Hi Chryssi2001 thanks for your reply. I have pasted all the logs here.
Rooter.exe
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.80GHz )
BIOS : v1.30
USER : Sriram ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2004 (Activated)
Firewall : Norton Internet Security 2004 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:27 Go)
D:\ (CD or DVD) - UDF - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
01/03/2009|11:11
----------------------\\ Search..
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
Trojan ! .. C:\WINDOWS\system32\47RDtmW7.exe
----------------------\\ Tasks
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
1 - "C:\Rooter$\Rooter_1.txt" - 01/03/2009|11:08
2 - "C:\Rooter$\Rooter_2.txt" - 01/03/2009|11:11
----------------------\\ Scan completed at 11:11
--------------------------------------------------------------------------------
ComboFix
ComboFix 09-02-28.01 - Sriram 2009-03-01 11:40:25.4 - NTFSx86
Running from: c:\documents and settings\Sriram\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
c:\windows\BMdba43628.txt
c:\windows\mdm.exe
c:\windows\svchost.exe
c:\windows\svchost.ini
c:\windows\system32\explorer.exe
.
((((((((((((((((((((((((( Files Created from 2009-02-01 to 2009-03-01 )))))))))))))))))))))))))))))))
.
2009-03-01 11:06 . 2009-03-01 11:11 <DIR> d-------- C:\Rooter$
2009-02-11 18:00 . 2009-02-11 18:00 <DIR> d--hs---- c:\documents and settings\NetworkService\IETldCache
2009-02-11 17:56 . 2009-02-11 17:56 <DIR> d--hs---- c:\documents and settings\Sriram\IECompatCache
2009-02-11 17:55 . 2009-02-11 17:55 <DIR> d--hs---- c:\documents and settings\Sriram\IETldCache
2009-02-11 17:45 . 2009-02-11 17:47 <DIR> d--h-c--- c:\windows\ie8
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-01 11:46 --------- d-----w c:\documents and settings\All Users\Application Data\Kontiki
2009-02-23 15:31 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-12 09:16 --------- d-----w c:\program files\Google
2009-02-12 09:16 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-26 20:19 --------- d-----w c:\program files\Avi2Dvd
2009-01-26 20:18 --------- d-----w c:\program files\AviSynth 2.5
2009-01-15 02:05 911,872 ----a-w c:\windows\system32\wininet.dll
2009-01-15 02:05 43,008 ----a-w c:\windows\system32\licmgr10.dll
2009-01-15 02:04 18,944 ----a-w c:\windows\system32\corpol.dll
2009-01-15 02:03 72,704 ----a-w c:\windows\system32\admparse.dll
2009-01-15 02:03 71,680 ----a-w c:\windows\system32\iesetup.dll
2009-01-15 02:03 420,352 ----a-w c:\windows\system32\vbscript.dll
2009-01-15 02:01 34,304 ----a-w c:\windows\system32\imgutil.dll
2009-01-15 02:00 48,128 ----a-w c:\windows\system32\mshtmler.dll
2009-01-15 02:00 45,568 ----a-w c:\windows\system32\mshta.exe
2009-01-15 01:50 156,160 ----a-w c:\windows\system32\msls31.dll
2009-01-08 15:58 --------- d-----w c:\program files\Network Stumbler
2009-01-03 17:33 --------- d-----w c:\documents and settings\Sriram\Application Data\DAEMON Tools Lite
2009-01-03 17:32 --------- d-----w c:\documents and settings\Sriram\Application Data\DAEMON Tools Pro
2009-01-03 17:32 --------- d-----w c:\documents and settings\Sriram\Application Data\DAEMON Tools
2009-01-03 17:31 --------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-01-03 16:42 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-01-28 18:39 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2005-12-27 10:05 36,768 -c--a-w c:\documents and settings\Sriram\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-06-02_19.06.35.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:48:44 297,984 ----a-w c:\windows\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:30:08 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:49 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:10 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-04-23 03:35:35 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 03:35:35 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 03:35:35 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 03:35:35 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 03:35:35 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 03:35:35 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 03:35:35 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 03:35:35 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 03:35:35 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 03:35:36 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 03:35:36 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 03:35:36 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 03:35:36 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 03:35:36 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 03:35:36 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 03:35:36 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 03:35:36 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 03:35:36 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 03:35:36 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 03:35:36 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 03:35:36 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 03:35:36 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 03:35:36 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 03:35:36 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 03:35:36 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:06:43 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:39:39 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 23:22:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:31 755,576 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-13 09:52:16 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-13 11:05:51 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-13 11:27:43 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 11:00:16 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 12:30:49 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 12:36:35 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:00 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:33:02 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:38:05 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:01:38 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 16:01:38 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:01:39 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 16:01:39 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 16:01:39 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 16:01:39 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 16:01:39 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 16:01:40 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 16:01:40 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 16:01:43 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 16:01:43 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 16:01:44 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 16:01:46 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 16:01:46 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 16:01:46 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 16:01:49 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 16:01:49 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 16:01:49 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 16:01:50 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 16:01:50 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 16:01:50 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 16:01:50 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 16:01:51 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 16:01:51 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 16:01:51 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 12:17:07 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 12:12:56 1,846,400 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 12:25:27 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-10-03 09:57:49 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP2QFE\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3GDR\strmdll.dll
+ 2008-10-03 09:49:31 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-09-04 16:32:52 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP2QFE\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3GDR\msxml3.dll
+ 2008-09-04 17:12:27 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 13:08:38 382,840 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-10-23 12:51:04 284,160 ----a-w c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:43:42 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 09:55:01 2,142,720 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe
+ 2008-08-14 09:18:44 2,062,976 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
+ 2008-08-14 09:18:46 2,020,864 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe
+ 2008-08-14 09:57:20 2,185,984 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
+ 2008-08-14 10:09:26 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 09:33:16 2,066,048 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 10:11:02 2,189,184 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 10:39:28 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 14:39:46 2,066,048 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 10:09:44 2,023,936 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 15:11:10 2,189,184 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-24 11:25:29 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:02:04 755,576 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:02:12 382,840 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-15 16:53:28 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR\netapi32.dll
+ 2008-10-15 16:25:53 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2008-12-11 10:24:44 333,184 ----a-w c:\windows\$hf_mig$\KB958687\SP2QFE\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3GDR\srv.sys
+ 2008-12-11 12:33:59 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB958687\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB958687\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2008-12-14 13:27:50 5,699,584 ----a-w c:\windows\$hf_mig$\KB960714-IE8\SP3QFE\mshtml.dll
+ 2008-07-09 07:38:24 17,272 ----a-w c:\windows\$hf_mig$\KB960714-IE8\spmsg.dll
+ 2008-07-09 07:38:25 231,288 ----a-w c:\windows\$hf_mig$\KB960714-IE8\spuninst.exe
+ 2008-07-09 07:38:24 26,488 ----a-w c:\windows\$hf_mig$\KB960714-IE8\update\spcustom.dll
+ 2008-11-15 17:18:04 755,576 ----a-w c:\windows\$hf_mig$\KB960714-IE8\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB960714-IE8\update\updspapi.dll
+ 2008-06-17 19:02:19 8,461,312 ----a-w c:\windows\$hf_mig$\KB967715\SP3GDR\shell32.dll
+ 2008-06-17 19:04:34 8,461,824 ----a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2008-07-09 07:38:24 17,272 ----a-w c:\windows\$hf_mig$\KB967715\spmsg.dll
+ 2008-07-09 07:38:25 231,288 ----a-w c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2008-07-09 07:38:24 26,488 ----a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll
+ 2004-08-04 12:00:00 294,400 -c----w c:\windows\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2004-08-04 00:06:34 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2005-07-26 04:39:45 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2007-08-21 06:15:44 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2008-04-14 11:01:02 272,128 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:32:43 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-04 12:00:00 245,248 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2006-10-18 20:03:58 100,864 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 09:41:48 231,288 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 09:41:48 382,840 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-18 21:47:20 937,984 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-18 21:47:22 2,450,944 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2004-08-04 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2005-06-29 01:46:00 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2007-07-27 09:41:48 231,288 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe
+ 2007-07-27 09:41:48 382,840 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\updspapi.dll
+ 2006-10-18 21:47:20 295,936 -c----w c:\windows\$NtUninstallKB954154_WM11$\wmpeffects.dll
+ 2007-07-27 09:41:48 231,288 -c----w c:\windows\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe
+ 2007-07-27 09:41:48 382,840 -c----w c:\windows\$NtUninstallKB954156_WM9L$\spuninst\updspapi.dll
+ 2002-12-11 18:38:52 929,280 -c----w c:\windows\$NtUninstallKB954156_WM9L$\wmex.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2006-08-21 09:52:08 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2008-07-09 13:08:38 382,840 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-07-14 11:09:18 62,976 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-02-20 06:51:05 282,624 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2008-07-08 13:02:12 382,840 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
+ 2006-08-17 12:28:27 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll
+ 2008-08-28 10:04:17 333,056 -c----w c:\windows\$NtUninstallKB958687$\srv.sys
+ 2008-07-18 15:46:04 1,326,192 ----a-w c:\windows\Downloaded Program Files\CONFLICT.1\npTVUAx.dll
+ 2008-06-13 13:10:50 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 09:08:48 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 09:58:27 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:22:14 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 20:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2008-06-02 11:46:42 11,071,488 ----a-w c:\windows\ERUNT\SDFIX\Users\
00000001\NTUSER.DAT
+ 2008-06-03 13:10:59 11,071,488 ----a-w c:\windows\ERUNT\SDFIX\Users\
00000001\NTUSER.DAT
- 2008-06-01 22:54:11 11,071,488 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\
00000001\NTUSER.DAT
+ 2008-06-03 13:11:03 11,071,488 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\
00000001\NTUSER.DAT
+ 2008-03-01 13:06:20 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:06:21 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:06:21 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:06:21 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:06:21 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:23 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:06:21 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:06:21 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:06:22 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:06:22 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:06:24 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:06:24 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:06:25 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:46 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:06:25 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:06:26 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:06:26 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 17:36:30 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:06:28 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:06:28 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:06:29 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:06:29 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:06:29 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:06:29 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:06:30 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:06:30 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:06:31 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:28 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:28 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:28 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:28 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:28 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:39:58 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:28 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:28 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:28 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:28 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:28 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:28 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:40:18 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:28 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:28 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:28 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 21:16:30 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:28 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:28 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:28 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:28 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:28 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:29 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:29 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:29 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2006-10-17 12:01:08 71,680 -c--a-w c:\windows\ie8\admparse.dll
+ 2008-06-23 16:57:27 124,928 -c--a-w c:\windows\ie8\advpack.dll
+ 2007-01-08 19:01:14 17,408 -c--a-w c:\windows\ie8\corpol.dll
+ 2008-06-23 16:57:27 347,136 -c--a-w c:\windows\ie8\dxtmsft.dll
+ 2008-06-23 16:57:27 214,528 -c--a-w c:\windows\ie8\dxtrans.dll
+ 2006-10-17 11:44:36 60,416 -c--a-w c:\windows\ie8\hmmapi.dll
+ 2008-06-23 16:57:28 63,488 -c--a-w c:\windows\ie8\icardie.dll
+ 2008-06-23 09:20:25 70,656 -c--a-w c:\windows\ie8\ie4uinit.exe
+ 2008-06-23 16:57:29 153,088 -c--a-w c:\windows\ie8\ieakeng.dll
+ 2008-06-23 16:57:29 230,400 -c--a-w c:\windows\ie8\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c--a-w c:\windows\ie8\ieakui.dll
+ 2007-04-17 09:28:12 2,455,488 -c--a-w c:\windows\ie8\ieapfltr.dat
+ 2008-06-23 16:57:29 383,488 -c--a-w c:\windows\ie8\ieapfltr.dll
+ 2008-06-23 16:57:29 384,512 -c--a-w c:\windows\ie8\iedkcs32.dll
+ 2006-10-17 12:06:00 78,336 -c--a-w c:\windows\ie8\ieencode.dll
+ 2006-10-17 12:06:00 78,336 -c--a-w c:\windows\ie8\ieencode.dll.000
+ 2008-06-23 16:57:33 6,066,176 -c--a-w c:\windows\ie8\ieframe.dll
+ 2006-10-17 12:33:40 191,488 -c--a-w c:\windows\ie8\iepeers.dll
+ 2006-10-17 12:33:40 287,744 -c--a-w c:\windows\ie8\ieproxy.dll
+ 2008-06-23 16:57:33 44,544 -c--a-w c:\windows\ie8\iernonce.dll
+ 2008-06-23 16:57:34 267,776 -c--a-w c:\windows\ie8\iertutil.dll
+ 2006-10-17 12:01:06 55,296 -c--a-w c:\windows\ie8\iesetup.dll
+ 2006-10-17 12:33:40 180,736 -c--a-w c:\windows\ie8\ieui.dll
+ 2008-06-23 09:20:52 625,664 -c--a-w c:\windows\ie8\iexplore.exe
+ 2006-10-17 11:57:58 36,352 -c--a-w c:\windows\ie8\imgutil.dll
+ 2006-10-17 12:00:54 92,672 -c--a-w c:\windows\ie8\inseng.dll
+ 2006-10-17 12:00:00 491,520 -c--a-w c:\windows\ie8\jscript.dll
+ 2008-06-23 16:57:35 27,648 -c--a-w c:\windows\ie8\jsproxy.dll
+ 2006-10-17 12:05:10 40,960 -c--a-w c:\windows\ie8\licmgr10.dll
+ 2008-06-23 16:57:36 459,264 -c--a-w c:\windows\ie8\msfeeds.dll
+ 2008-06-23 16:57:36 52,224 -c--a-w c:\windows\ie8\msfeedsbs.dll
+ 2006-10-17 11:58:32 12,288 -c--a-w c:\windows\ie8\msfeedssync.exe
+ 2006-10-17 11:56:10 45,568 -c--a-w c:\windows\ie8\mshta.exe
+ 2008-06-24 09:57:40 3,592,192 -c--a-w c:\windows\ie8\mshtml.dll
+ 2008-06-23 16:57:39 477,696 -c--a-w c:\windows\ie8\mshtmled.dll
+ 2006-10-17 11:28:56 48,128 -c--a-w c:\windows\ie8\mshtmler.dll
+ 2006-10-17 12:33:40 156,160 -c--a-w c:\windows\ie8\msls31.dll
+ 2008-06-23 16:57:39 193,024 -c--a-w c:\windows\ie8\msrating.dll
+ 2008-06-23 16:57:40 671,232 -c--a-w c:\windows\ie8\mstime.dll
+ 2008-06-23 16:57:40 102,912 -c--a-w c:\windows\ie8\occache.dll
+ 2008-06-23 16:57:40 44,544 -c--a-w c:\windows\ie8\pngfilt.dll
+ 2006-09-06 16:43:16 213,216 -c--a-w c:\windows\ie8\spuninst.exe
+ 2009-01-15 02:23:42 59,880 -c--a-w c:\windows\ie8\spuninst\iecustom.dll
+ 2008-10-13 13:55:34 231,456 -c--a-w c:\windows\ie8\spuninst\spuninst.exe
+ 2008-10-13 13:55:34 382,496 -c--a-w c:\windows\ie8\spuninst\updspapi.dll
+ 2008-06-23 16:57:40 105,984 -c--a-w c:\windows\ie8\url.dll
+ 2008-06-23 16:57:40 1,159,680 -c--a-w c:\windows\ie8\urlmon.dll
+ 2006-10-17 12:33:40 413,696 -c--a-w c:\windows\ie8\vbscript.dll
+ 2007-07-12 23:31:54 765,952 -c--a-w c:\windows\ie8\vgx.dll
+ 2008-06-23 16:57:41 233,472 -c--a-w c:\windows\ie8\webcheck.dll
+ 2006-10-17 12:05:58 206,336 -c--a-w c:\windows\ie8\winfxdocobj.exe
+ 2008-06-23 16:57:41 826,368 -c--a-w c:\windows\ie8\wininet.dll
+ 2009-02-10 00:40:18 363,246 ----a-r c:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\ARPPRODUCTICON.exe
+ 2009-02-10 00:40:18 25,214 ----a-r c:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-02-10 00:40:18 25,214 ----a-r c:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-02-10 00:40:18 25,214 ----a-r c:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-02-10 00:40:18 25,214 ----a-r c:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-02-10 00:40:18 25,214 ----a-r c:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
+ 2008-11-12 18:09:09 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2000-08-31 07:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 08:00:00 29,696 ----a-w c:\windows\Nircmd.exe
- 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 08:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2008-11-08 11:55:24 60,928 ----a-w c:\windows\system32\47RDtmW7.exe
- 2008-03-01 13:06:20 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2009-01-15 02:03:12 128,512 ----a-w c:\windows\system32\advpack.dll
- 2007-07-30 18:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 14:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2006-10-17 12:01:08 71,680 -c--a-w c:\windows\system32\dllcache\admparse.dll
+ 2009-01-15 02:03:32 72,704 -c--a-w c:\windows\system32\dllcache\admparse.dll
- 2008-03-01 13:06:20 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2009-01-15 02:03:12 128,512 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-14 09:51:43 138,368 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-06-13 13:10:50 272,128 -c----w c:\windows\system32\dllcache\bthport.sys
- 2007-07-30 18:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 14:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2007-01-08 19:01:14 17,408 -c----w c:\windows\system32\dllcache\corpol.dll
+ 2009-01-15 02:04:28 18,944 -c--a-w c:\windows\system32\dllcache\corpol.dll
- 2008-02-20 05:32:43 148,992 -c----w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
- 2008-03-01 13:06:21 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-01-15 02:01:22 348,160 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2009-01-15 02:01:16 216,064 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-07-07 20:32:22 253,952 -c----w c:\windows\system32\dllcache\es.dll
- 2008-03-01 13:06:21 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-06-23 16:57:27 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-02-20 06:51:05 282,624 -c----w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:01:36 283,648 -c----w c:\windows\system32\dllcache\gdi32.dll
- 2006-10-17 11:44:36 60,416 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
+ 2009-01-15 01:53:40 68,608 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
- 2008-03-01 13:06:21 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2009-01-15 02:01:40 59,904 -c--a-w c:\windows\system32\dllcache\icardie.dll
- 2008-02-29 08:55:23 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-01-15 02:03:28 172,544 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:06:21 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2009-01-15 02:03:42 125,952 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-03-01 13:06:21 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2009-01-15 02:03:50 228,352 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2009-01-15 02:03:20 163,840 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2007-04-17 09:28:12 2,455,488 -c----w c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-12-14 17:12:42 3,698,040 -c--a-w c:\windows\system32\dllcache\ieapfltr.dat
- 2008-03-01 13:06:22 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2009-01-15 01:35:10 445,440 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-01-15 02:17:22 392,040 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2009-01-15 02:12:12 10,963,968 -c--a-w c:\windows\system32\dllcache\ieframe.dll
- 2006-10-17 12:33:40 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll
+ 2009-01-15 02:01:52 183,808 -c--a-w c:\windows\system32\dllcache\iepeers.dll
- 2008-03-01 13:06:24 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2009-01-15 02:03:14 55,808 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-03-01 13:06:25 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2009-01-15 02:02:50 1,975,296 -c--a-w c:\windows\system32\dllcache\iertutil.dll
- 2006-10-17 12:01:06 55,296 -c--a-w c:\windows\system32\dllcache\iesetup.dll
+ 2009-01-15 02:03:18 71,680 -c--a-w c:\windows\system32\dllcache\iesetup.dll
- 2008-02-22 10:00:51 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-02-29 08:55:46 625,664 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2009-01-15 02:17:22 636,264 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2006-10-17 11:57:58 36,352 -c----w c:\windows\system32\dllcache\imgutil.dll
+ 2009-01-15 02:01:26 34,304 -c--a-w c:\windows\system32\dllcache\imgutil.dll
- 2007-08-21 06:15:44 683,520 -c----w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 -c----w c:\windows\system32\dllcache\inetcomm.dll
- 2006-10-17 12:00:54 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll
+ 2009-01-15 02:03:14 94,720 -c--a-w c:\windows\system32\dllcache\inseng.dll
- 2006-10-17 12:00:00 491,520 -c--a-w c:\windows\system32\dllcache\jscript.dll
+ 2009-01-15 02:03:58 724,992 -c--a-w c:\windows\system32\dllcache\jscript.dll
- 2008-03-01 13:06:25 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2009-01-15 02:04:16 25,600 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-17 12:05:10 40,960 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
+ 2009-01-15 02:05:34 43,008 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
- 2006-10-18 20:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 01:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
- 2004-08-04 12:00:00 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-06-24 16:23:05 74,240 -c----w c:\windows\system32\dllcache\mscms.dll
+ 2008-02-26 11:59:50 294,912 -c----w c:\windows\system32\dllcache\msctf.dll
- 2008-03-01 13:06:26 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2009-01-15 02:02:40 593,920 -c--a-w c:\windows\system32\dllcache\msfeeds.dll
- 2008-03-01 13:06:26 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-01-15 02:01:40 54,272 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll
- 2006-10-17 11:56:10 45,568 -c----w c:\windows\system32\dllcache\mshta.exe
+ 2009-01-15 02:00:38 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe
- 2008-03-01 17:36:30 3,591,680 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-15 02:13:18 5,888,512 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-03-01 13:06:28 478,208 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2009-01-15 02:01:06 66,560 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2006-10-17 11:28:56 48,128 -c----w c:\windows\system32\dllcache\mshtmler.dll
+ 2009-01-15 02:00:46 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
- 2006-10-17 12:33:40 156,160 -c----w c:\windows\system32\dllcache\msls31.dll
+ 2009-01-15 01:50:38 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll
- 2008-03-01 13:06:28 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2009-01-15 02:05:34 193,536 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-03-01 13:06:29 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2009-01-15 02:02:20 611,840 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-06-20 17:41:10 245,248 -c----w c:\windows\system32\dllcache\mswsock.dll
- 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 -c----w c:\windows\system32\dllcache\msxml3.dll
- 2006-08-17 12:28:27 332,288 -c----w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:57:55 332,800 -c----w c:\windows\system32\dllcache\netapi32.dll
- 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 09:58:27 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 09:22:14 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-03-01 13:06:29 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2009-01-15 02:05:34 109,056 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2008-03-01 13:06:29 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2009-01-15 02:01:18 46,592 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 -c----w c:\windows\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\system32\dllcache\rmcast.sys
- 2007-10-26 03:34:01 8,460,288 -c--a-w c:\windows\system32\dllcache\shell32.dll
+ 2008-07-03 13:03:29 8,460,800 -c--a-w c:\windows\system32\dllcache\shell32.dll
+ 2008-10-13 13:55:32 134,144 -c----w c:\windows\system32\dllcache\sqmapi.dll
- 2006-08-14 10:34:41 332,928 -c----w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21 333,184 -c----w c:\windows\system32\dllcache\srv.sys
- 2006-08-21 09:52:08 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:15:47 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
- 2007-10-30 17:20:55 360,064 -c----w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
- 2008-03-01 13:06:29 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2009-01-15 02:06:00 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2008-03-01 13:06:30 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2009-01-15 02:06:48 1,182,720 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2006-10-17 12:33:40 413,696 -c----w c:\windows\system32\dllcache\vbscript.dll
+ 2009-01-15 02:03:36 420,352 -c--a-w c:\windows\system32\dllcache\vbscript.dll
- 2007-07-12 23:31:54 765,952 -c----w c:\windows\system32\dllcache\vgx.dll
+ 2009-01-15 02:04:56 755,200 -c--a-w c:\windows\system32\dllcache\VGX.dll
- 2008-03-01 13:06:30 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2009-01-15 02:06:08 236,544 -c--a-w c:\windows\system32\dllcache\webcheck.dll
- 2007-03-15 17:16:42 236,928 -c----w c:\windows\system32\dllcache\WgaLogon.dll
+ 2008-09-05 23:30:42 241,704 -c----w c:\windows\system32\dllcache\wgaLogon.dll
- 2007-03-15 17:17:08 336,768 -c----w c:\windows\system32\dllcache\WgaTray.exe
+ 2008-09-05 23:29:58 917,032 -c----w c:\windows\system32\dllcache\WgaTray.exe
- 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 11:57:41 1,846,016 -c----w c:\windows\system32\dllcache\win32k.sys
- 2008-03-01 13:06:31 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2009-01-15 02:05:42 911,872 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2006-10-18 21:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 05:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 21:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 05:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
- 2007-07-30 18:19:36 549,720 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 14:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2007-07-30 18:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 14:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2007-07-30 18:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 14:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2007-07-30 18:19:32 325,976 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 14:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2007-07-30 18:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 14:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2007-07-30 18:19:28 203,096 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 14:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
- 2008-02-20 05:32:43 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w c:\windows\system32\dnsapi.dll
- 2004-08-04 12:00:00 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-06-13 13:10:50 272,128 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-05-30 00:06:36 15,864 ----a-w c:\windows\system32\drivers\mbam.sys
+ 2008-05-30 00:06:40 34,296 ----a-w c:\windows\system32\drivers\mbamcatchme.sys
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2006-07-13 08:48:58 202,240 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 11:57:21 333,184 ----a-w c:\windows\system32\drivers\srv.sys
- 2007-10-30 17:20:55 360,064 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2008-03-01 13:06:21 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2009-01-15 02:01:22 348,160 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2009-01-15 02:01:16 216,064 ----a-w c:\windows\system32\dxtrans.dll
- 2005-07-26 04:39:45 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:32:22 253,952 ----a-w c:\windows\system32\es.dll
- 2008-03-01 13:06:21 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-06-23 16:57:27 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-05-05 22:50:16 282,128 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-10-15 16:43:17 282,928 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-02-20 06:51:05 282,624 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 13:01:36 283,648 ----a-w c:\windows\system32\gdi32.dll
- 2008-03-01 13:06:21 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2009-01-15 02:01:40 59,904 ----a-w c:\windows\system32\icardie.dll
- 2006-06-29 07:05:44 26,112 ----a-w c:\windows\system32\idndl.dll
+ 2008-10-13 13:55:22 26,112 ----a-w c:\windows\system32\idndl.dll
- 2008-02-29 08:55:23 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2009-01-15 02:03:28 172,544 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-03-01 13:06:21 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2009-01-15 02:03:42 125,952 ----a-w c:\windows\system32\ieakeng.dll
- 2008-03-01 13:06:21 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2009-01-15 02:03:50 228,352 ----a-w c:\windows\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2009-01-15 02:03:20 163,840 ----a-w c:\windows\system32\ieakui.dll
- 2007-04-17 09:28:12 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
+ 2008-12-14 17:12:42 3,698,040 ----a-w c:\windows\system32\ieapfltr.dat
- 2008-03-01 13:06:22 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2009-01-15 01:35:10 445,440 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2009-01-15 02:17:22 392,040 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2009-01-15 02:12:12 10,963,968 ----a-w c:\windows\system32\ieframe.dll
- 2006-10-17 12:33:40 191,488 ----a-w c:\windows\system32\iepeers.dll
+ 2009-01-15 02:01:52 183,808 ----a-w c:\windows\system32\iepeers.dll
- 2008-03-01 13:06:24 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2009-01-15 02:03:14 55,808 ----a-w c:\windows\system32\iernonce.dll
- 2008-03-01 13:06:25 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2009-01-15 02:02:50 1,975,296 ----a-w c:\windows\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2009-01-15 02:03:18 36,864 ----a-w c:\windows\system32\ieudinit.exe
- 2006-10-17 12:33:40 180,736 ----a-w c:\windows\system32\ieui.dll
+ 2009-01-15 01:50:50 164,352 ----a-w c:\windows\system32\ieui.dll
- 2007-08-21 06:15:44 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w c:\windows\system32\inetcomm.dll
- 2006-10-17 12:00:54 92,672 ----a-w c:\windows\system32\inseng.dll
+ 2009-01-15 02:03:14 94,720 ----a-w c:\windows\system32\inseng.dll
- 2008-03-25 00:28:39 135,168 ----a-w c:\windows\system32\java.exe
+ 2008-06-10 00:21:01 135,168 ----a-w c:\windows\system32\java.exe
- 2008-03-25 00:28:43 135,168 ----a-w c:\windows\system32\javaw.exe
+ 2008-06-10 00:21:04 135,168 ----a-w c:\windows\system32\javaw.exe
- 2008-03-25 01:37:01 139,264 ----a-w c:\windows\system32\javaws.exe
+ 2008-06-10 01:32:34 139,264 ----a-w c:\windows\system32\javaws.exe
- 2006-10-17 12:00:00 491,520 ----a-w c:\windows\system32\jscript.dll
+ 2009-01-15 02:03:58 724,992 ----a-w c:\windows\system32\jscript.dll
- 2008-03-01 13:06:25 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2009-01-15 02:04:16 25,600 ----a-w c:\windows\system32\jsproxy.dll
+ 2005-05-24 11:27:16 213,048 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 14:47:20 94,208 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 14:49:54 950,272 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2007-03-15 17:19:28 1,476,992 ----a-w c:\windows\system32\LegitCheckControl.dll
+ 2008-09-05 23:30:06 1,480,232 ----a-w c:\windows\system32\LegitCheckControl.dll
- 2006-10-18 20:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 01:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2007-06-11 12:04:38 190,696 ----a-w c:\windows\system32\Macromed\Flash\FlashUtil9d.exe
+ 2008-03-25 02:32:44 218,496 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil9f.exe
- 2007-06-11 20:34:34 2,115,816 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2007-06-11 20:34:40 190,696 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-01-29 09:05:17 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-08-27 14:04:08 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2007-08-08 01:35:48 45,218 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-01 19:20:39 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-05-09 21:35:04 16,863,864 ----a-w c:\windows\system32\MRT.exe
+ 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe
- 2005-06-29 01:46:00 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll
- 2004-08-04 12:00:00 294,400 ----a-w c:\windows\system32\MSCTF.dll
+ 2008-02-26 11:59:50 294,912 ----a-w c:\windows\system32\msctf.dll
+ 2008-10-10 12:42:06 265,720 ----a-w c:\windows\system32\msdbg2.dll
- 2008-03-01 13:06:26 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2009-01-15 02:02:40 593,920 ----a-w c:\windows\system32\msfeeds.dll
- 2008-03-01 13:06:26 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2009-01-15 02:01:40 54,272 ----a-w c:\windows\system32\msfeedsbs.dll
- 2006-10-17 11:58:32 12,288 ----a-w c:\windows\system32\msfeedssync.exe
+ 2009-01-15 02:01:42 13,312 ----a-w c:\windows\system32\msfeedssync.exe
- 2008-03-01 17:36:30 3,591,680 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-15 02:13:18 5,888,512 ----a-w c:\windows\system32\mshtml.dll
- 2008-03-01 13:06:28 478,208 ----a-w c:\windows\system32\mshtmled.dll
+ 2009-01-15 02:01:06 66,560 ----a-w c:\windows\system32\mshtmled.dll
- 2008-03-01 13:06:28 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2009-01-15 02:05:34 193,536 ----a-w c:\windows\system32\msrating.dll
- 2008-03-01 13:06:29 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2009-01-15 02:02:20 611,840 ----a-w c:\windows\system32\mstime.dll
- 2004-08-04 12:00:00 245,248 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:41:10 245,248 ----a-w c:\windows\system32\mswsock.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 14:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 16:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2006-08-17 12:28:27 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2006-06-28 16:59:26 24,576 ----a-w c:\windows\system32\nlsdl.dll
+ 2008-10-13 13:55:22 24,576 ----a-w c:\windows\system32\nlsdl.dll
- 2006-06-29 07:05:44 23,552 ----a-w c:\windows\system32\normaliz.dll
+ 2008-10-13 13:55:22 23,552 ----a-w c:\windows\system32\normaliz.dll
+ 2004-03-24 02:12:34 17,280 ----a-w c:\windows\system32\nsndis5.sys
+ 2004-03-24 02:49:36 94,208 ----a-w c:\windows\system32\nsndis50.dll
- 2007-02-28 08:38:55 2,057,600 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 09:10:57 2,180,352 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-03-01 13:06:29 102,912 ----a-w c:\windows\system32\occache.dll
+ 2009-01-15 02:05:34 109,056 ----a-w c:\windows\system32\occache.dll
- 2008-04-11 15:28:15 63,862 ----a-w c:\windows\system32\perfc009.dat
+ 2008-11-01 19:10:29 64,380 ----a-w c:\windows\system32\perfc009.dat
- 2008-04-11 15:28:15 406,662 ----a-w c:\windows\system32\perfh009.dat
+ 2008-11-01 19:10:30 407,538 ----a-w c:\windows\system32\perfh009.dat
- 2008-03-01 13:06:29 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2009-01-15 02:01:18 46,592 ----a-w c:\windows\system32\pngfilt.dll
- 2007-10-29 22:43:03 1,287,680 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 ----a-w c:\windows\system32\quartz.dll
- 2007-10-26 03:34:01 8,460,288 ----a-w c:\windows\system32\shell32.dll
+ 2008-07-03 13:03:29 8,460,800 ----a-w c:\windows\system32\shell32.dll
+ 2008-07-18 21:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-10-16 14:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-07-18 21:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-10-16 14:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2006-10-16 16:10:58 14,640 ----a-w c:\windows\system32\spmsg.dll
+ 2008-10-13 13:55:34 16,928 ------w c:\windows\system32\spmsg.dll
- 2006-10-16 16:10:58 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-10-13 13:55:34 26,144 ----a-w c:\windows\system32\spupdsvc.exe
- 2006-08-21 09:52:08 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:15:47 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2007-11-13 11:31:11 60,416 ----a-w c:\windows\system32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ----a-w c:\windows\system32\tzchange.exe
- 2008-03-01 13:06:29 105,984 ----a-w c:\windows\system32\url.dll
+ 2009-01-15 02:06:00 105,984 ----a-w c:\windows\system32\url.dll
- 2008-03-01 13:06:30 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2009-01-15 02:06:48 1,182,720 ----a-w c:\windows\system32\urlmon.dll
- 2007-05-16 13:58:36 50,688 ----a-w c:\windows\system32\wbhelp2.dll
+ 2008-06-14 13:37:15 50,688 ----a-w c:\windows\system32\wbhelp2.dll
- 2008-03-01 13:06:30 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2009-01-15 02:06:08 236,544 ----a-w c:\windows\system32\webcheck.dll
- 2007-03-15 17:16:42 236,928 ----a-w c:\windows\system32\WgaLogon.dll
+ 2008-09-05 23:30:42 241,704 ----a-w c:\windows\system32\WgaLogon.dll
- 2007-03-15 17:17:08 336,768 ----a-w c:\windows\system32\WgaTray.exe
+ 2008-09-05 23:29:58 917,032 ----a-w c:\windows\system32\WgaTray.exe
- 2008-03-19 09:47:00 1,845,248 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 11:57:41 1,846,016 ----a-w c:\windows\system32\win32k.sys
- 2006-10-17 12:05:58 206,336 ----a-w c:\windows\system32\WinFXDocObj.exe
+ 2009-01-15 02:06:22 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe
- 2006-10-18 21:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 05:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-18 21:47:20 295,936 ----a-w c:\windows\system32\wmpeffects.dll
+ 2008-06-24 17:12:58 295,936 ----a-w c:\windows\system32\wmpeffects.dll
- 2006-10-18 21:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 05:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
- 2007-07-30 18:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 14:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 18:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 14:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 18:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 14:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2007-07-30 18:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 14:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2007-07-30 18:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 14:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 18:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 14:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 18:19:28 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 14:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
- 2006-07-14 15:51:51 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2008-10-13 13:55:36 121,856 ----a-w c:\windows\system32\xmllite.dll
- 2007-10-29 10:04:03 350,720 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-02-15 09:06:21 351,744 ----a-w c:\windows\system32\xpsp3res.dll
+ 2009-02-28 14:09:29 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_254.dat
+ 2008-09-30 16:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 16:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-04-15 17:54:19 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2006-09-13 4621816]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-04-19 3289088]
"EXPLORER.EXE"="EXPLORER.EXE" [2007-06-13 c:\windows\explorer.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-12-12 71328]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"4oD"="c:\program files\Kontiki\KHost.exe" [2008-02-27 1032376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2006-09-13 4621816]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil9f.exe" [2008-03-25 218496]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Sriram^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Sriram\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\
00THotkey]
--a--c--- 2004-08-11 09:57 253952 c:\windows\system32\
00THotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a--c--- 2003-10-30 15:46 192512 c:\program files\Apoint2K\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-01-15 16:14 147456 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a--c--- 2004-01-26 17:03 118784 c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a--c--- 2004-01-26 17:03 155648 c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 09:36 267048 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 16:24 1694208 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 22:37 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmaTel StacMon]
--a------ 2003-08-03 15:01 86073 c:\program files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
--a--c--- 2004-03-24 10:56 118784 c:\program files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
--a------ 2006-01-16 23:03 100056 c:\progra~1\SYMNET~1\SNDMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2005-12-12 23:33 180269 c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMERzCtl.EXE]
--a--c--- 2004-08-19 15:11 86016 c:\program files\Toshiba\TME3\TMERzCtl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMESRV.EXE]
--a------ 2004-04-13 10:54 126976 c:\program files\Toshiba\TME3\TMESRV31.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
--a--c--- 2003-09-05 02:24 65536 c:\program files\Toshiba\TOSCDSPD\TOSCDSPD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TouchED]
--a--c--- 2003-03-11 12:56 122880 c:\program files\Toshiba\TouchED\TouchED.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
--a--c--- 2003-12-11 19:35 70800 c:\program files\Norton Internet Security\UrlLstCk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\
000StTHK]
--a--c--- 2001-06-23 19:28 24576 c:\windows\system32\
000StTHK.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a--c--- 2004-02-20 14:00 88363 c:\windows\agrsmmsg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFNF5]
--a--c--- 2003-12-02 13:15 73728 c:\windows\system32\TFNF5.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]
--a------ 2004-06-28 08:29 266240 c:\windows\system32\TPSMain.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3 (0x3)
"Tmesrv"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"ose"=3 (0x3)
"IDriverT"=3 (0x3)
"usnjsvc"=3 (0x3)
"NMIndexingService"=3 (0x3)
"iPod Service"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"SymWSC"=2 (0x2)
"SAVScan"=2 (0x2)
"gupdate1c98b17a60f2840"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Games\\Rise of Nations\\rise.exe"=
"c:\\Program Files\\Microsoft Games\\Rise of Nations\\nations.exe"=
"c:\\Program Files\\Anti-Leech\\ALIE_1.0.2.3\\alhlp.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Games\\Rise of Nations\\patriots.exe"=
"c:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.SYS [2004-09-15 5888]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2006-01-03 16512]
S4 gupdate1c98b17a60f2840;Google Update Service (gupdate1c98b17a60f2840);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 133104]
--- Other Services/Drivers In Memory ---
*Deregistered* - navapsvc
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - PolicyAgent
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RemoteRegistry
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - SBService
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - SNDSrvc
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - upnphost
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{35df7e1e-4aa2-11dd-83de-000e7bbff86f}]
\Shell\AutoRun\command - E:\
\Shell\open\Command - rundll32.exe .\desktop.dll,InstallM
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c6d3d20-b89e-11dc-8373-0012f03eb287}]
\Shell\Auto\command - E:\MicrosoftPowerPoint.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b3ee0c9-ac56-11dd-83f9-000e7bbff86f}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a18e9c33-b71d-11dc-8371-0012f03eb287}]
\Shell\Auto\command - E:\MicrosoftPowerPoint.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d965e161-dc4f-11dd-8405-000e7bbff86f}]
\Shell\AutoRun\command - G:\EXPLORER.EXE
\Shell\explore\Command - G:\EXPLORER.EXE
\Shell\open\Command - G:\EXPLORER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]
2009-02-27 c:\windows\Tasks\At1.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-27 c:\windows\Tasks\At10.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-28 c:\windows\Tasks\At11.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-03-01 c:\windows\Tasks\At12.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-28 c:\windows\Tasks\At13.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-28 c:\windows\Tasks\At14.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-28 c:\windows\Tasks\At15.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-25 c:\windows\Tasks\At16.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-27 c:\windows\Tasks\At17.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-27 c:\windows\Tasks\At18.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-27 c:\windows\Tasks\At19.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-17 c:\windows\Tasks\At2.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-27 c:\windows\Tasks\At20.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-27 c:\windows\Tasks\At21.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-26 c:\windows\Tasks\At22.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-26 c:\windows\Tasks\At23.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-26 c:\windows\Tasks\At24.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-01-24 c:\windows\Tasks\At3.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2008-12-23 c:\windows\Tasks\At4.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2008-12-23 c:\windows\Tasks\At5.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2008-11-25 c:\windows\Tasks\At6.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2008-11-25 c:\windows\Tasks\At7.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2008-11-25 c:\windows\Tasks\At8.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-01-22 c:\windows\Tasks\At9.job
- c:\windows\system32\47RDtmW7.exe [2008-11-08 11:55]
2009-02-28 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 00:36]
2009-02-27 c:\windows\Tasks\Norton AntiVirus - Scan my computer - Sriram.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2004-03-17 12:23]
2005-12-07 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2003-08-13 17:38]
2009-03-01 c:\windows\Tasks\User_Feed_Synchronization-{0B515525-4740-4CCE-B20C-CEA8E23999EA}.job
- c:\windows\system32\msfeedssync.exe [2009-01-15 02:01]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-wsctf.exe - wsctf.exe
Notify-__c00C1039 - c:\windows\system32\__c00C1039.dat
MSConfigStartUp-Cognac - c:\docume~1\Sriram\LOCALS~1\Temp\~tmpb.exe
MSConfigStartUp-MSFox - c:\docume~1\Sriram\LOCALS~1\Temp\xxx1134.exe
MSConfigStartUp-outlook - c:\program files\outlook\outlook.exe
MSConfigStartUp-Slide - c:\progra~1\slide\slide.exe
MSConfigStartUp-SpeedTouch USB Diagnostics - c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe
MSConfigStartUp-SVCHOST - c:\windows\MDM.EXE
MSConfigStartUp-warez - c:\program files\Warez P2P Client\warez.exe
MSConfigStartUp-NDSTray - NDSTray.exe
MSConfigStartUp-TFncKy - TFncKy.exe
MSConfigStartUp-wsctf - wsctf.exe
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
IE: &Clean Traces - c:\program files\DAP Premium\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP Premium\dapextie.htm
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Download &all with DAP - c:\program files\DAP Premium\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
Name-Space Handler: FTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAPPRE~1\dapie.dll
Name-Space Handler: HTTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAPPRE~1\dapie.dll
DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
hxxp://128.230.73.133/activex/AMC.cabFF - ProfilePath -
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-03-01 11:46:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"659BD8E725A05FDCC64118EA787EAA2B534A94FABE"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a7,41,6f,91,19,5e,fd,45,97,2b,cf,\
"3A77B377802A4B6183DDE08FDE4AD9AF647A702826"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a7,41,6f,91,19,5e,fd,45,97,2b,cf,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1f,05,81,01,bb,42,77,4c,8a,62,72,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1f,05,81,01,bb,42,77,4c,8a,62,72,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
Completion time: 2009-03-01 11:52:12
ComboFix-quarantined-files.txt 2009-03-01 11:50:42
ComboFix2.txt 2008-06-05 17:32:30
ComboFix3.txt 2008-06-03 19:43:51
ComboFix4.txt 2008-06-02 18:13:40
Pre-Run: 29,109,829,632 bytes free
Post-Run: 29,344,301,056 bytes free
1247 --- E O F --- 2009-02-27 00:20:59
------------------------------------------------------------------------------
Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:06, on 01/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\47RDtmW7.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Sriram\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - HKUS\S-1-5-18\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP Premium\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP Premium\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP Premium\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) -
http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cabO16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) -
http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) -
http://www.bebo.com/files/BeboUploader.5.1.4.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?LinkID=39204O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cabO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cabO16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} (Webshots Multiple Media Uploader - Container) -
http://community.webshots.com/html/atx/wsaxcontrol.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) -
http://dl.tvunetworks.com/TVUAx.cabO16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://www1.snapfish.co.uk/SnapfishUKActivia.cabO16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) -
http://housecall65.trendmicro.com/house ... hcImpl.cabO16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} -
http://128.230.73.133/activex/AMC.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://128.230.34.247/activex/AxisCamControl.cabO16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} (KooPlayer Control) -
http://www.ooxtv.com/stream.ocxO16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
http://www.symantec.com/techsupp/asa/ctrl/SymAData.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
--
End of file - 10415 bytes
Looking forward to your reply.