Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please Help Machine infected HJT, OTL and Combo Fix logs below

Started by needtogethelp , Apr 09 2011 01:45 PM

  • Please log in to reply

#1
needtogethelp
Posted 09 April 2011 - 01:45 PM

needtogethelp

    New Member

  • Member
  • Pip
  • 1 posts
I will be watching this post until someone answers.....I haven't posted this anywhere else like others.. PLZ help.

I had AVG Free edition running and when I booted this morning as soon as it loaded AVG found a threat named explorer3.exe . I told avg to 'move to vault' as remove was not an optioin and malware commonly hijacks explorer.exe... after that AVG said it had to reboot so i obliged. When it booted back up the start bar and all my desktop icons would not load (screen just had the background), so I pulled up the task manager, ended the explorer.exe running and ran it again from the new-task-run menu on the task manager. This loaded a floating window with the tree on the left side(as if I had clicked windows explorer) but my start bar & desktop items wouldn't return. So I tried to run HJT but when I did it kicked up an error saying it could not run 'error 13'. From there I loaded services.msc from the new-task-run menu on the task manager and looked through to see if I could see any blatant illicit services, but there was none. So I downloaded Combo Fix from bleeping computer, uninstalled AVG and ran combo fix. I now have my start bar and icons back but HJT still throws up errors. As well when I run 'netsh firewall show state' ports are open that I can't explain. I've listed the combo fix log directly below so you can see what it removed. Can you suggest to me what options to run in OTL and can you look over the output for what ever you suggest...I have limited knowledge of malware these days.

Combo Fix Log
ComboFix 11-04-08.03 - w0rldsfallen 09/04/2011 13:08:34.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3031.2531 [GMT -6:00]
Running from: c:\documents and settings\w0rldsfallen\My Documents\Downloads\kjhsfdgakjhfsg.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\~DFK33f45d8.tmp
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\1eaadjc.dll
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\bass.dll
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\kfgresk.dll
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\mjcriu.dll
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\peaadje.dll
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\qwadjb.dll
c:\documents and settings\w0rldsfallen\Application Data\Microsoft\rsaadjd.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-03-09 to 2011-04-09 )))))))))))))))))))))))))))))))
.
.
2011-04-02 17:12 . 2011-04-02 19:25 -------- d-----w- c:\documents and settings\w0rldsfallen\Application Data\AVG
2011-04-02 17:04 . 2011-04-03 01:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2011-03-24 14:12 . 2011-04-08 01:10 -------- d-----w- c:\documents and settings\w0rldsfallen\Application Data\X-Chat 2
2011-03-24 14:12 . 2011-03-24 14:12 -------- d-----w- c:\program files\xchat
2011-03-24 14:05 . 2011-03-24 14:10 -------- d-----w- c:\documents and settings\w0rldsfallen\Application Data\mIRC
2011-03-24 13:53 . 2011-03-31 18:05 -------- d-----w- c:\program files\Mp3 My Mp3 3.1
2011-03-24 12:05 . 2008-04-14 11:42 1033728 ----a-w- c:\windows\explorer2.exe
2011-03-17 06:14 . 2011-03-17 06:14 -------- d-----w- c:\program files\iPod
2011-03-17 06:14 . 2011-03-17 06:14 -------- d-----w- c:\program files\iTunes
2011-03-12 18:28 . 2011-03-12 18:28 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 22:36 . 2010-04-25 19:34 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 22:36 . 2010-04-25 19:34 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-16 01:49 . 2011-02-16 01:49 98304 ----a-r- c:\documents and settings\w0rldsfallen\Application Data\Microsoft\Installer\{32939827-D8E5-470A-B126-870DB3C69FDF}\python_icon.exe
2011-02-09 13:53 . 2004-08-04 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-03 04:40 . 2010-08-13 15:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-03 02:19 . 2010-08-13 15:03 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2010-04-14 03:15 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-02-01 10:47 . 2011-02-01 10:47 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-01-28 06:46 . 2011-01-28 06:46 2 --shatr- c:\windows\winstart.bat
2011-01-27 11:57 . 2010-04-14 03:15 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 05:49 . 2011-01-25 05:49 112832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2011-01-21 14:44 . 2004-08-04 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-01-30_09.05.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-29 13:07 . 2008-07-29 13:07 80896 c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfcm90ud.dll
+ 2008-07-29 13:07 . 2008-07-29 13:07 80896 c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfcm90d.dll
+ 2011-04-09 19:03 . 2011-04-09 19:03 16384 c:\windows\Temp\Perflib_Perfdata_8a4.dat
+ 2011-04-09 19:03 . 2011-04-09 19:03 16384 c:\windows\Temp\Perflib_Perfdata_740.dat
+ 2011-02-07 01:00 . 2010-03-25 16:52 79872 c:\windows\system32\spool\drivers\w32x86\3\hppccompio.dll
+ 2011-02-07 01:00 . 2009-02-26 02:52 49152 c:\windows\system32\spool\drivers\w32x86\3\hppccdvq32.dll
+ 2011-02-07 01:00 . 2010-01-20 18:30 20480 c:\windows\system32\spool\drivers\w32x86\3\cioum.dll
+ 2011-02-07 01:01 . 2005-05-21 00:11 20992 c:\windows\system32\spool\drivers\BIDI\HPBOID.DLL
- 2010-07-20 16:29 . 2007-11-30 12:39 17272 c:\windows\system32\spmsg.dll
+ 2010-07-20 16:29 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-04 12:00 . 2011-03-14 20:21 79264 c:\windows\system32\perfc009.dat
+ 2007-08-14 00:54 . 2010-12-20 23:08 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-14 00:54 . 2010-11-06 00:34 52224 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 27648 c:\windows\system32\jsproxy.dll
+ 2007-08-14 00:39 . 2010-12-20 12:54 13824 c:\windows\system32\ieudinit.exe
- 2007-08-14 00:39 . 2010-11-03 12:24 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-04 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\iernonce.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\iernonce.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 78336 c:\windows\system32\ieencode.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 78336 c:\windows\system32\ieencode.dll
+ 2004-08-04 12:00 . 2010-12-20 12:54 70656 c:\windows\system32\ie4uinit.exe
- 2004-08-04 12:00 . 2010-11-03 12:24 70656 c:\windows\system32\ie4uinit.exe
- 2007-08-14 00:36 . 2010-11-06 00:34 63488 c:\windows\system32\icardie.dll
+ 2007-08-14 00:36 . 2010-12-20 23:08 63488 c:\windows\system32\icardie.dll
+ 2010-01-18 19:28 . 2010-01-18 19:28 20480 c:\windows\system32\hpzisn12.dll
+ 2010-01-18 19:28 . 2010-01-18 19:28 29696 c:\windows\system32\hpzipt12.dll
+ 2010-01-18 19:28 . 2010-01-18 19:28 33792 c:\windows\system32\HPZipr12.dll
+ 2010-01-18 19:28 . 2010-01-18 19:28 53760 c:\windows\system32\HPZipm12.dll
+ 2010-01-18 19:28 . 2010-01-18 19:28 44032 c:\windows\system32\HPZinw12.dll
+ 2010-01-18 19:28 . 2010-01-18 19:28 49152 c:\windows\system32\HPZidr12.dll
+ 2010-01-19 22:10 . 2010-01-19 22:10 63488 c:\windows\system32\HPBWSDR.DLL
+ 2010-01-19 22:18 . 2010-01-19 22:18 41472 c:\windows\system32\hpbpro.dll
+ 2010-01-19 22:18 . 2010-01-19 22:18 25600 c:\windows\system32\hpboid.dll
+ 2010-01-19 22:18 . 2010-01-19 22:18 24576 c:\windows\system32\hpbmiapi.dll
+ 2011-03-17 06:12 . 2011-02-18 22:36 41984 c:\windows\system32\DRVSTORE\usbaapl_05A32DBD3911A2EF4222EF5BE7BB535FAB37D6C4\usbaapl.sys
+ 2011-02-01 10:48 . 2010-12-03 09:05 64288 c:\windows\system32\DRVSTORE\lbd_9C578CA880A99903668A8694DEFB21244E9C4C62\Lbd.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 36736 c:\windows\system32\drivers\ultra.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 32640 c:\windows\system32\drivers\symc8xx.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 16256 c:\windows\system32\drivers\symc810.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 30688 c:\windows\system32\drivers\sym_u3.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 28384 c:\windows\system32\drivers\sym_hi.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 19072 c:\windows\system32\drivers\sparrow.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 49024 c:\windows\system32\drivers\ql1280.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 40448 c:\windows\system32\drivers\ql1240.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 45312 c:\windows\system32\drivers\ql12160.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 33152 c:\windows\system32\drivers\ql10wnt.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 40320 c:\windows\system32\drivers\ql1080.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 27296 c:\windows\system32\drivers\perc2.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 17280 c:\windows\system32\drivers\mraid35x.sys
+ 2011-01-30 13:44 . 2008-04-14 07:10 34688 c:\windows\system32\drivers\lbrtfdc.sys
+ 2011-02-01 10:48 . 2010-12-03 09:05 64288 c:\windows\system32\drivers\Lbd.sys
+ 2011-01-30 13:44 . 2001-08-17 20:47 13056 c:\windows\system32\drivers\inport.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 16000 c:\windows\system32\drivers\ini910u.sys
+ 2011-01-30 13:44 . 2008-04-14 07:11 18560 c:\windows\system32\drivers\i2omp.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 25952 c:\windows\system32\drivers\hpn.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 20192 c:\windows\system32\drivers\dpti2o.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 14720 c:\windows\system32\drivers\dac960nt.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 14976 c:\windows\system32\drivers\cpqarray.sys
+ 2011-01-30 13:44 . 2008-04-14 07:06 14208 c:\windows\system32\drivers\battc.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 14848 c:\windows\system32\drivers\asc3550.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 22400 c:\windows\system32\drivers\asc3350p.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 26496 c:\windows\system32\drivers\asc.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 12032 c:\windows\system32\drivers\amsint.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 56960 c:\windows\system32\drivers\aic78xx.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 55168 c:\windows\system32\drivers\aic78u2.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 12800 c:\windows\system32\drivers\aha154x.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 23552 c:\windows\system32\drivers\abp480n5.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 36736 c:\windows\system32\dllcache\ultra.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 32640 c:\windows\system32\dllcache\symc8xx.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 16256 c:\windows\system32\dllcache\symc810.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 30688 c:\windows\system32\dllcache\sym_u3.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 28384 c:\windows\system32\dllcache\sym_hi.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 19072 c:\windows\system32\dllcache\sparrow.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 49024 c:\windows\system32\dllcache\ql1280.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 33152 c:\windows\system32\dllcache\ql10wnt.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 40320 c:\windows\system32\dllcache\ql1080.sys
- 2007-08-14 00:36 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-08-14 00:36 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2011-01-30 13:44 . 2001-08-17 21:07 27296 c:\windows\system32\dllcache\perc2.sys
+ 2010-04-14 06:03 . 2010-12-20 23:08 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-04-14 06:03 . 2010-11-06 00:34 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2011-01-30 13:44 . 2001-08-17 20:52 17280 c:\windows\system32\dllcache\mraid35x.sys
+ 2011-01-30 13:44 . 2008-04-14 07:10 34688 c:\windows\system32\dllcache\lbrtfdc.sys
- 2007-08-14 00:54 . 2010-11-06 00:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-14 00:54 . 2010-12-20 23:08 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-01-30 13:44 . 2001-08-17 20:47 13056 c:\windows\system32\dllcache\inport.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 16000 c:\windows\system32\dllcache\ini910u.sys
- 2010-04-14 06:03 . 2010-11-03 12:24 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2010-04-14 06:03 . 2010-12-20 12:54 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-08-14 00:39 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\iernonce.dll
- 2007-08-14 00:39 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-14 00:39 . 2010-12-20 12:54 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-14 00:39 . 2010-11-03 12:24 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2010-04-14 06:03 . 2010-11-06 00:34 63488 c:\windows\system32\dllcache\icardie.dll
+ 2010-04-14 06:03 . 2010-12-20 23:08 63488 c:\windows\system32\dllcache\icardie.dll
+ 2011-01-30 13:44 . 2008-04-14 07:11 18560 c:\windows\system32\dllcache\i2omp.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 25952 c:\windows\system32\dllcache\hpn.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 20192 c:\windows\system32\dllcache\dpti2o.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 14720 c:\windows\system32\dllcache\dac960nt.sys
- 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-01-30 13:44 . 2001-08-17 20:52 14976 c:\windows\system32\dllcache\cpqarray.sys
+ 2007-08-14 00:42 . 2010-12-20 23:08 17408 c:\windows\system32\dllcache\corpol.dll
- 2007-08-14 00:42 . 2010-11-06 00:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2011-01-30 13:44 . 2008-04-14 07:06 14208 c:\windows\system32\dllcache\battc.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 14848 c:\windows\system32\dllcache\asc3550.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 22400 c:\windows\system32\dllcache\asc3350p.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 26496 c:\windows\system32\dllcache\asc.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 12032 c:\windows\system32\dllcache\amsint.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 56960 c:\windows\system32\dllcache\aic78xx.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 55168 c:\windows\system32\dllcache\aic78u2.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 12800 c:\windows\system32\dllcache\aha154x.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 23552 c:\windows\system32\dllcache\abp480n5.sys
- 2004-08-04 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-04 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 17408 c:\windows\system32\corpol.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 17408 c:\windows\system32\corpol.dll
+ 2010-04-14 03:21 . 2011-04-09 18:59 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-04-14 03:21 . 2011-01-28 07:25 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-04-14 03:21 . 2011-01-28 07:25 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2010-04-14 03:21 . 2011-04-09 18:59 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-04-14 03:21 . 2011-01-28 07:25 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-03-06 21:40 . 2011-04-09 18:59 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-02-11 00:38 . 2011-02-11 00:38 66048 c:\windows\Installer\50c54fd.msi
- 2011-01-02 06:42 . 2011-01-13 00:06 25214 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe
+ 2011-01-02 06:42 . 2011-03-28 07:00 25214 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe
- 2011-01-02 06:42 . 2011-01-13 00:06 36294 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_Standard.exe
+ 2011-01-02 06:42 . 2011-03-28 07:00 36294 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_Standard.exe
- 2011-01-02 06:42 . 2011-01-13 00:06 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_3D.exe
+ 2011-01-02 06:42 . 2011-03-28 07:00 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_3D.exe
+ 2011-01-02 06:42 . 2011-03-28 07:00 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe
- 2011-01-02 06:42 . 2011-01-13 00:06 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe
- 2010-04-14 06:37 . 2010-12-14 05:32 12288 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-04-14 06:37 . 2011-02-10 00:30 12288 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-09-23 10:47 . 2010-09-23 10:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\reader_sl.exe
+ 2010-09-23 09:03 . 2010-09-23 09:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\eula.exe
+ 2010-09-23 08:52 . 2010-09-23 08:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrotextextractor.exe
+ 2010-09-23 00:12 . 2010-09-23 00:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32Info.exe
+ 2008-06-12 07:10 . 2008-06-12 07:10 16768 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\ViewerPS.dll
+ 2008-06-12 05:32 . 2008-06-12 05:32 10752 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\piaglbreakfinder.dll
+ 2008-06-12 07:09 . 2008-06-12 07:09 79208 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFPrevHndlr.dll
+ 2008-06-12 06:18 . 2008-06-12 06:18 14704 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Exch_AcrobatInfo.exe
+ 2008-06-12 09:16 . 2008-06-12 09:16 25952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\acrotextextractor.exe
+ 2008-06-12 05:33 . 2008-06-12 05:33 61816 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AcroIEHelper.dll
+ 2008-06-12 09:25 . 2008-06-12 09:25 37232 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\acrobat_sl.exe
+ 2008-06-12 06:22 . 2008-06-12 06:22 14336 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\acroamt.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 44544 c:\windows\ie7updates\KB2482017-IE7\pngfilt.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 52224 c:\windows\ie7updates\KB2482017-IE7\msfeedsbs.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 27648 c:\windows\ie7updates\KB2482017-IE7\jsproxy.dll
+ 2011-02-10 00:30 . 2010-11-03 12:24 13824 c:\windows\ie7updates\KB2482017-IE7\ieudinit.exe
+ 2011-02-10 00:30 . 2010-11-06 00:34 44544 c:\windows\ie7updates\KB2482017-IE7\iernonce.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 78336 c:\windows\ie7updates\KB2482017-IE7\ieencode.dll
+ 2011-02-10 00:30 . 2010-11-03 12:24 70656 c:\windows\ie7updates\KB2482017-IE7\ie4uinit.exe
+ 2011-02-10 00:30 . 2010-11-06 00:34 63488 c:\windows\ie7updates\KB2482017-IE7\icardie.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 17408 c:\windows\ie7updates\KB2482017-IE7\corpol.dll
+ 2011-03-01 05:15 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-03-01 05:15 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll
+ 2011-02-10 00:30 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2482017-IE7\update\spcustom.dll
+ 2011-02-10 00:30 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2482017-IE7\spmsg.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 44544 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\pngfilt.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 52224 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\msfeedsbs.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 27648 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\jsproxy.dll
+ 2010-12-20 12:47 . 2010-12-20 12:47 13824 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieudinit.exe
+ 2010-12-20 23:20 . 2010-12-20 23:20 44544 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\iernonce.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 78336 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieencode.dll
+ 2010-12-20 12:47 . 2010-12-20 12:47 70656 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ie4uinit.exe
+ 2010-12-20 23:20 . 2010-12-20 23:20 63488 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\icardie.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 17408 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\corpol.dll
+ 2011-03-10 00:46 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-10 00:46 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-10 00:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-10 00:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479628\update\spcustom.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479628\spmsg.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478971\update\spcustom.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478971\spmsg.dll
+ 2011-02-10 00:29 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll
+ 2011-02-10 00:29 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll
+ 2011-02-10 00:30 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
+ 2011-02-10 00:30 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
+ 2010-12-09 14:29 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
+ 2011-02-10 00:29 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll
+ 2011-02-09 22:32 . 2010-12-09 15:15 16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll
+ 2011-02-10 00:29 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll
+ 2010-01-19 22:18 . 2010-01-19 22:18 7680 c:\windows\system32\hpbprops.dll
+ 2010-01-19 22:18 . 2010-01-19 22:18 7680 c:\windows\system32\hpboidps.dll
+ 2011-01-30 13:44 . 2008-04-14 07:10 5376 c:\windows\system32\drivers\viaide.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 4992 c:\windows\system32\drivers\toside.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 5504 c:\windows\system32\drivers\perc2hib.sys
+ 2011-01-30 13:44 . 2008-04-14 07:10 5504 c:\windows\system32\drivers\intelide.sys
+ 2011-01-30 13:44 . 2008-04-14 07:11 8576 c:\windows\system32\drivers\i2omgmt.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 6656 c:\windows\system32\drivers\cmdide.sys
+ 2011-01-30 13:44 . 2008-04-14 07:11 8192 c:\windows\system32\drivers\changer.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 7680 c:\windows\system32\drivers\cd20xrnt.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 5248 c:\windows\system32\drivers\aliide.sys
+ 2011-01-30 13:44 . 2008-04-14 07:10 5376 c:\windows\system32\dllcache\viaide.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 4992 c:\windows\system32\dllcache\toside.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 5504 c:\windows\system32\dllcache\perc2hib.sys
+ 2011-01-30 13:44 . 2008-04-14 07:10 5504 c:\windows\system32\dllcache\intelide.sys
+ 2011-01-30 13:44 . 2008-04-14 07:11 8576 c:\windows\system32\dllcache\i2omgmt.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 6656 c:\windows\system32\dllcache\cmdide.sys
+ 2011-01-30 13:44 . 2008-04-14 07:11 8192 c:\windows\system32\dllcache\changer.sys
+ 2011-01-30 13:44 . 2001-08-17 20:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys
+ 2011-01-30 13:44 . 2001-08-17 20:51 5248 c:\windows\system32\dllcache\aliide.sys
+ 2011-01-02 06:42 . 2011-03-28 07:00 7278 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_ELEMENTS_DT.exe
- 2011-01-02 06:42 . 2011-01-13 00:06 7278 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_ELEMENTS_DT.exe
+ 2010-04-14 06:37 . 2011-02-10 00:30 4096 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2010-04-14 06:37 . 2010-12-14 05:32 4096 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-07-29 15:05 . 2008-07-29 15:05 875520 c:\windows\WinSxS\x86_Microsoft.VC90.DebugCRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\msvcp90d.dll
+ 2008-07-29 10:54 . 2008-07-29 10:54 312832 c:\windows\WinSxS\x86_Microsoft.VC90.DebugCRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\msvcm90d.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 832512 c:\windows\system32\wininet.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 832512 c:\windows\system32\wininet.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 233472 c:\windows\system32\webcheck.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 233472 c:\windows\system32\webcheck.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 105984 c:\windows\system32\url.dll
+ 2010-04-14 05:50 . 2009-07-14 02:07 762368 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2010-04-14 05:50 . 2009-07-14 02:16 747520 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2010-04-14 05:50 . 2009-07-14 02:16 375296 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2005-12-04 06:53 . 2009-07-14 01:55 207872 c:\windows\system32\spool\drivers\w32x86\3\pclxl.dll
+ 2011-02-07 01:00 . 2010-03-25 19:15 723968 c:\windows\system32\spool\drivers\w32x86\3\hpmdp101.dll
+ 2011-02-07 01:00 . 2009-11-04 22:37 702464 c:\windows\system32\spool\drivers\w32x86\3\hpleq101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 123904 c:\windows\system32\spool\drivers\w32x86\3\hpfxcomw.dll
+ 2011-02-07 01:00 . 2010-02-18 22:13 315392 c:\windows\system32\spool\drivers\w32x86\3\hpfie101.dll
+ 2011-02-07 01:00 . 2009-02-26 02:57 135168 c:\windows\system32\spool\drivers\w32x86\3\hpcsat20.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 176128 c:\windows\system32\spool\drivers\w32x86\3\hpcpn101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 249856 c:\windows\system32\spool\drivers\w32x86\3\hpcpe101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 516096 c:\windows\system32\spool\drivers\w32x86\3\hpcev101.dll
+ 2005-12-04 06:53 . 2010-02-11 17:19 491008 c:\windows\system32\spool\drivers\w32x86\3\hpcdmc32.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 305664 c:\windows\system32\spool\drivers\w32x86\3\hpcc3101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 208896 c:\windows\system32\spool\drivers\w32x86\3\hpcbr101.dll
+ 2011-02-07 01:00 . 2010-01-20 18:30 349696 c:\windows\system32\spool\drivers\w32x86\3\cioum32.msi
- 2004-08-04 12:00 . 2008-04-14 11:42 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-04 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-04 12:00 . 2011-03-14 20:21 464318 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2010-11-06 00:34 102912 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 102912 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 671232 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 671232 c:\windows\system32\mstime.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 193024 c:\windows\system32\msrating.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 193024 c:\windows\system32\msrating.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 478208 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 478208 c:\windows\system32\mshtmled.dll
- 2007-08-14 00:54 . 2010-11-06 00:34 468480 c:\windows\system32\msfeeds.dll
+ 2007-08-14 00:54 . 2010-12-20 23:08 468480 c:\windows\system32\msfeeds.dll
+ 2011-01-30 10:45 . 2010-10-19 17:41 222080 c:\windows\system32\MpSigStub.exe
+ 2011-03-23 00:30 . 2011-03-23 00:30 235168 c:\windows\system32\Macromed\Flash\FlashUtil10o_Plugin.exe
+ 2011-01-30 10:37 . 2011-01-30 10:37 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
+ 2011-01-30 10:37 . 2011-01-30 10:37 311248 c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.dll
- 2004-08-04 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2004-08-04 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
+ 2004-08-04 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
- 2004-08-04 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
- 2010-12-15 13:28 . 2010-11-13 01:53 157472 c:\windows\system32\javaws.exe
+ 2011-02-21 05:13 . 2011-02-03 04:40 157472 c:\windows\system32\javaws.exe
- 2010-12-15 13:28 . 2010-11-13 01:53 145184 c:\windows\system32\javaw.exe
+ 2011-02-21 05:13 . 2011-02-03 04:40 145184 c:\windows\system32\javaw.exe
+ 2011-02-21 05:13 . 2011-02-03 04:40 145184 c:\windows\system32\java.exe
- 2010-12-15 13:28 . 2010-11-13 01:53 145184 c:\windows\system32\java.exe
+ 2007-08-14 00:34 . 2010-12-20 23:08 268288 c:\windows\system32\iertutil.dll
- 2007-08-14 00:34 . 2010-11-06 00:34 268288 c:\windows\system32\iertutil.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 192512 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 192512 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 384512 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 384512 c:\windows\system32\iedkcs32.dll
- 2007-07-11 18:27 . 2010-11-06 00:34 380928 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 18:27 . 2010-12-20 23:08 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-04 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\ieakui.dll
+ 2004-08-04 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\ieakui.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 230400 c:\windows\system32\ieaksie.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 153088 c:\windows\system32\ieakeng.dll
+ 2009-11-27 19:16 . 2009-11-27 19:16 180224 c:\windows\system32\hplbddrv.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 133120 c:\windows\system32\extmgr.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 133120 c:\windows\system32\extmgr.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 347136 c:\windows\system32\dxtmsft.dll
+ 2011-01-30 13:44 . 2001-08-17 20:52 179584 c:\windows\system32\drivers\dac2w2k.sys
+ 2011-01-30 13:44 . 2001-08-17 21:07 101888 c:\windows\system32\drivers\adpu160m.sys
+ 2010-02-26 05:43 . 2010-12-20 23:08 832512 c:\windows\system32\dllcache\wininet.dll
- 2010-02-26 05:43 . 2010-11-06 00:34 832512 c:\windows\system32\dllcache\wininet.dll
- 2007-08-14 00:54 . 2010-11-06 00:34 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-14 00:54 . 2010-12-20 23:08 233472 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-14 00:44 . 2010-11-06 00:34 105984 c:\windows\system32\dllcache\url.dll
+ 2007-08-14 00:44 . 2010-12-20 23:08 105984 c:\windows\system32\dllcache\url.dll
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2007-08-14 00:44 . 2010-12-20 23:08 102912 c:\windows\system32\dllcache\occache.dll
- 2007-08-14 00:44 . 2010-11-06 00:34 102912 c:\windows\system32\dllcache\occache.dll
+ 2010-04-14 04:54 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2007-08-14 00:54 . 2010-12-20 23:08 671232 c:\windows\system32\dllcache\mstime.dll
- 2007-08-14 00:54 . 2010-11-06 00:34 671232 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-14 00:44 . 2010-12-20 23:08 193024 c:\windows\system32\dllcache\msrating.dll
- 2007-08-14 00:44 . 2010-11-06 00:34 193024 c:\windows\system32\dllcache\msrating.dll
- 2007-08-14 00:54 . 2010-11-06 00:34 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-14 00:54 . 2010-12-20 23:08 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-04-14 06:03 . 2010-12-20 23:08 468480 c:\windows\system32\dllcache\msfeeds.dll
- 2010-04-14 06:03 . 2010-11-06 00:34 468480 c:\windows\system32\dllcache\msfeeds.dll
- 2010-04-14 04:54 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2010-04-14 04:54 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2007-08-14 00:43 . 2010-12-20 11:25 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-08-14 00:43 . 2010-10-18 11:07 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2010-04-14 06:03 . 2010-12-20 23:08 268288 c:\windows\system32\dllcache\iertutil.dll
- 2010-04-14 06:03 . 2010-11-06 00:34 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2010-02-26 05:43 . 2010-12-20 23:08 192512 c:\windows\system32\dllcache\iepeers.dll
- 2010-02-26 05:43 . 2010-11-06 00:34 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-14 00:39 . 2010-12-20 23:08 384512 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-14 00:39 . 2010-11-06 00:34 384512 c:\windows\system32\dllcache\iedkcs32.dll
- 2010-04-14 06:03 . 2010-11-06 00:34 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2010-04-14 06:03 . 2010-12-20 23:08 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-04 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-04 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\dllcache\ieakui.dll
- 2007-08-14 00:39 . 2010-11-06 00:34 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-14 00:39 . 2010-12-20 23:08 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-14 00:39 . 2010-12-20 23:08 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-14 00:39 . 2010-11-06 00:34 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-08-14 00:54 . 2010-12-20 23:08 133120 c:\windows\system32\dllcache\extmgr.dll
- 2007-08-14 00:54 . 2010-11-06 00:34 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2007-08-14 00:35 . 2010-12-20 23:08 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-14 00:35 . 2010-11-06 00:34 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-14 00:35 . 2010-11-06 00:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2007-08-14 00:35 . 2010-12-20 23:08 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-04 12:00 . 2008-04-14 11:41 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2011-01-30 13:44 . 2001-08-17 20:52 179584 c:\windows\system32\dllcache\dac2w2k.sys
+ 2010-04-20 05:30 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll
- 2010-04-20 05:30 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2007-08-14 00:39 . 2010-12-20 23:08 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-08-14 00:39 . 2010-11-06 00:34 124928 c:\windows\system32\dllcache\advpack.dll
+ 2011-01-30 13:44 . 2001-08-17 21:07 101888 c:\windows\system32\dllcache\adpu160m.sys
+ 2004-08-04 12:00 . 2011-01-07 14:09 290048 c:\windows\system32\atmfd.dll
- 2004-08-04 12:00 . 2010-10-28 13:13 290048 c:\windows\system32\atmfd.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 124928 c:\windows\system32\advpack.dll
- 2004-08-04 12:00 . 2010-11-06 00:34 124928 c:\windows\system32\advpack.dll
+ 2011-02-16 01:49 . 2011-02-16 01:49 604672 c:\windows\Installer\b9e9f54.msi
+ 2011-02-01 10:46 . 2011-02-01 10:46 236032 c:\windows\Installer\b7c33.msi
+ 2011-02-21 05:13 . 2011-02-21 05:13 180224 c:\windows\Installer\261bb39f.msi
+ 2011-03-17 06:11 . 2011-03-17 06:11 811520 c:\windows\Installer\1d8b9a0.msi
- 2011-01-02 06:42 . 2011-01-13 00:06 335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
+ 2011-01-02 06:42 . 2011-03-28 07:00 335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
+ 2010-04-14 06:37 . 2011-02-10 00:30 176128 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\visicon.exe
- 2010-04-14 06:37 . 2010-12-14 05:32 176128 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\visicon.exe
- 2010-04-14 06:37 . 2010-12-14 05:32 135168 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2010-04-14 06:37 . 2011-02-10 00:30 135168 c:\windows\Installer\{90510409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-03-17 06:14 . 2011-03-17 06:14 380928 c:\windows\Installer\{2A697B53-0DE3-42DA-B41D-C3F804B1C538}\iTunesIco.exe
+ 2007-06-20 12:29 . 2007-06-20 12:29 337816 c:\windows\Installer\$PatchCache$\Managed\9040150900063D11C8EF10054038389C\11.0.8173\ORMELEMS.DLL
+ 2010-09-11 00:17 . 2010-09-11 00:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\JP2KLib.dll
+ 2010-09-23 02:41 . 2010-09-23 02:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AdobeCollabSync.exe
+ 2010-09-23 10:47 . 2010-09-23 10:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.exe
+ 2010-09-23 01:04 . 2010-09-23 01:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroPDF.dll
+ 2010-09-23 01:39 . 2010-09-23 01:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobroker.exe
+ 2010-09-23 00:50 . 2010-09-23 00:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\a3dutility.exe
+ 2008-06-12 07:10 . 2008-06-12 07:10 116096 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFPrevHndlrShim.exe
+ 2008-06-12 06:30 . 2008-06-12 06:30 456080 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMPublisher.dll
+ 2008-06-12 06:30 . 2008-06-12 06:30 120208 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMProject.dll
+ 2008-06-12 06:30 . 2008-06-12 06:30 573440 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMPowerPoint.dll
+ 2008-06-12 06:28 . 2008-06-12 06:28 353680 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMOfficeAddin.dll
+ 2008-06-12 06:27 . 2008-06-12 06:27 217088 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMakerAPI.dll
+ 2008-06-12 06:27 . 2008-06-12 06:27 155648 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMAccess.dll
+ 2008-06-12 04:45 . 2008-06-12 04:45 103792 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\nppdf32.dll
+ 2008-06-12 05:43 . 2008-06-12 05:43 360448 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\MDKitAdapter.dll
+ 2008-05-08 04:48 . 2008-05-08 04:48 675840 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Exch_JP2KLib.dll
+ 2008-06-12 09:25 . 2008-06-12 09:25 353640 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Exch_Acrobat.exe
+ 2008-06-12 05:41 . 2008-06-12 05:41 425984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Dist_adistres.dll
+ 2008-06-12 05:43 . 2008-06-12 05:43 640376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Dist_acrotray.exe
+ 2008-06-12 05:43 . 2008-06-12 05:43 148864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Dist_acrodist.exe
+ 2008-06-12 06:34 . 2008-06-12 06:34 693632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\ContextMenu.dll
+ 2008-06-12 05:33 . 2008-06-12 05:33 144744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Aiod.dll
+ 2008-05-08 04:33 . 2008-05-08 04:33 417792 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AdobeXMP.dll
+ 2008-04-17 15:31 . 2008-04-17 15:31 522104 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AdobeUpdater.dll
+ 2008-05-09 00:41 . 2008-05-09 00:41 349696 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\adobe_personalization.dll
+ 2008-05-09 00:42 . 2008-05-09 00:42 359936 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\adobe_eula.dll
+ 2008-05-09 00:39 . 2008-05-09 00:39 464896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\adobe_epic.dll
+ 2008-06-12 06:26 . 2008-06-12 06:26 126872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Adist64.dll
+ 2008-06-12 06:25 . 2008-06-12 06:25 116120 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Adist.dll
+ 2008-06-12 05:33 . 2008-06-12 05:33 660840 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AcroPDF.dll
+ 2008-06-12 06:35 . 2008-06-12 06:35 116072 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AcroIF.dll
+ 2008-06-12 05:42 . 2008-06-12 05:42 345480 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AcroIEFavClient.dll
+ 2008-06-12 06:46 . 2008-06-12 06:46 251224 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\a3dutility.exe
+ 2009-02-14 13:04 . 2009-02-14 13:04 625520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBSERVICES.DLL
+ 2009-02-12 22:19 . 2009-02-12 22:19 688512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBPLATFORMSERVICES.DLL
+ 2009-03-06 11:33 . 2009-03-06 11:33 961888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEUTIL.DLL
+ 2009-02-14 13:03 . 2009-02-14 13:03 337264 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVE.EXE
+ 2011-02-10 00:30 . 2010-11-06 00:34 832512 c:\windows\ie7updates\KB2482017-IE7\wininet.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 233472 c:\windows\ie7updates\KB2482017-IE7\webcheck.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 105984 c:\windows\ie7updates\KB2482017-IE7\url.dll
+ 2011-02-10 00:30 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2482017-IE7\spuninst\updspapi.dll
+ 2011-02-10 00:30 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2482017-IE7\spuninst\spuninst.exe
+ 2011-02-10 00:30 . 2010-11-06 00:34 102912 c:\windows\ie7updates\KB2482017-IE7\occache.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 671232 c:\windows\ie7updates\KB2482017-IE7\mstime.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 193024 c:\windows\ie7updates\KB2482017-IE7\msrating.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 478208 c:\windows\ie7updates\KB2482017-IE7\mshtmled.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 468480 c:\windows\ie7updates\KB2482017-IE7\msfeeds.dll
+ 2011-02-10 00:30 . 2010-10-18 11:07 634648 c:\windows\ie7updates\KB2482017-IE7\iexplore.exe
+ 2011-02-10 00:30 . 2010-11-06 00:34 268288 c:\windows\ie7updates\KB2482017-IE7\iertutil.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 192512 c:\windows\ie7updates\KB2482017-IE7\iepeers.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 384512 c:\windows\ie7updates\KB2482017-IE7\iedkcs32.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 380928 c:\windows\ie7updates\KB2482017-IE7\ieapfltr.dll
+ 2011-02-10 00:30 . 2010-10-18 11:06 161792 c:\windows\ie7updates\KB2482017-IE7\ieakui.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 230400 c:\windows\ie7updates\KB2482017-IE7\ieaksie.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 153088 c:\windows\ie7updates\KB2482017-IE7\ieakeng.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 133120 c:\windows\ie7updates\KB2482017-IE7\extmgr.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 214528 c:\windows\ie7updates\KB2482017-IE7\dxtrans.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 347136 c:\windows\ie7updates\KB2482017-IE7\dxtmsft.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 124928 c:\windows\ie7updates\KB2482017-IE7\advpack.dll
+ 2011-03-01 05:15 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-03-01 05:15 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-03-01 05:15 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-02-10 00:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485376\update\updspapi.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485376\update\update.exe
+ 2011-02-10 00:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485376\spuninst.exe
+ 2011-01-07 14:09 . 2011-01-07 14:09 290048 c:\windows\$hf_mig$\KB2485376\SP3QFE\atmfd.dll
+ 2011-02-10 00:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
+ 2011-02-10 00:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
+ 2011-01-21 14:42 . 2011-01-21 14:42 439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
+ 2011-02-10 00:30 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2482017-IE7\update\updspapi.dll
+ 2011-02-10 00:30 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2482017-IE7\update\update.exe
+ 2011-02-10 00:30 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2482017-IE7\spuninst.exe
+ 2010-12-20 23:20 . 2010-12-20 23:20 841216 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\wininet.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 233472 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\webcheck.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 105984 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\url.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 102912 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\occache.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 671232 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\mstime.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 193024 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\msrating.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 478208 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\mshtmled.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 468480 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\msfeeds.dll
+ 2010-12-20 10:49 . 2010-12-20 10:49 634648 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
+ 2010-12-20 23:20 . 2010-12-20 23:20 268288 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\iertutil.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 193024 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\iepeers.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 388608 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\iedkcs32.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 380928 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieapfltr.dll
+ 2010-12-20 10:48 . 2010-12-20 10:48 161792 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieakui.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 230400 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieaksie.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 153088 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieakeng.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 132608 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\extmgr.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 214528 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\dxtrans.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 347136 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\dxtmsft.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 124928 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\advpack.dll
+ 2011-03-10 00:46 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-10 00:46 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-10 00:46 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-10 00:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-10 00:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-10 00:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-02-10 00:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479628\update\updspapi.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479628\update\update.exe
+ 2011-02-10 00:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479628\spuninst.exe
+ 2011-02-10 00:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478971\update\updspapi.dll
+ 2011-02-10 00:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478971\update\update.exe
+ 2011-02-10 00:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478971\spuninst.exe
+ 2010-12-22 12:32 . 2010-12-22 12:32 301568 c:\windows\$hf_mig$\KB2478971\SP3QFE\kerberos.dll
+ 2011-02-10 00:29 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
+ 2011-02-10 00:29 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
+ 2011-02-10 00:29 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
+ 2010-12-20 17:24 . 2010-12-20 17:24 730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
+ 2011-02-10 00:30 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-02-10 00:30 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-02-10 00:30 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2011-02-10 00:29 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
+ 2011-02-10 00:29 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
+ 2011-02-10 00:29 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
+ 2011-02-09 22:32 . 2010-12-09 15:15 718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
+ 2008-07-29 15:05 . 2008-07-29 15:05 5982720 c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfc90ud.dll
+ 2008-07-29 15:05 . 2008-07-29 15:05 5937144 c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfc90d.dll
+ 2008-07-29 15:05 . 2008-07-29 15:05 1180672 c:\windows\WinSxS\x86_Microsoft.VC90.DebugCRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\msvcr90d.dll
+ 2004-08-04 12:00 . 2010-12-31 13:10 1854976 c:\windows\system32\win32k.sys
- 2004-08-04 12:00 . 2010-11-06 00:34 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2010-12-20 23:08 1168384 c:\windows\system32\urlmon.dll
+ 2011-02-07 01:00 . 2010-03-25 19:17 2141696 c:\windows\system32\spool\drivers\w32x86\3\hpmsn101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:16 1244160 c:\windows\system32\spool\drivers\w32x86\3\hpmsl101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:23 3717120 c:\windows\system32\spool\drivers\w32x86\3\hpcur101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 3645440 c:\windows\system32\spool\drivers\w32x86\3\hpcui101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:23 4162560 c:\windows\system32\spool\drivers\w32x86\3\hpcst101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 1015296 c:\windows\system32\spool\drivers\w32x86\3\hpcss101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 1668096 c:\windows\system32\spool\drivers\w32x86\3\hpcls101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 2253824 c:\windows\system32\spool\drivers\w32x86\3\hpc6r101.dll
+ 2011-02-07 01:00 . 2010-03-25 19:26 3167744 c:\windows\system32\spool\drivers\w32x86\3\hpc3r101.dll
+ 2005-12-04 06:53 . 2010-04-22 20:58 3217208 c:\windows\system32\spool\drivers\w32x86\3\hpbcfgre.dll
+ 2004-08-04 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
- 2004-08-04 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 2004-08-04 12:00 . 2010-12-09 13:42 2148864 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 22:59 . 2010-12-09 13:07 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 12:00 . 2010-12-20 23:08 3606528 c:\windows\system32\mshtml.dll
+ 2008-09-03 22:55 . 2011-03-23 00:30 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2007-08-14 00:54 . 2010-12-20 23:08 6075904 c:\windows\system32\ieframe.dll
- 2007-08-14 00:54 . 2010-11-06 00:34 6075904 c:\windows\system32\ieframe.dll
+ 2010-10-03 13:07 . 2010-08-13 04:03 2477056 c:\windows\system32\FreeImage.dll
+ 2010-04-13 21:06 . 2011-02-10 00:35 2143680 c:\windows\system32\FNTCACHE.DAT
- 2010-04-13 21:06 . 2011-01-02 23:06 2143680 c:\windows\system32\FNTCACHE.DAT
+ 2011-03-17 06:12 . 2011-02-18 22:36 4184352 c:\windows\system32\DRVSTORE\usbaapl_05A32DBD3911A2EF4222EF5BE7BB535FAB37D6C4\usbaaplrc.dll
+ 2009-08-14 13:21 . 2010-12-31 13:10 1854976 c:\windows\system32\dllcache\win32k.sys
- 2010-02-26 05:43 . 2010-11-06 00:34 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2010-02-26 05:43 . 2010-12-20 23:08 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
- 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2010-04-14 04:54 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-04-14 04:54 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-08 01:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-04-14 04:54 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2010-02-26 05:43 . 2010-12-20 23:08 3606528 c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
- 2010-04-14 06:03 . 2010-11-06 00:34 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2010-04-14 06:03 . 2010-12-20 23:08 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2011-01-12 00:52 . 2011-01-12 00:52 3360768 c:\windows\Installer\b5c7514.msp
+ 2011-03-30 14:08 . 2011-03-30 14:08 3272704 c:\windows\Installer\52c6f91.msi
+ 2011-03-30 14:07 . 2011-03-30 14:07 1611776 c:\windows\Installer\52c6f81.msi
+ 2011-03-17 06:14 . 2011-03-17 06:14 5448704 c:\windows\Installer\1d8c2d3.msi
+ 2011-03-17 06:12 . 2011-03-17 06:12 3085312 c:\windows\Installer\1d8b9fd.msi
+ 2011-02-16 20:54 . 2011-02-16 20:54 4992000 c:\windows\Installer\11b50ce.msp
+ 2011-01-12 00:53 . 2011-01-12 00:53 1763328 c:\windows\Installer\11b50b8.msp
+ 2010-04-14 06:26 . 2011-03-10 00:47 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-04-14 06:26 . 2011-01-12 23:53 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-04-14 06:26 . 2011-03-10 00:47 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-09-23 00:05 . 2010-09-23 00:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\rt3d.dll
+ 2010-06-19 23:51 . 2010-06-19 23:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AGM.dll
+ 2008-05-15 08:17 . 2008-05-15 08:17 1083392 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\pdfport.dll
+ 2008-06-12 06:31 . 2008-06-12 06:31 1298432 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMWord.dll
+ 2008-06-12 06:30 . 2008-06-12 06:30 2606520 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMOutlook.dll
+ 2008-06-12 06:29 . 2008-06-12 06:29 1697136 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMLotus_PDFMLotusNotes.dll
+ 2008-06-12 06:27 . 2008-06-12 06:27 1290240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\PDFMExcel.dll
+ 2007-12-11 14:19 . 2007-12-11 14:19 1204224 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Onix32.dll
+ 2008-06-12 09:11 . 2008-06-12 09:11 2433024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Exch_cooltype.dll
+ 2008-06-12 05:43 . 2008-06-12 05:43 4640768 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Dist_acrodistdll.dll
+ 2008-06-12 09:08 . 2008-06-12 09:08 1925120 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\amtlibwrapper.dll
+ 2008-06-12 05:32 . 2008-06-12 05:32 2666496 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AdobePDFMakerX.dll
+ 2008-06-02 02:45 . 2008-06-02 02:45 6045696 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\AdobePDFL.dll
+ 2008-06-12 09:08 . 2008-06-12 09:08 2584576 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\adobelm_libfnp.dll
+ 2008-06-12 09:08 . 2008-06-12 09:08 2801664 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Adobelm.dll
+ 2008-06-12 06:34 . 2008-06-12 06:34 2639224 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Acrobat_Elements.exe
+ 2009-02-14 13:03 . 2009-02-14 13:03 3070832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEDOCUMENTSHARETOOL.DLL
+ 2011-02-10 00:30 . 2010-11-06 00:34 1168384 c:\windows\ie7updates\KB2482017-IE7\urlmon.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 3604480 c:\windows\ie7updates\KB2482017-IE7\mshtml.dll
+ 2011-02-10 00:30 . 2010-11-06 00:34 6075904 c:\windows\ie7updates\KB2482017-IE7\ieframe.dll
+ 2010-04-14 04:54 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-04-14 04:54 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 01:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-04-14 04:54 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 1171968 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\urlmon.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 3609088 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\mshtml.dll
+ 2010-12-20 23:20 . 2010-12-20 23:20 6080000 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieframe.dll
+ 2011-02-09 22:33 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\ieapfltr.dat
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2010-12-31 13:14 . 2010-12-31 13:14 1864064 c:\windows\$hf_mig$\KB2479628\SP3QFE\win32k.sys
+ 2011-02-09 22:32 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-02-09 22:32 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-10 01:39 . 2010-12-10 01:39 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-02-09 22:32 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2010-04-14 05:01 . 2011-03-10 00:47 37943240 c:\windows\system32\MRT.exe
+ 2010-11-10 21:49 . 2010-11-10 21:49 12105216 c:\windows\Installer\b5c751f.msp
+ 2011-03-13 01:02 . 2011-03-13 01:02 15139328 c:\windows\Installer\355b4.msp
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\200a1.msp
+ 2011-03-13 01:23 . 2011-03-13 01:23 17274880 c:\windows\Installer\165bb08b.msp
+ 2011-01-31 12:40 . 2011-01-31 12:40 84430336 c:\windows\Installer\1343b1.msp
+ 2010-09-23 09:03 . 2010-09-23 09:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.dll
+ 2008-06-12 09:09 . 2008-06-12 09:09 24561008 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000040\9.0.0\Acrobat.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-10-06 18750976]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"vmware-tray"="c:\program files\VMware\VMware Workstation\vmware-tray.exe" [2009-03-27 96816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-01-31 38840]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-23 640440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\w0rldsfallen\Start Menu\Programs\Startup\
Moo0 SystemMonitor 1.54.lnk - c:\program files\Moo0\SystemMonitor 1.54\SystemMonitor.exe [2010-4-14 1970176]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-17 17:04 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\VMware\\VMware Workstation\\vmware-authd.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Program Files\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Aimetis\\Symphony Client\\_bin\\ae.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\peggle nights\\PeggleNights.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=
"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\xchat\\xchat.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
"8381:TCP"= 8381:TCP:League of Legends Launcher
"8381:UDP"= 8381:UDP:League of Legends Launcher
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [01/02/2011 4:48 AM 64288]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [06/10/2010 4:01 PM 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/08/2008 12:41 PM 12856]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [13/04/2010 9:34 PM 2320920]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [26/03/2009 11:05 PM 54960]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [13/04/2010 9:31 PM 160424]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys --> c:\windows\system32\drivers\is3srv.sys [?]
S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys --> c:\windows\system32\DRIVERS\szkg.sys [?]
S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys --> c:\windows\system32\drivers\szkgfs.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 2:16 PM 130384]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15/08/2008 6:46 AM 284016]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [13/04/2010 9:29 PM 1684736]
S3 AmdTools;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools.sys --> c:\windows\system32\DRIVERS\AmdTools.sys [?]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\Moo0\SystemMonitor 1.54\WinRing0.sys [14/04/2010 12:09 AM 14416]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 2:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 17:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll
FF - ProfilePath - c:\documents and settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\
FF - prefs.js: browser.startup.homepage - google.ca
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: AmbientFox: {c8f71e5b-88f8-42a7-98bb-e4c506161de9} - %profile%\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: PitchDark: {c1dffba0-628e-11d9-9669-0800200c9a66} - %profile%\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-09 13:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\LMIinit.dll
.
Completion time: 2011-04-09 13:12:37
ComboFix-quarantined-files.txt 2011-04-09 19:12
ComboFix2.txt 2011-01-30 09:07
.
Pre-Run: 594,158,809,088 bytes free
Post-Run: 594,133,450,752 bytes free
.
- - End Of File - - 94A27EA6C4304A7B5BD1EBE85AC378A4


******************************************************************************************************************

OTL Quick Scan
OTL logfile created on: 09/04/2011 1:21:56 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\w0rldsfallen\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 71.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 1367.19 Gb Total Space | 553.29 Gb Free Space | 40.47% Space Free | Partition Type: NTFS

Computer Name: 31337-BOX | User Name: w0rldsfallen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/09 13:21:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\w0rldsfallen\My Documents\Downloads\OTL(2).exe
PRC - [2011/03/24 05:15:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/20 23:01:11 | 001,640,976 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\w0rldsfallen\Local Settings\temp\HouseCall\housecall.bin
PRC - [2010/12/17 11:04:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/17 11:04:35 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/12/17 11:04:30 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/09/22 19:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/04/14 00:09:14 | 001,970,176 | ---- | M] (Moo0) -- C:\Program Files\Moo0\SystemMonitor 1.54\SystemMonitor.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/09/30 14:02:38 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 14:02:36 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/03/26 23:05:22 | 000,096,816 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
PRC - [2009/03/26 23:04:42 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2009/03/26 23:04:22 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2009/03/26 23:04:16 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2008/08/11 12:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/04/09 13:21:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\w0rldsfallen\My Documents\Downloads\OTL(2).exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/01/02 00:25:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/17 11:04:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/17 11:04:35 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/12/17 11:04:30 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/09/30 14:02:38 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 14:02:36 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/03/26 23:04:42 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/03/26 23:04:22 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2009/03/26 23:04:16 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2008/12/01 11:49:02 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2008/08/15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2004/12/02 09:28:32 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\WINDOWS\system32\OpcEnum.exe -- (OpcEnum)


========== Driver Services (SafeList) ==========

DRV - [2010/12/17 11:04:31 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/12/03 03:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/09/10 20:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/09/06 03:26:20 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/04/14 00:09:14 | 000,014,416 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Program Files\Moo0\SystemMonitor 1.54\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2009/11/18 17:24:26 | 000,095,232 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/06 12:54:16 | 005,922,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/09/23 11:14:10 | 000,160,424 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress) Intel®
DRV - [2009/09/17 06:54:14 | 000,041,088 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/03/26 23:05:36 | 000,054,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2009/03/26 23:05:36 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2009/03/26 23:05:34 | 000,857,520 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2009/03/26 23:05:34 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2009/03/26 23:05:32 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2009/03/26 23:04:46 | 000,014,896 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmparport.sys -- (VMparport)
DRV - [2009/03/26 17:31:12 | 000,031,280 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmusb.sys -- (vmusb)
DRV - [2009/03/26 17:31:12 | 000,031,280 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2009/03/26 17:31:12 | 000,016,560 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2008/12/01 11:47:08 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 12:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/08/05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2008/04/14 01:10:28 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2007/02/03 10:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 10:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/11/10 07:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006/01/04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004/08/13 20:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001/08/17 13:53:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.ca"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.6.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 05:15:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/28 00:59:42 | 000,000,000 | ---D | M]

[2011/01/30 07:44:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Extensions
[2011/04/08 16:56:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions
[2011/01/31 22:44:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/12 18:13:34 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2011/02/12 18:15:27 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2011/02/01 04:55:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/02/12 18:15:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions\[email protected]
[2011/02/12 18:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions\[email protected]
[2011/02/12 18:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\w0rldsfallen\Application Data\Mozilla\Firefox\Profiles\olb21gk3.default\extensions\[email protected]
[2011/04/08 16:56:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/20 23:13:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/08/13 09:02:53 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/04/09 13:11:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\w0rldsfallen\Start Menu\Programs\Startup\Moo0 SystemMonitor 1.54.lnk = C:\Program Files\Moo0\SystemMonitor 1.54\SystemMonitor.exe (Moo0)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1271220032390 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/13 21:18:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/09 13:17:23 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2011/04/09 12:49:50 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/04/08 22:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\w0rldsfallen\Desktop\House of Five Leaves
[2011/04/07 19:47:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\w0rldsfallen\Desktop\Samurai Champloo 01-26
[2011/04/02 11:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\w0rldsfallen\Application Data\AVG
[2011/04/02 11:04:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/28 02:00:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\w0rldsfallen\Desktop\New Folder
[2011/03/24 08:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\w0rldsfallen\Application Data\X-Chat 2
[2011/03/24 08:12:35 | 000,000,000 | ---D | C] -- C:\Program Files\xchat
[2011/03/24 08:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\XChat
[2011/03/24 08:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\w0rldsfallen\Application Data\mIRC
[2011/03/24 07:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3 My Mp3 3.1
[2011/03/17 00:14:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/17 00:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/17 00:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/09 13:16:49 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\w0rldsfallen\Local Settings\Application Data\housecall.guid.cache
[2011/04/09 13:11:22 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/09 13:03:47 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/09 13:03:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/09 12:28:07 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/09 12:28:07 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/04/08 10:16:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/05 22:49:26 | 003,137,030 | ---- | M] () -- C:\Documents and Settings\w0rldsfallen\Desktop\training.bmp
[2011/04/05 13:14:09 | 000,812,094 | ---- | M] () -- C:\Documents and Settings\w0rldsfallen\Desktop\untitled.bmp
[2011/04/05 12:01:10 | 001,121,238 | ---- | M] () -- C:\Documents and Settings\w0rldsfallen\Desktop\day 2 - push.bmp
[2011/04/04 18:27:01 | 000,171,008 | ---- | M] () -- C:\Documents and Settings\w0rldsfallen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/19 08:24:41 | 000,129,536 | ---- | M] () -- C:\Documents and Settings\w0rldsfallen\Desktop\Discover Hearing.vsd
[2011/03/14 14:21:54 | 000,464,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/14 14:21:54 | 000,079,264 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/09 13:16:49 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\w0rldsfallen\Local Settings\Application Data\housecall.guid.cache
[2011/04/09 12:28:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/09 12:28:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/04/05 19:08:23 | 003,137,030 | ---- | C] () -- C:\Documents and Settings\w0rldsfallen\Desktop\training.bmp
[2011/04/05 13:14:09 | 000,812,094 | ---- | C] () -- C:\Documents and Settings\w0rldsfallen\Desktop\untitled.bmp
[2011/04/05 12:01:10 | 001,121,238 | ---- | C] () -- C:\Documents and Settings\w0rldsfallen\Desktop\day 2 - push.bmp
[2011/03/18 01:44:03 | 000,129,536 | ---- | C] () -- C:\Documents and Settings\w0rldsfallen\Desktop\Discover Hearing.vsd
[2011/01/30 02:59:39 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/01/30 02:59:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/01/30 02:59:39 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/01/30 02:59:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/01/30 02:59:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/01/28 00:49:04 | 001,815,400 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-796845957-1614895754-839522115-1003-0.dat
[2011/01/28 00:49:02 | 000,349,614 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/01/26 22:49:35 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/11/01 02:48:08 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010/11/01 02:48:08 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010/11/01 02:42:46 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/09/18 16:39:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/08/02 22:53:24 | 000,315,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/25 13:14:34 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\w0rldsfallen\Local Settings\Application Data\PUTTY.RND
[2010/06/16 20:49:38 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/06/16 20:49:37 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/06/16 20:49:36 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/06/16 20:49:36 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/06/16 20:49:36 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/05/22 22:43:35 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/06 22:06:42 | 000,055,856 | R--- | C] () -- C:\WINDOWS\System32\vnetinst.dll
[2010/04/25 13:41:43 | 000,055,828 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/17 22:38:49 | 000,171,008 | ---- | C] () -- C:\Documents and Settings\w0rldsfallen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/14 00:37:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/04/14 00:36:00 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/14 00:14:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/14 00:14:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/04/13 22:03:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/04/13 22:03:48 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/04/13 22:03:48 | 000,224,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/04/13 22:03:48 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/04/13 21:27:41 | 000,036,746 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/04/13 21:27:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/04/13 21:27:02 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2010/04/13 21:26:57 | 000,025,140 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/04/13 21:26:57 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/04/13 21:20:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/13 21:16:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/13 15:07:25 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/13 15:06:26 | 002,143,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/02/03 08:59:04 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/11/10 07:08:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys
[2004/08/04 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 06:00:00 | 000,464,318 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 06:00:00 | 000,079,264 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/04/09 12:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/04/14 00:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/01/31 22:49:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/04/09 00:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/01/31 22:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/07/20 10:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/28 04:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/04/02 19:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/25 13:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/11/10 00:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\Aimetis
[2010/09/29 07:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\Amazon
[2011/04/02 13:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\AVG
[2011/01/31 22:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\AVG10
[2010/04/14 00:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\Canneverbe Limited
[2010/06/15 00:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\Facebook
[2011/01/24 00:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\LolClient
[2010/04/17 02:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\ooVoo Details
[2011/04/09 00:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\uTorrent
[2011/04/07 19:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\w0rldsfallen\Application Data\X-Chat 2

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >



*****************************************************************************************************************************
HJT Scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:26:59 PM, on 09/04/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Moo0\SystemMonitor 1.54\SystemMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\w0rldsfallen\My Documents\Downloads\OTL(2).exe
C:\WINDOWS\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Moo0 SystemMonitor 1.54.lnk = C:\Program Files\Moo0\SystemMonitor 1.54\SystemMonitor.exe
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1271220032390
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 10239 bytes



*********************************************************************************************************************************************************************
C:\Documents and Settings\w0rldsfallen>netsh firewall show state

Firewall status:
-------------------------------------------------------------------
Profile = Standard
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Group policy version = Windows Firewall
Remote admin mode = Disable

Ports currently open on all network interfaces:
Port Protocol Version Program
-------------------------------------------------------------------
1027 UDP IPv4 C:\Program Files\Bonjour\mDNSResponder.exe
137 UDP IPv4 (null) <- Netbios
139 TCP IPv4 (null) <- Netbios
138 UDP IPv4 (null) <- UDP Netbios
8381 TCP IPv4 (null)
8381 UDP IPv4 (null)
5353 TCP IPv4 (null)
5353 UDP IPv4 C:\Program Files\Bonjour\mDNSResponder.exe
445 TCP IPv4 (null)
3703 TCP IPv4 (null)
3704 TCP IPv4 (null)
2869 TCP IPv4 (null)
51001 TCP IPv4 (null) <- I know what this is ignore it
51000 TCP IPv4 (null) <- I know what this is ignore it
1900 UDP IPv4 C:\WINDOWS\system32\svchost.exe
912 TCP IPv4 C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

Normally I would be happy to reinstall my O/S but my current setup is a RAID 10 Array and XP doesn't have driver so I would have to procure a floppy drive, drivers etc to reload xp.....Any help is very much appreciated.

Much thanks,

Ryan
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP