1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Virus check for 3 Feb 2012

Discussion in 'Malware and Virus Removal Archive' started by dispatch trophy, 2012/02/04.

Page 1 of 3
  1. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    [Inactive] Virus check for 3 Feb 2012

    Strange behavior for the last week or two.

    1. When I clicked on Firefox, MS Messenger opens, and one text file opens, when clicked again on Firefox and second text file opens.

    Action taken: I uninstalled and reinstalled Firefox, and uninstalled MS Messenger. Problem has not returned.

    2. After doing "full system scan" with AVAST, the avast window returns to the beginning of the "full system scan window. It does not say how if or how many infected items found.

    it lists certain files that could not be scanned.

    It does not give a report.

    I attempted to update avast, but got the message "cannot connect to server" 3 Feb 2012 But I was able to work on the internet so internet working.
     
    dispatch trophy,
    #1
  2. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    MALWARE BYTES REPORT

    I allowed MB to delete these now because I am having some problems, even though I suspect this is a false alarm.

    Malwarebytes Anti-Malware 1.60.0.1800
    www.malwarebytes.org

    Database version: v2012.01.30.02

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 6.0.2900.5512
    user account :: VALUED-7B9600FA [administrator]

    Protection: Enabled

    2/3/2012 1:56:09 PM
    mbam-log-2012-02-03 (13-56-09).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 229768
    Time elapsed: 1 hour(s), 58 minute(s), 7 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 27
    C:\Program Files\AutoCrop.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\codecvt.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\dcexport.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\dcfr.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\imgtool.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\memio.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMCSY.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMDAN.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMDUT.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMENG.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMFIN.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMFRA.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMGER.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMGRE.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMITA.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMNON.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMNOR.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMPLK.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMPTG.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMSPN.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMSWE.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMTRK.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\OCRUtil.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\pccrsdk.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\post.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\Recogn.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\Segment.dll (Spyware.OnlineGames) -> Delete on reboot.

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 50
    C:\Program Files\AutoCrop.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\ccmllnk.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\codecvt.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\dcexport.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\dcfr.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\ExeBud32.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\fid.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\Fioall.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\FioExt32.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\imgtool.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\lcppn22.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\memio.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\nextpwd.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\NGRMCSY.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMDAN.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMDUT.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMENG.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMFIN.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMFRA.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMGER.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMGRE.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMITA.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMNON.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMNOR.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMPLK.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMPTG.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMRUS.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\NGRMSPN.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMSWE.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NGRMTRK.DLL (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\NsFip.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\NTSTHK16.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\NTSTHK32.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\OCRUtil.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\OLDPNG32.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\pack.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\pccrsdk.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\pmdata.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\PMExeBud.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\PMXpsView.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\post.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\PrnDrvSetup.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\Recogn.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\Segment.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\UFSE.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\umxnts32.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\UNPACK.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\UXFSE.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\VideoData.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Program Files\XpsCreator.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

    (end)
     
    dispatch trophy,
    #2


  3. to hide this advert.

  4. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    GMER SCAN

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-02-04 00:20:56
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Maxtor_4D080H4 rev.DAH017K0
    Running: 2ikmhmdc.exe; Driver: C:\DOCUME~1\USERAC~1\LOCALS~1\Temp\kfacrkog.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xF6715FC4]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xF67A2510]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xF67396A9]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xF6718456]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xF67184AE]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xF67185C4]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xF673905D]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xF67183AC]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xF67184FE]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xF6718400]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xF6718572]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xF6715FE8]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xF6739D6F]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xF673A025]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xF6718848]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xF6739BDA]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xF6739A45]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xF67A25C0]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xF6715DB2]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xF671600C]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xF67189BC]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xF6716AA4]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xF6718486]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xF67184D6]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xF67185EE]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xF67393B9]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xF67183D8]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xF6718680]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xF671853E]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xF671842E]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xF6718764]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xF671859C]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xF67A2658]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xF67398C0]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xF671696A]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xF6739712]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xF67AA9E6]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xF67386D0]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xF6716030]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xF6716054]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xF6715E0C]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xF6715F48]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xF6739E76]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xF6715F24]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xF6715F6C]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xF6716078]

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xF67B67A2]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntoskrnl.exe!_abnormal_termination + 140 804E27AC 4 Bytes CALL 94449910
    .text ntoskrnl.exe!_abnormal_termination + 271 804E28DD 3 Bytes [26, 7A, F6]
    PAGE ntoskrnl.exe!ZwReplyWaitReceivePortEx + 3CC 8056BB08 4 Bytes CALL F671700F \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    ? wqspnau.sys The system cannot find the file specified. !
    .text win32k.sys!EngSetLastError + 79A8 BF8242D4 5 Bytes JMP F6718B9A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!FONTOBJ_pxoGetXform + C2CF BF85198B 5 Bytes JMP F6718AD6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!XLATEOBJ_iXlate + 3581 BF85E514 5 Bytes JMP F6718DE6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!XLATEOBJ_iXlate + 360C BF85E59F 5 Bytes JMP F6718FBC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngCreatePalette + 88 BF85F812 5 Bytes JMP F6718ABE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngGetCurrentCodePage + 4128 BF873F30 5 Bytes JMP F6718F76 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngCopyBits + 4DEC BF89DBA0 5 Bytes JMP F6718C0A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngEraseSurface + A9F7 BF8C2130 5 Bytes JMP F6718CA4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngFillPath + 1517 BF8CA592 5 Bytes JMP F6718D14 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngFillPath + 1797 BF8CA812 5 Bytes JMP F6718D4E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngDeleteSemaphore + 3B3E BF8EC297 5 Bytes JMP F67189F2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngCreateClip + 19DF BF91348A 5 Bytes JMP F6718B56 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngCreateClip + 25B3 BF91405E 5 Bytes JMP F6718C6E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text win32k.sys!EngCreateClip + 4F2C BF9169D7 5 Bytes JMP F67190D6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
    .text ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]

    ---- User code sections - GMER 1.0.15 ----

    .text C:\WINDOWS\System32\WScript.exe[96] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
    .text C:\WINDOWS\System32\WScript.exe[96] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\WScript.exe[96] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
    .text C:\WINDOWS\System32\WScript.exe[96] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00371014
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00370804
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00370A08
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00370C0C
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00370E10
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003701F8
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003703FC
    .text C:\WINDOWS\System32\WScript.exe[96] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00370600
    .text C:\WINDOWS\System32\WScript.exe[96] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00380804
    .text C:\WINDOWS\System32\WScript.exe[96] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00380A08
    .text C:\WINDOWS\System32\WScript.exe[96] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00380600
    .text C:\WINDOWS\System32\WScript.exe[96] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003801F8
    .text C:\WINDOWS\System32\WScript.exe[96] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003803FC
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
    .text C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe[240] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
    .text C:\WINDOWS\System32\alg.exe[356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\System32\alg.exe[356] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\alg.exe[356] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\System32\alg.exe[356] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\alg.exe[356] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002B0804
    .text C:\WINDOWS\System32\alg.exe[356] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\System32\alg.exe[356] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002B0600
    .text C:\WINDOWS\System32\alg.exe[356] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\System32\alg.exe[356] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\System32\alg.exe[356] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
    .text C:\WINDOWS\System32\smss.exe[492] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 006E1014
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 006E0804
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 006E0A08
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 006E0C0C
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 006E0E10
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 006E01F8
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 006E03FC
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 006E0600
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 006F0804
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 006F0A08
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 006F0600
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 006F01F8
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[544] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 006F03FC
    .text C:\WINDOWS\system32\csrss.exe[548] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\csrss.exe[548] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\winlogon.exe[576] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000701F8
    .text C:\WINDOWS\system32\winlogon.exe[576] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\winlogon.exe[576] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000703FC
    .text C:\WINDOWS\system32\winlogon.exe[576] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\system32\winlogon.exe[576] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\system32\winlogon.exe[576] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\winlogon.exe[576] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\winlogon.exe[576] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\winlogon.exe[576] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\winlogon.exe[576] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\system32\services.exe[620] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\system32\services.exe[620] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\services.exe[620] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\system32\services.exe[620] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\system32\services.exe[620] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\system32\services.exe[620] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\services.exe[620] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\services.exe[620] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\services.exe[620] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\services.exe[620] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\system32\lsass.exe[632] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\system32\lsass.exe[632] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\lsass.exe[632] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\system32\lsass.exe[632] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\system32\lsass.exe[632] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\system32\lsass.exe[632] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\lsass.exe[632] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\lsass.exe[632] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\lsass.exe[632] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\lsass.exe[632] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\Program Files\AVAST Software\Avast\avastUI.exe[684] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\AVAST Software\Avast\avastUI.exe[684] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000A01F8
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000A03FC
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
    .text C:\WINDOWS\system32\NOTEPAD.EXE[752] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
    .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[756] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00380804
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00380A08
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00380600
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003801F8
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003803FC
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
    .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[764] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
    .text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\system32\svchost.exe[784] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\system32\svchost.exe[848] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\system32\svchost.exe[848] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\svchost.exe[848] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\system32\svchost.exe[848] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\system32\svchost.exe[848] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\system32\svchost.exe[848] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\svchost.exe[848] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\svchost.exe[848] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\svchost.exe[848] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\svchost.exe[848] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text
     
    dispatch trophy,
    #3
  5. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\System32\svchost.exe[916] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\System32\svchost.exe[916] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\System32\svchost.exe[916] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\System32\svchost.exe[916] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\System32\svchost.exe[916] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\System32\svchost.exe[916] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\System32\svchost.exe[916] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\System32\svchost.exe[944] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\System32\svchost.exe[944] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\svchost.exe[944] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\System32\svchost.exe[944] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\System32\svchost.exe[944] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\System32\svchost.exe[944] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\System32\svchost.exe[944] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\System32\svchost.exe[944] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\System32\svchost.exe[944] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\System32\svchost.exe[944] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\System32\svchost.exe[980] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\System32\svchost.exe[980] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\svchost.exe[980] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\System32\svchost.exe[980] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\System32\svchost.exe[980] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\System32\svchost.exe[980] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\System32\svchost.exe[980] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\System32\svchost.exe[980] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\System32\svchost.exe[980] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\System32\svchost.exe[980] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003A1014
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003A0804
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003A0A08
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003A0C0C
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003A0E10
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003A01F8
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003A03FC
    .text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1008] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003A0600
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003A1014
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003A0804
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003A0A08
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003A0C0C
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003A0E10
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003A01F8
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003A03FC
    .text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1032] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003A0600
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe[1056] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
    .text C:\WINDOWS\system32\svchost.exe[1076] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\system32\svchost.exe[1076] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\svchost.exe[1076] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\system32\svchost.exe[1076] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\system32\svchost.exe[1076] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\system32\svchost.exe[1076] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\svchost.exe[1076] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\svchost.exe[1076] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\svchost.exe[1076] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\svchost.exe[1076] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000A01F8
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000A03FC
    .text C:\WINDOWS\system32\ctfmon.exe[1256] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\system32\ctfmon.exe[1256] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\ctfmon.exe[1256] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
    .text C:\WINDOWS\system32\ctfmon.exe[1256] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
    .text C:\WINDOWS\system32\ctfmon.exe[1256] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
    .text C:\WINDOWS\system32\ctfmon.exe[1256] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
    .text C:\WINDOWS\system32\ctfmon.exe[1256] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
    .text C:\WINDOWS\Explorer.EXE[1284] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\Explorer.EXE[1284] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\Explorer.EXE[1284] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\Explorer.EXE[1284] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\Explorer.EXE[1284] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
    .text C:\WINDOWS\Explorer.EXE[1284] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
    .text C:\WINDOWS\Explorer.EXE[1284] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
    .text C:\WINDOWS\Explorer.EXE[1284] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
    .text C:\WINDOWS\Explorer.EXE[1284] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
    .text C:\WINDOWS\Explorer.EXE[1284] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
    .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1348] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1348] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
    .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1348] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
    .text C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
    .text
     
    dispatch trophy,
    #4
  6. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe[1544] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00380804
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00380A08
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00380600
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003801F8
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003803FC
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
    .text C:\WINDOWS\System32\nvsvc32.exe[1572] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00500804
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00500A08
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00500600
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 005001F8
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 005003FC
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00511014
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00510804
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00510A08
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00510C0C
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00510E10
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 005101F8
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 005103FC
    .text C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe[1728] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00510600
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00380804
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00380A08
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00380600
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003801F8
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003803FC
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
    .text C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe[1744] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\system32\spoolsv.exe[1796] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\system32\spoolsv.exe[1796] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\system32\spoolsv.exe[1796] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\spoolsv.exe[1796] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\spoolsv.exe[1796] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\spoolsv.exe[1796] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\spoolsv.exe[1796] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003C0804
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003C0A08
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003C0600
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003C01F8
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003C03FC
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003D1014
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003D0804
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003D0A08
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003D0C0C
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003D0E10
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003D01F8
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003D03FC
    .text C:\Program Files\Sony\VAIO Action Setup\VAServ.exe[1872] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003D0600
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000501F8
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000503FC
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00291014
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00290804
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00290A08
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00290C0C
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00290E10
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002901F8
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002903FC
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00290600
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002A0804
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002A0A08
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002A0600
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002A01F8
    .text C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe[1976] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002A03FC
    .text C:\WINDOWS\System32\svchost.exe[1992] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
    .text C:\WINDOWS\System32\svchost.exe[1992] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\System32\svchost.exe[1992] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
    .text C:\WINDOWS\System32\svchost.exe[1992] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
    .text C:\WINDOWS\System32\svchost.exe[1992] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
    .text C:\WINDOWS\System32\svchost.exe[1992] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
    .text C:\WINDOWS\System32\svchost.exe[1992] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\System32\svchost.exe[1992] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
    .text C:\WINDOWS\System32\svchost.exe[1992] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\System32\svchost.exe[1992] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
    .text C:\Documents and Settings\user account\Desktop\2ikmhmdc.exe[2004] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Documents and Settings\user account\Desktop\2ikmhmdc.exe[2004] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000B01F8
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000B03FC
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002E1014
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002E0804
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002E0A08
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002E0C0C
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002E0E10
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002E01F8
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002E03FC
    .text C:\Program Files\Java\jre6\bin\java.exe[2196] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002E0600
    .text C:\WINDOWS\system32\wscntfy.exe[2476] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\wscntfy.exe[2476] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000A01F8
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000A03FC
    .text C:\WINDOWS\system32\taskmgr.exe[2608] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
    .text C:\WINDOWS\system32\taskmgr.exe[2608] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
    .text C:\WINDOWS\system32\taskmgr.exe[2608] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
    .text C:\WINDOWS\system32\taskmgr.exe[2608] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
    .text C:\WINDOWS\system32\taskmgr.exe[2608] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
    .text C:\WINDOWS\system32\taskmgr.exe[2608] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
    .text C:\WINDOWS\system32\taskmgr.exe[2608] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003A0804
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003A0A08
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003A0600
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003A01F8
    .text C:\Program Files\Java\jre6\bin\jqs.exe[2740] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003A03FC
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
    .text c:\progra~1\Support.com\client\bin\tgcmd.exe[2796] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\WINDOWS\system32\services.exe[620] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 005E0002
    IAT C:\WINDOWS\system32\services.exe[620] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 005E0000

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

    ---- Files - GMER 1.0.15 ----

    File C:\Documents and Settings\user account\Application Data\Freenet\temp\temp-4420f07dbb9bfdfc 0 bytes
    File C:\Documents and Settings\user account\Application Data\Freenet\temp\temp-63b20b321cca1b04 0 bytes

    ---- EOF - GMER 1.0.15 ----
     
    dispatch trophy,
    #5
  7. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    aswMBR LOG

    aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-04 00:35:32
    -----------------------------
    00:35:32.171 OS Version: Windows 5.1.2600 Service Pack 3
    00:35:32.171 Number of processors: 1 586 0x102
    00:35:32.171 ComputerName: VALUED-7B9600FA UserName: user account
    00:35:35.109 Initialize success
    00:35:40.843 AVAST engine defs: 11121801
    00:35:47.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    00:35:47.187 Disk 0 Vendor: Maxtor_4D080H4 DAH017K0 Size: 78167MB BusType: 3
    00:35:47.187 Disk 1 \Device\Harddisk1\DR3 -> \Device\00000061
    00:35:47.187 Disk 1 Vendor: Sony 0000 Size: 78167MB BusType: 0
    00:35:47.296 Disk 0 MBR read successfully
    00:35:47.296 Disk 0 MBR scan
    00:35:48.125 Disk 0 Windows XP default MBR code
    00:35:48.171 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 28670 MB offset 63
    00:35:48.812 Disk 0 Partition - 00 0F Extended LBA 49489 MB offset 58717575
    00:35:48.921 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 49489 MB offset 58717638
    00:35:49.015 Disk 0 scanning sectors +160071660
    00:35:49.593 Disk 0 scanning C:\WINDOWS\system32\drivers
    00:36:59.765 Service scanning
    00:37:04.265 Modules scanning
    00:38:06.921 Disk 0 trace - called modules:
    00:38:06.968 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys
    00:38:06.968 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f5cab8]
    00:38:06.968 3 CLASSPNP.SYS[f85a5fd7] -> nt!IofCallDriver -> \Device\0000005a[0x82fd7f18]
    00:38:06.984 5 ACPI.sys[f84ec620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f3e940]
    00:38:07.890 AVAST engine scan C:\WINDOWS
    00:39:00.625 AVAST engine scan C:\WINDOWS\system32
    00:47:03.968 AVAST engine scan C:\WINDOWS\system32\drivers
    00:47:56.203 AVAST engine scan C:\Documents and Settings\user account
    00:54:18.703 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user account\Desktop\MBR.dat "
    00:54:18.703 The log file has been saved successfully to "C:\Documents and Settings\user account\Desktop\aswMBR.txt "
     
    dispatch trophy,
    #6
  8. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    DDS FILE

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_30
    Run by user account at 0:59:52 on 2012-02-04
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.512.51 [GMT -8:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\WScript.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    svchost.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe
    C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
    C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
    C:\Documents and Settings\user account\Application Data\Freenet\freenet.exe
    C:\Documents and Settings\user account\Application Data\Freenet\wrapper\freenetwrapper.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    c:\progra~1\Support.com\client\bin\tgcmd.exe
    C:\Program Files\Java\jre6\bin\java.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = https://www.zoho.com/mail/
    uURLSearchHooks: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Updater For Verizon Toolbar: {96673559-e653-4cdc-8923-f89347a952c0} - c:\program files\verizontb\auxi\verizonAu.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
    TB: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Scan Buttons] c:\program files\Pmsb.exe
    uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe "
    mRun: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
    mRun: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
    mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe "
    mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    StartupFolder: c:\docume~1\userac~1\startm~1\programs\startup\startf~1.lnk - c:\documents and settings\user account\application data\freenet\freenet.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vaioac~1.lnk - c:\program files\sony\vaio action setup\VAServ.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{DB6DB53C-CC9A-49DE-AC6D-62A5F9FBDEAB} : DhcpNameServer = 192.168.1.1
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\user account\application data\mozilla\firefox\profiles\7hlz5zzh.default\
    FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-18 435032]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-2 314456]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-18 20568]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-2 44768]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-18 652872]
    R2 SonyFKC;FAN and Keyboard Control Service;c:\windows\system32\drivers\SonyFKC.sys [2001-12-19 12032]
    R2 V7;V7;c:\windows\system32\drivers\V7.SYS [2011-11-30 7196]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-18 20464]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-8 136176]
    S3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver;c:\windows\system32\drivers\bcm42xx5.sys [2001-12-14 54271]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-8 136176]
    S3 SMBE;Sony MPEG2 Encoder Board (WDM);c:\windows\system32\drivers\Smbe.sys [2001-12-14 593000]
    .
    =============== Created Last 30 ================
    .
    2012-02-02 06:50:11 15795464 ----a-w- c:\program files\Firefox Setup 10.0.exe
    2012-02-01 01:49:20 -------- d-----w- c:\documents and settings\user account\application data\Freenet
    2012-02-01 01:47:29 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-02-01 01:47:29 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-01-31 15:14:59 -------- d-----w- c:\windows\system32\FxsTmp
    2012-01-31 15:14:31 31744 -c--a-w- c:\windows\system32\dllcache\fxsroute.dll
    2012-01-31 15:14:31 31744 ----a-w- c:\windows\system32\fxsroute.dll
    2012-01-31 15:14:31 132608 -c--a-w- c:\windows\system32\dllcache\fxsclntr.dll
    2012-01-31 15:14:31 132608 ----a-w- c:\windows\system32\fxsclntR.dll
    2012-01-31 15:14:31 11264 -c--a-w- c:\windows\system32\dllcache\fxssend.exe
    2012-01-31 15:14:31 11264 ----a-w- c:\windows\system32\fxssend.exe
    2012-01-31 15:14:30 111104 -c--a-w- c:\windows\system32\dllcache\fxscfgwz.dll
    2012-01-31 15:14:30 111104 ----a-w- c:\windows\system32\fxscfgwz.dll
    2012-01-28 15:22:00 -------- d-----w- c:\documents and settings\user account\.thumbnails
    2012-01-27 04:26:26 -------- d-----w- c:\program files\FreeTime
    2012-01-26 11:19:03 -------- d-----w- c:\documents and settings\user account\local settings\application data\OLYMPUS
    2012-01-26 11:14:38 -------- d-----w- c:\program files\OLYMPUS
    2012-01-24 12:09:26 -------- d-----w- c:\documents and settings\user account\application data\COWON
    2012-01-14 21:00:29 106496 ----a-w- c:\windows\system32\cnqo4802.dll
    2012-01-14 21:00:28 57344 ----a-w- c:\windows\system32\CNQI4802.DLL
    2012-01-14 21:00:28 143360 ----a-w- c:\windows\system32\CNQL4802.DLL
    2012-01-14 21:00:28 1298432 ----a-w- c:\windows\system32\CNQC4802.DLL
    2012-01-12 09:29:11 -------- d-----w- c:\documents and settings\user account\.gimp-2.6
    2012-01-09 04:06:14 -------- d-----w- c:\documents and settings\user account\local settings\application data\ApplicationHistory
    2012-01-09 03:57:09 -------- d-----w- c:\windows\system32\URTTemp
    .
    ==================== Find3M ====================
    .
    2012-01-09 05:20:07 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-12-10 23:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
    2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
    2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
    2011-11-22 19:56:12 23376 ----a-w- c:\windows\system32\dopdfmn7.dll
    2011-11-22 19:56:10 20816 ----a-w- c:\windows\system32\dopdfmi7.dll
    2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
    2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
    2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
    2011-08-17 23:17:38 10307728 ----a-w- c:\program files\Opera_1150_int_Setup.exe
    2006-10-11 01:24:16 147456 ----a-w- c:\program files\Pmsb.exe
    2006-09-27 03:14:22 32768 ----a-w- c:\program files\PMXpsCreator.dll
    2006-09-27 00:59:32 4022272 ----a-w- c:\program files\Prestopm.exe
    2006-09-27 00:58:38 94208 ----a-w- c:\program files\ScanModule.dll
    2006-09-27 00:57:02 32768 ----a-w- c:\program files\PMSaveXPS.dll
    2006-09-27 00:45:22 81920 ----a-w- c:\program files\PMSave.dll
    2006-09-26 22:16:04 868352 ----a-w- c:\program files\SlideBarDLL.dll
    2006-09-20 19:09:14 24576 ----a-w- c:\program files\AvalonPage.dll
    2006-09-20 18:46:34 61440 ----a-w- c:\program files\NsScanToPdf.exe
    2006-09-20 18:36:24 36864 ----a-w- c:\program files\PMSavePdf.dll
    2006-09-19 22:54:04 290816 ----a-w- c:\program files\PMPageVW.dll
    2006-09-19 19:46:42 24576 ----a-w- c:\program files\PMXpsHostView.dll
    2006-09-19 02:05:00 1171456 ----a-w- c:\program files\PMView.dll
    2006-09-15 17:06:24 151552 ----a-w- c:\program files\PMSearch.dll
    2006-09-14 23:07:08 208896 ----a-w- c:\program files\RapDocImg.dll
    2006-09-14 23:07:06 98304 ----a-w- c:\program files\PMVLink.dll
    2006-09-14 18:44:18 49152 ----a-w- c:\program files\Print.dll
    2006-09-14 18:41:44 155648 ----a-w- c:\program files\PMCommon.dll
    2006-09-13 17:19:50 323584 ----a-w- c:\program files\iConvert16.dll
    2006-09-13 17:17:08 241664 ----a-w- c:\program files\PShow.exe
    2006-08-22 17:02:32 180224 ----a-w- c:\program files\PMScnSet.dll
    2006-08-21 18:42:24 180307 ----a-w- c:\program files\PMINSO.dll
    2006-08-21 17:57:04 253952 ----a-w- c:\program files\PMTree.dll
    2006-08-21 17:28:16 45056 ----a-w- c:\program files\PerformOcr.dll
    2006-08-01 18:27:04 110592 ----a-w- c:\program files\PDFWriter.dll
    2006-07-20 01:35:52 126976 ----a-w- c:\program files\OCR.dll
    2006-07-11 19:03:06 24576 ----a-w- c:\program files\AutmnXls.dll
    2006-07-11 19:02:58 24576 ----a-w- c:\program files\AutmnPpt.dll
    2006-07-11 19:02:46 24576 ----a-w- c:\program files\AutmnDoc.dll
    2006-06-15 18:09:14 507904 ----a-w- c:\program files\MergePDF.dll
    2006-02-28 00:23:06 274516 ----a-w- c:\program files\PMToApp.dll
    2006-02-28 00:22:12 28672 ----a-w- c:\program files\NetScanDll.dll
    2006-02-22 18:15:26 45056 ----a-w- c:\program files\WriteIfo2Pdf.dll
    2006-02-16 00:25:04 49152 ----a-w- c:\program files\NSWia.dll
    2006-02-16 00:04:50 98304 ----a-w- c:\program files\NsScan.dll
    2006-01-13 04:23:46 249856 ----a-w- c:\program files\PMDB.dll
    2006-01-12 23:04:24 397312 ----a-w- c:\program files\pmtwain.dll
    2005-09-14 00:10:10 483328 ----a-w- c:\program files\WpdfViewer.exe
    2005-09-06 18:47:46 102400 ----a-w- c:\program files\PMApSet.dll
    2005-08-15 17:13:50 57344 ----a-w- c:\program files\PMISM.dll
    2005-08-08 22:20:20 57344 ----a-w- c:\program files\PMStatus.dll
    2005-08-08 17:18:06 303104 ----a-w- c:\program files\PrintFun.exe
    2005-07-30 02:10:04 176128 ----a-w- c:\program files\PMImgVW.dll
    2005-07-29 02:52:18 114688 ----a-w- c:\program files\Fioall32.dll
    2005-07-26 03:53:24 86016 ----a-w- c:\program files\PMProp.dll
    2005-07-26 02:02:18 36864 ----a-w- c:\program files\fiopct32.dll
    2005-07-26 01:11:22 303104 ----a-w- c:\program files\Fiotif32.dll
    2005-07-16 01:04:26 32768 ----a-w- c:\program files\PrintFunLnk.dll
    2005-07-16 01:01:08 131072 ----a-w- c:\program files\PMANO.dll
    2005-07-14 01:58:20 57344 ----a-w- c:\program files\WriteData2Pdf.dll
    2005-07-01 21:14:28 69632 ----a-w- c:\program files\NsSavePdf.exe
    2005-06-30 21:55:38 45056 ----a-w- c:\program files\WriteDriver2Pdf.dll
    2005-06-09 00:40:12 40960 ----a-w- c:\program files\NsWaitApp.exe
    2005-05-26 00:51:22 315392 ----a-w- c:\program files\PMAnoSet.dll
    2005-04-14 19:39:38 40960 ----a-w- c:\program files\NetFun98.dll
    2005-04-14 19:39:28 40960 ----a-w- c:\program files\NetFun2K.dll
    2005-04-08 17:28:06 49152 ----a-w- c:\program files\PMSet.dll
    2005-04-08 17:25:48 98304 ----a-w- c:\program files\ComClass.dll
    2005-03-20 02:56:22 40960 ----a-w- c:\program files\PDFWDLL.dll
    2005-03-20 01:56:28 32768 ----a-w- c:\program files\NewsoftLink.dll
    2005-03-15 18:48:14 36864 ----a-w- c:\program files\cmdlnk.dll
    2005-03-14 23:50:14 36864 ----a-w- c:\program files\PMPDFView.dll
    2005-03-12 00:27:14 294912 ----a-w- c:\program files\PMAppBar.dll
    2005-03-09 17:35:48 1239616 ----a-w- c:\program files\pdflib.dll
    2005-03-04 21:57:28 409600 ----a-w- c:\program files\LiveUpdateTray.exe
    2005-02-22 18:13:44 94208 ----a-w- c:\program files\PMDocVW.dll
    2005-02-19 01:42:16 40960 ----a-w- c:\program files\Prestopm_CN.exe
    2005-02-05 00:03:32 31744 ----a-w- c:\program files\JpgLib.dll
    2005-02-02 18:02:00 28672 ----a-w- c:\program files\mapilnk.dll
    2005-01-31 18:51:32 24576 ----a-w- c:\program files\regapp.exe
    2005-01-20 02:58:30 126976 ----a-w- c:\program files\LiveUpdate.dll
    2005-01-18 02:52:04 28672 ----a-w- c:\program files\SaveToJpg.dll
    2005-01-17 17:24:26 229376 ----a-w- c:\program files\WebSyncEx.dll
    2005-01-13 19:12:08 45056 ----a-w- c:\program files\pmsb_CN.exe
    2004-12-31 21:11:56 28672 ----a-w- c:\program files\OutlookVBA.dll
    2004-12-31 01:20:48 36864 ----a-w- c:\program files\Noteslnk.DLL
    2004-12-27 20:31:14 69632 ----a-w- c:\program files\PHooKDlg.dll
    2004-12-24 23:45:56 32768 ----a-w- c:\program files\ReadFileData.dll
    2004-12-20 21:19:54 24576 ----a-w- c:\program files\printlnk.dll
    2004-12-20 18:40:32 77824 ----a-w- c:\program files\NetGroup.exe
    2004-12-20 18:23:14 28672 ----a-w- c:\program files\NetGroupDll.dll
    2004-09-18 00:18:24 139264 ----a-w- c:\program files\Convert.exe
    2004-07-01 23:08:34 143360 ----a-w- c:\program files\FioTga32.dll
    2004-05-28 22:46:22 40960 ----a-w- c:\program files\PMIEVW.dll
    2004-05-28 22:46:08 40960 ----a-w- c:\program files\PMVoice.dll
    2004-05-17 18:23:48 49152 ----a-w- c:\program files\expvw.exe
    2004-04-21 23:28:22 28672 ----a-w- c:\program files\FioWmf32.dll
    2004-04-15 00:47:20 36864 ----a-w- c:\program files\WordVBA.dll
    2001-08-18 12:00:00 94784 -csh--w- c:\windows\twain.dll
    2008-04-14 00:12:07 50688 --sh--w- c:\windows\twain_32.dll
    2011-02-08 13:33:55 978944 --sha-w- c:\windows\system32\mfc42.dll
    2008-04-14 00:12:01 57344 --sh--w- c:\windows\system32\msvcirt.dll
    2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60.dll
    2008-04-14 00:12:01 343040 --sha-w- c:\windows\system32\msvcrt.dll
    2010-12-20 17:32:15 551936 --sh--w- c:\windows\system32\oleaut32.dll
    2008-04-14 00:12:02 84992 --sh--w- c:\windows\system32\olepro32.dll
    2008-04-14 00:12:32 11776 --sh--w- c:\windows\system32\regsvr32.exe
    .
    ============= FINISH: 1:01:42.00 ===============
     
    dispatch trophy,
    #7
  9. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    ATTACH FILE

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/30/2011 3:00:29 PM
    System Uptime: 2/3/2012 4:16:33 PM (9 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P4B266LM
    Processor: Intel(R) Pentium(R) 4 CPU 1.80GHz | mPGA 478 | 1816/100mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 28 GiB total, 15.742 GiB free.
    D: is FIXED (NTFS) - 48 GiB total, 48.061 GiB free.
    E: is Removable
    F: is CDROM ()
    G: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP36: 12/14/2011 6:13:29 PM - Software Distribution Service 3.0
    RP37: 12/16/2011 12:09:37 AM - System Checkpoint
    RP38: 12/17/2011 1:17:55 AM - System Checkpoint
    RP39: 12/18/2011 2:41:07 AM - System Checkpoint
    RP40: 12/19/2011 5:06:38 AM - System Checkpoint
    RP41: 12/20/2011 8:28:11 AM - System Checkpoint
    RP42: 12/21/2011 1:08:23 PM - System Checkpoint
    RP43: 12/22/2011 3:38:28 AM - 21 December 2011
    RP44: 12/22/2011 8:14:47 PM - Installed PhotoStudio
    RP45: 12/22/2011 8:27:18 PM - Installed Presto! PageManager
    RP46: 12/22/2011 8:27:44 PM - Installed Presto! PageManager 7.15
    RP47: 12/23/2011 11:51:54 PM - System Checkpoint
    RP48: 12/25/2011 3:06:28 AM - System Checkpoint
    RP49: 12/26/2011 3:32:42 AM - System Checkpoint
    RP50: 12/27/2011 7:46:43 PM - System Checkpoint
    RP51: 12/28/2011 8:05:15 PM - System Checkpoint
    RP52: 12/30/2011 3:01:52 AM - System Checkpoint
    RP53: 1/2/2012 8:27:17 AM - Printer Driver doPDF 7 Printer Driver Installed
    RP54: 1/3/2012 12:46:26 PM - System Checkpoint
    RP55: 1/4/2012 1:48:02 PM - System Checkpoint
    RP56: 1/8/2012 12:31:46 AM - System Checkpoint
    RP57: 1/9/2012 8:38:05 AM - System Checkpoint
    RP58: 1/9/2012 12:33:59 PM - Software Distribution Service 3.0
    RP59: 1/10/2012 7:09:14 AM - Software Distribution Service 3.0
    RP60: 1/10/2012 3:39:51 PM - Software Distribution Service 3.0
    RP61: 1/11/2012 12:20:20 AM - Software Distribution Service 3.0
    RP62: 1/12/2012 9:13:34 PM - System Checkpoint
    RP63: 1/13/2012 9:37:01 PM - System Checkpoint
    RP64: 1/14/2012 3:00:32 AM - Software Distribution Service 3.0
    RP65: 1/14/2012 1:02:26 PM - Installed PhotoStudio
    RP66: 1/14/2012 1:05:42 PM - Installed Presto! PageManager
    RP67: 1/14/2012 1:06:15 PM - Installed Presto! PageManager 7.15
    RP68: 1/15/2012 1:13:49 PM - System Checkpoint
    RP69: 1/16/2012 9:13:32 PM - 16 JAN 2012
    RP70: 1/17/2012 4:56:12 PM - Installed PhotoStudio
    RP71: 1/17/2012 7:34:27 PM - Installed Presto! PageManager
    RP72: 1/17/2012 7:35:22 PM - Installed Presto! PageManager 7.15
    RP73: 1/19/2012 12:55:20 AM - System Checkpoint
    RP74: 1/20/2012 1:16:03 AM - System Checkpoint
    RP75: 1/22/2012 4:04:30 AM - System Checkpoint
    RP76: 1/23/2012 9:12:09 AM - System Checkpoint
    RP77: 1/24/2012 3:50:27 PM - System Checkpoint
    RP78: 1/25/2012 4:47:58 PM - System Checkpoint
    RP79: 1/26/2012 3:18:10 AM - Installed Windows Media Format 9 Series Runtime Setup
    RP80: 1/27/2012 1:46:01 PM - System Checkpoint
    RP81: 1/28/2012 1:54:45 PM - System Checkpoint
    RP82: 1/29/2012 2:44:39 PM - System Checkpoint
    RP83: 1/30/2012 3:20:54 PM - System Checkpoint
    RP84: 1/31/2012 5:46:38 PM - Installed Java(TM) 6 Update 21
    RP85: 2/1/2012 3:00:22 AM - Software Distribution Service 3.0
    RP86: 2/2/2012 8:50:18 AM - System Checkpoint
    RP87: 2/3/2012 4:27:33 PM - Installed Java(TM) 6 Update 30
    .
    ==== Installed Programs ======================
    .
    Adobe Acrobat 5.0
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    ArcSoft PhotoStudio 5.5
    avast! Free Antivirus
    Canon CanoScan LiDE 600F User Registration
    Canon CanoScan Toolbox 5.0
    CanoScan LiDE 600F
    COWON Media Center - jetAudio Basic VX
    DigitalPrint 1.1
    doPDF 7.2 printer
    DVDExpress
    Experience VAIO
    FormatFactory 2.90
    Freenet
    Google Chrome
    Google Update Helper
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB981793)
    hp instant support
    HP Photo Printing Software
    HP Share-to-Web
    ImageStation
    ImageStation Demo
    Java Auto Updater
    Java(TM) 6 Update 30
    Malwarebytes Anti-Malware version 1.60.0.1800
    Media Bar 3.2.12
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Word 2002
    Microsoft Works 2003 Setup Launcher
    Microsoft Works 7.0
    Microsoft Works Suite Add-in for Microsoft Word
    Motion JPEG Software Decoder
    Mozilla Firefox 10.0 (x86 en-US)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    Music Visualizer Library 1.2
    NVIDIA Windows 2000/XP Display Drivers
    OLYMPUS Master 2
    OpenMG Secure Module 3.0.01
    Opera 11.61
    PhotoPrinter 2000 Pro
    PicoPlayer
    PicoPlayer Demo
    PicoPlayerSplashScreen
    PictureGear 5.1
    Presto! PageManager 7.15.14
    Quicken 2002 New User Edition
    QuickTime
    RealJukebox
    RealPlayer Basic
    ScanSoft OmniPage SE 4.0
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player (KB979402)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2586448)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618444)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Smart Capture
    SonicStage 1.1.00
    SonicStage CD-R Writing Module
    Sony Certificate PCH
    Sony DV Shared Library
    Sony on Yahoo! Essentials
    Sony Premium Services VAIO PC Health Check
    Support Actions Win2K,WinXP
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VAIO Action Setup
    VAIO Brezza Wallpaper
    VAIO Grid Wallpaper
    VAIO Help & Support
    VAIO Registration
    VAIO Serenus Wallpaper
    VAIO Support
    Verizon Toolbar
    VisualFlow 2.1
    WebFldrs XP
    Windows XP Service Pack 3
    Works Suite OS Pack
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/3/2012 11:01:17 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    1/31/2012 4:38:42 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    1/30/2012 9:04:19 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    1/30/2012 7:47:09 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. .
    1/30/2012 7:47:09 AM, error: SideBySide [59] - Generate Activation Context failed for D:\components\browsercomps.dll. Reference error message: The operation completed successfully. .
    1/30/2012 7:47:09 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
    .
    ==== End Of File ===========================
     
    dispatch trophy,
    #8
  10. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    All the files malwarebytes flagged are now in quarantine.

    I don't know what to do with them.

    I am going to try again to update avast.

    If it does not work, I will know something is wrong.

    No, I am not sure but it does not look like avast is updating. Keeps saying it cannot find server then saying last update was december 2011.
     
    Last edited: 2012/02/04
    dispatch trophy,
    #9
  11. 2012/02/04
    MrBill

    MrBill SuperGeek WindowsBBS Team Member

    Joined:
    2006/01/14
    Messages:
    4,329
    Likes Received:
    270
    When you finished running MBA-M, did you make sure there was a check in all the boxes of things it found and reboot your PC?
     
    MrBill,
    #10
  12. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    Those boxes are always automatically checked by MBA-M.

    There is definitely something weird going on.
    I still cannot update avast. It says it cannot find its own server.
    And whenever I try to open Firefox, it says it has a problem and has to close.
    But when I try to uninstall it, I click "remove" but it will not remove. The add/remove programs page just refreshes and Firefox is still there.
     
    dispatch trophy,
    #11
  13. 2012/02/04
    MrBill

    MrBill SuperGeek WindowsBBS Team Member

    Joined:
    2006/01/14
    Messages:
    4,329
    Likes Received:
    270
    Nope. Seen times when SOME were not checked but others were.
     
    MrBill,
    #12
  14. 2012/02/04
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ============================================================

    Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

    [color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".
      • Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • [color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results ". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion ", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.



    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode (How to...)

    2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #13
  15. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    I am going to continue with what Broni has suggested.

    what I did was to run CCleaner. Yes, I am aware now that Broni advises against that.

    I still could not get rid of Firefox so I ran Revo Uninstaller (it is a dangerous program unless the user really knows what he is doing, but I had to get rid of Firefox).

    The 3 programs I had installed before I started having these programs were
    Freenet (it has those CHK files)
    Java (required for Freenet)
    Firefox

    I then uninstalled and reinstalled avast.
    So far there are no problems.

    One problem might be that I am downloading 2011 software on a 2001 computer with XP.

    I am now continuing with the Broni prescription.

    Broni: by AVG I assume you mean the Czech program. Since I am using Avast (German), I can just disable it without uninstalling it.
     
    Last edited: 2012/02/04
    dispatch trophy,
    #14
  16. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    Combofix gave me a file called log.txt. I renamed it to COMBOFIX log.txt to distinguish it from any other similarly named files.


    ComboFix 12-02-05.01 - user account 02/04/2012 20:42:45.2.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.512.329 [GMT -8:00]
    Running from: c:\documents and settings\user account\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\Opera_1150_int_Setup.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-01-05 to 2012-02-05 )))))))))))))))))))))))))))))))
    .
    .
    2012-02-04 15:14 . 2012-02-04 15:14 -------- d-----w- c:\documents and settings\user account\Local Settings\Application Data\VS Revo Group
    2012-02-04 15:13 . 2012-02-04 15:13 -------- d-----w- c:\windows\LastGood
    2012-02-04 15:11 . 2009-12-30 18:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
    2012-02-04 15:11 . 2012-02-04 15:11 -------- d-----w- c:\program files\VS Revo Group
    2012-02-04 14:32 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2012-02-04 14:32 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2012-02-04 14:31 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2012-02-04 14:31 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2012-02-04 14:31 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-02-04 14:31 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2012-02-04 14:31 . 2011-11-28 17:51 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2012-02-01 01:49 . 2012-02-04 11:05 -------- d-----w- c:\documents and settings\user account\Application Data\Freenet
    2012-02-01 01:46 . 2012-02-04 00:29 -------- d-----w- c:\program files\Java
    2012-01-28 15:25 . 2012-01-28 15:33 -------- d-----w- c:\documents and settings\user account\Application Data\gtk-2.0
    2012-01-28 15:22 . 2012-01-28 15:22 -------- d-----w- c:\documents and settings\user account\.thumbnails
    2012-01-27 04:26 . 2012-01-27 04:26 -------- d-----w- c:\program files\FreeTime
    2012-01-26 11:19 . 2012-01-26 11:19 -------- d-----w- c:\documents and settings\user account\Local Settings\Application Data\OLYMPUS
    2012-01-26 11:14 . 2012-01-26 11:14 -------- d-----w- c:\program files\OLYMPUS
    2012-01-26 11:01 . 2012-01-26 11:01 -------- d-----w- c:\documents and settings\user account\Application Data\ArcSoft
    2012-01-24 12:09 . 2012-01-24 12:09 -------- d-----w- c:\documents and settings\user account\Application Data\COWON
    2012-01-14 21:00 . 2012-01-14 21:00 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
    2012-01-14 21:00 . 2006-06-29 14:29 106496 ----a-w- c:\windows\system32\cnqo4802.dll
    2012-01-14 21:00 . 2006-07-20 15:51 1298432 ----a-w- c:\windows\system32\CNQC4802.DLL
    2012-01-14 21:00 . 2006-07-20 15:51 57344 ----a-w- c:\windows\system32\CNQI4802.DLL
    2012-01-14 21:00 . 2006-07-13 19:51 143360 ----a-w- c:\windows\system32\CNQL4802.DLL
    2012-01-14 21:00 . 2012-01-14 21:00 -------- d--h--w- c:\program files\CanonBJ
    2012-01-12 09:29 . 2012-01-28 15:34 -------- d-----w- c:\documents and settings\user account\.gimp-2.6
    2012-01-09 06:18 . 2012-01-09 06:18 -------- d-----w- c:\program files\Google
    2012-01-09 04:06 . 2012-01-11 06:19 -------- d-----w- c:\documents and settings\user account\Local Settings\Application Data\ApplicationHistory
    2012-01-09 03:57 . 2012-01-09 04:01 -------- d-----w- c:\windows\system32\URTTemp
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-09 05:20 . 2011-12-04 05:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-12-10 23:24 . 2011-12-18 09:37 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-11-25 21:57 . 2001-12-14 19:26 293376 ----a-w- c:\windows\system32\winsrv.dll
    2011-11-23 13:25 . 2001-12-14 19:26 1859584 ----a-w- c:\windows\system32\win32k.sys
    2011-11-22 19:56 . 2012-01-02 16:27 23376 ----a-w- c:\windows\system32\dopdfmn7.dll
    2011-11-22 19:56 . 2012-01-02 16:27 20816 ----a-w- c:\windows\system32\dopdfmi7.dll
    2011-11-18 12:35 . 2001-12-14 19:25 60416 ----a-w- c:\windows\system32\packager.exe
    2011-11-16 14:21 . 2011-12-10 10:33 354816 ----a-w- c:\windows\system32\winhttp.dll
    2011-11-16 14:21 . 2001-12-14 19:25 152064 ----a-w- c:\windows\system32\schannel.dll
    2006-10-11 01:24 . 2011-12-03 23:04 147456 ----a-w- c:\program files\Pmsb.exe
    2006-09-27 03:14 . 2011-12-03 23:04 32768 ----a-w- c:\program files\PMXpsCreator.dll
    2006-09-27 00:59 . 2011-12-03 23:04 4022272 ----a-w- c:\program files\Prestopm.exe
    2006-09-27 00:58 . 2011-12-03 23:04 94208 ----a-w- c:\program files\ScanModule.dll
    2006-09-27 00:57 . 2011-12-03 23:04 32768 ----a-w- c:\program files\PMSaveXPS.dll
    2006-09-27 00:45 . 2011-12-03 23:04 81920 ----a-w- c:\program files\PMSave.dll
    2006-09-26 22:16 . 2011-12-03 23:04 868352 ----a-w- c:\program files\SlideBarDLL.dll
    2006-09-20 19:09 . 2011-12-03 23:06 24576 ----a-w- c:\program files\AvalonPage.dll
    2006-09-20 18:46 . 2011-12-03 23:04 61440 ----a-w- c:\program files\NsScanToPdf.exe
    2006-09-20 18:36 . 2011-12-03 23:04 36864 ----a-w- c:\program files\PMSavePdf.dll
    2006-09-19 22:54 . 2011-12-03 23:04 290816 ----a-w- c:\program files\PMPageVW.dll
    2006-09-19 19:46 . 2011-12-03 23:04 24576 ----a-w- c:\program files\PMXpsHostView.dll
    2006-09-19 02:05 . 2011-12-03 23:04 1171456 ----a-w- c:\program files\PMView.dll
    2006-09-15 17:06 . 2011-12-03 23:04 151552 ----a-w- c:\program files\PMSearch.dll
    2006-09-14 23:07 . 2011-12-03 23:04 208896 ----a-w- c:\program files\RapDocImg.dll
    2006-09-14 23:07 . 2011-12-03 23:04 98304 ----a-w- c:\program files\PMVLink.dll
    2006-09-14 18:44 . 2011-12-03 23:04 49152 ----a-w- c:\program files\Print.dll
    2006-09-14 18:41 . 2011-12-09 10:20 155648 ----a-w- c:\program files\PMCommon.dll
    2006-09-13 17:19 . 2011-12-03 23:06 323584 ----a-w- c:\program files\iConvert16.dll
    2006-09-13 17:17 . 2011-12-03 23:06 241664 ----a-w- c:\program files\PShow.exe
    2006-08-22 17:02 . 2011-12-03 23:04 180224 ----a-w- c:\program files\PMScnSet.dll
    2006-08-21 18:42 . 2011-12-03 23:04 180307 ----a-w- c:\program files\PMINSO.dll
    2006-08-21 17:57 . 2011-12-03 23:04 253952 ----a-w- c:\program files\PMTree.dll
    2006-08-21 17:28 . 2011-12-03 23:04 45056 ----a-w- c:\program files\PerformOcr.dll
    2006-08-01 18:27 . 2011-12-03 23:04 110592 ----a-w- c:\program files\PDFWriter.dll
    2006-07-20 01:35 . 2011-12-03 23:04 126976 ----a-w- c:\program files\OCR.dll
    2006-07-11 19:03 . 2011-12-03 23:04 24576 ----a-w- c:\program files\AutmnXls.dll
    2006-07-11 19:02 . 2011-12-03 23:04 24576 ----a-w- c:\program files\AutmnPpt.dll
    2006-07-11 19:02 . 2011-12-03 23:04 24576 ----a-w- c:\program files\AutmnDoc.dll
    2006-06-15 18:09 . 2011-12-03 23:04 507904 ----a-w- c:\program files\MergePDF.dll
    2006-02-28 00:23 . 2011-12-03 23:04 274516 ----a-w- c:\program files\PMToApp.dll
    2006-02-28 00:22 . 2011-12-03 23:04 28672 ----a-w- c:\program files\NetScanDll.dll
    2006-02-22 18:15 . 2011-12-03 23:04 45056 ----a-w- c:\program files\WriteIfo2Pdf.dll
    2006-02-16 00:25 . 2011-12-03 23:04 49152 ----a-w- c:\program files\NSWia.dll
    2006-02-16 00:04 . 2011-12-03 23:04 98304 ----a-w- c:\program files\NsScan.dll
    2006-01-13 04:23 . 2011-12-03 23:04 249856 ----a-w- c:\program files\PMDB.dll
    2006-01-12 23:04 . 2011-12-03 23:05 397312 ----a-w- c:\program files\pmtwain.dll
    2005-09-14 00:10 . 2011-12-03 23:04 483328 ----a-w- c:\program files\WpdfViewer.exe
    2005-09-06 18:47 . 2011-12-03 23:04 102400 ----a-w- c:\program files\PMApSet.dll
    2005-08-15 17:13 . 2011-12-03 23:04 57344 ----a-w- c:\program files\PMISM.dll
    2005-08-08 22:20 . 2011-12-03 23:04 57344 ----a-w- c:\program files\PMStatus.dll
    2005-08-08 17:18 . 2011-12-03 23:06 303104 ----a-w- c:\program files\PrintFun.exe
    2005-07-30 02:10 . 2011-12-03 23:04 176128 ----a-w- c:\program files\PMImgVW.dll
    2005-07-29 02:52 . 2011-12-03 23:05 114688 ----a-w- c:\program files\Fioall32.dll
    2005-07-26 03:53 . 2011-12-03 23:04 86016 ----a-w- c:\program files\PMProp.dll
    2005-07-26 02:02 . 2011-12-03 23:05 36864 ----a-w- c:\program files\fiopct32.dll
    2005-07-26 01:11 . 2011-12-03 23:05 303104 ----a-w- c:\program files\Fiotif32.dll
    2005-07-16 01:04 . 2011-12-03 23:04 32768 ----a-w- c:\program files\PrintFunLnk.dll
    2005-07-16 01:01 . 2011-12-03 23:04 131072 ----a-w- c:\program files\PMANO.dll
    2005-07-14 01:58 . 2011-12-03 23:04 57344 ----a-w- c:\program files\WriteData2Pdf.dll
    2005-07-01 21:14 . 2011-12-03 23:04 69632 ----a-w- c:\program files\NsSavePdf.exe
    2005-06-30 21:55 . 2011-12-03 23:07 45056 ----a-w- c:\program files\WriteDriver2Pdf.dll
    2005-06-09 00:40 . 2011-12-03 23:04 40960 ----a-w- c:\program files\NsWaitApp.exe
    2005-05-26 00:51 . 2011-12-03 23:04 315392 ----a-w- c:\program files\PMAnoSet.dll
    2005-04-14 19:39 . 2011-12-03 23:04 40960 ----a-w- c:\program files\NetFun98.dll
    2005-04-14 19:39 . 2011-12-03 23:04 40960 ----a-w- c:\program files\NetFun2K.dll
    2005-04-08 17:28 . 2011-12-03 23:04 49152 ----a-w- c:\program files\PMSet.dll
    2005-04-08 17:25 . 2011-12-03 23:04 98304 ----a-w- c:\program files\ComClass.dll
    2005-03-20 02:56 . 2011-12-03 23:04 40960 ----a-w- c:\program files\PDFWDLL.dll
    2005-03-20 01:56 . 2011-12-03 23:04 32768 ----a-w- c:\program files\NewsoftLink.dll
    2005-03-15 18:48 . 2011-12-03 23:04 36864 ----a-w- c:\program files\cmdlnk.dll
    2005-03-14 23:50 . 2011-12-03 23:04 36864 ----a-w- c:\program files\PMPDFView.dll
    2005-03-12 00:27 . 2011-12-03 23:04 294912 ----a-w- c:\program files\PMAppBar.dll
    2005-03-09 17:35 . 2011-12-03 23:05 1239616 ----a-w- c:\program files\pdflib.dll
    2005-03-04 21:57 . 2011-12-03 23:06 409600 ----a-w- c:\program files\LiveUpdateTray.exe
    2005-02-22 18:13 . 2011-12-03 23:04 94208 ----a-w- c:\program files\PMDocVW.dll
    2005-02-19 01:42 . 2011-12-03 23:04 40960 ----a-w- c:\program files\Prestopm_CN.exe
    2005-02-05 00:03 . 2011-12-03 23:04 31744 ----a-w- c:\program files\JpgLib.dll
    2005-02-02 18:02 . 2011-12-03 23:05 28672 ----a-w- c:\program files\mapilnk.dll
    2005-01-31 18:51 . 2011-12-03 23:05 24576 ----a-w- c:\program files\regapp.exe
    2005-01-20 02:58 . 2011-12-03 23:06 126976 ----a-w- c:\program files\LiveUpdate.dll
    2005-01-18 02:52 . 2011-12-03 23:04 28672 ----a-w- c:\program files\SaveToJpg.dll
    2005-01-17 17:24 . 2011-12-03 23:04 229376 ----a-w- c:\program files\WebSyncEx.dll
    2005-01-13 19:12 . 2011-12-03 23:05 45056 ----a-w- c:\program files\pmsb_CN.exe
    2004-12-31 21:11 . 2011-12-03 23:04 28672 ----a-w- c:\program files\OutlookVBA.dll
    2004-12-31 01:20 . 2011-12-03 23:04 36864 ----a-w- c:\program files\Noteslnk.DLL
    2004-12-27 20:31 . 2011-12-03 23:04 69632 ----a-w- c:\program files\PHooKDlg.dll
    2004-12-24 23:45 . 2011-12-03 23:04 32768 ----a-w- c:\program files\ReadFileData.dll
    2004-12-20 21:19 . 2011-12-03 23:05 24576 ----a-w- c:\program files\printlnk.dll
    2004-12-20 18:40 . 2011-12-03 23:06 77824 ----a-w- c:\program files\NetGroup.exe
    2004-12-20 18:23 . 2011-12-03 23:04 28672 ----a-w- c:\program files\NetGroupDll.dll
    2004-09-18 00:18 . 2011-12-03 23:06 139264 ----a-w- c:\program files\Convert.exe
    2004-07-01 23:08 . 2011-12-03 23:05 143360 ----a-w- c:\program files\FioTga32.dll
    2004-05-28 22:46 . 2011-12-03 23:04 40960 ----a-w- c:\program files\PMIEVW.dll
    2004-05-28 22:46 . 2011-12-03 23:04 40960 ----a-w- c:\program files\PMVoice.dll
    2004-05-17 18:23 . 2011-12-03 23:06 49152 ----a-w- c:\program files\expvw.exe
    2004-04-21 23:28 . 2011-12-03 23:05 28672 ----a-w- c:\program files\FioWmf32.dll
    2004-04-15 00:47 . 2011-12-03 23:04 36864 ----a-w- c:\program files\WordVBA.dll
    2004-04-15 00:47 . 2011-12-03 23:04 28672 ----a-w- c:\program files\PowerTVBA.dll
    2004-04-15 00:47 . 2011-12-03 23:04 40960 ----a-w- c:\program files\ExcelVBA.dll
    2004-03-22 02:57 . 2011-12-03 23:06 28672 ----a-w- c:\program files\OCRLang.dll
    2001-08-18 12:00 94784 -csh--w- c:\windows\twain.dll
    2008-04-14 00:12 50688 --sh--w- c:\windows\twain_32.dll
    2011-02-08 13:33 978944 --sha-w- c:\windows\system32\mfc42.dll
    2008-04-14 00:12 57344 --sh--w- c:\windows\system32\msvcirt.dll
    2008-04-14 00:12 413696 --sha-w- c:\windows\system32\msvcp60.dll
    2008-04-14 00:12 343040 --sha-w- c:\windows\system32\msvcrt.dll
    2010-12-20 17:32 551936 --sh--w- c:\windows\system32\oleaut32.dll
    2008-04-14 00:12 84992 --sh--w- c:\windows\system32\olepro32.dll
    2008-04-14 00:12 11776 --sh--w- c:\windows\system32\regsvr32.exe
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-12-04_05.55.19 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2011-12-10 13:11 . 2008-04-14 00:12 57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
    + 2011-12-10 10:34 . 2004-08-04 08:57 54784 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll
    + 2005-09-23 09:35 . 2005-09-23 09:35 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
    + 2005-09-23 08:58 . 2005-09-23 08:58 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
    + 2005-09-23 09:16 . 2005-09-23 09:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
    + 2005-09-23 09:16 . 2005-09-23 09:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
    + 2005-09-23 07:49 . 2005-09-23 07:49 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
    + 2011-12-10 13:11 . 2008-04-14 00:12 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
    + 2008-10-01 00:45 . 2008-10-01 00:45 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
    - 2006-03-28 11:23 . 2006-03-28 11:23 20992 c:\windows\twain_32\CNQ4802\USDRESUS.DLL
    + 2012-01-14 21:00 . 2006-03-28 11:23 20992 c:\windows\twain_32\CNQ4802\USDRESUS.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESRU.DLL
    - 2006-06-06 08:57 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESRU.DLL
    - 2006-06-06 08:57 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESPT.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESPT.DLL
    - 2006-06-06 08:57 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESPL.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESPL.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:56 20992 c:\windows\twain_32\CNQ4802\USDRESNL.DLL
    - 2006-06-06 08:56 . 2006-06-06 08:56 20992 c:\windows\twain_32\CNQ4802\USDRESNL.DLL
    + 2012-01-14 21:00 . 2006-05-24 16:56 20992 c:\windows\twain_32\CNQ4802\USDRESKR.DLL
    - 2006-05-24 16:56 . 2006-05-24 16:56 20992 c:\windows\twain_32\CNQ4802\USDRESKR.DLL
    + 2012-01-14 21:00 . 2006-03-28 11:23 20992 c:\windows\twain_32\CNQ4802\USDRESJP.DLL
    - 2006-03-28 11:23 . 2006-03-28 11:23 20992 c:\windows\twain_32\CNQ4802\USDRESJP.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESIT.DLL
    - 2006-06-06 08:57 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESIT.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:57 20992 c:\windows\twain_32\CNQ4802\USDRESHU.DLL
    - 2006-06-06 08:57 . 2006-06-06 08:57 20992 c:\windows\twain_32\CNQ4802\USDRESHU.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:56 21504 c:\windows\twain_32\CNQ4802\USDRESFR.DLL
    - 2006-06-06 08:56 . 2006-06-06 08:56 21504 c:\windows\twain_32\CNQ4802\USDRESFR.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESES.DLL
    - 2006-06-06 08:57 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESES.DLL
    - 2006-06-06 08:57 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESDE.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:57 21504 c:\windows\twain_32\CNQ4802\USDRESDE.DLL
    - 2006-06-06 08:56 . 2006-06-06 08:56 20992 c:\windows\twain_32\CNQ4802\USDRESCZ.DLL
    + 2012-01-14 21:00 . 2006-06-06 08:56 20992 c:\windows\twain_32\CNQ4802\USDRESCZ.DLL
    - 2006-05-25 10:28 . 2006-05-25 10:28 20992 c:\windows\twain_32\CNQ4802\USDRESCN.DLL
    + 2012-01-14 21:00 . 2006-05-25 10:28 20992 c:\windows\twain_32\CNQ4802\USDRESCN.DLL
    - 2006-01-12 14:22 . 2006-01-12 14:22 73728 c:\windows\twain_32\CNQ4802\RSTCOL.DLL
    + 2012-01-14 21:00 . 2006-01-12 14:22 73728 c:\windows\twain_32\CNQ4802\RSTCOL.DLL
    + 2012-01-14 21:00 . 2006-07-19 13:05 36281 c:\windows\twain_32\CNQ4802\IPM.DAT
    - 2006-07-19 13:05 . 2006-07-19 13:05 36281 c:\windows\twain_32\CNQ4802\IPM.DAT
    - 2006-04-13 15:43 . 2006-04-13 15:43 53248 c:\windows\twain_32\CNQ4802\HSL.DLL
    + 2012-01-14 21:00 . 2006-04-13 15:43 53248 c:\windows\twain_32\CNQ4802\HSL.DLL
    - 2006-02-23 10:39 . 2006-02-23 10:39 81920 c:\windows\twain_32\CNQ4802\CUBS.DLL
    + 2012-01-14 21:00 . 2006-02-23 10:39 81920 c:\windows\twain_32\CNQ4802\CUBS.DLL
    + 2012-01-14 21:00 . 2005-04-15 15:34 57344 c:\windows\twain_32\CNQ4802\BaLCo.dll
    - 2005-04-15 15:34 . 2005-04-15 15:34 57344 c:\windows\twain_32\CNQ4802\BaLCo.dll
    - 2006-03-09 16:29 . 2006-03-09 16:29 77824 c:\windows\twain_32\CNQ4802\AG.DLL
    + 2012-01-14 21:00 . 2006-03-09 16:29 77824 c:\windows\twain_32\CNQ4802\AG.DLL
    + 2001-12-14 20:35 . 2008-04-14 00:12 11776 c:\windows\system32\xolehlp.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 50176 c:\windows\system32\xmlprovi.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 30720 c:\windows\system32\xcopy.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 91648 c:\windows\system32\xactsrv.dll
    + 2001-08-17 22:36 . 2008-04-14 00:12 52736 c:\windows\system32\wzcsapi.dll
    + 2009-08-07 03:24 . 2009-08-07 03:24 44768 c:\windows\system32\wups2.dll
    + 2011-12-10 10:33 . 2009-08-07 03:24 35552 c:\windows\system32\wups.dll
    + 2001-12-14 20:35 . 2009-08-07 03:24 53472 c:\windows\system32\wuauclt.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 18432 c:\windows\system32\wtsapi32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 50688 c:\windows\system32\wstdecod.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 22528 c:\windows\system32\wsock32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 41984 c:\windows\system32\wsnmp32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 19456 c:\windows\system32\wshtcpip.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 11264 c:\windows\system32\wshrm.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 14336 c:\windows\system32\wship6.dll
    + 2001-06-27 01:56 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
    + 2001-06-27 01:59 . 2008-04-14 00:12 36864 c:\windows\system32\wshcon.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 80896 c:\windows\system32\wscsvc.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 13824 c:\windows\system32\wscntfy.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 19968 c:\windows\system32\ws2help.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 82432 c:\windows\system32\ws2_32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 11264 c:\windows\system32\wpnpinst.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 32256 c:\windows\system32\wpabaln.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 20480 c:\windows\system32\wmpui.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 20480 c:\windows\system32\wmpcore.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 20480 c:\windows\system32\wmpcd.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 23552 c:\windows\system32\wmdmps.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 27136 c:\windows\system32\wmdmlog.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 92672 c:\windows\system32\wlnotify.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 69120 c:\windows\system32\wlanapi.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 53760 c:\windows\system32\winsta.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 17408 c:\windows\system32\winshfhc.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 99328 c:\windows\system32\winscard.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 16896 c:\windows\system32\winrnr.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 32256 c:\windows\system32\winipsec.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 75776 c:\windows\system32\wiascr.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 65024 c:\windows\system32\wextract.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 68096 c:\windows\system32\webclnt.dll
    + 2001-12-14 12:32 . 2008-04-14 00:12 23552 c:\windows\system32\wdmaud.drv
    + 2001-12-14 19:26 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 95232 c:\windows\system32\wbem\wmiutils.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 41472 c:\windows\system32\wbem\wmipsess.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 62464 c:\windows\system32\wbem\wmipjobj.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 61952 c:\windows\system32\wbem\wmipiprt.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 60928 c:\windows\system32\wbem\wmicookr.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 88576 c:\windows\system32\wbem\wmiaprpl.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 43520 c:\windows\system32\wbem\wbemsvc.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 18944 c:\windows\system32\wbem\wbemprox.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 43008 c:\windows\system32\wbem\wbemperf.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 71680 c:\windows\system32\wbem\wbemcons.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 86528 c:\windows\system32\wbem\stdprov.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 36352 c:\windows\system32\wbem\scrcons.exe
    + 2001-12-14 20:35 . 2008-04-14 00:12 47104 c:\windows\system32\wbem\ncprov.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 16384 c:\windows\system32\wbem\mofcomp.exe
    + 2001-12-14 20:35 . 2008-04-14 00:11 24576 c:\windows\system32\wbem\krnlprov.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 21504 c:\windows\system32\wbem\evntrprv.dll
    + 2001-12-14 19:26 . 2008-04-13 18:44 17664 c:\windows\system32\watchdog.sys
    + 2011-12-10 10:33 . 2008-04-14 00:12 15872 c:\windows\system32\w3ssl.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 18944 c:\windows\system32\version.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 26624 c:\windows\system32\verifier.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 28672 c:\windows\system32\verclsid.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 51712 c:\windows\system32\vdmredir.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 26112 c:\windows\system32\vdmdbg.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 30749 c:\windows\system32\vbajet32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 50176 c:\windows\system32\utilman.exe
    + 2001-12-14 19:26 . 2008-04-14 00:11 19968 c:\windows\system32\usmt\log.dll
    + 2011-12-10 13:11 . 2008-04-13 16:44 17920 c:\windows\system32\usmt\cobramsg.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 26112 c:\windows\system32\userinit.exe
    + 2001-12-14 12:32 . 2008-04-14 00:12 74240 c:\windows\system32\usbui.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 16896 c:\windows\system32\usbmon.dll
    + 2003-02-21 13:16 . 2003-02-21 13:16 49152 c:\windows\system32\URTTemp\regtlib.exe
    + 2012-01-09 03:57 . 2003-02-21 03:09 77824 c:\windows\system32\URTTemp\mscorsn.dll
    + 2002-08-29 15:14 . 2011-11-01 20:35 37888 c:\windows\system32\url.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 18432 c:\windows\system32\ups.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 16896 c:\windows\system32\upnpcont.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 13824 c:\windows\system32\uniplat.dll
    - 2001-12-14 19:26 . 2001-08-18 12:00 13824 c:\windows\system32\uniplat.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 74240 c:\windows\system32\unimdmat.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 35840 c:\windows\system32\umandlg.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 26624 c:\windows\system32\udhisapi.dll
    + 2011-12-10 11:37 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
    + 2011-12-10 10:33 . 2008-04-14 00:12 57856 c:\windows\system32\twext.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 50688 c:\windows\system32\tspkg.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 53248 c:\windows\system32\tsgqec.dll
    + 2001-12-14 19:26 . 2008-04-14 00:13 12168 c:\windows\system32\tsddd.dll
    + 2001-12-14 20:35 . 2004-08-04 06:59 44544 c:\windows\system32\tscupgrd.exe
    + 2001-12-14 20:35 . 2008-04-14 00:12 93696 c:\windows\system32\tscfgwmi.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 90112 c:\windows\system32\trkwks.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 12800 c:\windows\system32\tree.com
    + 2001-12-14 19:26 . 2008-04-14 00:12 12288 c:\windows\system32\tracert.exe
    + 2001-12-14 19:26 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 45568 c:\windows\system32\tcpmonui.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 45568 c:\windows\system32\tcpmon.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 14848 c:\windows\system32\tcpmib.dll
    + 2011-12-10 10:17 . 2008-04-14 00:12 57856 c:\windows\system32\synceng.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 14336 c:\windows\system32\svchost.exe
    + 2011-12-10 10:33 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
    + 2001-12-14 12:31 . 2008-04-14 00:12 74752 c:\windows\system32\storprop.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 14848 c:\windows\system32\stimon.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 68096 c:\windows\system32\sti.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 59392 c:\windows\system32\stclient.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 14336 c:\windows\system32\ssstars.scr
    + 2001-12-14 19:26 . 2008-04-14 00:12 18944 c:\windows\system32\ssmyst.scr
    + 2001-12-14 19:26 . 2008-04-14 00:12 47104 c:\windows\system32\ssmypics.scr
    + 2001-12-14 19:26 . 2008-04-14 00:12 20992 c:\windows\system32\ssmarque.scr
    + 2001-12-14 19:26 . 2008-04-14 00:12 71680 c:\windows\system32\ssdpsrv.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 34816 c:\windows\system32\ssdpapi.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 19968 c:\windows\system32\ssbezier.scr
    + 2001-12-14 19:26 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 67584 c:\windows\system32\srclient.dll
    + 2004-08-04 08:56 . 2008-04-14 00:12 20992 c:\windows\system32\spupdwxp.exe
    + 2011-12-10 10:13 . 2007-07-28 07:11 26488 c:\windows\system32\spupdsvc.exe
    + 2001-12-14 19:26 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 75264 c:\windows\system32\spoolss.dll
    + 2011-11-30 23:01 . 2008-04-14 00:11 87552 c:\windows\system32\spool\drivers\w32x86\3\hpfud50.dll
    + 2004-08-04 08:56 . 2008-04-14 13:42 11264 c:\windows\system32\spnpinst.exe
    + 2001-12-14 20:42 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 24576 c:\windows\system32\sort.exe
    + 2011-12-10 11:04 . 2009-08-07 03:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 18944 c:\windows\system32\snmpapi.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 50688 c:\windows\system32\smss.exe
    + 2001-12-14 19:26 . 2008-04-14 00:12 89600 c:\windows\system32\smlogsvc.exe
    + 2011-12-10 10:33 . 2008-04-14 00:12 73796 c:\windows\system32\slserv.exe
    + 2011-12-10 10:33 . 2008-04-14 00:12 32866 c:\windows\system32\slrundll.exe
    + 2011-12-10 10:33 . 2008-04-14 00:12 73832 c:\windows\system32\slcoinst.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 98304 c:\windows\system32\slbiop.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 25088 c:\windows\system32\slayerxp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 26112 c:\windows\system32\skeys.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 70144 c:\windows\system32\sigverif.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 13312 c:\windows\system32\sigtab.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 19456 c:\windows\system32\shutdown.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 27648 c:\windows\system32\shscrap.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 77824 c:\windows\system32\shrpubw.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 45056 c:\windows\system32\shmgrate.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 65024 c:\windows\system32\shimeng.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 68096 c:\windows\system32\shgina.dll
    + 2002-08-29 15:14 . 2008-04-14 00:12 25088 c:\windows\system32\shfolder.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 50688 c:\windows\system32\setupwbv.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 32768 c:\windows\system32\setupn.exe
    + 2011-12-10 10:34 . 2008-04-14 00:12 26624 c:\windows\system32\Setup\startoc.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 17408 c:\windows\system32\Setup\ocmsn.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 15360 c:\windows\system32\Setup\ocgen.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 62976
     
    dispatch trophy,
    #15
  17. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    COMBOFIX CONTINUED

    c:\windows\system32\Setup\ntoc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 77312 c:\windows\system32\Setup\netoc.dll
    + 2001-12-14 19:26 . 2008-04-14 00:11 15360 c:\windows\system32\Setup\msgrocm.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 90112 c:\windows\system32\Setup\msdtcstp.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 32828 c:\windows\system32\Setup\fp40ext.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 32828 c:\windows\system32\Setup\fp40ext.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 23040 c:\windows\system32\setup.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 31232 c:\windows\system32\sethc.exe
    + 2001-12-14 20:35 . 2008-04-14 00:12 56320 c:\windows\system32\servdeps.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 39424 c:\windows\system32\sens.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 54784 c:\windows\system32\sendmail.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 29184 c:\windows\system32\sendcmsg.dll
    + 2001-12-14 19:25 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 18944 c:\windows\system32\seclogon.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 29184 c:\windows\system32\sdhcinst.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 77312 c:\windows\system32\sdbinst.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 20480 c:\windows\system32\sclgntfy.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 95744 c:\windows\system32\scardsvr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 69632 c:\windows\system32\scarddlg.dll
    + 2001-12-14 19:25 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 13312 c:\windows\system32\savedump.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 64000 c:\windows\system32\samlib.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 45568 c:\windows\system32\safrslv.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 29696 c:\windows\system32\safrdm.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 43520 c:\windows\system32\safrcdlg.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 14336 c:\windows\system32\runonce.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 33280 c:\windows\system32\rundll32.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 44032 c:\windows\system32\rtutils.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 31744 c:\windows\system32\rtipxmib.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 77312 c:\windows\system32\rtcshare.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 92672 c:\windows\system32\rsvpsp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 18944 c:\windows\system32\rsmps.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 39936 c:\windows\system32\rshx32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 14848 c:\windows\system32\rsh.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 13824 c:\windows\system32\rexec.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 58880 c:\windows\system32\resutils.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 60416 c:\windows\system32\remotepg.dll
    + 2011-12-14 11:13 . 2008-04-14 00:12 74752 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\storprop.dll
    + 2011-12-14 11:13 . 2008-04-13 18:40 96512 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
    + 2011-12-10 15:27 . 2004-08-04 07:07 42368 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\AGP440.SYS
    + 2011-12-10 15:27 . 2004-08-04 06:59 35328 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\processr.sys
    + 2001-12-14 19:25 . 2008-04-14 00:12 59904 c:\windows\system32\regsvc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 49664 c:\windows\system32\regapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 50176 c:\windows\system32\reg.exe
    + 2001-12-14 20:35 . 2008-04-14 00:12 67072 c:\windows\system32\rdshost.exe
    + 2001-12-14 20:35 . 2008-04-14 00:12 13824 c:\windows\system32\rdsaddin.exe
    + 2001-12-14 20:35 . 2008-04-14 00:13 87176 c:\windows\system32\rdpwsx.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 19968 c:\windows\system32\rdpsnd.dll
    + 2001-12-14 19:25 . 2008-04-14 00:13 92424 c:\windows\system32\rdpdd.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 62976 c:\windows\system32\rdpclip.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 21504 c:\windows\system32\rcp.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 35840 c:\windows\system32\rcimlby.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 58368 c:\windows\system32\rastapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 16384 c:\windows\system32\rassapi.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 61952 c:\windows\system32\rasqec.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 56832 c:\windows\system32\rasphone.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 61440 c:\windows\system32\rasman.dll
    + 2001-12-14 19:25 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 88576 c:\windows\system32\rasauto.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 43520 c:\windows\system32\racpldlg.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 76800 c:\windows\system32\qutil.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 19968 c:\windows\system32\qprocess.exe
    + 2001-12-14 20:36 . 2008-04-14 00:12 18944 c:\windows\system32\qmgrprxy.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 62464 c:\windows\system32\qcliprov.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 34304 c:\windows\system32\pstorsvc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 43520 c:\windows\system32\pstorec.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 96768 c:\windows\system32\psbase.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 23040 c:\windows\system32\psapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 50176 c:\windows\system32\proquota.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 27648 c:\windows\system32\profmap.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 17408 c:\windows\system32\powrprof.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 49152 c:\windows\system32\powercfg.exe
    + 2011-12-10 10:33 . 2008-04-14 00:12 58880 c:\windows\system32\pnrpnsp.dll
    + 2002-08-29 15:14 . 2008-04-14 00:12 39424 c:\windows\system32\pngfilt.dll
    + 2001-08-17 22:36 . 2008-04-14 00:12 15360 c:\windows\system32\pjlmon.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 17920 c:\windows\system32\ping.exe
    + 2001-12-14 19:25 . 2008-04-13 18:35 24064 c:\windows\system32\pidgen.dll
    + 2001-08-17 22:36 . 2008-04-14 00:12 35328 c:\windows\system32\pid.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 34816 c:\windows\system32\perfproc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 25088 c:\windows\system32\perfos.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 17920 c:\windows\system32\perfnet.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 15872 c:\windows\system32\perfmon.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 26624 c:\windows\system32\perfdisk.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 39936 c:\windows\system32\perfctrs.dll
    + 2001-12-14 19:25 . 2012-01-31 15:15 46080 c:\windows\system32\perfc009.dat
    + 2001-12-14 19:25 . 2008-04-14 00:12 67584 c:\windows\system32\pautoenr.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 67584 c:\windows\system32\osuninst.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 51200 c:\windows\system32\oobe\oobebaln.exe
    + 2001-12-14 20:36 . 2008-04-14 00:12 29184 c:\windows\system32\oobe\msoobe.exe
    + 2001-12-14 20:36 . 2008-04-14 00:12 19456 c:\windows\system32\oobe\msobweb.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 30720 c:\windows\system32\oobe\msobshel.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 16384 c:\windows\system32\oobe\msobdl.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 37376 c:\windows\system32\olecnv32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 74752 c:\windows\system32\olecli32.dll
    + 2001-12-14 19:25 . 2011-09-26 19:41 20480 c:\windows\system32\oleaccrc.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 20511 c:\windows\system32\odtext32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 20510 c:\windows\system32\odpdx32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 20510 c:\windows\system32\odfox32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 20510 c:\windows\system32\odexl32.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 20511 c:\windows\system32\oddbse32.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 12288 c:\windows\system32\odbcp32r.dll
    + 2001-12-14 19:25 . 2008-04-13 17:26 12288 c:\windows\system32\odbcp32r.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 53279 c:\windows\system32\odbcji32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:10 53279 c:\windows\system32\odbcji32.dll
    + 2001-12-14 19:25 . 2008-04-13 17:26 94208 c:\windows\system32\odbcint.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 65536 c:\windows\system32\odbccu32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 65536 c:\windows\system32\odbccr32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 69632 c:\windows\system32\odbcconf.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 24576 c:\windows\system32\odbcbcp.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 24576 c:\windows\system32\odbcbcp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 32768 c:\windows\system32\odbcad32.exe
    - 2001-12-14 19:25 . 2001-08-18 12:00 32768 c:\windows\system32\odbcad32.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 16384 c:\windows\system32\odbc32gt.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 16384 c:\windows\system32\odbc32gt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 67584 c:\windows\system32\ocmanage.dll
    + 2002-08-29 15:14 . 2008-04-14 00:12 96256 c:\windows\system32\occache.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 15360 c:\windows\system32\ntvdmd.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 91136 c:\windows\system32\ntprint.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 40960 c:\windows\system32\ntmsapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 44032 c:\windows\system32\ntlanman.dll
    + 2001-12-14 19:25 . 2004-08-04 06:45 34560 c:\windows\system32\ntio804.sys
    + 2001-12-14 19:25 . 2004-08-04 06:45 35424 c:\windows\system32\ntio412.sys
    + 2001-12-14 19:25 . 2004-08-04 06:45 35648 c:\windows\system32\ntio411.sys
    + 2001-12-14 19:25 . 2004-08-04 06:45 34560 c:\windows\system32\ntio404.sys
    + 2001-12-14 19:25 . 2004-08-04 06:45 33840 c:\windows\system32\ntio.sys
    + 2001-12-14 19:25 . 2008-04-14 00:12 67072 c:\windows\system32\ntdsapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 76800 c:\windows\system32\nslookup.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 54784 c:\windows\system32\npptools.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 15360 c:\windows\system32\npp\nppagent.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 57344 c:\windows\system32\npp\ndisnpp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 69120 c:\windows\system32\notepad.exe
    + 2001-12-14 20:36 . 2008-04-14 00:12 28672 c:\windows\system32\nmmkcert.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 98304 c:\windows\system32\nlhtml.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 80896 c:\windows\system32\netui0.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 36864 c:\windows\system32\netstat.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 86016 c:\windows\system32\netsh.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 11776 c:\windows\system32\netrap.dll
    + 2003-02-21 03:16 . 2003-02-21 03:16 32768 c:\windows\system32\netfxperf.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 42496 c:\windows\system32\net.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 18944 c:\windows\system32\nddenb32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 17920 c:\windows\system32\nddeapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 36352 c:\windows\system32\ncobjapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 53760 c:\windows\system32\narrator.exe
    + 2011-12-10 13:14 . 2008-04-14 00:12 30208 c:\windows\system32\napipsec.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 90624 c:\windows\system32\mydocs.dll
    + 2009-11-06 06:17 . 2009-11-06 06:17 11600 c:\windows\system32\mui\0409\mscorees.dll
    + 2001-12-14 20:35 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 34304 c:\windows\system32\mtxlegih.dll
    + 2001-12-14 20:35 . 2008-04-14 00:12 30720 c:\windows\system32\mtxdm.dll
    + 2001-12-14 19:25 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
    + 2001-08-17 22:36 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
    + 2011-12-10 13:14 . 2008-04-13 17:27 79872 c:\windows\system32\msxml6r.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 72704 c:\windows\system32\msw3prt.dll
    + 2001-12-14 19:25 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
    + 2001-12-14 19:25 . 2008-04-13 18:30 61440 c:\windows\system32\msvcrt40.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 12288 c:\windows\system32\mstinit.exe
    + 2011-12-10 13:14 . 2008-04-13 18:14 76800 c:\windows\system32\msshavmsg.dll
    + 2001-12-14 19:25 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 59904 c:\windows\system32\msratelc.dll
    + 2001-12-14 19:25 . 2008-04-13 16:23 48128 c:\windows\system32\msprivs.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 52224 c:\windows\system32\mspmsnsv.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 29696 c:\windows\system32\mspatcha.dll
    + 2001-12-14 19:25 . 2008-04-13 17:24 20480 c:\windows\system32\msorc32r.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 20480 c:\windows\system32\msorc32r.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 25088 c:\windows\system32\mslbui.dll
    + 2001-12-14 19:25 . 2007-04-02 12:49 60192 c:\windows\system32\msjter40.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 15360 c:\windows\system32\msisip.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 78848 c:\windows\system32\msiexec.exe
    - 2001-12-14 19:25 . 2001-08-18 12:00 14848 c:\windows\system32\msidntld.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 14848 c:\windows\system32\msidntld.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 51712 c:\windows\system32\msident.dll
    + 2002-08-29 15:14 . 2008-04-13 16:26 56832 c:\windows\system32\mshtmler.dll
    + 2002-08-29 15:14 . 2008-04-14 00:12 29184 c:\windows\system32\mshta.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 33792 c:\windows\system32\msgsvc.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 95744 c:\windows\system32\msencode.dll
    + 2001-12-14 20:35 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 14336 c:\windows\system32\msdmo.dll
    + 2001-12-14 19:26 . 2008-04-14 00:11 68608 c:\windows\system32\msctfp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 36864 c:\windows\system32\mscpxl32.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 36864 c:\windows\system32\mscpxl32.dLL
    + 2001-12-14 19:25 . 2008-04-13 17:26 12288 c:\windows\system32\mscpx32r.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 12288 c:\windows\system32\mscpx32r.dLL
    + 2004-07-15 07:34 . 2004-07-15 07:34 16896 c:\windows\system32\mscorier.dll
    + 2001-12-14 20:36 . 2008-04-14 00:11 69632 c:\windows\system32\msconf.dll
    + 2001-12-14 19:25 . 2008-06-24 16:43 74240 c:\windows\system32\mscms.dll
    + 2001-12-14 19:25 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 86016 c:\windows\system32\msapsspc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 71680 c:\windows\system32\msacm32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 53248 c:\windows\system32\mprdim.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 87040 c:\windows\system32\mprapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 59904 c:\windows\system32\mpr.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 16896 c:\windows\system32\more.com
    + 2001-12-14 20:36 . 2008-04-14 00:12 32768 c:\windows\system32\mnmsrvc.exe
    - 2001-12-14 20:36 . 2001-08-18 12:00 32768 c:\windows\system32\mnmsrvc.exe
    + 2001-12-14 20:36 . 2008-04-14 00:11 34560 c:\windows\system32\mnmdd.dll
    + 2001-12-14 19:25 . 2004-08-04 06:51 68768 c:\windows\system32\mmsystem.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 17408 c:\windows\system32\mmfutil.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 61440 c:\windows\system32\mmcshext.dll
    + 2011-12-10 13:13 . 2008-04-14 00:12 33792 c:\windows\system32\mmcperf.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 29696 c:\windows\system32\mimefilt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 60928 c:\windows\system32\miglibnt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 18944 c:\windows\system32\midimap.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 14848 c:\windows\system32\mgmtapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 22528 c:\windows\system32\mfcsubs.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 40960 c:\windows\system32\mf3216.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 86016 c:\windows\system32\mdmxsdk.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 23552 c:\windows\system32\mciwave.dll
    + 2001-12-14 19:25 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 35328 c:\windows\system32\mciqtz32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 84480 c:\windows\system32\mciavi32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 14336 c:\windows\system32\mcastmib.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 57344 c:\windows\system32\makecab.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 72704 c:\windows\system32\magnify.exe
    + 2006-01-22 00:01 . 2006-01-22 00:01 25088 c:\windows\system32\Macromed\Flash\genuinst.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 13312 c:\windows\system32\lsass.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 10240 c:\windows\system32\lprhelp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 22016 c:\windows\system32\lpk.dll
    + 2011-12-10 10:34 . 2008-04-14 00:12 59392 c:\windows\system32\logman.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 75264 c:\windows\system32\locator.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 11776 c:\windows\system32\localui.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 97280 c:\windows\system32\loadperf.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 13824 c:\windows\system32\lmhsvc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 19968 c:\windows\system32\linkinfo.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 58880 c:\windows\system32\licwmi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 22016 c:\windows\system32\licmgr10.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 37376 c:\windows\system32\l2gpstore.dll
    + 2001-12-14 19:26 . 2004-08-04 06:49 92224 c:\windows\system32\krnl386.exe
    + 2011-12-10 13:12 . 2008-04-14 00:11 61440 c:\windows\system32\kmsvc.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 42537 c:\windows\system32\keyboard.sys
    + 2001-12-14 19:25 . 2004-08-04 06:46 42537 c:\windows\system32\keyboard.sys
    + 2002-08-29 15:14 . 2008-04-14 00:11 15872 c:\windows\system32\jsproxy.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 27648 c:\windows\system32\jgpl400.dll
    + 2001-08-17 22:36 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 54272 c:\windows\system32\ixsso.dll
    + 2001-12-14 20:36 . 2008-04-14 00:11 32768 c:\windows\system32\isrdbg32.dll
    + 2001-12-14 20:36 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 22016 c:\windows\system32\ipxwan.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 23552 c:\windows\system32\ipxroute.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 59904 c:\windows\system32\ipv6mon.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 53248 c:\windows\system32\ipv6.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 94720 c:\windows\system32\iphlpapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 55808 c:\windows\system32\ipconfig.exe
    + 2002-08-29 15:14 . 2008-04-14 00:11 96256 c:\windows\system32\inseng.dll
    + 2002-08-29 15:06 . 2008-04-13 16:22 48128 c:\windows\system32\inetres.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 15872 c:\windows\system32\inetppui.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 75264 c:\windows\system32\inetpp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 32768 c:\windows\system32\inetmib1.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 35840 c:\windows\system32\imgutil.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 36921 c:\windows\system32\imeshare.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 36921 c:\windows\system32\imeshare.dll
    + 2001-12-14 20:36 . 2008-04-14 00:11 81920 c:\windows\system32\ils.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 62976 c:\windows\system32\iesetup.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 48640 c:\windows\system32\iernonce.dll
    + 2011-12-10 10:33 . 2011-11-01 20:35 81920 c:\windows\system32\ieencode.dll
    + 2002-08-29 15:14 . 2008-04-14 00:12 34304 c:\windows\system32\ie4uinit.exe
    + 2001-12-14 20:36 . 2008-04-14 00:11 65536 c:\windows\system32\icwphbk.dll
    + 2001-12-14 20:36 . 2008-04-14 00:11 73728 c:\windows\system32\icwdial.dll
    + 2001-12-14 19:25 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 11264 c:\windows\system32\icaapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 41984 c:\windows\system32\htui.dll
    + 2011-12-10 10:33 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 32285 c:\windows\system32\hsfcisp2.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 72704 c:\windows\system32\hlink.dll
    + 2001-08-17 22:36 . 2008-04-14 00:11 20992 c:\windows\system32\hid.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 41472 c:\windows\system32\hhsetup.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 15872 c:\windows\system32\help.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 39424 c:\windows\system32\grpconv.exe
    + 2011-12-10 10:33 . 2008-04-14 00:11 60416 c:\windows\system32\fwcfg.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 42496 c:\windows\system32\ftp.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 29696 c:\windows\system32\format.com
    + 2001-12-14 19:25 . 2008-04-14 00:12 20992 c:\windows\system32\fontview.exe
    + 2001-12-14 19:25 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 23040 c:\windows\system32\fltmc.exe
    + 2011-12-10 10:33 . 2008-04-14 00:11 16896 c:\windows\system32\fltlib.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 87552 c:\windows\system32\fldrclnr.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 27136 c:\windows\system32\findstr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 21504 c:\windows\system32\feclient.dll
    + 2004-08-04 08:56 . 2008-04-14 00:12 20992 c:\windows\system32\faxpatch.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 80384 c:\windows\system32\faultrep.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 24064 c:\windows\system32\extrac32.exe
    + 2011-12-10 10:33 . 2008-04-14 00:11 55808 c:\windows\system32\extmgr.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 56320 c:\windows\system32\eventlog.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 23040 c:\windows\system32\ersvc.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 20480 c:\windows\system32\encapi.dll
    + 2011-12-10 13:13 . 2008-04-14 00:11 40960 c:\windows\system32\en\mmcex.resources.dll
    + 2011-12-10 13:13 . 2008-04-14 00:11 28672 c:\windows\system32\en\microsoft.managementconsole.resources.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 33792 c:\windows\system32\eapsvc.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 59392 c:\windows\system32\eapqec.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 40960 c:\windows\system32\eappprxy.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 94208 c:\windows\system32\eappgnui.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 30720 c:\windows\system32\eapolqec.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 17920 c:\windows\system32\dvdupgrd.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 10752 c:\windows\system32\dumprep.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 19456 c:\windows\system32\dswave.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 51200 c:\windows\system32\dssec.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 92672 c:\windows\system32\dskquota.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 71680 c:\windows\system32\dsdmoprp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 16384 c:\windows\system32\ds32gt.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 16384 c:\windows\system32\ds32gt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 14336 c:\windows\system32\drprov.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 87040 c:\windows\system32\drmstor.dll
    + 2001-12-14 12:33 . 2008-04-13 19:17 83072 c:\windows\system32\drivers\wdmaud.sys
    + 2011-12-10 10:33 . 2004-08-04 06:29 25471 c:\windows\system32\drivers\watv10nt.sys
    + 2011-12-10 10:33 . 2004-08-04 06:29 22271 c:\windows\system32\drivers\watv06nt.sys
    + 2001-12-14 19:26 . 2008-04-13 18:57 34560 c:\windows\system32\drivers\wanarp.sys
    + 2011-12-10 10:33 . 2004-08-04 06:29 11935 c:\windows\system32\drivers\wadv11nt.sys
    + 2011-12-10 10:33 . 2004-08-04 06:29 11871 c:\windows\system32\drivers\wadv09nt.sys
    + 2011-12-10 10:33 . 2004-08-04 06:29 11295 c:\windows\system32\drivers\wadv08nt.sys
    + 2011-12-10 10:33 . 2004-08-04 06:29 11807 c:\windows\system32\drivers\wadv07nt.sys
    + 2011-12-10 10:33 . 2008-04-13 18:43 14208 c:\windows\system32\drivers\wacompen.sys
    + 2001-12-14 19:26 . 2008-04-13 18:41 52352 c:\windows\system32\drivers\volsnap.sys
    + 2001-12-14 19:26 . 2008-04-13 18:44 81664 c:\windows\system32\drivers\videoprt.sys
    + 2011-12-10 10:33 . 2008-04-13 18:36 42240 c:\windows\system32\drivers\viaagp.sys
    + 2001-12-14 19:26 . 2008-04-13 18:44 20992 c:\windows\system32\drivers\vga.sys
    + 2011-12-10 10:33 . 2008-04-14 00:12 11325 c:\windows\system32\drivers\vchnt5.dll
    + 2001-08-17 14:03 . 2008-04-13 18:45 20608 c:\windows\system32\drivers\usbuhci.sys
    + 2011-12-01 00:16 . 2008-04-13 18:45 26368 c:\windows\system32\drivers\usbstor.sys
    + 2011-11-30 23:05 . 2008-04-13 18:45 15104 c:\windows\system32\drivers\usbscan.sys
    + 2001-08-17 14:03 . 2008-04-13 18:45 15872 c:\windows\system32\drivers\usbintel.sys
    + 2001-08-17 14:03 . 2008-04-13 18:45 59520 c:\windows\system32\drivers\usbhub.sys
    + 2011-12-10 10:33 . 2008-04-13 18:45 30208 c:\windows\system32\drivers\usbehci.sys
    + 2001-08-17 14:03 . 2008-04-13 18:45 25728 c:\windows\system32\drivers\usbcamd2.sys
    + 2001-08-17 14:03 . 2008-04-13 18:45 25600 c:\windows\system32\drivers\usbcamd.sys
    + 2011-12-10 10:33 . 2008-04-13 18:56 12800 c:\windows\system32\drivers\usb8023x.sys
    + 2001-12-14 19:26 . 2008-04-13 18:56 12800 c:\windows\system32\drivers\usb8023.sys
    + 2001-12-14 19:26 . 2008-04-13 18:32 66048 c:\windows\system32\drivers\udfs.sys
    + 2011-12-10 10:33 . 2008-04-13 18:36 44672 c:\windows\system32\drivers\uagp35.sys
    + 2011-12-10 10:33 . 2008-04-13 18:56 12288 c:\windows\system32\drivers\tunmp.sys
    + 2001-12-14 20:35 . 2008-04-14 00:13 40840 c:\windows\system32\drivers\termdd.sys
    + 2001-12-14 20:35 . 2008-04-14 00:13 21896 c:\windows\system32\drivers\tdtcp.sys
    + 2001-12-14 20:35 . 2008-04-14 00:13 12040 c:\windows\system32\drivers\tdpipe.sys
    + 2001-12-14 19:26 . 2008-04-13 19:00 19072 c:\windows\system32\drivers\tdi.sys
    + 2001-12-14 19:26 . 2008-04-13 18:40 14976 c:\windows\system32\drivers\tape.sys
    + 2001-12-14 12:33 . 2008-04-13 19:15 60800 c:\windows\system32\drivers\sysaudio.sys
    + 2001-12-14 12:33 . 2008-04-13 18:45 56576 c:\windows\system32\drivers\swmidi.sys
    + 2001-12-14 20:57 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
    + 2001-12-14 20:36 . 2008-04-13 18:36 73472 c:\windows\system32\drivers\sr.sys
    + 2001-08-17 14:06 . 2008-04-13 18:46 25344 c:\windows\system32\drivers\sonydcam.sys
    + 2011-12-10 10:33 . 2004-08-04 06:41 13240 c:\windows\system32\drivers\slwdmsup.sys
    + 2011-12-10 10:33 . 2004-08-04 06:41 95424 c:\windows\system32\drivers\slnthal.sys
    + 2011-12-10 10:33 . 2008-04-13 18:36 40960 c:\windows\system32\drivers\sisagp.sys
    + 2001-08-17 13:52 . 2008-04-13 18:40 11392 c:\windows\system32\drivers\sfloppy.sys
    + 2011-12-10 10:33 . 2008-04-13 18:40 11008 c:\windows\system32\drivers\sffp_sd.sys
    + 2011-12-10 13:15 . 2008-04-13 18:40 10240 c:\windows\system32\drivers\sffp_mmc.sys
    + 2011-12-10 10:33 . 2008-04-13 18:40 11904 c:\windows\system32\drivers\sffdisk.sys
    + 2001-08-17 22:24 . 2008-04-13 19:15 64512 c:\windows\system32\drivers\serial.sys
    + 2001-08-17 13:50 . 2008-04-13 18:40 15744 c:\windows\system32\drivers\serenum.sys
    + 2001-12-14 19:25 . 2008-04-13 16:39 20480 c:\windows\system32\drivers\secdrv.sys
    + 2011-12-10 10:33 . 2008-04-13 18:36 79232 c:\windows\system32\drivers\sdbus.sys
    + 2001-12-14 19:25 . 2008-04-13 18:40 96384 c:\windows\system32\drivers\scsiport.sys
    + 2001-12-14 12:33 . 2004-08-04 06:31 20992 c:\windows\system32\drivers\rtl8139.sys
    + 2011-12-10 10:33 . 2008-04-13 18:56 30592 c:\windows\system32\drivers\rndismpx.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 30592 c:\windows\system32\drivers\rndismp.sys
    + 2011-12-10 10:33 . 2008-04-13 18:46 59136 c:\windows\system32\drivers\rfcomm.sys
    + 2001-12-14 12:33 . 2008-04-13 18:40 57600 c:\windows\system32\drivers\redbook.sys
    + 2011-12-10 10:33 . 2004-08-04 06:41 13776 c:\windows\system32\drivers\recagent.sys
    + 2001-12-14 19:25 . 2008-04-13 19:19 48384 c:\windows\system32\drivers\raspptp.sys
    + 2001-12-14 19:25 . 2008-04-13 18:57 41472 c:\windows\system32\drivers\raspppoe.sys
    + 2001-12-14 19:25 . 2008-04-13 19:19 51328 c:\windows\system32\drivers\rasl2tp.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 69120 c:\windows\system32\drivers\psched.sys
    + 2001-08-17 13:48 . 2008-04-13 18:31 35840 c:\windows\system32\drivers\processr.sys
    + 2001-08-17 13:51 . 2008-04-13 18:40 24960 c:\windows\system32\drivers\pciidex.sys
    + 2001-08-17 13:58 . 2008-04-13 18:36 68224 c:\windows\system32\drivers\pci.sys
    + 2001-12-14 19:25 . 2008-04-13 18:40 19712 c:\windows\system32\drivers\partmgr.sys
    + 2001-08-17 13:50 . 2008-04-13 18:40 80128 c:\windows\system32\drivers\parport.sys
    + 2001-08-17 13:48 . 2008-04-13 18:31 42752 c:\windows\system32\drivers\p3.sys
    + 2001-08-17 14:06 . 2008-04-13 18:46 61696
     
    dispatch trophy,
    #16
  18. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    COMBOFIX CONTINUED PART 3a

    c:\windows\system32\drivers\ohci1394.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 88320 c:\windows\system32\drivers\nwlnkipx.sys
    + 2001-12-14 19:25 . 2008-04-13 18:32 30848 c:\windows\system32\drivers\npfs.sys
    + 2001-12-14 19:25 . 2008-04-13 18:53 40320 c:\windows\system32\drivers\nmnt.sys
    + 2001-08-17 13:46 . 2008-04-13 18:51 61824 c:\windows\system32\drivers\nic1394.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 34688 c:\windows\system32\drivers\netbios.sys
    + 2001-12-14 19:25 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
    + 2001-12-14 19:25 . 2008-04-13 19:20 91520 c:\windows\system32\drivers\ndiswan.sys
    + 2001-08-17 13:53 . 2008-04-13 18:55 14592 c:\windows\system32\drivers\ndisuio.sys
    + 2001-12-14 19:25 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
    + 2011-12-10 10:34 . 2008-04-13 18:43 12672 c:\windows\system32\drivers\mutohpen.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 15488 c:\windows\system32\drivers\mssmbios.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 35072 c:\windows\system32\drivers\msgpc.sys
    + 2001-12-14 19:25 . 2008-04-13 18:32 19072 c:\windows\system32\drivers\msfs.sys
    + 2001-12-14 19:25 . 2008-04-13 18:39 42368 c:\windows\system32\drivers\mountmgr.sys
    + 2001-08-17 13:47 . 2008-04-13 18:39 23040 c:\windows\system32\drivers\mouclass.sys
    + 2001-08-17 13:57 . 2008-04-13 19:00 30080 c:\windows\system32\drivers\modem.sys
    + 2001-08-17 13:58 . 2008-04-13 18:36 63744 c:\windows\system32\drivers\mf.sys
    + 2011-12-10 10:34 . 2004-08-04 06:41 11868 c:\windows\system32\drivers\mdmxsdk.sys
    + 2001-12-14 19:25 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
    + 2001-12-15 00:35 . 2008-04-13 18:39 14592 c:\windows\system32\drivers\kbdhid.sys
    + 2001-08-17 13:47 . 2008-04-13 18:39 24576 c:\windows\system32\drivers\kbdclass.sys
    + 2001-08-17 13:58 . 2008-04-13 18:36 37248 c:\windows\system32\drivers\isapnp.sys
    + 2001-12-14 12:31 . 2008-04-13 18:54 11264 c:\windows\system32\drivers\irenum.sys
    + 2001-12-14 19:25 . 2008-04-13 19:19 75264 c:\windows\system32\drivers\ipsec.sys
    + 2001-12-14 19:25 . 2008-04-13 18:57 20864 c:\windows\system32\drivers\ipinip.sys
    + 2011-12-10 10:34 . 2008-04-13 18:53 36608 c:\windows\system32\drivers\ip6fw.sys
    + 2011-12-10 10:34 . 2008-04-13 18:31 36352 c:\windows\system32\drivers\intelppm.sys
    + 2001-12-14 19:25 . 2008-04-13 18:40 42112 c:\windows\system32\drivers\imapi.sys
    + 2001-08-17 22:24 . 2008-04-13 19:18 52480 c:\windows\system32\drivers\i8042prt.sys
    + 2001-12-15 00:35 . 2008-04-13 18:45 10368 c:\windows\system32\drivers\hidusb.sys
    + 2001-08-17 14:02 . 2008-04-13 18:45 24960 c:\windows\system32\drivers\hidparse.sys
    + 2011-12-10 10:34 . 2008-04-13 18:45 19200 c:\windows\system32\drivers\hidir.sys
    + 2001-08-17 14:02 . 2008-04-13 18:45 36864 c:\windows\system32\drivers\hidclass.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 25600 c:\windows\system32\drivers\hidbth.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 46464 c:\windows\system32\drivers\gagp30kx.sys
    + 2001-08-17 13:51 . 2008-04-13 18:40 20480 c:\windows\system32\drivers\flpydisk.sys
    + 2001-12-14 19:25 . 2008-04-13 18:33 44544 c:\windows\system32\drivers\fips.sys
    + 2001-08-17 13:51 . 2008-04-13 18:40 27392 c:\windows\system32\drivers\fdc.sys
    + 2001-12-14 19:25 . 2008-04-13 18:38 71168 c:\windows\system32\drivers\dxg.sys
    + 2001-12-14 20:57 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
    + 2001-12-14 12:33 . 2008-04-13 18:45 52864 c:\windows\system32\drivers\dmusic.sys
    + 2001-12-14 19:25 . 2008-04-13 18:40 14208 c:\windows\system32\drivers\diskdump.sys
    + 2001-08-17 13:52 . 2008-04-13 18:40 36352 c:\windows\system32\drivers\disk.sys
    + 2001-08-17 13:48 . 2008-04-13 18:31 36736 c:\windows\system32\drivers\crusoe.sys
    + 2001-12-14 19:25 . 2008-04-13 19:16 49536 c:\windows\system32\drivers\classpnp.sys
    + 2011-12-10 10:34 . 2008-04-14 00:11 15423 c:\windows\system32\drivers\ch7xxnt5.dll
    + 2001-08-17 13:52 . 2008-04-13 18:40 62976 c:\windows\system32\drivers\cdrom.sys
    + 2001-12-14 19:25 . 2008-04-13 19:14 63744 c:\windows\system32\drivers\cdfs.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 18944 c:\windows\system32\drivers\bthusb.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 36480 c:\windows\system32\drivers\bthprint.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 37888 c:\windows\system32\drivers\bthmodem.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 17024 c:\windows\system32\drivers\bthenum.sys
    + 2001-12-14 19:25 . 2008-04-13 18:53 71552 c:\windows\system32\drivers\bridge.sys
    + 2011-12-10 10:34 . 2008-04-14 00:11 17279 c:\windows\system32\drivers\atv10nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 14143 c:\windows\system32\drivers\atv06nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 25471 c:\windows\system32\drivers\atv04nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 11359 c:\windows\system32\drivers\atv02nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 21183 c:\windows\system32\drivers\atv01nt5.dll
    + 2001-12-14 19:25 . 2008-04-13 18:51 55808 c:\windows\system32\drivers\atmlane.sys
    + 2001-12-14 19:25 . 2008-04-13 18:51 59904 c:\windows\system32\drivers\atmarpc.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 63488 c:\windows\system32\drivers\atinxsxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 31744 c:\windows\system32\drivers\atinxbxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 73216 c:\windows\system32\drivers\atintuxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 13824 c:\windows\system32\drivers\atinttxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 28672 c:\windows\system32\drivers\atinsnxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 52224 c:\windows\system32\drivers\atinraxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 14336 c:\windows\system32\drivers\atinpdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 13824 c:\windows\system32\drivers\atinmdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 57856 c:\windows\system32\drivers\atinbtxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 34735 c:\windows\system32\drivers\ati1xsxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 29455 c:\windows\system32\drivers\ati1xbxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 36463 c:\windows\system32\drivers\ati1tuxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 21343 c:\windows\system32\drivers\ati1ttxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 26367 c:\windows\system32\drivers\ati1snxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 63663 c:\windows\system32\drivers\ati1rvxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 30671 c:\windows\system32\drivers\ati1raxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 12047 c:\windows\system32\drivers\ati1pdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 11615 c:\windows\system32\drivers\ati1mdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 56623 c:\windows\system32\drivers\ati1btxx.sys
    + 2001-08-17 13:51 . 2008-04-13 18:40 96512 c:\windows\system32\drivers\atapi.sys
    + 2001-12-14 19:25 . 2008-04-13 18:57 14336 c:\windows\system32\drivers\asyncmac.sys
    + 2001-08-17 13:46 . 2008-04-13 18:51 60800 c:\windows\system32\drivers\arp1394.sys
    + 2011-12-10 10:34 . 2008-04-13 18:31 37760 c:\windows\system32\drivers\amdk7.sys
    + 2001-08-17 13:48 . 2008-04-13 18:31 37376 c:\windows\system32\drivers\amdk6.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 43008 c:\windows\system32\drivers\amdagp.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 42752 c:\windows\system32\drivers\alim1541.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 44928 c:\windows\system32\drivers\agpcpq.sys
    + 2001-12-14 12:32 . 2008-04-13 18:36 42368 c:\windows\system32\drivers\agp440.sys
    + 2012-02-04 14:31 . 2011-11-28 17:48 30808 c:\windows\system32\drivers\aavmker4.sys
    - 2011-12-02 11:18 . 2011-11-28 17:48 30808 c:\windows\system32\drivers\aavmker4.sys
    + 2001-08-17 14:06 . 2008-04-13 18:46 53376 c:\windows\system32\drivers\1394bus.sys
    + 2001-12-14 19:25 . 2008-04-14 00:11 57344 c:\windows\system32\dpwsockx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 83456 c:\windows\system32\dpvsetup.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 21504 c:\windows\system32\dpvacm.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 17920 c:\windows\system32\dpnsvr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 60928 c:\windows\system32\dpnhupnp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 35328 c:\windows\system32\dpnhpast.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 23552 c:\windows\system32\dpmodemx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 29696 c:\windows\system32\dplaysvr.exe
    + 2011-12-10 13:12 . 2008-04-14 00:11 56320 c:\windows\system32\dot3msm.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 39936 c:\windows\system32\dot3gpclnt.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 57856 c:\windows\system32\dot3cfg.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 26112 c:\windows\system32\dot3api.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 53840 c:\windows\system32\dosx.exe
    + 2001-12-14 19:25 . 2004-08-04 06:51 53840 c:\windows\system32\dosx.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 48128 c:\windows\system32\docprop2.dll
    + 2001-12-14 19:25 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
    + 2001-08-17 22:36 . 2008-04-14 00:11 52224 c:\windows\system32\dmutil.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 23552 c:\windows\system32\dmserver.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 82432 c:\windows\system32\dmscript.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 15872 c:\windows\system32\dmremote.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 35840 c:\windows\system32\dmloader.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 61440 c:\windows\system32\dmcompos.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 28672 c:\windows\system32\dmband.dll
    + 2011-12-10 10:33 . 2009-08-07 03:24 35552 c:\windows\system32\dllcache\wups.dll
    + 2001-12-14 20:35 . 2009-08-07 03:24 53472 c:\windows\system32\dllcache\wuauclt.exe
    + 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpui.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 73728 c:\windows\system32\dllcache\wmplayer.exe
    + 2011-12-10 13:16 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpcore.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpcd.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 98304 c:\windows\system32\dllcache\wmpband.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 23552 c:\windows\system32\dllcache\wmdmps.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 27136 c:\windows\system32\dllcache\wmdmlog.dll
    + 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
    + 2011-12-11 09:50 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
    + 2011-09-05 13:56 . 2011-11-01 20:35 37888 c:\windows\system32\dllcache\url.dll
    + 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
    + 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
    + 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
    + 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
    + 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
    + 2011-12-10 11:43 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
    + 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
    + 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
    + 2011-09-26 19:41 . 2011-09-26 19:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
    + 2011-12-10 13:14 . 2008-04-14 00:12 10240 c:\windows\system32\dllcache\npwmsdrm.dll
    + 2011-12-11 09:23 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
    + 2011-12-11 09:54 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
    + 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
    + 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
    + 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
    + 2011-12-10 13:14 . 2008-04-13 17:27 79872 c:\windows\system32\dllcache\msxml6r.dll
    + 2009-11-27 16:37 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
    + 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 59904 c:\windows\system32\dllcache\msratelc.dll
    + 2011-12-10 13:14 . 2008-04-14 00:12 52224 c:\windows\system32\dllcache\mspmsnsv.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 14848 c:\windows\system32\dllcache\msidntld.dll
    + 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
    + 2008-06-24 16:43 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
    + 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
    + 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
    + 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
    + 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
    + 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
    + 2010-04-16 15:36 . 2011-11-01 20:35 81920 c:\windows\system32\dllcache\ieencode.dll
    + 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
    + 2011-12-10 11:49 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 87040 c:\windows\system32\dllcache\drmstor.dll
    + 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
    + 2011-12-10 13:11 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\custsat.dll
    + 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
    + 2001-12-14 19:25 . 2009-08-07 03:24 96480 c:\windows\system32\dllcache\cdm.dll
    + 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
    + 2009-11-27 16:07 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
    + 2009-07-17 18:55 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
    + 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
    + 2002-08-29 15:06 . 2002-08-29 15:06 64512 c:\windows\system32\dllcache\acctres.dll
    + 2001-06-27 00:42 . 2008-04-14 00:11 32768 c:\windows\system32\dispex.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 39936 c:\windows\system32\dimsroam.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 19456 c:\windows\system32\dimsntfy.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 68608 c:\windows\system32\digest.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 87040 c:\windows\system32\diantz.exe
    + 2011-12-10 13:12 . 2008-04-14 00:11 48640 c:\windows\system32\dhcpqec.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 28672 c:\windows\system32\dfsshlex.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 39424 c:\windows\system32\dfrgsnap.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 82944 c:\windows\system32\dfrgfat.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 59904 c:\windows\system32\devenum.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 25088 c:\windows\system32\defrag.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 27136 c:\windows\system32\ddrawex.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 30208 c:\windows\system32\ddeshare.exe
    - 2001-12-14 19:25 . 2001-08-18 12:00 28672 c:\windows\system32\dbnmpntw.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 28672 c:\windows\system32\dbnmpntw.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 24576 c:\windows\system32\dbmsrpcn.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 24576 c:\windows\system32\dbmsrpcn.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 25088 c:\windows\system32\davclnt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 54272 c:\windows\system32\dataclen.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 15360 c:\windows\system32\ctfmon.exe
    + 2001-12-14 19:25 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 62464 c:\windows\system32\cryptsvc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 64512 c:\windows\system32\cryptnet.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 53760 c:\windows\system32\cryptext.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 33280 c:\windows\system32\cryptdll.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 74752 c:\windows\system32\cryptdlg.dll
    + 2011-12-10 13:11 . 2008-04-14 00:11 12800 c:\windows\system32\credssp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 35328 c:\windows\system32\corpol.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 27648 c:\windows\system32\conime.exe
    - 2001-12-14 20:40 . 2011-12-04 05:53 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2011-12-08 07:59 . 2011-12-10 22:11 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2011-12-10 11:00 . 2011-12-10 22:09 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011121020111211\index.dat
    + 2011-12-10 11:00 . 2011-12-10 11:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011112820111205\index.dat
    + 2001-12-14 20:40 . 2011-12-10 22:11 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    - 2001-12-14 20:40 . 2011-12-04 05:53 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    + 2001-12-14 20:40 . 2011-12-10 22:11 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    - 2001-12-14 20:40 . 2011-12-04 05:53 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    + 2001-12-14 20:35 . 2008-04-14 00:11 97792 c:\windows\system32\comrepl.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 28160 c:\windows\system32\comaddin.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 60416 c:\windows\system32\colbact.dll
    + 2001-08-17 22:36 . 2008-04-14 00:11 47104 c:\windows\system32\cnbjmon.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 39424 c:\windows\system32\cmutil.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 63488 c:\windows\system32\cmstp.exe
    + 2011-12-10 10:33 . 2008-04-14 00:11 13312 c:\windows\system32\cmsetacl.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 39936 c:\windows\system32\cmmon32.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 25600 c:\windows\system32\cmdl32.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 15872 c:\windows\system32\cmcfg32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 58368 c:\windows\system32\clusapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 33280 c:\windows\system32\clipsrv.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 20480 c:\windows\system32\cliconfg.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 77824 c:\windows\system32\cliconfg.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 64000 c:\windows\system32\cleanmgr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 69120 c:\windows\system32\ciodm.dll
    + 2001-12-14 19:25 . 2008-04-14 00:09 16896 c:\windows\system32\cfgmgr32.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 16896 c:\windows\system32\cfgmgr32.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 38912 c:\windows\system32\cfgbkend.dll
    + 2001-12-14 19:25 . 2009-08-07 03:24 96480 c:\windows\system32\cdm.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 85504 c:\windows\system32\catsrvps.dll
    - 2001-12-14 20:35 . 2001-08-18 12:00 85504 c:\windows\system32\catsrvps.dll
    + 2012-01-14 21:00 . 2006-08-24 09:01 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstUS.dll
    - 2011-12-03 22:53 . 2006-08-24 09:01 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstUS.dll
    - 2011-12-03 22:53 . 2006-08-14 14:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstRU.dll
    + 2012-01-14 21:00 . 2006-08-14 14:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstRU.dll
    + 2012-01-14 21:00 . 2006-08-22 14:42 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPT.dll
    - 2011-12-03 22:53 . 2006-08-22 14:42 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPT.dll
    - 2011-12-03 22:53 . 2006-08-16 10:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPL.dll
    + 2012-01-14 21:00 . 2006-08-16 10:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPL.dll
    + 2012-01-14 21:00 . 2006-08-11 14:15 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstNL.dll
    - 2011-12-03 22:53 . 2006-08-11 14:15 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstNL.dll
    + 2012-01-14 21:00 . 2006-08-21 16:24 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstKR.dll
    - 2011-12-03 22:53 . 2006-08-21 16:24 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstKR.dll
    + 2012-01-14 21:00 . 2006-08-24 09:01 40960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstJP.dll
    - 2011-12-03 22:53 . 2006-08-24 09:01 40960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstJP.dll
    - 2011-12-03 22:53 . 2006-08-22 14:24 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstIT.dll
    + 2012-01-14 21:00 . 2006-08-22 14:24 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstIT.dll
    - 2011-12-03 22:53 . 2006-08-14 14:36 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstHU.dll
    + 2012-01-14 21:00 . 2006-08-14 14:36 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstHU.dll
    - 2011-12-03 22:53 . 2006-08-22 14:09 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstFR.dll
    + 2012-01-14 21:00 . 2006-08-22 14:09 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstFR.dll
    + 2012-01-14 21:00 . 2006-08-14 13:30 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstES.dll
    - 2011-12-03 22:53 . 2006-08-14 13:30 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstES.dll
    + 2012-01-14 21:00 . 2006-08-22 14:21 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstDE.dll
    - 2011-12-03 22:53 . 2006-08-22 14:21 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstDE.dll
    - 2011-12-03 22:53 . 2006-08-14 14:07 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCZ.dll
    + 2012-01-14 21:00 . 2006-08-14 14:07 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCZ.dll
    + 2012-01-14 21:00 . 2006-08-21 14:51 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCN.dll
    - 2011-12-03 22:53 . 2006-08-21 14:51 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCN.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 50688 c:\windows\system32\camocx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 19968 c:\windows\system32\cacls.exe
    + 2001-12-14 19:25 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 60416 c:\windows\system32\cabinet.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 50688 c:\windows\system32\btpanui.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 30208 c:\windows\system32\bthserv.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 20992 c:\windows\system32\bthci.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 78336 c:\windows\system32\browsewm.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 77824 c:\windows\system32\browser.dll
    + 2002-08-29 15:14 . 2008-04-13 17:03 63488 c:\windows\system32\browselc.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 71680 c:\windows\system32\blastcln.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 17408 c:\windows\system32\bidispl.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 29184 c:\windows\system32\batmeter.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 52736 c:\windows\system32\basesrv.dll
    + 2001-12-14 19:25 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 11264 c:\windows\system32\autolfn.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 62464 c:\windows\system32\authz.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 14336 c:\windows\system32\auditusr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 42496 c:\windows\system32\audiosrv.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 12288 c:\windows\system32\attrib.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 30208 c:\windows\system32\atmlib.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 11264 c:\windows\system32\atmadm.exe
    + 2001-12-14 19:25 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 32768 c:\windows\system32\ativtmxx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 25088 c:\windows\system32\at.exe
    + 2000-03-15 16:33 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 70656 c:\windows\system32\amstream.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 17408 c:\windows\system32\alrsvc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 44544 c:\windows\system32\alg.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 98304 c:\windows\system32\ahui.exe
    + 2002-08-29 15:14 . 2008-04-14 00:11 99840 c:\windows\system32\advpack.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 68096 c:\windows\system32\adsmsext.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 61440 c:\windows\system32\admparse.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 98304 c:\windows\system32\actxprxy.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 98304 c:\windows\system32\actxprxy.dll
    - 2001-12-14 20:36 . 2001-08-18 12:00 64512 c:\windows\system32\acctres.dll
    + 2002-08-29 15:06 . 2002-08-29 15:06 64512 c:\windows\system32\acctres.dll
    + 2001-12-14 12:31 . 2004-08-04 06:51 68768 c:\windows\system\mmsystem.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 58434 c:\windows\srchasst\srchctls.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 32866 c:\windows\slrundll.exe
    + 2011-12-10 13:13 . 2008-04-14 00:11 82944 c:\windows\ServicePackFiles\ServicePackCache\i386\msgsc.dll
    + 2011-12-10 13:11 . 2008-04-14 00:11 33792 c:\windows\ServicePackFiles\ServicePackCache\i386\custsat.dll
    + 2011-12-10 13:17 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\xrxscnui.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\xolehlp.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\xmlprovi.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 30720 c:\windows\ServicePackFiles\i386\xcopy.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 91648 c:\windows\ServicePackFiles\i386\xactsrv.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 52736 c:\windows\ServicePackFiles\i386\wzcsapi.dll
    + 2011-12-10 10:28 . 2004-08-04 06:29 19455 c:\windows\ServicePackFiles\i386\wvchntxx.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 32256 c:\windows\ServicePackFiles\i386\wups.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 18432 c:\windows\ServicePackFiles\i386\wtsapi32.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\wstdecod.dll
    + 2011-12-10 10:28 . 2008-04-13 18:46 19200 c:\windows\ServicePackFiles\i386\wstcodec.sys
    + 2011-12-10 10:26 . 2008-04-14 00:12 22528 c:\windows\ServicePackFiles\i386\wsock32.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 41984 c:\windows\ServicePackFiles\i386\wsnmp32.dll
    + 2011-12-10 10:25 . 2004-08-04 06:29 12063 c:\windows\ServicePackFiles\i386\wsiintxx.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 19456 c:\windows\ServicePackFiles\i386\wshtcpip.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 11264 c:\windows\ServicePackFiles\i386\wshrm.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\wship6.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 90112 c:\windows\ServicePackFiles\i386\wshext.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 36864 c:\windows\ServicePackFiles\i386\wshcon.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 80896 c:\windows\ServicePackFiles\i386\wscsvc.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\wscntfy.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\ws2help.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 82432 c:\windows\ServicePackFiles\i386\ws2_32.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 11264 c:\windows\ServicePackFiles\i386\wpnpinst.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 32256 c:\windows\ServicePackFiles\i386\wpabaln.exe
    + 2011-12-10 10:24 . 2004-08-04 08:56 20480 c:\windows\ServicePackFiles\i386\wmpui.dll
    + 2011-12-10 10:28 . 2004-08-04 08:56 73728 c:\windows\ServicePackFiles\i386\wmplayer.exe
    + 2011-12-10 10:26 . 2004-08-04 08:56 20480 c:\windows\ServicePackFiles\i386\wmpcore.dll
    + 2011-12-10 10:27 . 2004-08-04 08:56 20480 c:\windows\ServicePackFiles\i386\wmpcd.dll
    + 2011-12-10 10:27 . 2004-08-04 08:56 98304 c:\windows\ServicePackFiles\i386\wmpband.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 95232 c:\windows\ServicePackFiles\i386\wmiutils.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 41472 c:\windows\ServicePackFiles\i386\wmipsess.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 62464 c:\windows\ServicePackFiles\i386\wmipjobj.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 61952 c:\windows\ServicePackFiles\i386\wmipiprt.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 60928 c:\windows\ServicePackFiles\i386\wmicookr.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 88576 c:\windows\ServicePackFiles\i386\wmiaprpl.dll
    + 2011-12-10 10:30 . 2004-08-04 08:56 23552 c:\windows\ServicePackFiles\i386\wmdmps.dll
    + 2011-12-10 10:31 . 2004-08-04 08:56 27136 c:\windows\ServicePackFiles\i386\wmdmlog.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 92672 c:\windows\ServicePackFiles\i386\wlnotify.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 69120 c:\windows\ServicePackFiles\i386\wlanapi.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 53760 c:\windows\ServicePackFiles\i386\winsta.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 17408 c:\windows\ServicePackFiles\i386\winshfhc.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 99328 c:\windows\ServicePackFiles\i386\winscard.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 16896 c:\windows\ServicePackFiles\i386\winrnr.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 32256 c:\windows\ServicePackFiles\i386\winipsec.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 75776 c:\windows\ServicePackFiles\i386\wiascr.dll
     
    dispatch trophy,
    #17
  19. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    COMBOFIX PART 3b

    + 2011-12-10 10:24 . 2008-04-14 00:12 65024 c:\windows\ServicePackFiles\i386\wextract.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 68096 c:\windows\ServicePackFiles\i386\webclnt.dll
    + 2011-12-10 10:27 . 2008-04-13 19:17 83072 c:\windows\ServicePackFiles\i386\wdmaud.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 23552 c:\windows\ServicePackFiles\i386\wdmaud.drv
    + 2011-12-10 10:29 . 2008-04-14 00:12 49152 c:\windows\ServicePackFiles\i386\wdigest.dll
    + 2011-12-10 10:30 . 2004-08-04 06:29 23615 c:\windows\ServicePackFiles\i386\wch7xxnt.sys
    + 2011-12-10 10:31 . 2008-04-13 18:45 31744 c:\windows\ServicePackFiles\i386\wceusbsh.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\wbemsvc.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\wbemprox.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 43008 c:\windows\ServicePackFiles\i386\wbemperf.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 71680 c:\windows\ServicePackFiles\i386\wbemcons.dll
    + 2011-12-10 10:30 . 2004-08-04 06:29 25471 c:\windows\ServicePackFiles\i386\watv10nt.sys
    + 2011-12-10 10:26 . 2004-08-04 06:29 22271 c:\windows\ServicePackFiles\i386\watv06nt.sys
    + 2011-12-10 10:31 . 2004-08-04 06:29 33599 c:\windows\ServicePackFiles\i386\watv04nt.sys
    + 2011-12-10 10:27 . 2004-08-04 06:29 19551 c:\windows\ServicePackFiles\i386\watv02nt.sys
    + 2011-12-10 10:26 . 2004-08-04 06:29 29311 c:\windows\ServicePackFiles\i386\watv01nt.sys
    + 2011-12-10 10:24 . 2008-04-13 18:44 17664 c:\windows\ServicePackFiles\i386\watchdog.sys
    + 2011-12-10 10:28 . 2008-04-13 18:57 34560 c:\windows\ServicePackFiles\i386\wanarp.sys
    + 2011-12-10 10:24 . 2004-08-04 06:29 11935 c:\windows\ServicePackFiles\i386\wadv11nt.sys
    + 2011-12-10 10:32 . 2004-08-04 06:29 11871 c:\windows\ServicePackFiles\i386\wadv09nt.sys
    + 2011-12-10 10:30 . 2004-08-04 06:29 11295 c:\windows\ServicePackFiles\i386\wadv08nt.sys
    + 2011-12-10 10:28 . 2004-08-04 06:29 11807 c:\windows\ServicePackFiles\i386\wadv07nt.sys
    + 2011-12-10 10:25 . 2004-08-04 06:29 11775 c:\windows\ServicePackFiles\i386\wadv05nt.sys
    + 2011-12-10 10:28 . 2004-08-04 06:29 12127 c:\windows\ServicePackFiles\i386\wadv02nt.sys
    + 2011-12-10 10:27 . 2004-08-04 06:29 12415 c:\windows\ServicePackFiles\i386\wadv01nt.sys
    + 2011-12-10 10:25 . 2008-04-13 18:43 14208 c:\windows\ServicePackFiles\i386\wacompen.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 30208 c:\windows\ServicePackFiles\i386\wabmig.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 85504 c:\windows\ServicePackFiles\i386\wabimp.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 32768 c:\windows\ServicePackFiles\i386\wabfind.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 46080 c:\windows\ServicePackFiles\i386\wab.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 15872 c:\windows\ServicePackFiles\i386\w3ssl.dll
    + 2011-12-10 10:31 . 2008-04-13 18:41 52352 c:\windows\ServicePackFiles\i386\volsnap.sys
    + 2011-12-10 10:24 . 2008-04-13 18:44 81664 c:\windows\ServicePackFiles\i386\videoprt.sys
    + 2011-12-10 10:31 . 2008-04-13 18:36 42240 c:\windows\ServicePackFiles\i386\viaagp.sys
    + 2011-12-10 10:29 . 2008-04-13 18:44 20992 c:\windows\ServicePackFiles\i386\vga.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 53760 c:\windows\ServicePackFiles\i386\vfwwdm32.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\version.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\verifier.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 28672 c:\windows\ServicePackFiles\i386\verclsid.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 51712 c:\windows\ServicePackFiles\i386\vdmredir.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 26112 c:\windows\ServicePackFiles\i386\vdmdbg.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 11325 c:\windows\ServicePackFiles\i386\vchnt5.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 30749 c:\windows\ServicePackFiles\i386\vbajet32.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\utilman.exe
    + 2011-12-10 10:30 . 2008-04-14 00:12 26112 c:\windows\ServicePackFiles\i386\userinit.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 74240 c:\windows\ServicePackFiles\i386\usbui.dll
    + 2011-12-10 10:27 . 2008-04-13 18:45 20608 c:\windows\ServicePackFiles\i386\usbuhci.sys
    + 2011-12-10 10:25 . 2008-04-13 18:45 26368 c:\windows\ServicePackFiles\i386\usbstor.sys
    + 2011-12-10 10:30 . 2008-04-13 18:45 26112 c:\windows\ServicePackFiles\i386\usbser.sys
    + 2011-12-10 10:27 . 2008-04-13 18:45 15104 c:\windows\ServicePackFiles\i386\usbscan.sys
    + 2011-12-10 10:31 . 2008-04-13 18:47 25856 c:\windows\ServicePackFiles\i386\usbprint.sys
    + 2011-12-10 10:26 . 2008-04-13 18:45 17152 c:\windows\ServicePackFiles\i386\usbohci.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 16896 c:\windows\ServicePackFiles\i386\usbmon.dll
    + 2011-12-10 10:31 . 2008-04-13 18:45 15872 c:\windows\ServicePackFiles\i386\usbintel.sys
    + 2011-12-10 10:27 . 2008-04-13 18:45 59520 c:\windows\ServicePackFiles\i386\usbhub.sys
    + 2011-12-10 10:26 . 2008-04-13 18:45 30208 c:\windows\ServicePackFiles\i386\usbehci.sys
    + 2011-12-10 10:32 . 2008-04-13 18:45 32128 c:\windows\ServicePackFiles\i386\usbccgp.sys
    + 2011-12-10 13:16 . 2008-04-13 18:45 25728 c:\windows\ServicePackFiles\i386\usbcamd2.sys
    + 2011-12-10 13:16 . 2008-04-13 18:45 25600 c:\windows\ServicePackFiles\i386\usbcamd.sys
    + 2011-12-10 10:26 . 2008-04-13 18:45 60032 c:\windows\ServicePackFiles\i386\usbaudio.sys
    + 2011-12-10 10:24 . 2008-04-13 18:56 12800 c:\windows\ServicePackFiles\i386\usb8023x.sys
    + 2011-12-10 10:30 . 2008-04-13 18:56 12800 c:\windows\ServicePackFiles\i386\usb8023.sys
    + 2011-12-10 10:27 . 2004-08-04 06:31 32384 c:\windows\ServicePackFiles\i386\usb101et.sys
    + 2011-12-10 10:30 . 2008-04-14 00:12 37888 c:\windows\ServicePackFiles\i386\url.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 18432 c:\windows\ServicePackFiles\i386\ups.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 16896 c:\windows\ServicePackFiles\i386\upnpcont.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\uniplat.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 74240 c:\windows\ServicePackFiles\i386\unimdmat.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 35840 c:\windows\ServicePackFiles\i386\umandlg.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\udhisapi.dll
    + 2011-12-10 10:26 . 2008-04-13 18:32 66048 c:\windows\ServicePackFiles\i386\udfs.sys
    + 2011-12-10 10:25 . 2008-04-13 18:36 44672 c:\windows\ServicePackFiles\i386\uagp35.sys
    + 2011-12-10 13:16 . 2008-04-14 00:12 60416 c:\windows\ServicePackFiles\i386\tzchange.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 57856 c:\windows\ServicePackFiles\i386\twext.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\twain_32.dll
    + 2011-12-10 10:31 . 2008-04-13 18:56 12288 c:\windows\ServicePackFiles\i386\tunmp.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 16384 c:\windows\ServicePackFiles\i386\ttyui.dll
    + 2011-12-10 10:25 . 2007-04-02 15:31 39936 c:\windows\ServicePackFiles\i386\ttyres.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\tspkg.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 53248 c:\windows\ServicePackFiles\i386\tsgqec.dll
    + 2011-12-10 10:30 . 2008-04-14 00:13 12168 c:\windows\ServicePackFiles\i386\tsddd.dll
    + 2011-12-10 10:29 . 2004-08-04 06:59 44544 c:\windows\ServicePackFiles\i386\tscupgrd.exe
    + 2011-12-10 13:16 . 2008-04-14 00:11 25600 c:\windows\ServicePackFiles\i386\tscupdc.dll
    + 2011-12-10 13:16 . 2007-10-30 10:06 13801 c:\windows\ServicePackFiles\i386\tscuinst.vbs
    + 2011-12-10 13:16 . 2007-12-12 10:33 18917 c:\windows\ServicePackFiles\i386\tscinst.vbs
    + 2011-12-10 10:31 . 2008-04-14 00:12 93696 c:\windows\ServicePackFiles\i386\tscfgwmi.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 90112 c:\windows\ServicePackFiles\i386\trkwks.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 12800 c:\windows\ServicePackFiles\i386\tree.com
    + 2011-12-10 10:28 . 2008-04-14 00:12 12288 c:\windows\ServicePackFiles\i386\tracert.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 82944 c:\windows\ServicePackFiles\i386\tp4mon.exe
    + 2011-12-10 10:28 . 2008-04-14 00:13 40840 c:\windows\ServicePackFiles\i386\termdd.sys
    + 2004-08-04 08:56 . 2008-04-14 00:12 75776 c:\windows\ServicePackFiles\i386\telnet.exe
    + 2011-12-10 10:29 . 2008-04-14 00:13 21896 c:\windows\ServicePackFiles\i386\tdtcp.sys
    + 2011-12-10 10:27 . 2008-04-14 00:13 12040 c:\windows\ServicePackFiles\i386\tdpipe.sys
    + 2011-12-10 10:29 . 2008-04-13 19:00 19072 c:\windows\ServicePackFiles\i386\tdi.sys
    + 2004-08-04 08:56 . 2007-04-02 16:36 16384 c:\windows\ServicePackFiles\i386\tcptsat.dll
    + 2004-08-04 08:56 . 2008-04-14 00:12 32827 c:\windows\ServicePackFiles\i386\tcptest.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 45568 c:\windows\ServicePackFiles\i386\tcpmonui.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 45568 c:\windows\ServicePackFiles\i386\tcpmon.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 14848 c:\windows\ServicePackFiles\i386\tcpmib.dll
    + 2011-12-10 10:25 . 2008-04-13 18:40 14976 c:\windows\ServicePackFiles\i386\tape.sys
    + 2011-12-10 10:30 . 2008-04-13 19:15 60800 c:\windows\ServicePackFiles\i386\sysaudio.sys
    + 2011-12-10 10:32 . 2008-04-14 00:12 57856 c:\windows\ServicePackFiles\i386\synceng.dll
    + 2011-12-10 13:15 . 2008-04-13 18:45 56576 c:\windows\ServicePackFiles\i386\swmidi.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\svchost.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 65601 c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 16449 c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 75776 c:\windows\ServicePackFiles\i386\strmfilt.dll
    + 2011-12-10 10:28 . 2008-04-13 18:46 15232 c:\windows\ServicePackFiles\i386\streamip.sys
    + 2011-12-10 10:31 . 2008-04-13 18:45 49408 c:\windows\ServicePackFiles\i386\stream.sys
    + 2011-12-10 10:26 . 2008-04-14 00:12 74752 c:\windows\ServicePackFiles\i386\storprop.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 14848 c:\windows\ServicePackFiles\i386\stimon.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 68096 c:\windows\ServicePackFiles\i386\sti.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 86528 c:\windows\ServicePackFiles\i386\stdprov.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 59392 c:\windows\ServicePackFiles\i386\stclient.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\startoc.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 33280 c:\windows\ServicePackFiles\i386\sstub.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\ssstars.scr
    + 2011-12-10 10:26 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\ssmyst.scr
    + 2011-12-10 10:27 . 2008-04-14 00:12 47104 c:\windows\ServicePackFiles\i386\ssmypics.scr
    + 2011-12-10 10:29 . 2008-04-14 00:12 20992 c:\windows\ServicePackFiles\i386\ssmarque.scr
    + 2011-12-10 10:30 . 2008-04-14 00:12 71680 c:\windows\ServicePackFiles\i386\ssdpsrv.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 34816 c:\windows\ServicePackFiles\i386\ssdpapi.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\ssbezier.scr
    + 2011-12-10 10:30 . 2008-04-14 00:12 96768 c:\windows\ServicePackFiles\i386\srvsvc.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\srclient.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 58434 c:\windows\ServicePackFiles\i386\srchctls.dll
    + 2011-12-10 10:26 . 2008-04-13 18:36 73472 c:\windows\ServicePackFiles\i386\sr.sys
    + 2004-08-04 08:56 . 2008-04-14 00:12 20992 c:\windows\ServicePackFiles\i386\spupdwxp.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 57856 c:\windows\ServicePackFiles\i386\spoolsv.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 75264 c:\windows\ServicePackFiles\i386\spoolss.dll
    + 2004-08-04 08:56 . 2008-04-14 13:42 11264 c:\windows\ServicePackFiles\i386\spnpinst.exe
    + 2011-12-10 10:25 . 2008-04-13 16:43 62976 c:\windows\ServicePackFiles\i386\spgrmr.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 24576 c:\windows\ServicePackFiles\i386\sort.exe
    + 2011-12-10 10:26 . 2008-04-13 18:46 25344 c:\windows\ServicePackFiles\i386\sonydcam.sys
    + 2011-12-10 10:24 . 2008-04-14 00:12 39936 c:\windows\ServicePackFiles\i386\snmpthrd.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\snmpapi.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 33280 c:\windows\ServicePackFiles\i386\snmp.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 34816 c:\windows\ServicePackFiles\i386\sniffpol.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\smss.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 89600 c:\windows\ServicePackFiles\i386\smlogsvc.exe
    + 2011-12-10 10:30 . 2008-04-13 18:36 16000 c:\windows\ServicePackFiles\i386\smbbatt.sys
    + 2011-12-10 10:24 . 2004-08-04 06:41 13240 c:\windows\ServicePackFiles\i386\slwdmsup.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 73796 c:\windows\ServicePackFiles\i386\slserv.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 32866 c:\windows\ServicePackFiles\i386\slrundll.exe
    + 2011-12-10 10:28 . 2004-08-04 06:41 95424 c:\windows\ServicePackFiles\i386\slnthal.sys
    + 2011-12-10 10:28 . 2008-04-13 18:46 11136 c:\windows\ServicePackFiles\i386\slip.sys
    + 2011-12-10 10:32 . 2008-04-14 00:12 73832 c:\windows\ServicePackFiles\i386\slcoinst.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 98304 c:\windows\ServicePackFiles\i386\slbiop.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 25088 c:\windows\ServicePackFiles\i386\slayerxp.dll
    + 2011-12-10 10:30 . 2004-08-04 06:31 63547 c:\windows\ServicePackFiles\i386\sla30nd5.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 26112 c:\windows\ServicePackFiles\i386\skeys.exe
    + 2011-12-10 10:25 . 2004-08-04 06:31 32768 c:\windows\ServicePackFiles\i386\sisnic.sys
    + 2011-12-10 10:29 . 2008-04-13 18:36 40960 c:\windows\ServicePackFiles\i386\sisagp.sys
    + 2011-12-10 10:30 . 2008-04-14 00:12 70144 c:\windows\ServicePackFiles\i386\sigverif.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 13312 c:\windows\ServicePackFiles\i386\sigtab.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 19456 c:\windows\ServicePackFiles\i386\shutdown.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 16437 c:\windows\ServicePackFiles\i386\shtml.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 20536 c:\windows\ServicePackFiles\i386\shtml.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\shscrap.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 77824 c:\windows\ServicePackFiles\i386\shrpubw.exe
    + 2011-12-10 10:30 . 2008-04-14 00:12 45056 c:\windows\ServicePackFiles\i386\shmgrate.exe
    + 2011-12-10 10:27 . 2008-04-14 00:12 65024 c:\windows\ServicePackFiles\i386\shimeng.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 68096 c:\windows\ServicePackFiles\i386\shgina.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 25088 c:\windows\ServicePackFiles\i386\shfolder.dll
    + 2011-12-10 10:26 . 2008-04-13 18:40 11392 c:\windows\ServicePackFiles\i386\sfloppy.sys
    + 2011-12-10 10:27 . 2008-04-13 18:40 11008 c:\windows\ServicePackFiles\i386\sffp_sd.sys
    + 2011-12-10 13:15 . 2008-04-13 18:40 10240 c:\windows\ServicePackFiles\i386\sffp_mmc.sys
    + 2011-12-10 10:27 . 2008-04-13 18:40 11904 c:\windows\ServicePackFiles\i386\sffdisk.sys
    + 2011-12-10 13:15 . 2008-04-14 00:12 32768 c:\windows\ServicePackFiles\i386\setupn.exe
    + 2011-12-10 10:27 . 2008-04-14 00:12 73216 c:\windows\ServicePackFiles\i386\setup50.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 23040 c:\windows\ServicePackFiles\i386\setup.exe
    + 2011-12-10 10:27 . 2008-04-14 00:12 31232 c:\windows\ServicePackFiles\i386\sethc.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 56320 c:\windows\ServicePackFiles\i386\servdeps.dll
    + 2011-12-10 10:26 . 2008-04-13 19:15 64512 c:\windows\ServicePackFiles\i386\serial.sys
    + 2011-12-10 10:26 . 2008-04-13 18:40 15744 c:\windows\ServicePackFiles\i386\serenum.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 39424 c:\windows\ServicePackFiles\i386\sens.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 54784 c:\windows\ServicePackFiles\i386\sendmail.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 29184 c:\windows\ServicePackFiles\i386\sendcmsg.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 56320 c:\windows\ServicePackFiles\i386\secur32.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\seclogon.dll
    + 2011-12-10 10:26 . 2008-04-13 16:39 20480 c:\windows\ServicePackFiles\i386\secdrv.sys
    + 2011-12-10 10:24 . 2008-04-14 00:12 29184 c:\windows\ServicePackFiles\i386\sdhcinst.dll
    + 2011-12-10 10:30 . 2008-04-13 18:36 79232 c:\windows\ServicePackFiles\i386\sdbus.sys
    + 2011-12-10 10:26 . 2008-04-14 00:12 77312 c:\windows\ServicePackFiles\i386\sdbinst.exe
    + 2011-12-10 13:15 . 2008-04-13 18:45 11520 c:\windows\ServicePackFiles\i386\scsiscan.sys
    + 2011-12-10 10:29 . 2008-04-13 18:40 96384 c:\windows\ServicePackFiles\i386\scsiport.sys
    + 2011-12-10 10:28 . 2008-04-14 00:12 36352 c:\windows\ServicePackFiles\i386\scrcons.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 20480 c:\windows\ServicePackFiles\i386\sclgntfy.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 95744 c:\windows\ServicePackFiles\i386\scardsvr.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 69632 c:\windows\ServicePackFiles\i386\scarddlg.dll
    + 2011-12-10 10:29 . 2008-04-13 18:40 43904 c:\windows\ServicePackFiles\i386\sbp2port.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 13312 c:\windows\ServicePackFiles\i386\savedump.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 64000 c:\windows\ServicePackFiles\i386\samlib.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 45568 c:\windows\ServicePackFiles\i386\safrslv.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 29696 c:\windows\ServicePackFiles\i386\safrdm.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\safrcdlg.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 29696 c:\windows\ServicePackFiles\i386\rw450ext.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\rw430ext.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 29184 c:\windows\ServicePackFiles\i386\rw330ext.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\rw001ext.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\runonce.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 33280 c:\windows\ServicePackFiles\i386\rundll32.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 44032 c:\windows\ServicePackFiles\i386\rtutils.dll
    + 2011-12-10 10:28 . 2004-08-04 06:31 20992 c:\windows\ServicePackFiles\i386\rtl8139.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 31744 c:\windows\ServicePackFiles\i386\rtipxmib.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 77312 c:\windows\ServicePackFiles\i386\rtcshare.exe
    + 2011-12-10 13:15 . 2008-04-14 00:12 92672 c:\windows\ServicePackFiles\i386\rsvpsp.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\rsmps.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 39936 c:\windows\ServicePackFiles\i386\rshx32.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 14848 c:\windows\ServicePackFiles\i386\rsh.exe
    + 2011-12-10 10:32 . 2008-04-14 00:12 61440 c:\windows\ServicePackFiles\i386\rrcm.dll
    + 2011-12-10 10:26 . 2008-04-13 18:40 79104 c:\windows\ServicePackFiles\i386\rocket.sys
    + 2011-12-10 10:29 . 2008-04-13 18:56 30592 c:\windows\ServicePackFiles\i386\rndismpx.sys
    + 2011-12-10 10:27 . 2008-04-13 18:56 30592 c:\windows\ServicePackFiles\i386\rndismp.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\riafui2.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\riafui1.dll
    + 2011-12-10 10:24 . 2008-04-13 18:46 59136 c:\windows\ServicePackFiles\i386\rfcomm.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\rexec.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 58880 c:\windows\ServicePackFiles\i386\resutils.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 60416 c:\windows\ServicePackFiles\i386\remotepg.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\regsvr32.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 59904 c:\windows\ServicePackFiles\i386\regsvc.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 49664 c:\windows\ServicePackFiles\i386\regapi.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\reg.exe
    + 2011-12-10 10:31 . 2008-04-13 18:40 57600 c:\windows\ServicePackFiles\i386\redbook.sys
    + 2011-12-10 10:27 . 2004-08-04 06:41 13776 c:\windows\ServicePackFiles\i386\recagent.sys
    + 2011-12-10 10:32 . 2008-04-14 00:12 67072 c:\windows\ServicePackFiles\i386\rdshost.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\rdsaddin.exe
    + 2011-12-10 10:30 . 2008-04-14 00:13 87176 c:\windows\ServicePackFiles\i386\rdpwsx.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\rdpsnd.dll
    + 2011-12-10 10:31 . 2008-04-14 00:13 92424 c:\windows\ServicePackFiles\i386\rdpdd.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 62976 c:\windows\ServicePackFiles\i386\rdpclip.exe
    + 2011-12-10 10:30 . 2008-04-14 00:12 21504 c:\windows\ServicePackFiles\i386\rcp.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 35840 c:\windows\ServicePackFiles\i386\rcimlby.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 58368 c:\windows\ServicePackFiles\i386\rastapi.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 16384 c:\windows\ServicePackFiles\i386\rassapi.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 61952 c:\windows\ServicePackFiles\i386\rasqec.dll
    + 2011-12-10 10:31 . 2008-04-13 19:19 48384 c:\windows\ServicePackFiles\i386\raspptp.sys
    + 2011-12-10 10:28 . 2008-04-13 18:57 41472 c:\windows\ServicePackFiles\i386\raspppoe.sys
    + 2011-12-10 10:24 . 2008-04-14 00:12 56832 c:\windows\ServicePackFiles\i386\rasphone.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 61440 c:\windows\ServicePackFiles\i386\rasman.dll
    + 2011-12-10 10:28 . 2008-04-13 19:19 51328 c:\windows\ServicePackFiles\i386\rasl2tp.sys
    + 2011-12-10 10:28 . 2008-04-14 00:12 79872 c:\windows\ServicePackFiles\i386\raschap.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 88576 c:\windows\ServicePackFiles\i386\rasauto.dll
    + 2011-12-10 10:29 . 2008-04-13 18:41 20736 c:\windows\ServicePackFiles\i386\ramdisk.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\racpldlg.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 76800 c:\windows\ServicePackFiles\i386\qutil.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\qprocess.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\qmgrprxy.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 62464 c:\windows\ServicePackFiles\i386\qcliprov.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 34304 c:\windows\ServicePackFiles\i386\pstorsvc.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\pstorec.dll
    + 2011-12-10 10:24 . 2008-04-13 18:56 69120 c:\windows\ServicePackFiles\i386\psched.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 96768 c:\windows\ServicePackFiles\i386\psbase.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 23040 c:\windows\ServicePackFiles\i386\psapi.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\proquota.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\profmap.dll
    + 2011-12-10 10:29 . 2008-04-13 18:31 35840 c:\windows\ServicePackFiles\i386\processr.sys
    + 2011-12-10 10:32 . 2008-04-13 18:41 17664 c:\windows\ServicePackFiles\i386\ppa3.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 17408 c:\windows\ServicePackFiles\i386\powrprof.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 49152 c:\windows\ServicePackFiles\i386\powercfg.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 58880 c:\windows\ServicePackFiles\i386\pnrpnsp.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 39424 c:\windows\ServicePackFiles\i386\pngfilt.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 52736 c:\windows\ServicePackFiles\i386\plotui.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 44544 c:\windows\ServicePackFiles\i386\plotter.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 15360 c:\windows\ServicePackFiles\i386\pjlmon.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 17920 c:\windows\ServicePackFiles\i386\ping.exe
    + 2004-08-04 07:04 . 2008-04-13 18:35 24064 c:\windows\ServicePackFiles\i386\pidgen.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 35328 c:\windows\ServicePackFiles\i386\pid.dll
    + 2011-12-10 10:26 . 2008-04-13 18:44 28032 c:\windows\ServicePackFiles\i386\perm3.sys
    + 2011-12-10 10:30 . 2008-04-13 18:44 27904 c:\windows\ServicePackFiles\i386\perm2.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 34816 c:\windows\ServicePackFiles\i386\perfproc.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 25088 c:\windows\ServicePackFiles\i386\perfos.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 17920 c:\windows\ServicePackFiles\i386\perfnet.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 15872 c:\windows\ServicePackFiles\i386\perfmon.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\perfdisk.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 39936 c:\windows\ServicePackFiles\i386\perfctrs.dll
    + 2011-12-10 10:28 . 2008-04-13 18:40 24960 c:\windows\ServicePackFiles\i386\pciidex.sys
    + 2011-12-10 10:27 . 2008-04-13 18:36 68224 c:\windows\ServicePackFiles\i386\pci.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 38400 c:\windows\ServicePackFiles\i386\pchsvc.dll
    + 2011-12-10 10:31 . 2004-08-04 06:31 29502 c:\windows\ServicePackFiles\i386\pca200e.sys
    + 2011-12-10 10:29 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\pautoenr.dll
    + 2011-12-10 13:15 . 2008-04-13 18:40 19712 c:\windows\ServicePackFiles\i386\partmgr.sys
    + 2011-12-10 10:26 . 2008-04-13 18:40 80128 c:\windows\ServicePackFiles\i386\parport.sys
    + 2011-12-10 10:29 . 2008-04-14 00:12 58368 c:\windows\ServicePackFiles\i386\packager.exe
    + 2011-12-10 10:26 . 2008-04-13 18:31 42752 c:\windows\ServicePackFiles\i386\p3.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\osuninst.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 51200 c:\windows\ServicePackFiles\i386\oobebaln.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 84992 c:\windows\ServicePackFiles\i386\olepro32.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 65536 c:\windows\ServicePackFiles\i386\oledb32r.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 37376 c:\windows\ServicePackFiles\i386\olecnv32.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 74752 c:\windows\ServicePackFiles\i386\olecli32.dll
    + 2011-12-10 10:26 . 2008-04-13 18:46 61696 c:\windows\ServicePackFiles\i386\ohci1394.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 35328 c:\windows\ServicePackFiles\i386\oemiglib.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 60416 c:\windows\ServicePackFiles\i386\oemig50.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 20511 c:\windows\ServicePackFiles\i386\odtext32.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 20510 c:\windows\ServicePackFiles\i386\odpdx32.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 20510 c:\windows\ServicePackFiles\i386\odfox32.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 20510 c:\windows\ServicePackFiles\i386\odexl32.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 20511 c:\windows\ServicePackFiles\i386\oddbse32.dll
    + 2011-12-10 10:30 . 2008-04-13 17:26 12288 c:\windows\ServicePackFiles\i386\odbcp32r.dll
    + 2011-12-10 10:24 . 2008-04-14 00:10 53279 c:\windows\ServicePackFiles\i386\odbcji32.dll
    + 2011-12-10 10:27 . 2008-04-13 17:26 94208 c:\windows\ServicePackFiles\i386\odbcint.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 65536 c:\windows\ServicePackFiles\i386\odbccu32.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 65536 c:\windows\ServicePackFiles\i386\odbccr32.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 69632 c:\windows\ServicePackFiles\i386\odbcconf.exe
    + 2011-12-10 10:24 . 2008-04-14 00:12 24576 c:\windows\ServicePackFiles\i386\odbcbcp.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 32768 c:\windows\ServicePackFiles\i386\odbcad32.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 16384 c:\windows\ServicePackFiles\i386\odbc32gt.dll
    + 2011-12-10 10:32 . 2004-07-17 19:36 26224 c:\windows\ServicePackFiles\i386\odbc16gt.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 17408 c:\windows\ServicePackFiles\i386\ocmsn.dll
    + 2011-12-10 13:14 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\ocmanage.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 15360 c:\windows\ServicePackFiles\i386\ocgen.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 96256 c:\windows\ServicePackFiles\i386\occache.dll
    + 2011-12-10 13:14 . 2008-04-14 00:10 86016 c:\windows\ServicePackFiles\i386\obepopc.dll
    + 2011-12-10 13:14 . 2007-04-02 18:44 77824 c:\windows\ServicePackFiles\i386\obemtllc.dll
    + 2011-12-10 10:30 . 2008-04-13 18:56 88320 c:\windows\ServicePackFiles\i386\nwlnkipx.sys
    + 2011-12-10 13:14 . 2008-04-14 00:12 15360 c:\windows\ServicePackFiles\i386\ntvdmd.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 91136 c:\windows\ServicePackFiles\i386\ntprint.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 62976 c:\windows\ServicePackFiles\i386\ntoc.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 40960 c:\windows\ServicePackFiles\i386\ntmsapi.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 44032 c:\windows\ServicePackFiles\i386\ntlanman.dll
    + 2011-12-10 10:31 . 2004-08-04 06:45 34560 c:\windows\ServicePackFiles\i386\ntio804.sys
    + 2011-12-10 10:29 . 2004-08-04 06:45 35424 c:\windows\ServicePackFiles\i386\ntio412.sys
    + 2011-12-10 10:25 . 2004-08-04 06:45 35648 c:\windows\ServicePackFiles\i386\ntio411.sys
    + 2011-12-10 10:25 . 2004-08-04 06:45 34560 c:\windows\ServicePackFiles\i386\ntio404.sys
    + 2011-12-10 10:25 . 2004-08-04 06:45 33840
     
    dispatch trophy,
    #18
  20. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    COMBOFIX CONTINUED

    c:\windows\system32\drivers\ohci1394.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 88320 c:\windows\system32\drivers\nwlnkipx.sys
    + 2001-12-14 19:25 . 2008-04-13 18:32 30848 c:\windows\system32\drivers\npfs.sys
    + 2001-12-14 19:25 . 2008-04-13 18:53 40320 c:\windows\system32\drivers\nmnt.sys
    + 2001-08-17 13:46 . 2008-04-13 18:51 61824 c:\windows\system32\drivers\nic1394.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 34688 c:\windows\system32\drivers\netbios.sys
    + 2001-12-14 19:25 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
    + 2001-12-14 19:25 . 2008-04-13 19:20 91520 c:\windows\system32\drivers\ndiswan.sys
    + 2001-08-17 13:53 . 2008-04-13 18:55 14592 c:\windows\system32\drivers\ndisuio.sys
    + 2001-12-14 19:25 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
    + 2011-12-10 10:34 . 2008-04-13 18:43 12672 c:\windows\system32\drivers\mutohpen.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 15488 c:\windows\system32\drivers\mssmbios.sys
    + 2001-12-14 19:25 . 2008-04-13 18:56 35072 c:\windows\system32\drivers\msgpc.sys
    + 2001-12-14 19:25 . 2008-04-13 18:32 19072 c:\windows\system32\drivers\msfs.sys
    + 2001-12-14 19:25 . 2008-04-13 18:39 42368 c:\windows\system32\drivers\mountmgr.sys
    + 2001-08-17 13:47 . 2008-04-13 18:39 23040 c:\windows\system32\drivers\mouclass.sys
    + 2001-08-17 13:57 . 2008-04-13 19:00 30080 c:\windows\system32\drivers\modem.sys
    + 2001-08-17 13:58 . 2008-04-13 18:36 63744 c:\windows\system32\drivers\mf.sys
    + 2011-12-10 10:34 . 2004-08-04 06:41 11868 c:\windows\system32\drivers\mdmxsdk.sys
    + 2001-12-14 19:25 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
    + 2001-12-15 00:35 . 2008-04-13 18:39 14592 c:\windows\system32\drivers\kbdhid.sys
    + 2001-08-17 13:47 . 2008-04-13 18:39 24576 c:\windows\system32\drivers\kbdclass.sys
    + 2001-08-17 13:58 . 2008-04-13 18:36 37248 c:\windows\system32\drivers\isapnp.sys
    + 2001-12-14 12:31 . 2008-04-13 18:54 11264 c:\windows\system32\drivers\irenum.sys
    + 2001-12-14 19:25 . 2008-04-13 19:19 75264 c:\windows\system32\drivers\ipsec.sys
    + 2001-12-14 19:25 . 2008-04-13 18:57 20864 c:\windows\system32\drivers\ipinip.sys
    + 2011-12-10 10:34 . 2008-04-13 18:53 36608 c:\windows\system32\drivers\ip6fw.sys
    + 2011-12-10 10:34 . 2008-04-13 18:31 36352 c:\windows\system32\drivers\intelppm.sys
    + 2001-12-14 19:25 . 2008-04-13 18:40 42112 c:\windows\system32\drivers\imapi.sys
    + 2001-08-17 22:24 . 2008-04-13 19:18 52480 c:\windows\system32\drivers\i8042prt.sys
    + 2001-12-15 00:35 . 2008-04-13 18:45 10368 c:\windows\system32\drivers\hidusb.sys
    + 2001-08-17 14:02 . 2008-04-13 18:45 24960 c:\windows\system32\drivers\hidparse.sys
    + 2011-12-10 10:34 . 2008-04-13 18:45 19200 c:\windows\system32\drivers\hidir.sys
    + 2001-08-17 14:02 . 2008-04-13 18:45 36864 c:\windows\system32\drivers\hidclass.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 25600 c:\windows\system32\drivers\hidbth.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 46464 c:\windows\system32\drivers\gagp30kx.sys
    + 2001-08-17 13:51 . 2008-04-13 18:40 20480 c:\windows\system32\drivers\flpydisk.sys
    + 2001-12-14 19:25 . 2008-04-13 18:33 44544 c:\windows\system32\drivers\fips.sys
    + 2001-08-17 13:51 . 2008-04-13 18:40 27392 c:\windows\system32\drivers\fdc.sys
    + 2001-12-14 19:25 . 2008-04-13 18:38 71168 c:\windows\system32\drivers\dxg.sys
    + 2001-12-14 20:57 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
    + 2001-12-14 12:33 . 2008-04-13 18:45 52864 c:\windows\system32\drivers\dmusic.sys
    + 2001-12-14 19:25 . 2008-04-13 18:40 14208 c:\windows\system32\drivers\diskdump.sys
    + 2001-08-17 13:52 . 2008-04-13 18:40 36352 c:\windows\system32\drivers\disk.sys
    + 2001-08-17 13:48 . 2008-04-13 18:31 36736 c:\windows\system32\drivers\crusoe.sys
    + 2001-12-14 19:25 . 2008-04-13 19:16 49536 c:\windows\system32\drivers\classpnp.sys
    + 2011-12-10 10:34 . 2008-04-14 00:11 15423 c:\windows\system32\drivers\ch7xxnt5.dll
    + 2001-08-17 13:52 . 2008-04-13 18:40 62976 c:\windows\system32\drivers\cdrom.sys
    + 2001-12-14 19:25 . 2008-04-13 19:14 63744 c:\windows\system32\drivers\cdfs.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 18944 c:\windows\system32\drivers\bthusb.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 36480 c:\windows\system32\drivers\bthprint.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 37888 c:\windows\system32\drivers\bthmodem.sys
    + 2011-12-10 10:34 . 2008-04-13 18:46 17024 c:\windows\system32\drivers\bthenum.sys
    + 2001-12-14 19:25 . 2008-04-13 18:53 71552 c:\windows\system32\drivers\bridge.sys
    + 2011-12-10 10:34 . 2008-04-14 00:11 17279 c:\windows\system32\drivers\atv10nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 14143 c:\windows\system32\drivers\atv06nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 25471 c:\windows\system32\drivers\atv04nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 11359 c:\windows\system32\drivers\atv02nt5.dll
    + 2011-12-10 10:34 . 2008-04-14 00:11 21183 c:\windows\system32\drivers\atv01nt5.dll
    + 2001-12-14 19:25 . 2008-04-13 18:51 55808 c:\windows\system32\drivers\atmlane.sys
    + 2001-12-14 19:25 . 2008-04-13 18:51 59904 c:\windows\system32\drivers\atmarpc.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 63488 c:\windows\system32\drivers\atinxsxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 31744 c:\windows\system32\drivers\atinxbxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 73216 c:\windows\system32\drivers\atintuxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 13824 c:\windows\system32\drivers\atinttxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 28672 c:\windows\system32\drivers\atinsnxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 52224 c:\windows\system32\drivers\atinraxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 14336 c:\windows\system32\drivers\atinpdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 13824 c:\windows\system32\drivers\atinmdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 57856 c:\windows\system32\drivers\atinbtxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 34735 c:\windows\system32\drivers\ati1xsxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 29455 c:\windows\system32\drivers\ati1xbxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 36463 c:\windows\system32\drivers\ati1tuxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 21343 c:\windows\system32\drivers\ati1ttxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 26367 c:\windows\system32\drivers\ati1snxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 63663 c:\windows\system32\drivers\ati1rvxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 30671 c:\windows\system32\drivers\ati1raxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 12047 c:\windows\system32\drivers\ati1pdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 11615 c:\windows\system32\drivers\ati1mdxx.sys
    + 2011-12-10 10:34 . 2004-08-04 06:29 56623 c:\windows\system32\drivers\ati1btxx.sys
    + 2001-08-17 13:51 . 2008-04-13 18:40 96512 c:\windows\system32\drivers\atapi.sys
    + 2001-12-14 19:25 . 2008-04-13 18:57 14336 c:\windows\system32\drivers\asyncmac.sys
    + 2001-08-17 13:46 . 2008-04-13 18:51 60800 c:\windows\system32\drivers\arp1394.sys
    + 2011-12-10 10:34 . 2008-04-13 18:31 37760 c:\windows\system32\drivers\amdk7.sys
    + 2001-08-17 13:48 . 2008-04-13 18:31 37376 c:\windows\system32\drivers\amdk6.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 43008 c:\windows\system32\drivers\amdagp.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 42752 c:\windows\system32\drivers\alim1541.sys
    + 2011-12-10 10:34 . 2008-04-13 18:36 44928 c:\windows\system32\drivers\agpcpq.sys
    + 2001-12-14 12:32 . 2008-04-13 18:36 42368 c:\windows\system32\drivers\agp440.sys
    + 2012-02-04 14:31 . 2011-11-28 17:48 30808 c:\windows\system32\drivers\aavmker4.sys
    - 2011-12-02 11:18 . 2011-11-28 17:48 30808 c:\windows\system32\drivers\aavmker4.sys
    + 2001-08-17 14:06 . 2008-04-13 18:46 53376 c:\windows\system32\drivers\1394bus.sys
    + 2001-12-14 19:25 . 2008-04-14 00:11 57344 c:\windows\system32\dpwsockx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 83456 c:\windows\system32\dpvsetup.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 21504 c:\windows\system32\dpvacm.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 17920 c:\windows\system32\dpnsvr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 60928 c:\windows\system32\dpnhupnp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 35328 c:\windows\system32\dpnhpast.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 23552 c:\windows\system32\dpmodemx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 29696 c:\windows\system32\dplaysvr.exe
    + 2011-12-10 13:12 . 2008-04-14 00:11 56320 c:\windows\system32\dot3msm.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 39936 c:\windows\system32\dot3gpclnt.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 57856 c:\windows\system32\dot3cfg.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 26112 c:\windows\system32\dot3api.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 53840 c:\windows\system32\dosx.exe
    + 2001-12-14 19:25 . 2004-08-04 06:51 53840 c:\windows\system32\dosx.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 48128 c:\windows\system32\docprop2.dll
    + 2001-12-14 19:25 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
    + 2001-08-17 22:36 . 2008-04-14 00:11 52224 c:\windows\system32\dmutil.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 23552 c:\windows\system32\dmserver.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 82432 c:\windows\system32\dmscript.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 15872 c:\windows\system32\dmremote.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 35840 c:\windows\system32\dmloader.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 61440 c:\windows\system32\dmcompos.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 28672 c:\windows\system32\dmband.dll
    + 2011-12-10 10:33 . 2009-08-07 03:24 35552 c:\windows\system32\dllcache\wups.dll
    + 2001-12-14 20:35 . 2009-08-07 03:24 53472 c:\windows\system32\dllcache\wuauclt.exe
    + 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpui.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 73728 c:\windows\system32\dllcache\wmplayer.exe
    + 2011-12-10 13:16 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpcore.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpcd.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 98304 c:\windows\system32\dllcache\wmpband.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 23552 c:\windows\system32\dllcache\wmdmps.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 27136 c:\windows\system32\dllcache\wmdmlog.dll
    + 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
    + 2011-12-11 09:50 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
    + 2011-09-05 13:56 . 2011-11-01 20:35 37888 c:\windows\system32\dllcache\url.dll
    + 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
    + 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
    + 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
    + 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
    + 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
    + 2011-12-10 11:43 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
    + 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
    + 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
    + 2011-09-26 19:41 . 2011-09-26 19:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
    + 2011-12-10 13:14 . 2008-04-14 00:12 10240 c:\windows\system32\dllcache\npwmsdrm.dll
    + 2011-12-11 09:23 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
    + 2011-12-11 09:54 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
    + 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
    + 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
    + 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
    + 2011-12-10 13:14 . 2008-04-13 17:27 79872 c:\windows\system32\dllcache\msxml6r.dll
    + 2009-11-27 16:37 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
    + 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 59904 c:\windows\system32\dllcache\msratelc.dll
    + 2011-12-10 13:14 . 2008-04-14 00:12 52224 c:\windows\system32\dllcache\mspmsnsv.dll
    + 2002-08-29 15:14 . 2002-08-29 15:14 14848 c:\windows\system32\dllcache\msidntld.dll
    + 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
    + 2008-06-24 16:43 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
    + 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
    + 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
    + 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
    + 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
    + 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
    + 2010-04-16 15:36 . 2011-11-01 20:35 81920 c:\windows\system32\dllcache\ieencode.dll
    + 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
    + 2011-12-10 11:49 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 87040 c:\windows\system32\dllcache\drmstor.dll
    + 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
    + 2011-12-10 13:11 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\custsat.dll
    + 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
    + 2001-12-14 19:25 . 2009-08-07 03:24 96480 c:\windows\system32\dllcache\cdm.dll
    + 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
    + 2009-11-27 16:07 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
    + 2009-07-17 18:55 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
    + 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
    + 2002-08-29 15:06 . 2002-08-29 15:06 64512 c:\windows\system32\dllcache\acctres.dll
    + 2001-06-27 00:42 . 2008-04-14 00:11 32768 c:\windows\system32\dispex.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 39936 c:\windows\system32\dimsroam.dll
    + 2011-12-10 13:12 . 2008-04-14 00:11 19456 c:\windows\system32\dimsntfy.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 68608 c:\windows\system32\digest.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 87040 c:\windows\system32\diantz.exe
    + 2011-12-10 13:12 . 2008-04-14 00:11 48640 c:\windows\system32\dhcpqec.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 28672 c:\windows\system32\dfsshlex.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 39424 c:\windows\system32\dfrgsnap.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 82944 c:\windows\system32\dfrgfat.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 59904 c:\windows\system32\devenum.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 25088 c:\windows\system32\defrag.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 27136 c:\windows\system32\ddrawex.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 30208 c:\windows\system32\ddeshare.exe
    - 2001-12-14 19:25 . 2001-08-18 12:00 28672 c:\windows\system32\dbnmpntw.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 28672 c:\windows\system32\dbnmpntw.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 24576 c:\windows\system32\dbmsrpcn.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 24576 c:\windows\system32\dbmsrpcn.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 25088 c:\windows\system32\davclnt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 54272 c:\windows\system32\dataclen.dll
    + 2001-12-14 19:26 . 2008-04-14 00:12 15360 c:\windows\system32\ctfmon.exe
    + 2001-12-14 19:25 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 62464 c:\windows\system32\cryptsvc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 64512 c:\windows\system32\cryptnet.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 53760 c:\windows\system32\cryptext.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 33280 c:\windows\system32\cryptdll.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 74752 c:\windows\system32\cryptdlg.dll
    + 2011-12-10 13:11 . 2008-04-14 00:11 12800 c:\windows\system32\credssp.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 35328 c:\windows\system32\corpol.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 27648 c:\windows\system32\conime.exe
    - 2001-12-14 20:40 . 2011-12-04 05:53 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2011-12-08 07:59 . 2011-12-10 22:11 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2011-12-10 11:00 . 2011-12-10 22:09 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011121020111211\index.dat
    + 2011-12-10 11:00 . 2011-12-10 11:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011112820111205\index.dat
    + 2001-12-14 20:40 . 2011-12-10 22:11 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    - 2001-12-14 20:40 . 2011-12-04 05:53 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    + 2001-12-14 20:40 . 2011-12-10 22:11 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    - 2001-12-14 20:40 . 2011-12-04 05:53 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    + 2001-12-14 20:35 . 2008-04-14 00:11 97792 c:\windows\system32\comrepl.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 28160 c:\windows\system32\comaddin.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 60416 c:\windows\system32\colbact.dll
    + 2001-08-17 22:36 . 2008-04-14 00:11 47104 c:\windows\system32\cnbjmon.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 39424 c:\windows\system32\cmutil.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 63488 c:\windows\system32\cmstp.exe
    + 2011-12-10 10:33 . 2008-04-14 00:11 13312 c:\windows\system32\cmsetacl.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 39936 c:\windows\system32\cmmon32.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 25600 c:\windows\system32\cmdl32.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 15872 c:\windows\system32\cmcfg32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 58368 c:\windows\system32\clusapi.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 33280 c:\windows\system32\clipsrv.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 20480 c:\windows\system32\cliconfg.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 77824 c:\windows\system32\cliconfg.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 64000 c:\windows\system32\cleanmgr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 69120 c:\windows\system32\ciodm.dll
    + 2001-12-14 19:25 . 2008-04-14 00:09 16896 c:\windows\system32\cfgmgr32.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 16896 c:\windows\system32\cfgmgr32.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 38912 c:\windows\system32\cfgbkend.dll
    + 2001-12-14 19:25 . 2009-08-07 03:24 96480 c:\windows\system32\cdm.dll
    + 2001-12-14 20:35 . 2008-04-14 00:11 85504 c:\windows\system32\catsrvps.dll
    - 2001-12-14 20:35 . 2001-08-18 12:00 85504 c:\windows\system32\catsrvps.dll
    + 2012-01-14 21:00 . 2006-08-24 09:01 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstUS.dll
    - 2011-12-03 22:53 . 2006-08-24 09:01 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstUS.dll
    - 2011-12-03 22:53 . 2006-08-14 14:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstRU.dll
    + 2012-01-14 21:00 . 2006-08-14 14:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstRU.dll
    + 2012-01-14 21:00 . 2006-08-22 14:42 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPT.dll
    - 2011-12-03 22:53 . 2006-08-22 14:42 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPT.dll
    - 2011-12-03 22:53 . 2006-08-16 10:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPL.dll
    + 2012-01-14 21:00 . 2006-08-16 10:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPL.dll
    + 2012-01-14 21:00 . 2006-08-11 14:15 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstNL.dll
    - 2011-12-03 22:53 . 2006-08-11 14:15 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstNL.dll
    + 2012-01-14 21:00 . 2006-08-21 16:24 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstKR.dll
    - 2011-12-03 22:53 . 2006-08-21 16:24 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstKR.dll
    + 2012-01-14 21:00 . 2006-08-24 09:01 40960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstJP.dll
    - 2011-12-03 22:53 . 2006-08-24 09:01 40960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstJP.dll
    - 2011-12-03 22:53 . 2006-08-22 14:24 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstIT.dll
    + 2012-01-14 21:00 . 2006-08-22 14:24 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstIT.dll
    - 2011-12-03 22:53 . 2006-08-14 14:36 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstHU.dll
    + 2012-01-14 21:00 . 2006-08-14 14:36 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstHU.dll
    - 2011-12-03 22:53 . 2006-08-22 14:09 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstFR.dll
    + 2012-01-14 21:00 . 2006-08-22 14:09 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstFR.dll
    + 2012-01-14 21:00 . 2006-08-14 13:30 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstES.dll
    - 2011-12-03 22:53 . 2006-08-14 13:30 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstES.dll
    + 2012-01-14 21:00 . 2006-08-22 14:21 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstDE.dll
    - 2011-12-03 22:53 . 2006-08-22 14:21 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstDE.dll
    - 2011-12-03 22:53 . 2006-08-14 14:07 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCZ.dll
    + 2012-01-14 21:00 . 2006-08-14 14:07 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCZ.dll
    + 2012-01-14 21:00 . 2006-08-21 14:51 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCN.dll
    - 2011-12-03 22:53 . 2006-08-21 14:51 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCN.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 50688 c:\windows\system32\camocx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 19968 c:\windows\system32\cacls.exe
    + 2001-12-14 19:25 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 60416 c:\windows\system32\cabinet.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 50688 c:\windows\system32\btpanui.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 30208 c:\windows\system32\bthserv.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 20992 c:\windows\system32\bthci.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 78336 c:\windows\system32\browsewm.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 77824 c:\windows\system32\browser.dll
    + 2002-08-29 15:14 . 2008-04-13 17:03 63488 c:\windows\system32\browselc.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 71680 c:\windows\system32\blastcln.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 17408 c:\windows\system32\bidispl.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 29184 c:\windows\system32\batmeter.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 52736 c:\windows\system32\basesrv.dll
    + 2001-12-14 19:25 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 11264 c:\windows\system32\autolfn.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 62464 c:\windows\system32\authz.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 14336 c:\windows\system32\auditusr.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 42496 c:\windows\system32\audiosrv.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 12288 c:\windows\system32\attrib.exe
    + 2001-12-14 19:25 . 2008-04-14 00:11 30208 c:\windows\system32\atmlib.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 11264 c:\windows\system32\atmadm.exe
    + 2001-12-14 19:25 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
    + 2011-12-10 10:33 . 2008-04-14 00:11 32768 c:\windows\system32\ativtmxx.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 25088 c:\windows\system32\at.exe
    + 2000-03-15 16:33 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 70656 c:\windows\system32\amstream.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 17408 c:\windows\system32\alrsvc.dll
    + 2001-12-14 19:25 . 2008-04-14 00:12 44544 c:\windows\system32\alg.exe
    + 2001-12-14 19:25 . 2008-04-14 00:12 98304 c:\windows\system32\ahui.exe
    + 2002-08-29 15:14 . 2008-04-14 00:11 99840 c:\windows\system32\advpack.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 68096 c:\windows\system32\adsmsext.dll
    + 2001-12-14 19:25 . 2008-04-14 00:11 61440 c:\windows\system32\admparse.dll
    + 2002-08-29 15:14 . 2008-04-14 00:11 98304 c:\windows\system32\actxprxy.dll
    - 2001-12-14 19:25 . 2001-08-18 12:00 98304 c:\windows\system32\actxprxy.dll
    - 2001-12-14 20:36 . 2001-08-18 12:00 64512 c:\windows\system32\acctres.dll
    + 2002-08-29 15:06 . 2002-08-29 15:06 64512 c:\windows\system32\acctres.dll
    + 2001-12-14 12:31 . 2004-08-04 06:51 68768 c:\windows\system\mmsystem.dll
    + 2001-12-14 20:36 . 2008-04-14 00:12 58434 c:\windows\srchasst\srchctls.dll
    + 2011-12-10 10:33 . 2008-04-14 00:12 32866 c:\windows\slrundll.exe
    + 2011-12-10 13:13 . 2008-04-14 00:11 82944 c:\windows\ServicePackFiles\ServicePackCache\i386\msgsc.dll
    + 2011-12-10 13:11 . 2008-04-14 00:11 33792 c:\windows\ServicePackFiles\ServicePackCache\i386\custsat.dll
    + 2011-12-10 13:17 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\xrxscnui.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\xolehlp.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\xmlprovi.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 30720 c:\windows\ServicePackFiles\i386\xcopy.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 91648 c:\windows\ServicePackFiles\i386\xactsrv.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 52736 c:\windows\ServicePackFiles\i386\wzcsapi.dll
    + 2011-12-10 10:28 . 2004-08-04 06:29 19455 c:\windows\ServicePackFiles\i386\wvchntxx.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 32256 c:\windows\ServicePackFiles\i386\wups.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 18432 c:\windows\ServicePackFiles\i386\wtsapi32.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\wstdecod.dll
    + 2011-12-10 10:28 . 2008-04-13 18:46 19200 c:\windows\ServicePackFiles\i386\wstcodec.sys
    + 2011-12-10 10:26 . 2008-04-14 00:12 22528 c:\windows\ServicePackFiles\i386\wsock32.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 41984 c:\windows\ServicePackFiles\i386\wsnmp32.dll
    + 2011-12-10 10:25 . 2004-08-04 06:29 12063 c:\windows\ServicePackFiles\i386\wsiintxx.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 19456 c:\windows\ServicePackFiles\i386\wshtcpip.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 11264 c:\windows\ServicePackFiles\i386\wshrm.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\wship6.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 90112 c:\windows\ServicePackFiles\i386\wshext.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 36864 c:\windows\ServicePackFiles\i386\wshcon.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 80896 c:\windows\ServicePackFiles\i386\wscsvc.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\wscntfy.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\ws2help.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 82432 c:\windows\ServicePackFiles\i386\ws2_32.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 11264 c:\windows\ServicePackFiles\i386\wpnpinst.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 32256 c:\windows\ServicePackFiles\i386\wpabaln.exe
    + 2011-12-10 10:24 . 2004-08-04 08:56 20480 c:\windows\ServicePackFiles\i386\wmpui.dll
    + 2011-12-10 10:28 . 2004-08-04 08:56 73728 c:\windows\ServicePackFiles\i386\wmplayer.exe
    + 2011-12-10 10:26 . 2004-08-04 08:56 20480 c:\windows\ServicePackFiles\i386\wmpcore.dll
    + 2011-12-10 10:27 . 2004-08-04 08:56 20480 c:\windows\ServicePackFiles\i386\wmpcd.dll
    + 2011-12-10 10:27 . 2004-08-04 08:56 98304 c:\windows\ServicePackFiles\i386\wmpband.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 95232 c:\windows\ServicePackFiles\i386\wmiutils.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 41472 c:\windows\ServicePackFiles\i386\wmipsess.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 62464 c:\windows\ServicePackFiles\i386\wmipjobj.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 61952 c:\windows\ServicePackFiles\i386\wmipiprt.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 60928 c:\windows\ServicePackFiles\i386\wmicookr.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 88576 c:\windows\ServicePackFiles\i386\wmiaprpl.dll
    + 2011-12-10 10:30 . 2004-08-04 08:56 23552 c:\windows\ServicePackFiles\i386\wmdmps.dll
    + 2011-12-10 10:31 . 2004-08-04 08:56 27136 c:\windows\ServicePackFiles\i386\wmdmlog.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 92672 c:\windows\ServicePackFiles\i386\wlnotify.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 69120 c:\windows\ServicePackFiles\i386\wlanapi.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 53760 c:\windows\ServicePackFiles\i386\winsta.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 17408 c:\windows\ServicePackFiles\i386\winshfhc.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 99328 c:\windows\ServicePackFiles\i386\winscard.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 16896 c:\windows\ServicePackFiles\i386\winrnr.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 32256 c:\windows\ServicePackFiles\i386\winipsec.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 75776 c:\windows\ServicePackFiles\i386\wiascr.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 65024 c:\windows\ServicePackFiles\i386\wextract.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 68096 c:\windows\ServicePackFiles\i386\webclnt.dll
    + 2011-12-10 10:27 . 2008-04-13 19:17 83072 c:\windows\ServicePackFiles\i386\wdmaud.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 23552 c:\windows\ServicePackFiles\i386\wdmaud.drv
    + 2011-12-10 10:29 . 2008-04-14 00:12 49152 c:\windows\ServicePackFiles\i386\wdigest.dll
    + 2011-12-10 10:30 . 2004-08-04 06:29 23615 c:\windows\ServicePackFiles\i386\wch7xxnt.sys
    + 2011-12-10 10:31 . 2008-04-13 18:45 31744 c:\windows\ServicePackFiles\i386\wceusbsh.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\wbemsvc.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\wbemprox.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 43008 c:\windows\ServicePackFiles\i386\wbemperf.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 71680 c:\windows\ServicePackFiles\i386\wbemcons.dll
    + 2011-12-10 10:30 . 2004-08-04 06:29 25471 c:\windows\ServicePackFiles\i386\watv10nt.sys
    + 2011-12-10 10:26 . 2004-08-04 06:29 22271 c:\windows\ServicePackFiles\i386\watv06nt.sys
    + 2011-12-10 10:31 . 2004-08-04 06:29 33599 c:\windows\ServicePackFiles\i386\watv04nt.sys
    + 2011-12-10 10:27 . 2004-08-04 06:29 19551 c:\windows\ServicePackFiles\i386\watv02nt.sys
     
    dispatch trophy,
    #19
  21. 2012/02/04
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    COMBOFIX CONTINUED


    + 2011-12-10 10:26 . 2004-08-04 06:29 29311 c:\windows\ServicePackFiles\i386\watv01nt.sys
    + 2011-12-10 10:24 . 2008-04-13 18:44 17664 c:\windows\ServicePackFiles\i386\watchdog.sys
    + 2011-12-10 10:28 . 2008-04-13 18:57 34560 c:\windows\ServicePackFiles\i386\wanarp.sys
    + 2011-12-10 10:24 . 2004-08-04 06:29 11935 c:\windows\ServicePackFiles\i386\wadv11nt.sys
    + 2011-12-10 10:32 . 2004-08-04 06:29 11871 c:\windows\ServicePackFiles\i386\wadv09nt.sys
    + 2011-12-10 10:30 . 2004-08-04 06:29 11295 c:\windows\ServicePackFiles\i386\wadv08nt.sys
    + 2011-12-10 10:28 . 2004-08-04 06:29 11807 c:\windows\ServicePackFiles\i386\wadv07nt.sys
    + 2011-12-10 10:25 . 2004-08-04 06:29 11775 c:\windows\ServicePackFiles\i386\wadv05nt.sys
    + 2011-12-10 10:28 . 2004-08-04 06:29 12127 c:\windows\ServicePackFiles\i386\wadv02nt.sys
    + 2011-12-10 10:27 . 2004-08-04 06:29 12415 c:\windows\ServicePackFiles\i386\wadv01nt.sys
    + 2011-12-10 10:25 . 2008-04-13 18:43 14208 c:\windows\ServicePackFiles\i386\wacompen.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 30208 c:\windows\ServicePackFiles\i386\wabmig.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 85504 c:\windows\ServicePackFiles\i386\wabimp.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 32768 c:\windows\ServicePackFiles\i386\wabfind.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 46080 c:\windows\ServicePackFiles\i386\wab.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 15872 c:\windows\ServicePackFiles\i386\w3ssl.dll
    + 2011-12-10 10:31 . 2008-04-13 18:41 52352 c:\windows\ServicePackFiles\i386\volsnap.sys
    + 2011-12-10 10:24 . 2008-04-13 18:44 81664 c:\windows\ServicePackFiles\i386\videoprt.sys
    + 2011-12-10 10:31 . 2008-04-13 18:36 42240 c:\windows\ServicePackFiles\i386\viaagp.sys
    + 2011-12-10 10:29 . 2008-04-13 18:44 20992 c:\windows\ServicePackFiles\i386\vga.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 53760 c:\windows\ServicePackFiles\i386\vfwwdm32.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\version.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\verifier.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 28672 c:\windows\ServicePackFiles\i386\verclsid.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 51712 c:\windows\ServicePackFiles\i386\vdmredir.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 26112 c:\windows\ServicePackFiles\i386\vdmdbg.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 11325 c:\windows\ServicePackFiles\i386\vchnt5.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 30749 c:\windows\ServicePackFiles\i386\vbajet32.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\utilman.exe
    + 2011-12-10 10:30 . 2008-04-14 00:12 26112 c:\windows\ServicePackFiles\i386\userinit.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 74240 c:\windows\ServicePackFiles\i386\usbui.dll
    + 2011-12-10 10:27 . 2008-04-13 18:45 20608 c:\windows\ServicePackFiles\i386\usbuhci.sys
    + 2011-12-10 10:25 . 2008-04-13 18:45 26368 c:\windows\ServicePackFiles\i386\usbstor.sys
    + 2011-12-10 10:30 . 2008-04-13 18:45 26112 c:\windows\ServicePackFiles\i386\usbser.sys
    + 2011-12-10 10:27 . 2008-04-13 18:45 15104 c:\windows\ServicePackFiles\i386\usbscan.sys
    + 2011-12-10 10:31 . 2008-04-13 18:47 25856 c:\windows\ServicePackFiles\i386\usbprint.sys
    + 2011-12-10 10:26 . 2008-04-13 18:45 17152 c:\windows\ServicePackFiles\i386\usbohci.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 16896 c:\windows\ServicePackFiles\i386\usbmon.dll
    + 2011-12-10 10:31 . 2008-04-13 18:45 15872 c:\windows\ServicePackFiles\i386\usbintel.sys
    + 2011-12-10 10:27 . 2008-04-13 18:45 59520 c:\windows\ServicePackFiles\i386\usbhub.sys
    + 2011-12-10 10:26 . 2008-04-13 18:45 30208 c:\windows\ServicePackFiles\i386\usbehci.sys
    + 2011-12-10 10:32 . 2008-04-13 18:45 32128 c:\windows\ServicePackFiles\i386\usbccgp.sys
    + 2011-12-10 13:16 . 2008-04-13 18:45 25728 c:\windows\ServicePackFiles\i386\usbcamd2.sys
    + 2011-12-10 13:16 . 2008-04-13 18:45 25600 c:\windows\ServicePackFiles\i386\usbcamd.sys
    + 2011-12-10 10:26 . 2008-04-13 18:45 60032 c:\windows\ServicePackFiles\i386\usbaudio.sys
    + 2011-12-10 10:24 . 2008-04-13 18:56 12800 c:\windows\ServicePackFiles\i386\usb8023x.sys
    + 2011-12-10 10:30 . 2008-04-13 18:56 12800 c:\windows\ServicePackFiles\i386\usb8023.sys
    + 2011-12-10 10:27 . 2004-08-04 06:31 32384 c:\windows\ServicePackFiles\i386\usb101et.sys
    + 2011-12-10 10:30 . 2008-04-14 00:12 37888 c:\windows\ServicePackFiles\i386\url.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 18432 c:\windows\ServicePackFiles\i386\ups.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 16896 c:\windows\ServicePackFiles\i386\upnpcont.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\uniplat.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 74240 c:\windows\ServicePackFiles\i386\unimdmat.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 35840 c:\windows\ServicePackFiles\i386\umandlg.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\udhisapi.dll
    + 2011-12-10 10:26 . 2008-04-13 18:32 66048 c:\windows\ServicePackFiles\i386\udfs.sys
    + 2011-12-10 10:25 . 2008-04-13 18:36 44672 c:\windows\ServicePackFiles\i386\uagp35.sys
    + 2011-12-10 13:16 . 2008-04-14 00:12 60416 c:\windows\ServicePackFiles\i386\tzchange.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 57856 c:\windows\ServicePackFiles\i386\twext.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\twain_32.dll
    + 2011-12-10 10:31 . 2008-04-13 18:56 12288 c:\windows\ServicePackFiles\i386\tunmp.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 16384 c:\windows\ServicePackFiles\i386\ttyui.dll
    + 2011-12-10 10:25 . 2007-04-02 15:31 39936 c:\windows\ServicePackFiles\i386\ttyres.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\tspkg.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 53248 c:\windows\ServicePackFiles\i386\tsgqec.dll
    + 2011-12-10 10:30 . 2008-04-14 00:13 12168 c:\windows\ServicePackFiles\i386\tsddd.dll
    + 2011-12-10 10:29 . 2004-08-04 06:59 44544 c:\windows\ServicePackFiles\i386\tscupgrd.exe
    + 2011-12-10 13:16 . 2008-04-14 00:11 25600 c:\windows\ServicePackFiles\i386\tscupdc.dll
    + 2011-12-10 13:16 . 2007-10-30 10:06 13801 c:\windows\ServicePackFiles\i386\tscuinst.vbs
    + 2011-12-10 13:16 . 2007-12-12 10:33 18917 c:\windows\ServicePackFiles\i386\tscinst.vbs
    + 2011-12-10 10:31 . 2008-04-14 00:12 93696 c:\windows\ServicePackFiles\i386\tscfgwmi.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 90112 c:\windows\ServicePackFiles\i386\trkwks.dll
    + 2011-12-10 13:16 . 2008-04-14 00:12 12800 c:\windows\ServicePackFiles\i386\tree.com
    + 2011-12-10 10:28 . 2008-04-14 00:12 12288 c:\windows\ServicePackFiles\i386\tracert.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 82944 c:\windows\ServicePackFiles\i386\tp4mon.exe
    + 2011-12-10 10:28 . 2008-04-14 00:13 40840 c:\windows\ServicePackFiles\i386\termdd.sys
    + 2004-08-04 08:56 . 2008-04-14 00:12 75776 c:\windows\ServicePackFiles\i386\telnet.exe
    + 2011-12-10 10:29 . 2008-04-14 00:13 21896 c:\windows\ServicePackFiles\i386\tdtcp.sys
    + 2011-12-10 10:27 . 2008-04-14 00:13 12040 c:\windows\ServicePackFiles\i386\tdpipe.sys
    + 2011-12-10 10:29 . 2008-04-13 19:00 19072 c:\windows\ServicePackFiles\i386\tdi.sys
    + 2004-08-04 08:56 . 2007-04-02 16:36 16384 c:\windows\ServicePackFiles\i386\tcptsat.dll
    + 2004-08-04 08:56 . 2008-04-14 00:12 32827 c:\windows\ServicePackFiles\i386\tcptest.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 45568 c:\windows\ServicePackFiles\i386\tcpmonui.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 45568 c:\windows\ServicePackFiles\i386\tcpmon.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 14848 c:\windows\ServicePackFiles\i386\tcpmib.dll
    + 2011-12-10 10:25 . 2008-04-13 18:40 14976 c:\windows\ServicePackFiles\i386\tape.sys
    + 2011-12-10 10:30 . 2008-04-13 19:15 60800 c:\windows\ServicePackFiles\i386\sysaudio.sys
    + 2011-12-10 10:32 . 2008-04-14 00:12 57856 c:\windows\ServicePackFiles\i386\synceng.dll
    + 2011-12-10 13:15 . 2008-04-13 18:45 56576 c:\windows\ServicePackFiles\i386\swmidi.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\svchost.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 65601 c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 16449 c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 75776 c:\windows\ServicePackFiles\i386\strmfilt.dll
    + 2011-12-10 10:28 . 2008-04-13 18:46 15232 c:\windows\ServicePackFiles\i386\streamip.sys
    + 2011-12-10 10:31 . 2008-04-13 18:45 49408 c:\windows\ServicePackFiles\i386\stream.sys
    + 2011-12-10 10:26 . 2008-04-14 00:12 74752 c:\windows\ServicePackFiles\i386\storprop.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 14848 c:\windows\ServicePackFiles\i386\stimon.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 68096 c:\windows\ServicePackFiles\i386\sti.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 86528 c:\windows\ServicePackFiles\i386\stdprov.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 59392 c:\windows\ServicePackFiles\i386\stclient.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\startoc.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 33280 c:\windows\ServicePackFiles\i386\sstub.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\ssstars.scr
    + 2011-12-10 10:26 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\ssmyst.scr
    + 2011-12-10 10:27 . 2008-04-14 00:12 47104 c:\windows\ServicePackFiles\i386\ssmypics.scr
    + 2011-12-10 10:29 . 2008-04-14 00:12 20992 c:\windows\ServicePackFiles\i386\ssmarque.scr
    + 2011-12-10 10:30 . 2008-04-14 00:12 71680 c:\windows\ServicePackFiles\i386\ssdpsrv.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 34816 c:\windows\ServicePackFiles\i386\ssdpapi.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\ssbezier.scr
    + 2011-12-10 10:30 . 2008-04-14 00:12 96768 c:\windows\ServicePackFiles\i386\srvsvc.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\srclient.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 58434 c:\windows\ServicePackFiles\i386\srchctls.dll
    + 2011-12-10 10:26 . 2008-04-13 18:36 73472 c:\windows\ServicePackFiles\i386\sr.sys
    + 2004-08-04 08:56 . 2008-04-14 00:12 20992 c:\windows\ServicePackFiles\i386\spupdwxp.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 57856 c:\windows\ServicePackFiles\i386\spoolsv.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 75264 c:\windows\ServicePackFiles\i386\spoolss.dll
    + 2004-08-04 08:56 . 2008-04-14 13:42 11264 c:\windows\ServicePackFiles\i386\spnpinst.exe
    + 2011-12-10 10:25 . 2008-04-13 16:43 62976 c:\windows\ServicePackFiles\i386\spgrmr.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 24576 c:\windows\ServicePackFiles\i386\sort.exe
    + 2011-12-10 10:26 . 2008-04-13 18:46 25344 c:\windows\ServicePackFiles\i386\sonydcam.sys
    + 2011-12-10 10:24 . 2008-04-14 00:12 39936 c:\windows\ServicePackFiles\i386\snmpthrd.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\snmpapi.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 33280 c:\windows\ServicePackFiles\i386\snmp.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 34816 c:\windows\ServicePackFiles\i386\sniffpol.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50688 c:\windows\ServicePackFiles\i386\smss.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 89600 c:\windows\ServicePackFiles\i386\smlogsvc.exe
    + 2011-12-10 10:30 . 2008-04-13 18:36 16000 c:\windows\ServicePackFiles\i386\smbbatt.sys
    + 2011-12-10 10:24 . 2004-08-04 06:41 13240 c:\windows\ServicePackFiles\i386\slwdmsup.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 73796 c:\windows\ServicePackFiles\i386\slserv.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 32866 c:\windows\ServicePackFiles\i386\slrundll.exe
    + 2011-12-10 10:28 . 2004-08-04 06:41 95424 c:\windows\ServicePackFiles\i386\slnthal.sys
    + 2011-12-10 10:28 . 2008-04-13 18:46 11136 c:\windows\ServicePackFiles\i386\slip.sys
    + 2011-12-10 10:32 . 2008-04-14 00:12 73832 c:\windows\ServicePackFiles\i386\slcoinst.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 98304 c:\windows\ServicePackFiles\i386\slbiop.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 25088 c:\windows\ServicePackFiles\i386\slayerxp.dll
    + 2011-12-10 10:30 . 2004-08-04 06:31 63547 c:\windows\ServicePackFiles\i386\sla30nd5.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 26112 c:\windows\ServicePackFiles\i386\skeys.exe
    + 2011-12-10 10:25 . 2004-08-04 06:31 32768 c:\windows\ServicePackFiles\i386\sisnic.sys
    + 2011-12-10 10:29 . 2008-04-13 18:36 40960 c:\windows\ServicePackFiles\i386\sisagp.sys
    + 2011-12-10 10:30 . 2008-04-14 00:12 70144 c:\windows\ServicePackFiles\i386\sigverif.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 13312 c:\windows\ServicePackFiles\i386\sigtab.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 19456 c:\windows\ServicePackFiles\i386\shutdown.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 16437 c:\windows\ServicePackFiles\i386\shtml.exe
    + 2004-08-04 08:56 . 2008-04-14 00:12 20536 c:\windows\ServicePackFiles\i386\shtml.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\shscrap.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 77824 c:\windows\ServicePackFiles\i386\shrpubw.exe
    + 2011-12-10 10:30 . 2008-04-14 00:12 45056 c:\windows\ServicePackFiles\i386\shmgrate.exe
    + 2011-12-10 10:27 . 2008-04-14 00:12 65024 c:\windows\ServicePackFiles\i386\shimeng.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 68096 c:\windows\ServicePackFiles\i386\shgina.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 25088 c:\windows\ServicePackFiles\i386\shfolder.dll
    + 2011-12-10 10:26 . 2008-04-13 18:40 11392 c:\windows\ServicePackFiles\i386\sfloppy.sys
    + 2011-12-10 10:27 . 2008-04-13 18:40 11008 c:\windows\ServicePackFiles\i386\sffp_sd.sys
    + 2011-12-10 13:15 . 2008-04-13 18:40 10240 c:\windows\ServicePackFiles\i386\sffp_mmc.sys
    + 2011-12-10 10:27 . 2008-04-13 18:40 11904 c:\windows\ServicePackFiles\i386\sffdisk.sys
    + 2011-12-10 13:15 . 2008-04-14 00:12 32768 c:\windows\ServicePackFiles\i386\setupn.exe
    + 2011-12-10 10:27 . 2008-04-14 00:12 73216 c:\windows\ServicePackFiles\i386\setup50.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 23040 c:\windows\ServicePackFiles\i386\setup.exe
    + 2011-12-10 10:27 . 2008-04-14 00:12 31232 c:\windows\ServicePackFiles\i386\sethc.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 56320 c:\windows\ServicePackFiles\i386\servdeps.dll
    + 2011-12-10 10:26 . 2008-04-13 19:15 64512 c:\windows\ServicePackFiles\i386\serial.sys
    + 2011-12-10 10:26 . 2008-04-13 18:40 15744 c:\windows\ServicePackFiles\i386\serenum.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 39424 c:\windows\ServicePackFiles\i386\sens.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 54784 c:\windows\ServicePackFiles\i386\sendmail.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 29184 c:\windows\ServicePackFiles\i386\sendcmsg.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 56320 c:\windows\ServicePackFiles\i386\secur32.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\seclogon.dll
    + 2011-12-10 10:26 . 2008-04-13 16:39 20480 c:\windows\ServicePackFiles\i386\secdrv.sys
    + 2011-12-10 10:24 . 2008-04-14 00:12 29184 c:\windows\ServicePackFiles\i386\sdhcinst.dll
    + 2011-12-10 10:30 . 2008-04-13 18:36 79232 c:\windows\ServicePackFiles\i386\sdbus.sys
    + 2011-12-10 10:26 . 2008-04-14 00:12 77312 c:\windows\ServicePackFiles\i386\sdbinst.exe
    + 2011-12-10 13:15 . 2008-04-13 18:45 11520 c:\windows\ServicePackFiles\i386\scsiscan.sys
    + 2011-12-10 10:29 . 2008-04-13 18:40 96384 c:\windows\ServicePackFiles\i386\scsiport.sys
    + 2011-12-10 10:28 . 2008-04-14 00:12 36352 c:\windows\ServicePackFiles\i386\scrcons.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 20480 c:\windows\ServicePackFiles\i386\sclgntfy.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 95744 c:\windows\ServicePackFiles\i386\scardsvr.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 69632 c:\windows\ServicePackFiles\i386\scarddlg.dll
    + 2011-12-10 10:29 . 2008-04-13 18:40 43904 c:\windows\ServicePackFiles\i386\sbp2port.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 13312 c:\windows\ServicePackFiles\i386\savedump.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 64000 c:\windows\ServicePackFiles\i386\samlib.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 45568 c:\windows\ServicePackFiles\i386\safrslv.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 29696 c:\windows\ServicePackFiles\i386\safrdm.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\safrcdlg.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 29696 c:\windows\ServicePackFiles\i386\rw450ext.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\rw430ext.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 29184 c:\windows\ServicePackFiles\i386\rw330ext.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\rw001ext.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 14336 c:\windows\ServicePackFiles\i386\runonce.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 33280 c:\windows\ServicePackFiles\i386\rundll32.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 44032 c:\windows\ServicePackFiles\i386\rtutils.dll
    + 2011-12-10 10:28 . 2004-08-04 06:31 20992 c:\windows\ServicePackFiles\i386\rtl8139.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 31744 c:\windows\ServicePackFiles\i386\rtipxmib.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 77312 c:\windows\ServicePackFiles\i386\rtcshare.exe
    + 2011-12-10 13:15 . 2008-04-14 00:12 92672 c:\windows\ServicePackFiles\i386\rsvpsp.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\rsmps.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 39936 c:\windows\ServicePackFiles\i386\rshx32.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 14848 c:\windows\ServicePackFiles\i386\rsh.exe
    + 2011-12-10 10:32 . 2008-04-14 00:12 61440 c:\windows\ServicePackFiles\i386\rrcm.dll
    + 2011-12-10 10:26 . 2008-04-13 18:40 79104 c:\windows\ServicePackFiles\i386\rocket.sys
    + 2011-12-10 10:29 . 2008-04-13 18:56 30592 c:\windows\ServicePackFiles\i386\rndismpx.sys
    + 2011-12-10 10:27 . 2008-04-13 18:56 30592 c:\windows\ServicePackFiles\i386\rndismp.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\riafui2.dll
    + 2011-12-10 10:32 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\riafui1.dll
    + 2011-12-10 10:24 . 2008-04-13 18:46 59136 c:\windows\ServicePackFiles\i386\rfcomm.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\rexec.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 58880 c:\windows\ServicePackFiles\i386\resutils.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 60416 c:\windows\ServicePackFiles\i386\remotepg.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 11776 c:\windows\ServicePackFiles\i386\regsvr32.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 59904 c:\windows\ServicePackFiles\i386\regsvc.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 49664 c:\windows\ServicePackFiles\i386\regapi.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\reg.exe
    + 2011-12-10 10:31 . 2008-04-13 18:40 57600 c:\windows\ServicePackFiles\i386\redbook.sys
    + 2011-12-10 10:27 . 2004-08-04 06:41 13776 c:\windows\ServicePackFiles\i386\recagent.sys
    + 2011-12-10 10:32 . 2008-04-14 00:12 67072 c:\windows\ServicePackFiles\i386\rdshost.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 13824 c:\windows\ServicePackFiles\i386\rdsaddin.exe
    + 2011-12-10 10:30 . 2008-04-14 00:13 87176 c:\windows\ServicePackFiles\i386\rdpwsx.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\rdpsnd.dll
    + 2011-12-10 10:31 . 2008-04-14 00:13 92424 c:\windows\ServicePackFiles\i386\rdpdd.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 62976 c:\windows\ServicePackFiles\i386\rdpclip.exe
    + 2011-12-10 10:30 . 2008-04-14 00:12 21504 c:\windows\ServicePackFiles\i386\rcp.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 35840 c:\windows\ServicePackFiles\i386\rcimlby.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 58368 c:\windows\ServicePackFiles\i386\rastapi.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 16384 c:\windows\ServicePackFiles\i386\rassapi.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 61952 c:\windows\ServicePackFiles\i386\rasqec.dll
    + 2011-12-10 10:31 . 2008-04-13 19:19 48384 c:\windows\ServicePackFiles\i386\raspptp.sys
    + 2011-12-10 10:28 . 2008-04-13 18:57 41472 c:\windows\ServicePackFiles\i386\raspppoe.sys
    + 2011-12-10 10:24 . 2008-04-14 00:12 56832 c:\windows\ServicePackFiles\i386\rasphone.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 61440 c:\windows\ServicePackFiles\i386\rasman.dll
    + 2011-12-10 10:28 . 2008-04-13 19:19 51328 c:\windows\ServicePackFiles\i386\rasl2tp.sys
    + 2011-12-10 10:28 . 2008-04-14 00:12 79872 c:\windows\ServicePackFiles\i386\raschap.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 88576 c:\windows\ServicePackFiles\i386\rasauto.dll
    + 2011-12-10 10:29 . 2008-04-13 18:41 20736 c:\windows\ServicePackFiles\i386\ramdisk.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\racpldlg.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 76800 c:\windows\ServicePackFiles\i386\qutil.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 19968 c:\windows\ServicePackFiles\i386\qprocess.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 18944 c:\windows\ServicePackFiles\i386\qmgrprxy.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 62464 c:\windows\ServicePackFiles\i386\qcliprov.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 34304 c:\windows\ServicePackFiles\i386\pstorsvc.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 43520 c:\windows\ServicePackFiles\i386\pstorec.dll
    + 2011-12-10 10:24 . 2008-04-13 18:56 69120 c:\windows\ServicePackFiles\i386\psched.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 96768 c:\windows\ServicePackFiles\i386\psbase.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 23040 c:\windows\ServicePackFiles\i386\psapi.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 50176 c:\windows\ServicePackFiles\i386\proquota.exe
    + 2011-12-10 10:26 . 2008-04-14 00:12 27648 c:\windows\ServicePackFiles\i386\profmap.dll
    + 2011-12-10 10:29 . 2008-04-13 18:31 35840 c:\windows\ServicePackFiles\i386\processr.sys
    + 2011-12-10 10:32 . 2008-04-13 18:41 17664 c:\windows\ServicePackFiles\i386\ppa3.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 17408 c:\windows\ServicePackFiles\i386\powrprof.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 49152 c:\windows\ServicePackFiles\i386\powercfg.exe
    + 2011-12-10 10:31 . 2008-04-14 00:12 58880 c:\windows\ServicePackFiles\i386\pnrpnsp.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 39424 c:\windows\ServicePackFiles\i386\pngfilt.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 52736 c:\windows\ServicePackFiles\i386\plotui.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 44544 c:\windows\ServicePackFiles\i386\plotter.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 15360 c:\windows\ServicePackFiles\i386\pjlmon.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 17920 c:\windows\ServicePackFiles\i386\ping.exe
    + 2004-08-04 07:04 . 2008-04-13 18:35 24064 c:\windows\ServicePackFiles\i386\pidgen.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 35328 c:\windows\ServicePackFiles\i386\pid.dll
    + 2011-12-10 10:26 . 2008-04-13 18:44 28032 c:\windows\ServicePackFiles\i386\perm3.sys
    + 2011-12-10 10:30 . 2008-04-13 18:44 27904 c:\windows\ServicePackFiles\i386\perm2.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 34816 c:\windows\ServicePackFiles\i386\perfproc.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 25088 c:\windows\ServicePackFiles\i386\perfos.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 17920 c:\windows\ServicePackFiles\i386\perfnet.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 15872 c:\windows\ServicePackFiles\i386\perfmon.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 26624 c:\windows\ServicePackFiles\i386\perfdisk.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 39936 c:\windows\ServicePackFiles\i386\perfctrs.dll
    + 2011-12-10 10:28 . 2008-04-13 18:40 24960 c:\windows\ServicePackFiles\i386\pciidex.sys
    + 2011-12-10 10:27 . 2008-04-13 18:36 68224 c:\windows\ServicePackFiles\i386\pci.sys
    + 2011-12-10 10:25 . 2008-04-14 00:12 38400 c:\windows\ServicePackFiles\i386\pchsvc.dll
    + 2011-12-10 10:31 . 2004-08-04 06:31 29502 c:\windows\ServicePackFiles\i386\pca200e.sys
    + 2011-12-10 10:29 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\pautoenr.dll
    + 2011-12-10 13:15 . 2008-04-13 18:40 19712 c:\windows\ServicePackFiles\i386\partmgr.sys
    + 2011-12-10 10:26 . 2008-04-13 18:40 80128 c:\windows\ServicePackFiles\i386\parport.sys
    + 2011-12-10 10:29 . 2008-04-14 00:12 58368 c:\windows\ServicePackFiles\i386\packager.exe
    + 2011-12-10 10:26 . 2008-04-13 18:31 42752 c:\windows\ServicePackFiles\i386\p3.sys
    + 2011-12-10 10:31 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\osuninst.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 51200 c:\windows\ServicePackFiles\i386\oobebaln.exe
    + 2011-12-10 10:25 . 2008-04-14 00:12 84992 c:\windows\ServicePackFiles\i386\olepro32.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 65536 c:\windows\ServicePackFiles\i386\oledb32r.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 37376 c:\windows\ServicePackFiles\i386\olecnv32.dll
    + 2011-12-10 13:15 . 2008-04-14 00:12 74752 c:\windows\ServicePackFiles\i386\olecli32.dll
    + 2011-12-10 10:26 . 2008-04-13 18:46 61696 c:\windows\ServicePackFiles\i386\ohci1394.sys
    + 2011-12-10 10:27 . 2008-04-14 00:12 35328 c:\windows\ServicePackFiles\i386\oemiglib.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 60416 c:\windows\ServicePackFiles\i386\oemig50.exe
    + 2011-12-10 10:29 . 2008-04-14 00:12 20511 c:\windows\ServicePackFiles\i386\odtext32.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 20510 c:\windows\ServicePackFiles\i386\odpdx32.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 20510 c:\windows\ServicePackFiles\i386\odfox32.dll
    + 2011-12-10 10:26 . 2008-04-14 00:12 20510 c:\windows\ServicePackFiles\i386\odexl32.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 20511 c:\windows\ServicePackFiles\i386\oddbse32.dll
    + 2011-12-10 10:30 . 2008-04-13 17:26 12288 c:\windows\ServicePackFiles\i386\odbcp32r.dll
    + 2011-12-10 10:24 . 2008-04-14 00:10 53279 c:\windows\ServicePackFiles\i386\odbcji32.dll
    + 2011-12-10 10:27 . 2008-04-13 17:26 94208 c:\windows\ServicePackFiles\i386\odbcint.dll
    + 2011-12-10 10:29 . 2008-04-14 00:12 65536 c:\windows\ServicePackFiles\i386\odbccu32.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 65536 c:\windows\ServicePackFiles\i386\odbccr32.dll
    + 2011-12-10 10:28 . 2008-04-14 00:12 69632 c:\windows\ServicePackFiles\i386\odbcconf.exe
    + 2011-12-10 10:24 . 2008-04-14 00:12 24576 c:\windows\ServicePackFiles\i386\odbcbcp.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 32768 c:\windows\ServicePackFiles\i386\odbcad32.exe
    + 2011-12-10 10:28 . 2008-04-14 00:12 16384 c:\windows\ServicePackFiles\i386\odbc32gt.dll
    + 2011-12-10 10:32 . 2004-07-17 19:36 26224 c:\windows\ServicePackFiles\i386\odbc16gt.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 17408 c:\windows\ServicePackFiles\i386\ocmsn.dll
    + 2011-12-10 13:14 . 2008-04-14 00:12 67584 c:\windows\ServicePackFiles\i386\ocmanage.dll
    + 2011-12-10 10:30 . 2008-04-14 00:12 15360 c:\windows\ServicePackFiles\i386\ocgen.dll
    + 2011-12-10 10:24 . 2008-04-14 00:12 96256 c:\windows\ServicePackFiles\i386\occache.dll
    + 2011-12-10 13:14 . 2008-04-14 00:10 86016 c:\windows\ServicePackFiles\i386\obepopc.dll
    + 2011-12-10 13:14 . 2007-04-02 18:44 77824 c:\windows\ServicePackFiles\i386\obemtllc.dll
    + 2011-12-10 10:30 . 2008-04-13 18:56 88320 c:\windows\ServicePackFiles\i386\nwlnkipx.sys
    + 2011-12-10 13:14 . 2008-04-14 00:12 15360 c:\windows\ServicePackFiles\i386\ntvdmd.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 91136 c:\windows\ServicePackFiles\i386\ntprint.dll
    + 2011-12-10 10:27 . 2008-04-14 00:12 62976 c:\windows\ServicePackFiles\i386\ntoc.dll
    + 2011-12-10 10:25 . 2008-04-14 00:12 40960 c:\windows\ServicePackFiles\i386\ntmsapi.dll
    + 2011-12-10 10:31 . 2008-04-14 00:12 44032 c:\windows\ServicePackFiles\i386\ntlanman.dll
    + 2011-12-10 10:31 . 2004-08-04 06:45 34560 c:\windows\ServicePackFiles\i386\ntio804.sys
    + 2011-12-10 10:29 . 2004-08-04 06:45 35424 c:\windows\ServicePackFiles\i386\ntio412.sys
    + 2011-12-10 10:25 . 2004-08-04 06:45 35648 c:\windows\ServicePackFiles\i386\ntio411.sys
    + 2011-12-10 10:25 . 2004-08-04 06:45 34560 c:\windows\ServicePackFiles\i386\ntio404.sys
    + 2011-12-10 10:25 . 2004-08-04 06:45 33840
     
    dispatch trophy,
    #20
Page 1 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...