.18000_none_5959ef41095d8ee0\mshta.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6002.18005_none_b01d9ad903e7b4d8\admparse.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18349_none_ae0fea6906de34d4\admparse.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18294_none_add4d775070b44af\admparse.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\admparse.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18226_none_ae22877d06d0b3c6\admparse.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18000_none_ae3221cd06c5e98c\admparse.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 15616 c:\windows\winsxs\x86_microsoft-windows-identitycrl_31bf3856ad364e35_6.0.6001.18000_none_518dd3eb3e5e6f23\ppcrlconfig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18132_none_170f60c606cee124\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18054_none_16fbbf9c06dd4e8d\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18005_none_1732cf8206b3dc2f\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18351_none_15124cd609b9ad64\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18275_none_1500ac4009c64d7b\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18160_none_150678d409c2b5b0\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18108_none_154f5aac098ad8c2\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18000_none_15475676099210e3\tzupd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 64000 c:\windows\winsxs\x86_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.0.6001.18000_none_da73ab3e1517f045\iscsiwmi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 28160 c:\windows\winsxs\x86_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.0.6001.18000_none_da73ab3e1517f045\iscsium.dll
+ 2006-11-02 08:52 . 2006-11-02 09:46 49152 c:\windows\winsxs\x86_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.0.6001.18000_none_da73ab3e1517f045\iscsidsc.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 31744 c:\windows\winsxs\x86_microsoft-windows-i..d-chinese-migration_31bf3856ad364e35_6.0.6001.18000_none_1ca71ca60a12a4d9\imscmig.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 45056 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6001.18000_none_edc66f29136973ef\pngfilt.dll
+ 2006-11-02 09:11 . 2006-11-02 09:46 43008 c:\windows\winsxs\x86_microsoft-windows-htmlhelp_31bf3856ad364e35_6.0.6001.18000_none_c855f6b284bc7b14\hhsetup.dll
+ 2006-11-02 09:11 . 2006-11-02 09:45 14848 c:\windows\winsxs\x86_microsoft-windows-htmlhelp_31bf3856ad364e35_6.0.6001.18000_none_c855f6b284bc7b14\hh.exe
+ 2006-11-02 08:55 . 2006-11-02 09:46 22016 c:\windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hid.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 25600 c:\windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 22016 c:\windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hid.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 67072 c:\windows\winsxs\x86_microsoft-windows-help-clientproxy_31bf3856ad364e35_6.0.6001.18000_none_c54a049513b4ab41\HelpPaneProxy.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 16384 c:\windows\winsxs\x86_microsoft-windows-gameuxmig_31bf3856ad364e35_6.0.6000.16386_none_23e189a5159fe4f4\gameuxmig.dll
+ 2006-11-02 08:48 . 2006-11-02 09:45 23552 c:\windows\winsxs\x86_microsoft-windows-fontview_31bf3856ad364e35_6.0.6000.16386_none_422d4b43b98bf530\fontview.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 53248 c:\windows\winsxs\x86_microsoft-windows-extrac32_31bf3856ad364e35_6.0.6001.18000_none_db299a9f03e563ae\extrac32.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 56320 c:\windows\winsxs\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.0.6002.18005_none_22622b2203060735\wermgr.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.0.6002.18005_none_22622b2203060735\werdiagcontroller.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 56320 c:\windows\winsxs\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.0.6001.18000_none_2076b21605e43be9\wermgr.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.0.6001.18000_none_2076b21605e43be9\werdiagcontroller.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 62976 c:\windows\winsxs\x86_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.0.6002.18005_none_57f8aa83200752e7\wercplsupport.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 62976 c:\windows\winsxs\x86_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.0.6001.18000_none_560d317722e5879b\wercplsupport.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 20480 c:\windows\winsxs\x86_microsoft-windows-encoderapi_31bf3856ad364e35_6.0.6000.16386_none_3b982850e1e5190a\encapi.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 26624 c:\windows\winsxs\x86_microsoft-windows-ehome-tvratings_31bf3856ad364e35_6.0.6000.16386_none_215bcba9dd1867e5\tvratings.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 13312 c:\windows\winsxs\x86_microsoft-windows-ehome-services-ehstart_31bf3856ad364e35_6.0.6000.16386_none_ab1d7da23a0771e1\ehstart.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 19968 c:\windows\winsxs\x86_microsoft-windows-ehome-mcspad_31bf3856ad364e35_6.0.6000.16386_none_5f607ee86e4df83f\mcspad.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16386_none_3686072516f4de5d\ehtrace.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 16384 c:\windows\winsxs\x86_microsoft-windows-ehome-ehssetup_31bf3856ad364e35_6.0.6002.18005_none_93ad31c3b3bd535a\ehssetup.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 16384 c:\windows\winsxs\x86_microsoft-windows-ehome-ehssetup_31bf3856ad364e35_6.0.6001.18000_none_91c1b8b7b69b880e\ehssetup.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 99840 c:\windows\winsxs\x86_microsoft-windows-ehome-ehshell_31bf3856ad364e35_6.0.6000.16386_none_3769a831fcf460a0\ehshell.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35 24576 c:\windows\winsxs\x86_microsoft-windows-ehome-ehjpnime_31bf3856ad364e35_6.0.6000.16386_none_d38fcc8f87c67c6d\ehjpnime.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 12288 c:\windows\winsxs\x86_microsoft-windows-ehome-ehepgnet_31bf3856ad364e35_6.0.6000.16386_none_cd8857a00c5f701b\ehepgnet.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 36864 c:\windows\winsxs\x86_microsoft-windows-ehome-ehepgdec_31bf3856ad364e35_6.0.6000.16386_none_cdf5fa200c0ca500\ehepgdec.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6001.18000_none_2fddb7218242099b\ehdebug.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 75776 c:\windows\winsxs\x86_microsoft-windows-ehome-ehchtime_31bf3856ad364e35_6.0.6000.16386_none_88e651ef09027bc0\ehchtime.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 82944 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcx2prov_31bf3856ad364e35_6.0.6000.16386_none_d6566fd81c25c384\Mcx2Prov.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 42496 c:\windows\winsxs\x86_microsoft-windows-efs-rekeywiz_31bf3856ad364e35_6.0.6001.18000_none_07eaaa7d0bd7df55\rekeywiz.exe
+ 2006-11-02 08:51 . 2006-11-02 09:46 23040 c:\windows\winsxs\x86_microsoft-windows-diskmanagement_31bf3856ad364e35_6.0.6001.18000_none_0197b5b76fbd3f60\dmintf.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 26112 c:\windows\winsxs\x86_microsoft-windows-directx-xinput_31bf3856ad364e35_6.0.6000.16386_none_30c1042e410776d2\XInput9_1_0.dll
+ 2006-11-02 09:03 . 2006-11-02 09:45 23040 c:\windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnsvr.exe
+ 2006-11-02 09:03 . 2006-11-02 09:46 56832 c:\windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnathlp.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 44032 c:\windows\winsxs\x86_microsoft-windows-directx-directplay4_31bf3856ad364e35_6.0.6000.16386_none_74d9a960c2f80a4b\dpwsockx.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 23040 c:\windows\winsxs\x86_microsoft-windows-directx-directplay4_31bf3856ad364e35_6.0.6000.16386_none_74d9a960c2f80a4b\dpmodemx.dll
+ 2006-11-02 09:03 . 2006-11-02 09:45 18944 c:\windows\winsxs\x86_microsoft-windows-directx-directplay4_31bf3856ad364e35_6.0.6000.16386_none_74d9a960c2f80a4b\dplaysvr.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 36352 c:\windows\winsxs\x86_microsoft-windows-directx-directinput_31bf3856ad364e35_6.0.6001.18000_none_1d981a3c0baebdc7\pid.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 30208 c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddrawex.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 11264 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d8thk.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 11264 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d8thk.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 56832 c:\windows\winsxs\x86_microsoft-windows-directshow-vfw-capture_31bf3856ad364e35_6.0.6001.18000_none_d67e26c426f002e7\vfwwdm32.dll
+ 2006-11-02 09:04 . 2006-11-02 09:46 36352 c:\windows\winsxs\x86_microsoft-windows-directshow-other_31bf3856ad364e35_6.0.6001.18000_none_0d5187f9e0ba9013\mciqtz32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:45 21504 c:\windows\winsxs\x86_microsoft-windows-directshow-dvdupgrd_31bf3856ad364e35_6.0.6000.16386_none_7b8fa4ccdfba3441\dvdupgrd.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 35328 c:\windows\winsxs\x86_microsoft-windows-dims_31bf3856ad364e35_6.0.6001.18000_none_a982d3b31af4a1f3\dimsjob.dll
+ 2006-11-02 08:56 . 2006-11-02 09:46 23552 c:\windows\winsxs\x86_microsoft-windows-dhcpserverinstaller_1122334455667788_6.0.6000.16386_none_c91d0c1fa66c7943\dhcpsoc.dll
+ 2006-11-02 08:56 . 2006-11-02 09:46 10240 c:\windows\winsxs\x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6002.18005_none_d945a2ac2bb19ac6\dhcpcmonitor.dll
+ 2006-11-02 08:56 . 2006-11-02 09:46 10240 c:\windows\winsxs\x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6001.18000_none_d75a29a02e8fcf7a\dhcpcmonitor.dll
+ 2006-11-02 08:56 . 2006-11-02 09:46 28672 c:\windows\winsxs\x86_microsoft-windows-detectionandsharingapi_31bf3856ad364e35_6.0.6000.16386_none_376c54dee140c4b8\dtsh.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 96768 c:\windows\winsxs\x86_microsoft-windows-defrag-fat_31bf3856ad364e35_6.0.6001.18000_none_23bd98030c29fb9d\dfrgfat.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 45056 c:\windows\winsxs\x86_microsoft-windows-dataclen_31bf3856ad364e35_6.0.6000.16386_none_f46f7375968aa91a\dataclen.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 68608 c:\windows\winsxs\x86_microsoft-windows-d..ostic-user-resolver_31bf3856ad364e35_6.0.6001.18000_none_c535051605aefc07\DFDWiz.exe
+ 2006-11-02 08:55 . 2006-11-02 09:46 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.18005_none_6770865eab1bf87f\msyuv.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 49664 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.18005_none_6770865eab1bf87f\iyuv_32.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 11776 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.16386_none_634e4b56b10f1c5f\tsbyuv.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.16386_none_634e4b56b10f1c5f\msyuv.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 49664 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.16386_none_634e4b56b10f1c5f\iyuv_32.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 39936 c:\windows\winsxs\x86_microsoft-windows-d..e-diagnostic-module_31bf3856ad364e35_6.0.6001.18000_none_f4212027c73a6121\dfdts.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 24576 c:\windows\winsxs\x86_microsoft-windows-cryptdlg-dll_31bf3856ad364e35_6.0.6000.16386_none_20519b261b2afec6\cryptdlg.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 36408 c:\windows\winsxs\x86_microsoft-windows-crashdump_31bf3856ad364e35_6.0.6001.18000_none_a58d5dbf16d602c3\crashdmp.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 26624 c:\windows\winsxs\x86_microsoft-windows-corruptedfilerecovery_31bf3856ad364e35_6.0.6001.18000_none_87b9b7e028c74e65\cofiredm.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 19456 c:\windows\winsxs\x86_microsoft-windows-coreusermodepnp_31bf3856ad364e35_6.0.6000.20734_none_75889abf48f7c10d\cfgmgr32.dll
+ 2008-01-21 02:09 . 2008-01-21 02:09 19456 c:\windows\winsxs\x86_microsoft-windows-coreusermodepnp_31bf3856ad364e35_6.0.6000.16609_none_75246f2a2fbd4c23\cfgmgr32.dll
+ 2006-11-02 08:48 . 2006-11-02 09:46 95744 c:\windows\winsxs\x86_microsoft-windows-console_31bf3856ad364e35_6.0.6000.16386_none_94229865af8bef0f\console.dll
+ 2006-11-02 08:50 . 2006-11-02 09:46 23552 c:\windows\winsxs\x86_microsoft-windows-com-complus-runtime_31bf3856ad364e35_6.0.6001.18000_none_59cabf11d4b18d8a\catsrvps.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 70144 c:\windows\winsxs\x86_microsoft-windows-cdfs_31bf3856ad364e35_6.0.6001.18000_none_a667930f1cf3e8c6\cdfs.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 58368 c:\windows\winsxs\x86_microsoft-windows-capturewizard_31bf3856ad364e35_6.0.6001.18000_none_6caf21de31abd9cf\VideoCameraAutoPlayManager.exe
+ 2006-11-02 08:50 . 2006-11-02 09:46 63488 c:\windows\winsxs\x86_microsoft-windows-c..us-runtime-stclient_31bf3856ad364e35_6.0.6000.16386_none_a75784e56822ede7\stclient.dll
+ 2006-11-02 08:50 . 2006-11-02 09:45 10752 c:\windows\winsxs\x86_microsoft-windows-c..plus-setup-migregdb_31bf3856ad364e35_6.0.6000.16386_none_2b19df6766c5a275\MigRegDB.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 89088 c:\windows\winsxs\x86_microsoft-windows-c..plus-runtime-txflog_31bf3856ad364e35_6.0.6001.18000_none_df1648b103737ef5\txflog.dll
+ 2006-11-02 08:50 . 2006-11-02 09:44 13312 c:\windows\winsxs\x86_microsoft-windows-c..mplus-admin-comrepl_31bf3856ad364e35_6.0.6000.16386_none_e7d2bc45928406da\comrepl.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 91648 c:\windows\winsxs\x86_microsoft-windows-btpanui_31bf3856ad364e35_6.0.6001.18000_none_6c8fb624f70b6f83\btpanui.dll
+ 2006-11-02 08:55 . 2006-11-02 09:46 34304 c:\windows\winsxs\x86_microsoft-windows-bth-user_31bf3856ad364e35_6.0.6001.18000_none_65193febd52e137a\wshbth.dll
+ 2006-11-02 08:55 . 2006-11-02 09:44 34304 c:\windows\winsxs\x86_microsoft-windows-bth-user_31bf3856ad364e35_6.0.6001.18000_none_65193febd52e137a\bthudtask.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 52736 c:\windows\winsxs\x86_microsoft-windows-brcplsdw_31bf3856ad364e35_6.0.6001.18000_none_456244aebb4b3beb\brcplsdw.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 69632 c:\windows\winsxs\x86_microsoft-windows-bowser_31bf3856ad364e35_6.0.6001.18000_none_265f8cf424409198\bowser.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 81408 c:\windows\winsxs\x86_microsoft-windows-bootconfig_31bf3856ad364e35_6.0.6001.18000_none_0c167d0a1a481474\bootcfg.exe
+ 2006-11-02 09:00 . 2006-11-02 09:46 12288 c:\windows\winsxs\x86_microsoft-windows-basedependencies_31bf3856ad364e35_6.0.6000.16386_none_006b2fc82be4576c\psapi.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 21560 c:\windows\winsxs\x86_microsoft-windows-b..buggertransport-usb_31bf3856ad364e35_6.0.6001.18000_none_9d7da99b0a8767d3\kdusb.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 21504 c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\msacm32.drv
+ 2006-11-02 09:03 . 2006-11-02 09:46 12800 c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\mmcico.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 52224 c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\mmci.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 17408 c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 23040 c:\windows\winsxs\x86_microsoft-windows-audio-mci_31bf3856ad364e35_6.0.6000.16386_none_1ad69729ef4ceef8\mciwave.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 23552 c:\windows\winsxs\x86_microsoft-windows-audio-mci_31bf3856ad364e35_6.0.6000.16386_none_1ad69729ef4ceef8\mciseq.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 38912 c:\windows\winsxs\x86_microsoft-windows-audio-mci_31bf3856ad364e35_6.0.6000.16386_none_1ad69729ef4ceef8\mcicda.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 20992 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dswave.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 84480 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmscript.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 38400 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 62976 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmcompos.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 30208 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmband.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 20992 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dswave.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 84480 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmscript.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 38400 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 62976 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmcompos.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 30208 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmband.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 28160 c:\windows\winsxs\x86_microsoft-windows-atbroker_31bf3856ad364e35_6.0.6001.18000_none_cfa0afd11e5537f4\AtBroker.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 43008 c:\windows\winsxs\x86_microsoft-windows-alttab_31bf3856ad364e35_6.0.6000.16386_none_66a6904cc226676e\AltTab.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 56320 c:\windows\winsxs\x86_microsoft-windows-agentsr_31bf3856ad364e35_6.0.6001.18000_none_95a1fa522204ec58\AgentSR.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 25600 c:\windows\winsxs\x86_microsoft-windows-acluifilefoldercomtool_31bf3856ad364e35_6.0.6001.18000_none_584f24a8053bcd4b\cacls.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 37888 c:\windows\winsxs\x86_microsoft-windows-a..atibility-assistant_31bf3856ad364e35_6.0.6001.18000_none_33c686142327022a\pcasvc.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 26624 c:\windows\winsxs\x86_microsoft-windows-a..atibility-assistant_31bf3856ad364e35_6.0.6001.18000_none_33c686142327022a\pcadm.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 76288 c:\windows\winsxs\x86_microsoft-windows-a..ace-ldap-extensions_31bf3856ad364e35_6.0.6001.18000_none_2574a3912534384a\adsmsext.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 17408 c:\windows\winsxs\x86_memory.inf_31bf3856ad364e35_6.0.6001.18000_none_4d5bf137377a2f06\pnpmem.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 31288 c:\windows\winsxs\x86_megasas.inf_31bf3856ad364e35_6.0.6001.18000_none_3040553c4eb246de\megasas.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 24064 c:\windows\winsxs\x86_mdmnokia.inf_31bf3856ad364e35_6.0.6001.18000_none_260927cdb439d1f9\MSIRCOMM.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 24064 c:\windows\winsxs\x86_mdmirmdm.inf_31bf3856ad364e35_6.0.6001.18000_none_071a7dc285881596\MSIRCOMM.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 28160 c:\windows\winsxs\x86_mdmcpq.inf_31bf3856ad364e35_6.0.6001.18000_none_73149df1b4cb4d4d\usbser.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 39936 c:\windows\winsxs\x86_mdmbtmdm.inf_31bf3856ad364e35_6.0.6001.18000_none_eda3ce1a8b5ef6b3\bthmodem.sys

PinotNoir · 2009/12/22

Part 5:

+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\spctramc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13312 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\sonymc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10240 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\snyaitmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10240 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\seaddsmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\qlstrmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13312 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\powerfil.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10240 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\pnrmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 12288 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\plasmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\nsmmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\libxprmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 14336 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\hpmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 12800 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\examc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\elmsmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\ddsmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\atlmc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\adicvls.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 11776 c:\windows\winsxs\x86_mchgr.inf_31bf3856ad364e35_6.0.6001.18000_none_14faaa20594c4738\adicsc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 52792 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\volmgr.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 56888 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\VIAAGP.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 60984 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\ULIAGPKX.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 15288 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\swenum.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 22632 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\streamci.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 55864 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\SISAGP.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 31288 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\mssmbios.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 16440 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\msisadrv.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 49720 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 57400 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AMDAGP.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 56376 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 52792 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\volmgr.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 56888 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\VIAAGP.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 60984 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\ULIAGPKX.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 54328 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\termdd.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 15288 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\swenum.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 22632 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\streamci.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 55864 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\SISAGP.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 31288 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\mssmbios.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 16440 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\msisadrv.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 49720 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 57400 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AMDAGP.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 56376 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 96312 c:\windows\winsxs\x86_lsi_scsi.inf_31bf3856ad364e35_6.0.6001.18000_none_9c652c0421e53dd6\lsi_scsi.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 89656 c:\windows\winsxs\x86_lsi_sas.inf_31bf3856ad364e35_6.0.6001.18000_none_ff681c7630a19c8f\lsi_sas.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 96312 c:\windows\winsxs\x86_lsi_fc.inf_31bf3856ad364e35_6.0.6001.18000_none_697caf3e42142001\lsi_fc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 35384 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 54784 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 15872 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdhid.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 35384 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 54784 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 15872 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdhid.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 35384 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 54784 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 15872 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdhid.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 35384 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
+ 2008-01-21 02:09 . 2008-01-21 02:09 54784 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 72192 c:\windows\winsxs\x86_isymwrapper_b03f5f7f11d50a3a_6.0.6001.18000_none_085b9bf513206b85\ISymWrapper.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 14848 c:\windows\winsxs\x86_iscsi.inf_31bf3856ad364e35_6.0.6001.18000_none_3cc3c5b3f3a6b22e\iscsilog.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 30208 c:\windows\winsxs\x86_irstusb.inf_31bf3856ad364e35_6.0.6001.18000_none_b1516852b6e1a90d\irstusb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 30720 c:\windows\winsxs\x86_irnsc.inf_31bf3856ad364e35_6.0.6001.18000_none_96d1a35f75006260\nscirda.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 64512 c:\windows\winsxs\x86_ipmidrv.inf_31bf3856ad364e35_6.0.6001.18000_none_fba8f1f1eb9259da\IPMIDrv.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 28672 c:\windows\winsxs\x86_installutil_b03f5f7f11d50a3a_6.0.6001.18000_none_7b77995b2120f46d\InstallUtil.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 25472 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6002.18005_none_225b12d31d3f7b27\hidparse.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 21504 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6002.18005_none_225b12d31d3f7b27\hidir.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 12288 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidusb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 25472 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidparse.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 21504 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidir.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 38912 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidclass.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 26624 c:\windows\winsxs\x86_image.inf_31bf3856ad364e35_6.0.6001.18000_none_64845092f75d8952\sonydcam.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 30264 c:\windows\winsxs\x86_i2omp.inf_31bf3856ad364e35_6.0.6001.18000_none_0f5ce88b7ba12eec\i2omp.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 19000 c:\windows\winsxs\x86_i2omp.inf_31bf3856ad364e35_6.0.6001.18000_none_0f5ce88b7ba12eec\i2omgmt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_hpojscan.inf_31bf3856ad364e35_6.0.6001.18000_none_c016fd5d3edbb51f\Dot4scan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 40504 c:\windows\winsxs\x86_hpcisss.inf_31bf3856ad364e35_6.0.6001.18000_none_797dca7c70ce23ec\HpCISSs.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20608 c:\windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\wacompen.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 83456 c:\windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 29184 c:\windows\winsxs\x86_hidbth.inf_31bf3856ad364e35_6.0.6001.18000_none_2312bd2955739e76\hidbth.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 53760 c:\windows\winsxs\x86_hdaudbus.inf_31bf3856ad364e35_6.0.6001.18000_none_772192e1868720e9\hdaudbus.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 14848 c:\windows\winsxs\x86_genprint.inf_31bf3856ad364e35_6.0.6001.18000_none_8168b98c3625d77a\scsiprnt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13312 c:\windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20480 c:\windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\flpydisk.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 25088 c:\windows\winsxs\x86_fdc.inf_31bf3856ad364e35_6.0.6001.18000_none_0191b36de067e676\fdc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 16384 c:\windows\winsxs\x86_dot4prt.inf_31bf3856ad364e35_6.0.6001.18000_none_6d3b23766cb698be\Dot4Prt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 36864 c:\windows\winsxs\x86_dot4.inf_31bf3856ad364e35_6.0.6001.18000_none_dc7405a5dc041870\Dot4usb.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 10752 c:\windows\winsxs\x86_dot4.inf_31bf3856ad364e35_6.0.6001.18000_none_dc7405a5dc041870\Dot4Scan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 49152 c:\windows\winsxs\x86_divasx86.inf_31bf3856ad364e35_6.0.6001.18000_none_60480b0f3e8d2080\disrvsu.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 38912 c:\windows\winsxs\x86_divasx86.inf_31bf3856ad364e35_6.0.6001.18000_none_60480b0f3e8d2080\disrvpp.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 28672 c:\windows\winsxs\x86_divasx86.inf_31bf3856ad364e35_6.0.6001.18000_none_60480b0f3e8d2080\diapi232.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 26112 c:\windows\winsxs\x86_display.inf_31bf3856ad364e35_6.0.6001.18000_none_80554009ce4ef485\vgapnp.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 55352 c:\windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 24632 c:\windows\winsxs\x86_crcdisk.inf_31bf3856ad364e35_6.0.6001.18000_none_978b1f9648a639ba\crcdisk.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 41472 c:\windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.0.6001.18000_none_5d4a5a9eef611fb3\viac7.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 40960 c:\windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.0.6001.18000_none_5d4a5a9eef611fb3\processr.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 41472 c:\windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.0.6001.18000_none_5d4a5a9eef611fb3\intelppm.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 40960 c:\windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.0.6001.18000_none_5d4a5a9eef611fb3\crusoe.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 44032 c:\windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.0.6001.18000_none_5d4a5a9eef611fb3\amdk8.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 41472 c:\windows\winsxs\x86_cpu.inf_31bf3856ad364e35_6.0.6001.18000_none_5d4a5a9eef611fb3\amdk7.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 26112 c:\windows\winsxs\x86_clusdisk.inf_31bf3856ad364e35_6.0.6001.18000_none_ed9445d1044eb92b\ClusDisk.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 35328 c:\windows\winsxs\x86_circlass.inf_31bf3856ad364e35_6.0.6001.18000_none_a17077c72a766fcb\circlass.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 67072 c:\windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 29696 c:\windows\winsxs\x86_bthprint.inf_31bf3856ad364e35_6.0.6001.18000_none_ece2b155402a2078\BTHPRINT.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 92160 c:\windows\winsxs\x86_bthpan.inf_31bf3856ad364e35_6.0.6001.18000_none_8d5932f86deb14a0\bthpan.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 19456 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18064_none_7207e5dbbbbe4497\bthenum.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 29184 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18000_none_7244c43bbb913795\BTHUSB.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 19456 c:\windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18000_none_7244c43bbb913795\bthenum.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13568 c:\windows\winsxs\x86_brmfcsto.inf_31bf3856ad364e35_6.0.6002.18005_none_25dcd6df44d8819b\BrFiltLo.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 13568 c:\windows\winsxs\x86_brmfcsto.inf_31bf3856ad364e35_6.0.6001.18000_none_23f15dd347b6b64f\BrFiltLo.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 45568 c:\windows\winsxs\x86_blbdrive.inf_31bf3856ad364e35_6.0.6001.18000_none_8d73a758c72875d7\blbdrive.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 12288 c:\windows\winsxs\x86_bda.inf_31bf3856ad364e35_6.0.6001.18000_none_0274b0ffc0f041dc\BdaSup.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 21504 c:\windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.0.6001.18000_none_162792ec53d025b0\hidbatt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 14208 c:\windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.0.6001.18000_none_162792ec53d025b0\CmBatt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 28216 c:\windows\winsxs\x86_battery.inf_31bf3856ad364e35_6.0.6001.18000_none_162792ec53d025b0\battc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 14208 c:\windows\winsxs\x86_avc.inf_31bf3856ad364e35_6.0.6001.18000_none_ac594d67921e177d\avcstrm.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 40448 c:\windows\winsxs\x86_avc.inf_31bf3856ad364e35_6.0.6001.18000_none_ac594d67921e177d\avc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 24576 c:\windows\winsxs\x86_aspnet_regbrowsers_b03f5f7f11d50a3a_6.0.6001.18000_none_096805b31912ad6d\aspnet_regbrowsers.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 79928 c:\windows\winsxs\x86_arcsas.inf_31bf3856ad364e35_6.0.6001.18000_none_1af7e8a288f6519e\arcsas.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 79416 c:\windows\winsxs\x86_arc.inf_31bf3856ad364e35_6.0.6001.18000_none_1fe03d43c7d9a299\arc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 59448 c:\windows\winsxs\x86_agp.inf_31bf3856ad364e35_6.0.6001.18000_none_6c002146e0cbc529\UAGP35.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 61496 c:\windows\winsxs\x86_agp.inf_31bf3856ad364e35_6.0.6001.18000_none_6c002146e0cbc529\GAGP30KX.SYS
+ 2008-01-21 02:23 . 2008-01-21 02:23 81408 c:\windows\winsxs\x86_acw_31bf3856ad364e35_6.0.6001.18000_none_7e59de1d1d1b8706\ACW.exe
+ 2008-01-21 02:23 . 2008-01-21 02:23 11264 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\wmiacpi.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20792 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\compbatt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 28216 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\battc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 11264 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\wmiacpi.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 20792 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\compbatt.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 28216 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\battc.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 45696 c:\windows\winsxs\x86_61883.inf_31bf3856ad364e35_6.0.6001.18000_none_29fd63201f54f1c7\61883.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 53376 c:\windows\winsxs\x86_1394.inf_31bf3856ad364e35_6.0.6002.18005_none_fd1acfab0309bd5e\1394bus.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 61952 c:\windows\winsxs\x86_1394.inf_31bf3856ad364e35_6.0.6001.18000_none_fb2f569f05e7f212\ohci1394.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 53376 c:\windows\winsxs\x86_1394.inf_31bf3856ad364e35_6.0.6001.18000_none_fb2f569f05e7f212\1394bus.sys
+ 2008-01-21 02:23 . 2008-01-21 02:23 90112 c:\windows\winsxs\msil_system.web.regularexpressions_b03f5f7f11d50a3a_6.0.6001.18000_none_4d8acda41e800dc1\System.Web.RegularExpressions.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 16384 c:\windows\winsxs\msil_system.servicemodel.washosting_b77a5c561934e089_6.0.6000.16386_none_be3a9114e106fe93\System.ServiceModel.WasHosting.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 86016 c:\windows\winsxs\msil_sonicmceburnengine_31bf3856ad364e35_6.0.6000.16386_none_e9a63251c5d02898\SonicMCEBurnEngine.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 94208 c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6000.16386_none_9ebdd25cafaa8f8d\SMdiagnostics.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 61440 c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6000.16386_none_4af83b08fbaec5a7\ServiceModelReg.exe
+ 2006-11-02 12:41 . 2006-11-02 12:41 40960 c:\windows\winsxs\msil_napinit.resources_31bf3856ad364e35_6.0.6000.16386_en-us_76fba94fc75a93c4\napinit.Resources.dll
+ 2006-11-02 12:40 . 2006-11-02 12:40 36864 c:\windows\winsxs\msil_mmcex.resources_31bf3856ad364e35_6.0.6000.16386_en-us_7f25f66c0260d077\MMCEx.Resources.dll
+ 2006-11-02 12:41 . 2006-11-02 12:41 69632 c:\windows\winsxs\msil_microsoft.web.management.resources_31bf3856ad364e35_6.0.6000.16386_en-us_eff443ad0f946fd2\Microsoft.Web.Management.resources.dll
+ 2006-11-02 12:41 . 2006-11-02 12:41 69632 c:\windows\winsxs\msil_microsoft.web.manag..netclient.resources_31bf3856ad364e35_6.0.6000.16386_en-us_94578d6b5f9fe1d6\Microsoft.Web.Management.AspnetClient.resources.dll
+ 2006-11-02 12:41 . 2006-11-02 12:41 69632 c:\windows\winsxs\msil_microsoft.tpm.resources_31bf3856ad364e35_6.0.6000.16386_en-us_95983df96e838182\microsoft.tpm.resources.dll
+ 2006-11-02 12:40 . 2006-11-02 12:40 16384 c:\windows\winsxs\msil_microsoft.managementconsole.resources_31bf3856ad364e35_6.0.6000.16386_en-us_0063e7b750b58e3b\Microsoft.ManagementConsole.Resources.dll
+ 2006-11-02 12:41 . 2006-11-02 12:41 36864 c:\windows\winsxs\msil_microsoft.ink.resources_31bf3856ad364e35_6.0.6000.16386_en-us_efad67662db7f76d\Microsoft.Ink.Resources.dll
+ 2008-01-21 02:23 . 2008-01-21 02:23 77824 c:\windows\winsxs\msil_iehost_b03f5f7f11d50a3a_6.0.6001.18000_none_7e599118080fd00d\IEHost.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 49152 c:\windows\winsxs\msil_ehiwuapi_31bf3856ad364e35_6.0.6000.16386_none_f2050148315baf7c\ehiWUapi.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 18944 c:\windows\winsxs\msil_ehiuserxp_31bf3856ad364e35_6.0.6000.16386_none_5e7dabdde7e80f5d\ehiUserXp.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6001.18000_none_fdcbbc4906dd2f5d\ehiExtens.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 14848 c:\windows\winsxs\msil_ehextcom_31bf3856ad364e35_6.0.6000.16386_none_d88a9acbe6e48cff\ehExtCOM.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35 90112 c:\windows\winsxs\msil_ehcir_31bf3856ad364e35_6.0.6000.16386_none_de4be490cedba901\ehCIR.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 31232 c:\windows\twunk_32.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 49680 c:\windows\twunk_16.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 50688 c:\windows\twain_32.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 94784 c:\windows\twain.dll

PinotNoir · 2009/12/22

Gosh this will take another 10 replies..Should I keep posting??

broni · 2009/12/22

Upload the file here: http://uploadmb.com/
Post download link.

PinotNoir · 2009/12/22

http://www.uploadmb.com/dw.php?id=1261530680

broni · 2009/12/22

Uninstall Combofix:
Go Start > Run [Vista users, go Start> "Start search"]
Type in:
Combofix /Uninstall
Note the space between the "Combofix" and the "/Uninstall "
Restart computer.

============================================================

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in pop-up window to allow scan.

This will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.

Once the short scan has finished, select Complete scan.

Click the green arrow at the right, and the scan will start.

Click Yes to all if it asks if you want to cure/move the file.

When the scan has finished, in the menu, click File and choose Save report list

Save the report to your desktop. The report will be called DrWeb.csv

Close Dr.Web Cureit.

Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

Copy and paste that log in the next reply. You can use Notepad to open the DrWeb.cvs report.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Post fresh HijackThis log as well.

Log in or Sign up

Active Google/Yahoo or insert search engine redirect!

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Active Google/Yahoo or *insert search engine* redirect!

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

PinotNoir Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches

Active Google/Yahoo or insert search engine redirect!