Jump to content

need help removing svchost.exe virus


Recommended Posts

+ 2011-07-07 14:33 . 2010-11-20 13:26 225280 c:\windows\system32\DevicePairingFolder.dll

+ 2009-07-13 23:57 . 2009-07-14 01:40 189952 c:\windows\system32\DevicePairing.dll

+ 2009-07-13 23:37 . 2009-07-14 01:39 111616 c:\windows\system32\DeviceDisplayObjectProvider.exe

+ 2011-07-07 14:33 . 2010-11-20 13:26 508928 c:\windows\system32\DeviceCenter.dll

+ 2009-07-13 23:36 . 2009-07-14 01:40 291328 c:\windows\system32\defragsvc.dll

+ 2009-07-13 23:36 . 2009-07-14 01:39 183296 c:\windows\system32\Defrag.exe

+ 2011-07-07 14:33 . 2010-11-20 13:26 233984 c:\windows\system32\defaultlocationcpl.dll

+ 2009-07-13 23:41 . 2009-07-14 01:40 569344 c:\windows\system32\ddraw.dll

+ 2009-07-13 23:38 . 2009-07-14 01:39 881664 c:\windows\system32\dccw.exe

+ 2009-07-14 00:28 . 2009-07-14 01:40 147456 c:\windows\system32\dbnetlib.dll

+ 2011-07-07 14:33 . 2010-11-20 13:26 100864 c:\windows\system32\davclnt.dll

+ 2011-12-29 20:27 . 2010-05-26 17:41 276832 c:\windows\system32\d3dx11_43.dll

+ 2011-12-29 20:27 . 2009-09-04 23:29 285024 c:\windows\system32\d3dx11_42.dll

+ 2011-12-29 20:27 . 2010-05-26 17:41 511328 c:\windows\system32\d3dx10_43.dll

+ 2011-12-29 20:27 . 2009-09-04 23:29 523088 c:\windows\system32\d3dx10_42.dll

+ 2011-12-29 20:27 . 2009-03-09 21:27 520544 c:\windows\system32\d3dx10_41.dll

+ 2011-12-29 20:27 . 2008-10-15 12:22 519000 c:\windows\system32\d3dx10_40.dll

+ 2010-11-30 15:11 . 2008-07-12 14:18 540688 c:\windows\system32\d3dx10_39.dll

+ 2010-11-30 15:11 . 2008-05-30 20:11 540688 c:\windows\system32\d3dx10_38.dll

+ 2010-11-30 15:11 . 2008-02-06 05:07 529424 c:\windows\system32\d3dx10_37.dll

+ 2010-11-30 15:11 . 2007-10-02 15:56 508264 c:\windows\system32\d3dx10_36.dll

+ 2010-11-30 15:11 . 2007-07-20 00:14 508264 c:\windows\system32\d3dx10_35.dll

+ 2010-11-30 15:11 . 2007-05-16 22:45 506728 c:\windows\system32\d3dx10_34.dll

+ 2010-11-30 15:10 . 2007-03-15 22:57 506728 c:\windows\system32\d3dx10_33.dll

+ 2010-11-30 15:10 . 2006-11-29 19:06 469264 c:\windows\system32\d3dx10.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 787968 c:\windows\system32\d3d11.dll

+ 2011-07-07 14:32 . 2010-11-20 13:26 573952 c:\windows\system32\d3d10level9.dll

+ 2009-07-13 23:41 . 2009-07-14 01:40 280576 c:\windows\system32\d3d10core.dll

+ 2011-06-15 06:15 . 2010-11-20 13:26 321024 c:\windows\system32\d3d10_1core.dll

+ 2011-06-15 06:15 . 2011-01-17 11:09 197120 c:\windows\system32\d3d10_1.dll

+ 2011-03-09 13:05 . 2011-02-19 12:04 902656 c:\windows\system32\d2d1.dll

+ 2009-07-13 23:56 . 2009-07-14 01:39 322048 c:\windows\system32\cttune.exe

+ 2009-07-13 23:58 . 2009-07-14 01:39 156160 c:\windows\system32\cscript.exe

+ 2009-07-13 23:49 . 2009-07-14 01:40 130560 c:\windows\system32\cryptxml.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 177152 c:\windows\system32\cryptsvc.dll

+ 2009-07-13 23:49 . 2009-07-14 01:40 138752 c:\windows\system32\cryptnet.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 197120 c:\windows\system32\credui.dll

+ 2011-03-09 13:05 . 2010-12-23 10:42 961024 c:\windows\system32\CPFilters.dll

+ 2009-07-13 23:55 . 2009-07-14 01:39 114688 c:\windows\system32\control.exe

+ 2011-07-07 14:33 . 2010-11-20 13:32 112000 c:\windows\system32\consent.exe

+ 2011-08-11 04:51 . 2011-06-24 05:25 338432 c:\windows\system32\conhost.exe

+ 2009-07-14 05:38 . 2011-10-30 18:53 262144 c:\windows\system32\config\systemprofile\ntuser.dat

+ 2009-07-14 05:12 . 2011-11-12 15:13 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2009-07-14 00:00 . 2009-07-14 01:40 897024 c:\windows\system32\comuid.dll

+ 2009-07-13 23:59 . 2009-07-14 01:40 303616 c:\windows\system32\comsnap.dll

+ 2009-07-13 23:59 . 2009-07-14 01:40 147456 c:\windows\system32\comrepl.dll

+ 2009-07-14 00:40 . 2009-07-14 01:40 302080 c:\windows\system32\compstui.dll

+ 2009-07-13 23:48 . 2009-07-14 01:39 145920 c:\windows\system32\CompMgmtLauncher.exe

+ 2011-07-07 14:34 . 2010-11-20 13:25 594432 c:\windows\system32\comdlg32.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 633856 c:\windows\system32\comctl32.dll

+ 2009-07-13 23:59 . 2009-07-14 01:40 255488 c:\windows\system32\com\comadmin.dll

+ 2009-07-13 23:38 . 2009-07-14 01:40 624640 c:\windows\system32\colorui.dll

+ 2009-07-14 00:22 . 2009-07-14 01:40 189952 c:\windows\system32\COLORCNV.DLL

+ 2009-07-13 23:27 . 2009-07-14 01:40 472064 c:\windows\system32\cmipnpinstall.dll

+ 2009-07-14 00:09 . 2009-07-14 01:40 525312 c:\windows\system32\cmdial32.dll

+ 2011-07-07 14:34 . 2010-11-20 13:24 345088 c:\windows\system32\cmd.exe

+ 2011-07-07 14:33 . 2010-11-20 13:25 314368 c:\windows\system32\clusapi.dll

+ 2009-07-14 00:28 . 2009-07-14 01:40 102400 c:\windows\system32\cliconfg.dll

+ 2009-07-13 23:19 . 2009-07-14 01:52 367696 c:\windows\system32\clfs.sys

+ 2009-07-13 23:56 . 2009-07-14 01:38 216064 c:\windows\system32\cleanmgr.exe

+ 2009-07-14 00:00 . 2009-07-14 01:40 607744 c:\windows\system32\clbcatq.dll

+ 2009-07-13 23:45 . 2009-07-14 01:40 211968 c:\windows\system32\cic.dll

+ 2011-07-07 14:33 . 2010-11-20 13:28 780008 c:\windows\system32\ci.dll

+ 2009-07-13 23:56 . 2009-07-14 01:38 165888 c:\windows\system32\charmap.exe

+ 2011-07-05 16:33 . 2010-11-20 13:25 207872 c:\windows\system32\cfgmgr32.dll

+ 2009-07-14 00:21 . 2009-07-14 01:40 254976 c:\windows\system32\cewmdm.dll

+ 2009-07-13 23:49 . 2009-07-14 01:38 326144 c:\windows\system32\certreq.exe

+ 2009-07-13 23:50 . 2009-07-14 01:40 297984 c:\windows\system32\CertEnrollUI.dll

+ 2009-07-13 23:49 . 2009-07-14 01:40 129024 c:\windows\system32\certCredProvider.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 460800 c:\windows\system32\certcli.dll

+ 2011-07-07 14:33 . 2010-11-20 12:55 144384 c:\windows\system32\cdd.dll

+ 2009-07-14 00:00 . 2009-07-14 01:40 525824 c:\windows\system32\catsrvut.dll

+ 2009-07-14 00:00 . 2009-07-14 01:40 472576 c:\windows\system32\catsrv.dll

+ 2009-07-13 23:57 . 2009-07-14 01:38 918528 c:\windows\system32\calc.exe

+ 2011-07-07 14:33 . 2010-11-20 13:25 139264 c:\windows\system32\cabview.dll

+ 2009-07-13 23:25 . 2009-07-14 01:40 223744 c:\windows\system32\C_G18030.DLL

+ 2011-07-07 14:33 . 2010-11-20 13:24 899584 c:\windows\system32\Bubbles.scr

+ 2011-07-07 14:32 . 2010-11-20 13:25 136192 c:\windows\system32\browser.dll

+ 2011-04-15 03:08 . 2011-02-05 17:06 518672 c:\windows\system32\Boot\winresume.exe

+ 2011-04-15 03:08 . 2011-02-05 17:06 605552 c:\windows\system32\Boot\winload.exe

+ 2011-07-07 14:33 . 2010-11-20 13:25 840192 c:\windows\system32\blackbox.dll

+ 2011-07-07 14:32 . 2010-11-20 13:24 232448 c:\windows\system32\bitsadmin.exe

+ 2009-07-13 23:53 . 2009-07-14 01:40 190976 c:\windows\system32\BioCredProv.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 504320 c:\windows\system32\biocpl.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 705024 c:\windows\system32\BFE.DLL

+ 2009-07-13 23:22 . 2009-07-14 01:40 100864 c:\windows\system32\bdesvc.dll

+ 2011-07-07 14:33 . 2010-11-20 13:28 298104 c:\windows\system32\bcryptprimitives.dll

+ 2009-07-13 23:49 . 2009-07-14 01:40 123904 c:\windows\system32\bcrypt.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 168448 c:\windows\system32\bcdsrv.dll

+ 2011-07-07 14:33 . 2010-11-20 13:24 346112 c:\windows\system32\bcdedit.exe

+ 2011-07-07 14:33 . 2010-11-20 13:24 175616 c:\windows\system32\bcdboot.exe

+ 2009-07-13 23:56 . 2009-07-14 01:40 103424 c:\windows\system32\batt.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 749568 c:\windows\system32\batmeter.dll

+ 2011-07-07 14:33 . 2010-11-20 13:28 166784 c:\windows\system32\basecsp.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 472064 c:\windows\system32\azroleui.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 897536 c:\windows\system32\azroles.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 114688 c:\windows\system32\AxInstSv.dll

+ 2009-07-14 00:18 . 2009-07-14 01:40 108544 c:\windows\system32\avifil32.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 135680 c:\windows\system32\AuxiliaryDisplayServices.dll

+ 2009-07-14 00:00 . 2009-07-14 01:40 189440 c:\windows\system32\AuxiliaryDisplayDriverLib.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 726528 c:\windows\system32\AuxiliaryDisplayCpl.dll

+ 2009-07-14 00:00 . 2009-07-14 01:40 136192 c:\windows\system32\AuxiliaryDisplayClassInstaller.dll

+ 2009-07-14 00:00 . 2009-07-14 01:40 164352 c:\windows\system32\AuxiliaryDisplayApi.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 155136 c:\windows\system32\autoplay.dll

+ 2011-07-07 14:33 . 2010-11-20 13:24 763904 c:\windows\system32\autofmt.exe

+ 2011-07-07 14:33 . 2010-11-20 13:24 793088 c:\windows\system32\autoconv.exe

+ 2011-07-07 14:33 . 2010-11-20 13:24 777728 c:\windows\system32\autochk.exe

+ 2009-07-13 23:50 . 2009-07-14 01:40 177664 c:\windows\system32\authz.dll

+ 2009-07-13 22:01 . 2009-07-14 01:54 126976 c:\windows\system32\AuthFWWizFwk.dll

+ 2009-07-14 00:08 . 2009-07-14 01:40 304128 c:\windows\system32\AuthFWGP.dll

+ 2009-07-14 00:08 . 2009-07-14 01:40 491520 c:\windows\system32\authfwcfg.dll

+ 2009-07-13 23:50 . 2009-07-14 01:40 194048 c:\windows\system32\auditcse.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 679424 c:\windows\system32\audiosrv.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 296448 c:\windows\system32\AudioSes.dll

+ 2009-07-14 01:05 . 2009-07-14 01:41 499712 c:\windows\system32\AUDIOKSE.dll

+ 2009-07-14 00:18 . 2009-07-14 01:40 440832 c:\windows\system32\AudioEng.dll

+ 2011-07-07 14:33 . 2010-11-20 13:24 126464 c:\windows\system32\audiodg.exe

+ 2011-04-15 03:09 . 2011-02-19 09:00 367616 c:\windows\system32\atmfd.dll

+ 2009-11-03 13:51 . 2009-07-29 20:02 120320 c:\windows\system32\atitmm64.dll

+ 2009-11-03 13:51 . 2009-07-29 20:02 421376 c:\windows\system32\atipdl64.dll

+ 2009-11-03 13:51 . 2009-06-18 12:29 197654 c:\windows\system32\atiicdxx.dat

+ 2009-11-03 13:51 . 2009-07-29 20:03 203264 c:\windows\system32\atiesrxx.exe

+ 2009-11-03 13:51 . 2009-07-29 20:04 420352 c:\windows\system32\atieclxx.exe

+ 2009-11-03 13:51 . 2009-07-29 20:04 442368 c:\windows\system32\ATIDEMGX.dll

+ 2009-11-03 13:51 . 2009-05-11 14:35 118784 c:\windows\system32\atibtmon.exe

+ 2009-11-03 13:51 . 2009-07-29 19:20 251904 c:\windows\system32\atiadlxx.dll

+ 2009-07-14 00:29 . 2009-07-14 01:40 243200 c:\windows\system32\apss.dll

+ 2009-07-13 23:52 . 2009-07-14 01:38 146944 c:\windows\system32\appidpolicyconverter.exe

+ 2011-07-07 14:34 . 2010-11-20 13:25 342016 c:\windows\system32\apphelp.dll

+ 2009-07-14 00:29 . 2009-07-14 01:40 273920 c:\windows\system32\apircl.dll

+ 2011-07-07 14:33 . 2010-11-20 13:24 122880 c:\windows\system32\aitagent.exe

+ 2009-11-03 13:51 . 2009-03-31 14:02 108032 c:\windows\system32\AERTAR64.dll

+ 2009-11-03 13:51 . 2009-04-16 10:13 166400 c:\windows\system32\AERTAC64.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 412160 c:\windows\system32\aepdu.dll

+ 2011-07-07 14:34 . 2010-11-20 12:51 424448 c:\windows\system32\aeinv.dll

+ 2009-07-13 23:58 . 2009-07-14 01:40 160256 c:\windows\system32\advpack.dll

+ 2009-07-14 00:41 . 2009-07-14 01:40 877056 c:\windows\system32\advapi32.dll

+ 2009-07-14 00:29 . 2009-07-14 01:41 222208 c:\windows\system32\AdvancedInstallers\OEMHelpIns.dll

+ 2009-07-13 23:27 . 2009-07-14 01:41 370176 c:\windows\system32\AdvancedInstallers\locdrv.dll

+ 2009-07-13 23:31 . 2009-07-14 01:40 170496 c:\windows\system32\AdvancedInstallers\CntrtextInstaller.DLL

+ 2009-07-13 23:27 . 2009-07-14 01:40 477696 c:\windows\system32\AdvancedInstallers\cmitrust.dll

+ 2011-07-07 14:26 . 2010-11-20 13:25 125952 c:\windows\system32\AdvancedInstallers\cmiadapter.dll

+ 2009-07-13 23:19 . 2009-07-14 01:24 680448 c:\windows\system32\adtschema.dll

+ 2009-07-13 23:53 . 2009-07-14 01:40 326144 c:\windows\system32\adsnt.dll

+ 2009-07-13 23:53 . 2009-07-14 01:40 108032 c:\windows\system32\adsmsext.dll

+ 2009-07-13 23:53 . 2009-07-14 01:40 236544 c:\windows\system32\adsldpc.dll

+ 2009-07-13 23:53 . 2009-07-14 01:40 239104 c:\windows\system32\adsldp.dll

+ 2012-01-27 20:34 . 2012-01-27 20:34 114176 c:\windows\system32\admparse.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 958464 c:\windows\system32\actxprxy.dll

+ 2009-07-13 23:53 . 2009-07-14 01:40 267776 c:\windows\system32\activeds.dll

+ 2011-07-07 14:32 . 2010-11-20 13:25 213504 c:\windows\system32\ActionQueue.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 549888 c:\windows\system32\ActionCenterCPL.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 780800 c:\windows\system32\ActionCenter.dll

+ 2009-07-13 23:57 . 2009-07-14 01:40 154112 c:\windows\system32\aclui.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 158720 c:\windows\system32\aaclient.dll

+ 2009-07-14 05:01 . 2012-05-31 19:58 297012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-05-24 16:53 297012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-11-16 18:13 . 2012-05-31 03:14 297780 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-12288.dat

- 2011-11-16 18:13 . 2012-05-24 16:54 297780 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-12288.dat

+ 2010-11-26 20:05 . 2009-01-13 06:00 1060864 c:\windows\twain_32\escndv\es00a9\esui.dll

+ 2010-11-26 20:05 . 2009-02-04 06:00 1961984 c:\windows\twain_32\escndv\es00a9\esimgdet.dll

+ 2010-11-26 20:05 . 2009-01-10 06:00 3588096 c:\windows\twain_32\escndv\es00a9\escires.dll

+ 2011-07-07 14:33 . 2010-11-20 12:21 1202176 c:\windows\SysWOW64\Speech\Common\sapi.dll

+ 2009-11-03 13:51 . 2009-08-04 14:22 1038880 c:\windows\SysWOW64\RTCOM\RTCOMDLL.dll

+ 2011-07-07 14:33 . 2010-11-20 12:19 8826880 c:\windows\SysWOW64\migwiz\wet.dll

+ 2009-07-13 23:17 . 2009-06-10 21:44 1445052 c:\windows\SysWOW64\migwiz\SFLISTXP.dat

+ 2009-06-10 21:44 . 2009-06-10 21:44 2119152 c:\windows\SysWOW64\migwiz\SFLISTW7.dat

+ 2009-07-13 23:17 . 2009-06-10 21:44 3225610 c:\windows\SysWOW64\migwiz\SFLISTLH.dat

+ 2011-07-07 14:34 . 2010-11-20 12:19 5766144 c:\windows\SysWOW64\migwiz\migcore.dll

+ 2011-08-02 12:38 . 2011-08-02 12:38 1503232 c:\windows\SysWOW64\Macromed\Shockwave 10\dirapiX.dll

+ 2012-05-24 15:54 . 2012-05-24 15:54 8797856 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

+ 2009-07-13 23:47 . 2009-07-14 01:07 7392768 c:\windows\SysWOW64\IME\IMETC10\applets\MSHWCHTRIME.dll

+ 2009-07-13 23:47 . 2009-07-14 01:07 7390208 c:\windows\SysWOW64\IME\imekr8\applets\mshwkorrIME.dll

+ 2011-07-07 14:33 . 2010-11-20 12:19 1013760 c:\windows\SysWOW64\IME\IMEJP10\IMJPTIP.DLL

+ 2009-07-13 23:26 . 2009-07-14 01:15 1300480 c:\windows\SysWOW64\IME\IMEJP10\imjpcus.dll

+ 2009-07-13 23:47 . 2009-07-14 01:07 7378432 c:\windows\SysWOW64\IME\IMEJP10\APPLETS\mshwjpnrIME.dll

+ 2009-07-14 05:35 . 2009-07-14 02:12 1617920 c:\windows\SysWOW64\en\AuthFWSnapIn.Resources.dll

+ 2009-07-14 04:54 . 2012-05-29 04:58 5242880 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-27 03:42 5046272 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index(89).dat

+ 2009-07-14 00:42 . 2009-07-14 01:41 1576448 c:\windows\system32\xpssvcs.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 3008000 c:\windows\system32\xpsservices.dll

+ 2009-07-14 00:47 . 2009-07-14 01:39 4835840 c:\windows\system32\xpsrchvw.exe

+ 2011-04-26 22:06 . 2011-03-12 12:08 1465344 c:\windows\system32\XpsPrint.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 2621952 c:\windows\system32\wucltux.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2420736 c:\windows\system32\wuaueng.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2018304 c:\windows\system32\WsmSvc.dll

+ 2009-07-13 23:46 . 2009-07-14 01:41 1495552 c:\windows\system32\wsecedit.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2543616 c:\windows\system32\wpdshext.dll

+ 2009-07-14 00:23 . 2009-07-14 01:41 1955328 c:\windows\system32\WMVENCOD.DLL

+ 2011-07-07 14:34 . 2010-11-20 13:27 1888256 c:\windows\system32\WMVDECOD.DLL

+ 2011-07-07 14:34 . 2010-11-20 13:27 3027968 c:\windows\system32\WMVCORE.DLL

+ 2009-07-14 00:22 . 2009-07-14 01:41 1575424 c:\windows\system32\WMSPDMOE.DLL

+ 2011-07-07 14:34 . 2010-11-20 13:27 1024512 c:\windows\system32\wmpmde.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2072576 c:\windows\system32\WMPEncEn.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1243136 c:\windows\system32\WMNetMgr.dll

+ 2009-07-14 00:22 . 2009-07-14 01:41 1393152 c:\windows\system32\WMALFXGFXDSP.dll

+ 2009-07-14 00:22 . 2009-07-14 01:41 1153024 c:\windows\system32\WMADMOE.DLL

+ 2011-07-07 14:32 . 2010-11-20 13:27 1232896 c:\windows\system32\WMADMOD.DLL

+ 2011-07-07 14:34 . 2010-11-20 13:27 1441280 c:\windows\system32\wlanpref.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 3957760 c:\windows\system32\WinSAT.exe

+ 2012-04-13 00:22 . 2012-02-28 06:49 1390080 c:\windows\system32\wininet.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1190400 c:\windows\system32\WindowsCodecs.dll

+ 2012-03-25 01:57 . 2012-02-03 04:34 3145728 c:\windows\system32\win32k.sys

+ 2011-07-07 14:34 . 2010-11-20 13:27 1646080 c:\windows\system32\wevtsvc.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1281024 c:\windows\system32\werconcpl.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1158656 c:\windows\system32\webservices.dll

+ 2008-03-27 22:51 . 2008-03-27 22:51 1490656 c:\windows\system32\wdfcoinstaller01007.dll

+ 2011-01-10 02:50 . 2010-05-25 07:59 1917416 c:\windows\system32\WdfCoInstaller01005.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1363968 c:\windows\system32\wdc.dll

+ 2009-07-14 00:09 . 2009-07-14 01:41 1098240 c:\windows\system32\wcnwiz.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 1504256 c:\windows\system32\wbengine.exe

+ 2011-07-07 14:27 . 2010-11-20 13:27 1225216 c:\windows\system32\wbem\wbemcore.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 2058240 c:\windows\system32\wbem\cimwin32.dll

+ 2010-03-31 11:37 . 2010-03-31 11:37 1255736 c:\windows\system32\Wat\WatAdminSvc.exe

+ 2011-07-07 14:34 . 2010-11-20 13:25 1600512 c:\windows\system32\VSSVC.exe

+ 2011-07-07 14:34 . 2010-11-20 13:27 1753088 c:\windows\system32\vssapi.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1098240 c:\windows\system32\Vault.dll

+ 2009-07-14 00:33 . 2009-07-14 01:39 1402880 c:\windows\system32\Utilman.exe

+ 2011-07-07 14:34 . 2010-11-20 13:27 1008128 c:\windows\system32\user32.dll

+ 2011-05-10 13:06 . 2011-05-10 13:06 4517664 c:\windows\system32\usbaaplrc.dll

+ 2012-04-13 00:22 . 2012-02-28 06:50 1345536 c:\windows\system32\urlmon.dll

+ 2011-07-07 14:32 . 2010-11-20 13:15 1164800 c:\windows\system32\UIRibbonRes.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 3860992 c:\windows\system32\UIRibbon.dll

+ 2009-07-14 00:01 . 2009-07-14 01:41 3047424 c:\windows\system32\UIHub.dll

+ 2011-07-05 16:33 . 2011-05-04 05:25 2315776 c:\windows\system32\tquery.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 2851840 c:\windows\system32\themeui.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 2193920 c:\windows\system32\themecpl.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1197056 c:\windows\system32\taskschd.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1743360 c:\windows\system32\sysmain.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2262528 c:\windows\system32\SyncCenter.dll

+ 2009-07-13 23:29 . 2009-07-14 01:33 8338432 c:\windows\system32\spwizimg.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 3524608 c:\windows\system32\sppsvc.exe

+ 2011-07-07 14:34 . 2010-11-20 13:27 1082880 c:\windows\system32\sppobjs.dll

+ 2009-07-13 23:52 . 2009-07-14 01:41 1203712 c:\windows\system32\sppcext.dll

+ 2009-07-14 00:42 . 2010-11-20 13:27 1576448 c:\windows\system32\spool\drivers\x64\3\XPSSVCS.DLL

+ 2012-05-24 16:41 . 2012-03-31 05:40 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 2484736 c:\windows\system32\spool\drivers\x64\3\HPZUIWN7.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:27 3447808 c:\windows\system32\spool\drivers\x64\3\HPZSTWN7.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:41 1485824 c:\windows\system32\spool\drivers\x64\3\HPZ3Rwn7.DLL

+ 2009-07-14 01:18 . 2009-07-14 01:41 1532928 c:\windows\system32\spool\drivers\x64\3\HPZ3Awn7.DLL

+ 2009-07-14 01:19 . 2010-11-20 13:08 6566400 c:\windows\system32\spool\drivers\x64\3\FXSRES.DLL

+ 2010-11-26 20:07 . 2009-10-23 12:00 2031616 c:\windows\system32\spool\drivers\x64\3\E_IUICGGA.DLL

+ 2010-11-26 20:07 . 2009-10-05 14:01 1000960 c:\windows\system32\spool\drivers\x64\3\E_IUI1GGA.DLL

+ 2010-11-26 20:07 . 2010-07-26 13:06 1325560 c:\windows\system32\spool\drivers\x64\3\E_IINSGGA.EXE

+ 2010-11-26 20:07 . 2009-11-25 13:00 1090560 c:\windows\system32\spool\drivers\x64\3\E_IAPRGGA.DLL

+ 2009-07-14 00:35 . 2009-07-14 01:39 4942848 c:\windows\system32\Speech\SpeechUX\SpeechUXTutorial.exe

+ 2011-07-07 14:34 . 2010-11-20 13:27 1126912 c:\windows\system32\Speech\SpeechUX\SpeechUX.dll

+ 2009-07-14 05:35 . 2009-07-14 02:33 8289280 c:\windows\system32\Speech\SpeechUX\en-US\SpeechUXRes.dll

+ 2009-07-14 05:35 . 2009-07-14 01:34 8553472 c:\windows\system32\Speech\SpeechUX\en-gb\SpeechUXRes.dll

+ 2009-07-14 00:35 . 2009-07-14 01:41 1065984 c:\windows\system32\Speech\Engines\SR\spsreng.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1435648 c:\windows\system32\Speech\Common\sapi.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1900544 c:\windows\system32\setupapi.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 2250752 c:\windows\system32\SensorsCpl.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1120768 c:\windows\system32\sdengin2.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 1264640 c:\windows\system32\sdclt.exe

+ 2011-07-07 14:34 . 2010-11-20 13:27 1110016 c:\windows\system32\schedsvc.dll

+ 2011-03-09 13:05 . 2010-12-23 10:42 1118720 c:\windows\system32\sbe.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 1393696 c:\windows\system32\RtPgEx64.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 1603104 c:\windows\system32\RtkAPO64.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 1167904 c:\windows\system32\RTCOM64.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1219584 c:\windows\system32\rpcrt4.dll

+ 2012-03-25 01:57 . 2012-02-17 06:38 1031680 c:\windows\system32\rdpcore.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1556992 c:\windows\system32\RacEngn.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2055680 c:\windows\system32\Query.dll

+ 2012-01-11 17:23 . 2011-10-26 05:25 1572864 c:\windows\system32\quartz.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1212416 c:\windows\system32\propsys.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1050624 c:\windows\system32\printui.dll

+ 2009-07-14 01:01 . 2009-06-10 20:31 1165664 c:\windows\system32\PresentationNative_v0300.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1808384 c:\windows\system32\pnidui.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1389056 c:\windows\system32\pla.dll

+ 2009-07-14 01:05 . 2009-07-14 01:41 1439232 c:\windows\system32\pidgenx.dll

+ 2009-07-13 23:42 . 2009-07-14 01:41 1039872 c:\windows\system32\opengl32.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1911808 c:\windows\system32\OpcServices.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2199040 c:\windows\system32\oobe\winsetup.dll

+ 2009-07-13 23:29 . 2009-07-14 01:33 3051008 c:\windows\system32\oobe\W32UIImg.dll

+ 2009-07-13 23:28 . 2009-07-14 01:41 1002496 c:\windows\system32\oobe\unbcl.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1161728 c:\windows\system32\oobe\msoobeui.dll

+ 2011-07-07 14:32 . 2010-11-20 13:27 1080320 c:\windows\system32\onexui.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2086912 c:\windows\system32\ole32.dll

+ 2009-07-13 23:42 . 2009-07-14 01:41 1336832 c:\windows\system32\ogldrv.dll

+ 2012-01-11 17:22 . 2011-11-17 06:41 1731920 c:\windows\system32\ntdll.dll

+ 2009-07-14 00:32 . 2009-07-14 01:31 5071872 c:\windows\system32\NlsModels0011.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 6917120 c:\windows\system32\NlsLexicons0c1a.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 7042560 c:\windows\system32\NlsLexicons081a.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 5031936 c:\windows\system32\NlsLexicons0816.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 5090816 c:\windows\system32\NlsLexicons0416.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 4616192 c:\windows\system32\NlsLexicons0414.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1972736 c:\windows\system32\NlsLexicons004e.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 4093440 c:\windows\system32\NlsLexicons004c.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1702912 c:\windows\system32\NlsLexicons004b.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 3419136 c:\windows\system32\NlsLexicons004a.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1558016 c:\windows\system32\NlsLexicons0049.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1411072 c:\windows\system32\NlsLexicons0047.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1808896 c:\windows\system32\NlsLexicons0046.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1793536 c:\windows\system32\NlsLexicons0045.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 4045824 c:\windows\system32\NlsLexicons003e.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1782272 c:\windows\system32\NlsLexicons0039.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 6224896 c:\windows\system32\NlsLexicons0027.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 5791232 c:\windows\system32\NlsLexicons0026.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 7964672 c:\windows\system32\NlsLexicons0024.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 5499904 c:\windows\system32\NlsLexicons0022.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 2136064 c:\windows\system32\NlsLexicons0021.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1236992 c:\windows\system32\NlsLexicons0020.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 6346240 c:\windows\system32\NlsLexicons001d.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 6585856 c:\windows\system32\NlsLexicons001b.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 6014976 c:\windows\system32\NlsLexicons001a.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 6781440 c:\windows\system32\NlsLexicons0019.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 3331072 c:\windows\system32\NlsLexicons0018.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 4981248 c:\windows\system32\NlsLexicons0013.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 2466816 c:\windows\system32\NlsLexicons0011.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 4175872 c:\windows\system32\NlsLexicons0010.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 5654528 c:\windows\system32\NlsLexicons000f.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1722368 c:\windows\system32\NlsLexicons000d.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 6237696 c:\windows\system32\NlsLexicons000c.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 9892864 c:\windows\system32\NlsLexicons000a.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 2628608 c:\windows\system32\NlsLexicons0009.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 1452544 c:\windows\system32\NlsLexicons0003.dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 4164096 c:\windows\system32\NlsLexicons0002.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0c1a.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData081a.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 4636160 c:\windows\system32\NlsData0816.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 4636672 c:\windows\system32\NlsData0416.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 4635648 c:\windows\system32\NlsData0414.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004e.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004c.dll

+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004b.dll

+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData004a.dll

+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0049.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0047.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0046.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0045.dll

+ 2009-07-14 00:32 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData003e.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0039.dll

+ 2009-07-14 00:34 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData002a.dll

+ 2009-07-14 00:32 . 2009-07-14 01:41 2095104 c:\windows\system32\NlsData0027.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0026.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0024.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData0022.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 1921536 c:\windows\system32\NlsData0021.dll

+ 2009-07-14 00:34 . 2009-07-14 01:41 3231232 c:\windows\system32\NlsData0020.dll

+ 2009-07-14 00:34 . 2009-07-14 01:41 4637184 c:\windows\system32\NlsData001d.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData001b.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData001a.dll

+ 2009-07-14 00:34 . 2009-07-14 01:41 4625920 c:\windows\system32\NlsData0019.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0018.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 3604992 c:\windows\system32\NlsData0013.dll

+ 2009-07-14 00:30 . 2009-07-14 01:41 2777600 c:\windows\system32\NlsData0011.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 4636672 c:\windows\system32\NlsData0010.dll

+ 2009-07-14 00:32 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData000f.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 2491904 c:\windows\system32\NlsData000d.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 2413056 c:\windows\system32\NlsData000c.dll

+ 2009-07-14 00:32 . 2009-07-14 01:41 9772544 c:\windows\system32\NlsData000a.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 6270976 c:\windows\system32\NlsData0009.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 2137600 c:\windows\system32\NlsData0007.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0003.dll

+ 2009-07-14 00:33 . 2009-07-14 01:41 2093568 c:\windows\system32\NlsData0002.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 2725888 c:\windows\system32\NlsData0001.dll

+ 2009-07-14 00:31 . 2009-07-14 01:41 1623552 c:\windows\system32\NlsData0000.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 2146816 c:\windows\system32\networkmap.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1672704 c:\windows\system32\networkexplorer.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 2652160 c:\windows\system32\netshell.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1689600 c:\windows\system32\netcenter.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1326080 c:\windows\system32\NaturalLanguage6.dll

+ 2011-07-07 14:33 . 2010-11-20 13:44 1077248 c:\windows\system32\Narrator.exe

+ 2011-07-07 14:34 . 2010-11-20 13:27 2004480 c:\windows\system32\msxml6.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1881088 c:\windows\system32\msxml3.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 3650560 c:\windows\system32\MSVidCtl.dll

+ 2011-07-07 14:35 . 2010-11-20 13:27 3715584 c:\windows\system32\mstscax.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 1116672 c:\windows\system32\mstsc.exe

+ 2011-07-05 16:33 . 2011-05-04 05:22 2223616 c:\windows\system32\mssrch.dll

+ 2009-07-13 23:58 . 2009-07-14 01:39 6676480 c:\windows\system32\mspaint.exe

+ 2009-06-10 21:01 . 2009-07-14 01:41 2643456 c:\windows\system32\msmpeg2vdec.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 1160192 c:\windows\system32\MSMPEG2ENC.DLL

+ 2009-06-10 21:01 . 2009-07-14 01:41 1307136 c:\windows\system32\msmpeg2adec.dll

+ 2011-07-07 14:33 . 2010-11-20 13:27 3211776 c:\windows\system32\msi.dll

+ 2011-07-07 14:34 . 2010-11-20 13:27 1509888 c:\windows\system32\msdtctm.dll

+ 2009-07-13 23:32 . 2009-07-14 01:39 1076736 c:\windows\system32\msdt.exe

+ 2009-07-13 23:40 . 2009-07-14 01:41 1067008 c:\windows\system32\msctf.dll

+ 2009-07-14 00:19 . 2009-07-14 01:29 9053696 c:\windows\system32\mmres.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 3205120 c:\windows\system32\mmcndmgr.dll

+ 2009-07-13 23:49 . 2009-07-14 01:39 2144256 c:\windows\system32\mmc.exe

+ 2009-07-13 23:28 . 2009-07-14 01:41 1002496 c:\windows\system32\migwiz\unbcl.dll

+ 2009-07-13 23:28 . 2009-06-10 21:05 1445052 c:\windows\system32\migwiz\SFLISTXP.dat

+ 2009-06-10 21:05 . 2009-06-10 21:05 2119152 c:\windows\system32\migwiz\SFLISTW7.dat

+ 2009-07-13 23:28 . 2009-06-10 21:05 3225610 c:\windows\system32\migwiz\SFLISTLH.dat

+ 2011-07-07 14:34 . 2010-11-20 13:26 1205760 c:\windows\system32\migwiz\migstore.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 8032768 c:\windows\system32\migwiz\migcore.dll

+ 2011-04-15 03:09 . 2011-03-11 06:34 1359872 c:\windows\system32\mfc42u.dll

+ 2011-04-15 03:09 . 2011-03-11 06:34 1395712 c:\windows\system32\mfc42.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 4120064 c:\windows\system32\mf.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 1009152 c:\windows\system32\mcmde.dll

+ 2012-01-17 22:41 . 2011-11-17 06:35 1447936 c:\windows\system32\lsasrv.dll

+ 2011-08-11 04:51 . 2011-07-16 05:37 1162752 c:\windows\system32\kernel32.dll

+ 2012-04-13 00:22 . 2012-02-28 06:56 2311168 c:\windows\system32\jscript9.dll

+ 2009-07-14 00:02 . 2009-07-14 01:29 7392768 c:\windows\system32\IME\IMETC10\applets\MSHWCHTRIME.dll

+ 2009-07-14 00:02 . 2009-07-14 01:29 7390208 c:\windows\system32\IME\imekr8\applets\mshwkorrIME.dll

+ 2011-07-07 14:33 . 2010-11-20 13:26 1242112 c:\windows\system32\IME\IMEJP10\IMJPTIP.DLL

+ 2009-07-13 23:39 . 2009-07-14 01:41 1334784 c:\windows\system32\IME\IMEJP10\imjpcus.dll

+ 2009-07-14 00:02 . 2009-07-14 01:29 7378432 c:\windows\system32\IME\IMEJP10\APPLETS\mshwjpnrIME.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 1244160 c:\windows\system32\imapi2fs.dll

+ 2012-04-13 00:22 . 2012-02-28 06:43 2144256 c:\windows\system32\iertutil.dll

+ 2012-01-27 20:34 . 2012-01-27 20:34 3695416 c:\windows\system32\ieapfltr.dat

+ 2009-07-14 01:01 . 2009-06-10 20:30 1380672 c:\windows\system32\icardagt.exe

+ 2009-07-13 23:54 . 2009-07-14 01:40 1000960 c:\windows\system32\gpedit.dll

+ 2009-07-13 23:56 . 2009-07-14 01:27 4240384 c:\windows\system32\GameUXLegacyGDFs.dll

+ 2011-07-07 14:33 . 2010-11-20 13:26 2746880 c:\windows\system32\gameux.dll

+ 2011-03-09 13:05 . 2011-02-19 12:05 1139200 c:\windows\system32\FntCache.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 1866240 c:\windows\system32\ExplorerFrame.dll

+ 2011-04-26 22:06 . 2011-03-11 06:33 2565632 c:\windows\system32\esent.dll

+ 2009-07-14 05:35 . 2009-07-14 02:32 1617920 c:\windows\system32\en\AuthFWSnapIn.Resources.dll

+ 2011-07-07 14:33 . 2010-11-20 13:26 1457664 c:\windows\system32\DxpTaskSync.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 1632256 c:\windows\system32\dwmcore.dll

+ 2009-07-14 00:21 . 2009-07-14 01:40 1200640 c:\windows\system32\drmv2clt.dll

+ 2009-07-13 22:53 . 2009-06-10 20:32 5898752 c:\windows\system32\DriverStore\FileRepository\xcbdav.inf_amd64_neutral_cf80e4da1c95e6e2\xchalVx64.sys

+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\DriverStore\FileRepository\wpdmtp.inf_amd64_neutral_28f06ca2e38e8979\WpdMtpDr.dll

+ 2009-07-14 01:20 . 2009-07-14 01:41 1052160 c:\windows\system32\DriverStore\FileRepository\wialx004.inf_amd64_neutral_0a3a62ae6ed43127\lxa3comc.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:41 1052160 c:\windows\system32\DriverStore\FileRepository\wialx003.inf_amd64_neutral_db618863f9347f9a\lxa2comc.DLL

+ 2009-07-14 00:22 . 2009-07-14 01:41 1393152 c:\windows\system32\DriverStore\FileRepository\wdmaudio.inf_amd64_neutral_423894ded0ba8fdf\WMALFXGFXDSP.dll

+ 2012-02-15 16:01 . 2012-02-15 16:01 4547944 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c111aaecb61e9a2b\usbaaplrc.dll

+ 2012-01-26 19:09 . 2010-12-21 05:55 1917416 c:\windows\system32\DriverStore\FileRepository\ssadadb2.inf_amd64_neutral_32a5bf0b0f557644\amd64\WdfCoInstaller01005.dll

+ 2009-06-10 20:37 . 2009-07-14 01:45 1524816 c:\windows\system32\DriverStore\FileRepository\ql2300.inf_amd64_neutral_ca8487daf77ff7cb\ql2300.sys

+ 2009-07-14 01:18 . 2009-07-14 01:41 1275392 c:\windows\system32\DriverStore\FileRepository\prnrc00c.inf_amd64_neutral_53a58f4fd7d88575\Amd64\RIPSUI7.DLL

+ 2009-07-14 01:18 . 2009-07-14 01:41 1259008 c:\windows\system32\DriverStore\FileRepository\prnrc00a.inf_amd64_neutral_565c5d04cc520c48\Amd64\RIAUI27.DLL

+ 2009-07-14 01:18 . 2009-07-14 01:41 1259008 c:\windows\system32\DriverStore\FileRepository\prnrc00a.inf_amd64_neutral_565c5d04cc520c48\Amd64\RIAUI17.DLL

+ 2011-07-07 14:32 . 2010-11-20 13:08 6566400 c:\windows\system32\DriverStore\FileRepository\prnms002.inf_amd64_neutral_d834e48846616289\Amd64\FXSRES.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:41 1115136 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpfvew73.dll

+ 2009-07-14 01:20 . 2009-07-14 01:41 1591808 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpfuiw73.dll

+ 2009-07-14 01:20 . 2009-07-14 01:27 1058816 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpfstw73.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1667072 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpf4400t.dll

+ 2009-07-14 01:20 . 2009-07-14 01:41 1858048 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpf3rw73.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1667072 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpd2600t.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpc4600t.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1633792 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hpc309at.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8500nt.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8500gt.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8500at.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1674752 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp8000at.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6500nt.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6500at.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6000nt.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1667584 c:\windows\system32\DriverStore\FileRepository\prnhp005.inf_amd64_neutral_914d6c300207814f\Amd64\hp6000at.dll

+ 2009-07-14 01:20 . 2009-07-14 01:27 3498496 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpzurw72.dll

+ 2009-07-14 01:20 . 2009-07-14 01:41 1473536 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpzuiw72.dll

+ 2009-07-14 01:20 . 2009-07-14 01:27 1063936 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpzstw72.dll

+ 2009-07-14 01:20 . 2009-07-14 01:41 1832448 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpz3rw72.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1416192 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpd7500t.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1416192 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpD5400t.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1422336 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc6300t.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1416704 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc5500t.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1416192 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc5300t.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1412096 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpc4500t.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1423360 c:\windows\system32\DriverStore\FileRepository\prnhp004.inf_amd64_neutral_53f688945cfc24cc\Amd64\hpb8500t.dll

+ 2009-07-14 01:20 . 2009-07-14 01:27 1176064 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\hpzurw71.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 3506176 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\HPZUIW71.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:27 6061568 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\HPZSTW71.DLL

+ 2009-07-14 01:18 . 2009-07-14 01:41 7067136 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\hpzlaw71.dll

+ 2009-07-14 01:20 . 2009-07-14 01:41 2074624 c:\windows\system32\DriverStore\FileRepository\prnhp003.inf_amd64_neutral_4480210763997eb4\Amd64\hpz3rw71.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 2484736 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZUIWN7.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:27 3447808 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZSTWN7.DLL

+ 2009-07-14 01:18 . 2009-07-14 01:41 1486848 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZLSWN7.DLL

+ 2009-07-14 01:18 . 2009-07-14 01:41 4998656 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZLAwn7.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:41 1485824 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZ3Rwn7.DLL

+ 2009-07-14 01:18 . 2009-07-14 01:41 1532928 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPZ3Awn7.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:41 5274112 c:\windows\system32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\HPFIGLHN.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:27 1711616 c:\windows\system32\DriverStore\FileRepository\prnep00l.inf_amd64_neutral_f1fa021d2221e2c7\Amd64\EP0LGR00.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1471488 c:\windows\system32\DriverStore\FileRepository\prnep00g.inf_amd64_neutral_2926840e245f88f6\Amd64\EP0NRE8D.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 3291136 c:\windows\system32\DriverStore\FileRepository\prnep00g.inf_amd64_neutral_2926840e245f88f6\Amd64\EP0NOE10.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1398272 c:\windows\system32\DriverStore\FileRepository\prnep00f.inf_amd64_neutral_a5f6001b957bd7e0\Amd64\EP0NRE8C.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 3121664 c:\windows\system32\DriverStore\FileRepository\prnep00f.inf_amd64_neutral_a5f6001b957bd7e0\Amd64\EP0NOE09.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1899520 c:\windows\system32\DriverStore\FileRepository\prnep00e.inf_amd64_neutral_edc631ff41a34218\Amd64\EP0NOE20.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 4653056 c:\windows\system32\DriverStore\FileRepository\prnep00d.inf_amd64_neutral_dd61103f3a2743d4\Amd64\EP0NRE8H.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 3223552 c:\windows\system32\DriverStore\FileRepository\prnep00d.inf_amd64_neutral_dd61103f3a2743d4\Amd64\EP0NOE17.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 3214848 c:\windows\system32\DriverStore\FileRepository\prnep00d.inf_amd64_neutral_dd61103f3a2743d4\Amd64\EP0NOE12.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1332736 c:\windows\system32\DriverStore\FileRepository\prnep00c.inf_amd64_neutral_f0d9ddf52f04765c\Amd64\EP0NRE8T.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 2815488 c:\windows\system32\DriverStore\FileRepository\prnep00c.inf_amd64_neutral_f0d9ddf52f04765c\Amd64\EP0NOE02.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1007616 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE9C.DLL

+ 2009-07-14 01:19 . 2009-07-14 01:40 1158656 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE9A.DLL

+ 2009-07-14 01:19 . 2009-07-14 01:40 4642816 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE8M.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1536000 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NRE8L.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 3420160 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NOE18.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 3237376 c:\windows\system32\DriverStore\FileRepository\prnep00b.inf_amd64_neutral_2e6b718b2b177506\Amd64\EP0NOE14.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 2379776 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NUI60.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1632768 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NREUJ.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 2166784 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NRA8G.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 3022336 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NOE04.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 2799616 c:\windows\system32\DriverStore\FileRepository\prnep00a.inf_amd64_neutral_92a4c727cdf4c2f7\Amd64\EP0NOE03.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1878528 c:\windows\system32\DriverStore\FileRepository\prnep003.inf_amd64_neutral_92ed2d842e0dd4ea\Amd64\EP0LB03B.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:26 9625088 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBUR4.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 2809856 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBUI4.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:26 1854464 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBSR4.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1599488 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBPC4_2.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:26 4047872 c:\windows\system32\DriverStore\FileRepository\prnca00z.inf_amd64_neutral_27f402ce616c3ebc\Amd64\CNBLR4.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:26 6068224 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBUR.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 1936384 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBUI3.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:26 1598976 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBSR.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:25 2135040 c:\windows\system32\DriverStore\FileRepository\prnca00x.inf_amd64_neutral_eb0842aa932d01ee\Amd64\CNBLR.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00h.inf_amd64_neutral_96a8e38189e54d71\Amd64\CNBP_288.DLL

+ 2009-07-14 01:20 . 2009-07-14 01:40 2775040 c:\windows\system32\DriverStore\FileRepository\prnca00g.inf_amd64_neutral_6f76b14b2912fa55\Amd64\CNBXUI4.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1085440 c:\windows\system32\DriverStore\FileRepository\prnca00g.inf_amd64_neutral_6f76b14b2912fa55\Amd64\CNBP_281.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_300.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_298.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_297.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_295.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00e.inf_amd64_neutral_651eeed98428be5e\Amd64\CNBP_294.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1967104 c:\windows\system32\DriverStore\FileRepository\prnca00d.inf_amd64_neutral_0600b2ba575729f4\Amd64\CNBMR310.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 2899968 c:\windows\system32\DriverStore\FileRepository\prnca00d.inf_amd64_neutral_0600b2ba575729f4\Amd64\CNBMR285.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1724416 c:\windows\system32\DriverStore\FileRepository\prnca00d.inf_amd64_neutral_0600b2ba575729f4\Amd64\CNBMR284.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00b.inf_amd64_neutral_4412894f52d39895\Amd64\CNBP_332.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1724416 c:\windows\system32\DriverStore\FileRepository\prnca00b.inf_amd64_neutral_4412894f52d39895\Amd64\CNBMR284.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00a.inf_amd64_neutral_d64d696193e69d7b\Amd64\CNBP_327.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00a.inf_amd64_neutral_d64d696193e69d7b\Amd64\CNBP_326.DLL

+ 2009-07-14 01:17 . 2009-07-14 01:30 1026048 c:\windows\system32\DriverStore\FileRepository\prnca00a.inf_amd64_neutral_d64d696193e69d7b\Amd64\CNBP_325.DLL

+ 2009-06-10 20:32 . 2009-06-10 20:32 1512832 c:\windows\system32\DriverStore\FileRepository\ph6xib64c1.inf_amd64_neutral_68c99681343e9b68\Ph6xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1512832 c:\windows\system32\DriverStore\FileRepository\ph6xib64c0.inf_amd64_neutral_a43df8f7441e1c61\Ph6xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc9.inf_amd64_neutral_ff3a566e4b6ba035\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc8.inf_amd64_neutral_c93e7023ef90e637\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc7.inf_amd64_neutral_348f512722c79525\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc6.inf_amd64_neutral_2818f7b3b62bdd39\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc5.inf_amd64_neutral_2270382453de2dbb\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc4.inf_amd64_neutral_310871d800afa82a\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc3.inf_amd64_neutral_1da6abc36a79974f\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc2.inf_amd64_neutral_7621f5d62d77f42e\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc12.inf_amd64_neutral_ff7295ba5a46d63f\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc11.inf_amd64_neutral_bb18e5f134c40c68\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc10.inf_amd64_neutral_2c5d0c618dbfaf2a\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc1.inf_amd64_neutral_662220c3016bb4d0\Ph3xIB64.sys

+ 2009-06-10 20:32 . 2009-06-10 20:32 1627520 c:\windows\system32\DriverStore\FileRepository\ph3xibc0.inf_amd64_neutral_c24bcc939e6dfc23\Ph3xIB64.sys

+ 2009-07-13 21:59 . 2009-07-14 01:41 4326912 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvwgf2umx.dll

+ 2009-07-13 21:59 . 2009-07-14 01:41 3128320 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvwgf2um.dll

+ 2009-07-13 21:59 . 2009-07-14 01:41 9443840 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvd3dumx.dll

+ 2009-06-10 20:37 . 2009-07-14 01:41 7592960 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvd3dum.dll

+ 2011-07-07 14:32 . 2010-11-20 13:27 1576448 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\XPSSVCS.DLL

+ 2011-07-07 14:32 . 2010-11-20 13:09 1058304 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\PCL5URES.DLL

+ 2011-07-07 14:32 . 2010-11-20 13:09 1057792 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\PCL5ERES.DLL

+ 2009-06-10 20:35 . 2009-06-10 20:35 5434368 c:\windows\system32\DriverStore\FileRepository\netw5v64.inf_amd64_neutral_a6b778ba802632cc\netw5v64.sys

+ 2009-06-10 20:34 . 2009-06-10 20:34 3286016 c:\windows\system32\DriverStore\FileRepository\netevbda.inf_amd64_neutral_bab421df9c31cc81\evbda.sys

+ 2009-06-10 20:34 . 2009-06-10 20:34 1311232 c:\windows\system32\DriverStore\FileRepository\netbc664.inf_amd64_neutral_673d3dfb961e9b17\BCMWL664.SYS

+ 2010-11-29 12:31 . 2010-11-29 12:31 1579520 c:\windows\system32\DriverStore\FileRepository\netathrx.inf_amd64_neutral_cea49215e54053df\athrx.sys

+ 2009-06-20 02:09 . 2009-06-20 02:09 1394688 c:\windows\system32\DriverStore\FileRepository\netathrx.inf_amd64_neutral_905772087ff288af\athrx.sys

+ 2009-11-03 13:50 . 2009-06-05 15:10 1478144 c:\windows\system32\DriverStore\FileRepository\netathrx.inf_amd64_neutral_2b91f8e6eb395a80\athrx.sys

+ 2010-04-20 01:29 . 2010-04-20 01:29 1721576 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_dc2cbd989eec1514\wdfcoinstaller01009.dll

+ 2009-06-10 21:01 . 2009-06-10 21:01 1227776 c:\windows\system32\DriverStore\FileRepository\mdmmot64.inf_amd64_neutral_1abbad2f29c8fa08\SmSerl64.sys

+ 2009-07-13 22:04 . 2009-06-10 21:01 1485312 c:\windows\system32\DriverStore\FileRepository\mdmcxpv6.inf_amd64_neutral_f62ac4bd04e653d0\VSTDPV6.SYS

+ 2009-07-13 22:04 . 2009-06-10 21:01 1485312 c:\windows\system32\DriverStore\FileRepository\mdmcxhv6.inf_amd64_neutral_81ba64c5b6150dd3\VSTDPV6.SYS

+ 2009-06-10 21:01 . 2009-06-10 21:01 1146880 c:\windows\system32\DriverStore\FileRepository\mdmags64.inf_amd64_neutral_e68956e24e287714\agrsm64.sys

+ 2009-11-03 13:51 . 2009-07-09 10:38 1208320 c:\windows\system32\DriverStore\FileRepository\lsismv64.inf_amd64_neutral_aed7627c6cd433a1\agrsm64.sys

+ 2009-11-03 13:48 . 2009-06-11 13:34 1208320 c:\windows\system32\DriverStore\FileRepository\lsimuv64.inf_amd64_neutral_fd87eae134d04ed4\agrsm64.sys

+ 2009-07-13 21:59 . 2009-06-10 20:37 1498564 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igkrng400.bin

+ 2009-07-13 21:59 . 2009-07-14 01:41 5437952 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igdumd64.dll

+ 2009-07-13 21:59 . 2009-07-14 01:41 3805184 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igdumd32.dll

+ 2009-06-10 20:37 . 2009-06-10 20:37 6108416 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igdkmd64.sys

+ 2009-07-13 21:59 . 2009-07-14 01:41 3451904 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igd10umd64.dll

+ 2009-07-13 21:59 . 2009-07-14 01:41 2531328 c:\windows\system32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igd10umd32.dll

+ 2006-12-16 12:19 . 2006-12-16 12:19 1297408 c:\windows\system32\DriverStore\FileRepository\hposcu01.inf_amd64_neutral_28d85b41a0c7f87d\drivers\scanner\x64\hpotiop1.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1303552 c:\windows\system32\DriverStore\FileRepository\hpoa1ss.inf_amd64_neutral_8cae09a2238d64e0\hpowiav1.dll

+ 2009-07-14 01:18 . 2009-07-14 01:41 1303552 c:\windows\system32\DriverStore\FileRepository\hpoa1so.inf_amd64_neutral_4f1a3f1015001339\hpowiav1.dll

+ 2009-07-14 01:17 . 2009-07-14 01:41 1708032 c:\windows\system32\DriverStore\FileRepository\hpoa1so.inf_amd64_neutral_4f1a3f1015001339\hpotiop1.dll

+ 2009-07-14 01:19 . 2009-07-14 01:41 1252864 c:\windows\system32\DriverStore\FileRepository\hpoa1sd.inf_amd64_neutral_caaa16c52c48f8ac\hpowiad1.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 1833504 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\SkyTel.exe

+ 2009-08-04 14:22 . 2009-08-04 14:22 1393696 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\RtPgEx64.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 1678368 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\RtlUpd64.exe

+ 2009-08-04 14:50 . 2009-08-04 14:50 1973792 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\RTKVHD64.sys

+ 2009-08-04 14:22 . 2009-08-04 14:22 1603104 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\RtkAPO64.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 1038880 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\RTCOMDLL.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 1167904 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\RTCOM64.dll

+ 2009-08-04 14:22 . 2009-08-04 14:22 8060960 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_977a1a4d14f551e7\RAVCpl64.exe

+ 2009-11-03 13:51 . 2009-07-20 19:24 1833504 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\SkyTel.exe

+ 2009-11-03 13:51 . 2009-07-20 19:24 1355808 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\RtPgEx64.dll

+ 2009-11-03 13:51 . 2009-07-20 19:24 1678368 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\RtlUpd64.exe

+ 2009-11-03 13:51 . 2009-07-20 18:52 1831968 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\RTKVHD64.sys

+ 2009-11-03 13:51 . 2009-07-20 19:23 1603104 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\RtkAPO64.dll

+ 2009-11-03 13:51 . 2009-07-20 19:23 1038880 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\RTCOMDLL.dll

+ 2009-11-03 13:51 . 2009-07-20 19:23 1167904 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\RTCOM64.dll

+ 2009-11-03 13:51 . 2009-07-20 19:23 7981088 c:\windows\system32\DriverStore\FileRepository\hdxhpai2.inf_amd64_neutral_27e342e61200a0b3\RAVCpl64.exe

+ 2009-11-03 13:51 . 2009-07-20 19:24 1833504 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\SkyTel.exe

+ 2009-11-03 13:51 . 2009-07-20 19:24 1355808 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\RtPgEx64.dll

+ 2009-11-03 13:51 . 2009-07-20 19:24 1678368 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\RtlUpd64.exe

+ 2009-11-03 13:51 . 2009-07-20 18:52 1831968 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\RTKVHD64.sys

+ 2009-11-03 13:51 . 2009-07-20 19:23 1603104 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\RtkAPO64.dll

+ 2009-11-03 13:51 . 2009-07-20 19:23 1038880 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\RTCOMDLL.dll

+ 2009-11-03 13:51 . 2009-07-20 19:23 1167904 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\RTCOM64.dll

+ 2009-11-03 13:51 . 2009-07-20 19:23 7981088 c:\windows\system32\DriverStore\FileRepository\hdxhpai1.inf_amd64_neutral_a067a01ecae4d85f\RAVCpl64.exe

+ 2009-06-10 20:31 . 2009-06-10 20:31 1192448 c:\windows\system32\DriverStore\FileRepository\hcw85b64.inf_amd64_neutral_22b436d5d06ab017\HCW85BDA.sys

+ 2009-07-13 22:53 . 2009-06-10 20:32 1643520 c:\windows\system32\DriverStore\FileRepository\hcw72b64.inf_amd64_neutral_023772237d3a4ade\hcw72DTV.sys

+ 2009-07-13 22:53 . 2009-06-10 20:32 1649024 c:\windows\system32\DriverStore\FileRepository\hcw72b64.inf_amd64_neutral_023772237d3a4ade\hcw72ATV.sys

+ 2010-11-26 20:05 . 2009-01-13 06:00 1060864 c:\windows\system32\DriverStore\FileRepository\esa9.inf_amd64_neutral_9d4863e84ff5360f\esui.dll

+ 2010-11-26 20:05 . 2009-02-04 06:00 1961984 c:\windows\system32\DriverStore\FileRepository\esa9.inf_amd64_neutral_9d4863e84ff5360f\esimgdet.dll

+ 2010-11-26 20:05 . 2009-01-10 06:00 3588096 c:\windows\system32\DriverStore\FileRepository\esa9.inf_amd64_neutral_9d4863e84ff5360f\escires.dll

+ 2010-11-26 20:20 . 2010-07-26 13:06 1325560 c:\windows\system32\DriverStore\FileRepository\e_gf1gga.inf_amd64_neutral_12b90a10b4f9c9e2\WINX64\EPUPDATE.EXE

+ 2010-11-26 20:20 . 2009-11-25 13:00 1090560 c:\windows\system32\DriverStore\FileRepository\e_gf1gga.inf_amd64_neutral_12b90a10b4f9c9e2\WINX64\E_S50P0B.DLL

+ 2010-11-26 20:20 . 2009-10-23 12:00 2031616 c:\windows\system32\DriverStore\FileRepository\e_gf1gga.inf_amd64_neutral_12b90a10b4f9c9e2\WINX64\E_GU3GAE.DLL

+ 2010-11-26 20:20 . 2009-10-05 14:01 1000960 c:\windows\system32\DriverStore\FileRepository\e_gf1gga.inf_amd64_neutral_12b90a10b4f9c9e2\WINX64\E_GI1GEE.DLL

+ 2009-07-13 21:53 . 2009-06-10 20:36 1297122 c:\windows\system32\DriverStore\FileRepository\divacx64.inf_amd64_neutral_fa0f82f024789743\dspcli.bin

+ 2009-07-13 21:53 . 2009-06-10 20:36 1544192 c:\windows\system32\DriverStore\FileRepository\divacx64.inf_amd64_neutral_fa0f82f024789743\dicowan.sys

+ 2009-11-03 13:51 . 2009-07-29 19:32 2868736 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atiumdva.dll

+ 2009-11-03 13:51 . 2009-07-29 19:47 3105280 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atiumdag.dll

+ 2009-11-03 13:51 . 2009-07-29 19:38 2622976 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atiumd6a.dll

+ 2009-11-03 13:51 . 2009-07-29 19:43 4059648 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atiumd64.dll

+ 2009-11-03 13:51 . 2009-07-30 06:11 6038016 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atikmdag.sys

+ 2009-11-03 13:51 . 2009-07-29 19:53 2921984 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atidxx64.dll

+ 2009-11-03 13:51 . 2009-07-29 19:58 2469888 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atidxx32.dll

+ 2009-11-03 13:51 . 2009-07-29 19:16 4289536 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\aticaldd64.dll

+ 2009-11-03 13:51 . 2009-07-29 19:15 3264512 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\aticaldd.dll

+ 2009-07-13 21:53 . 2009-06-10 20:36 1210684 c:\windows\system32\DriverStore\FileRepository\avmx64c.inf_amd64_neutral_8ebb15bf548db022\c4.bin

+ 2009-07-13 21:53 . 2009-06-10 20:36 1164816 c:\windows\system32\DriverStore\FileRepository\avmx64c.inf_amd64_neutral_8ebb15bf548db022\c2.bin

+ 2009-07-13 21:59 . 2009-07-14 01:40 4772352 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumdva.dll

+ 2009-07-13 21:59 . 2009-07-14 01:40 4030976 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumdag.dll

+ 2009-07-13 21:59 . 2009-07-14 01:40 4763136 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumd6a.dll

+ 2009-06-10 20:36 . 2009-07-14 01:40 5492736 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atiumd64.dll

+ 2009-07-13 21:59 . 2009-07-13 21:59 5020672 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atikmdag.sys

+ 2009-07-13 21:59 . 2009-07-14 01:40 3115008 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atidxx64.dll

+ 2009-07-13 21:59 . 2009-07-14 01:40 2342400 c:\windows\system32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\atidxx32.dll

+ 2011-01-10 02:50 . 2010-05-25 07:59 1917416 c:\windows\system32\drivers\WdfCoInstaller01005.dll

+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\drivers\UMDF\WpdMtpDr.dll

+ 2009-08-04 14:50 . 2009-08-04 14:50 1973792 c:\windows\system32\drivers\RTKVHD64.sys

+ 2009-06-10 20:37 . 2009-07-14 01:45 1524816 c:\windows\system32\drivers\ql2300.sys

+ 2011-04-26 22:06 . 2011-03-11 06:41 1659776 c:\windows\system32\drivers\ntfs.sys

+ 2009-06-10 20:34 . 2009-06-10 20:34 3286016 c:\windows\system32\drivers\evbda.sys

+ 2009-11-03 13:51 . 2009-07-30 06:11 6038016 c:\windows\system32\drivers\atikmdag.sys

+ 2010-11-29 12:31 . 2010-11-29 12:31 1579520 c:\windows\system32\drivers\athrx.sys

Link to post
Share on other sites

  • Replies 94
  • Created
  • Last Reply

Top Posters In This Topic

+ 2011-07-07 14:33 . 2010-11-20 13:26 1066496 c:\windows\system32\Display.dll

+ 2009-07-13 23:55 . 2009-07-14 01:40 1502208 c:\windows\system32\diskcopy.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 1340416 c:\windows\system32\diagperf.dll

+ 2011-07-07 14:33 . 2010-11-20 13:26 1202176 c:\windows\system32\DiagCpl.dll

+ 2011-07-07 14:35 . 2010-11-05 01:57 1942856 c:\windows\system32\dfshim.dll

+ 2009-07-13 23:37 . 2009-07-14 01:40 6281216 c:\windows\system32\DDORes.dll

+ 2011-07-07 14:32 . 2010-11-20 13:26 1087488 c:\windows\system32\dbghelp.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 3391488 c:\windows\system32\dbgeng.dll

+ 2011-12-29 20:27 . 2010-05-26 17:41 2401112 c:\windows\system32\D3DX9_43.dll

+ 2011-12-29 20:27 . 2009-09-04 23:29 2475352 c:\windows\system32\D3DX9_42.dll

+ 2011-12-29 20:27 . 2009-03-09 21:27 5425496 c:\windows\system32\D3DX9_41.dll

+ 2011-12-29 20:27 . 2008-10-15 12:22 5631312 c:\windows\system32\D3DX9_40.dll

+ 2010-11-30 15:11 . 2008-07-12 14:18 4992520 c:\windows\system32\D3DX9_39.dll

+ 2010-11-30 15:11 . 2008-05-30 20:11 4991496 c:\windows\system32\D3DX9_38.dll

+ 2010-11-30 15:11 . 2008-03-05 21:56 4910088 c:\windows\system32\D3DX9_37.dll

+ 2010-11-30 15:11 . 2007-10-12 21:14 5081608 c:\windows\system32\d3dx9_36.dll

+ 2010-11-30 15:11 . 2007-07-20 00:14 5073256 c:\windows\system32\d3dx9_35.dll

+ 2010-11-30 15:11 . 2007-05-16 22:45 4496232 c:\windows\system32\d3dx9_34.dll

+ 2010-11-30 15:10 . 2007-03-12 22:42 4494184 c:\windows\system32\d3dx9_33.dll

+ 2010-11-30 15:10 . 2006-11-29 19:06 4398360 c:\windows\system32\d3dx9_32.dll

+ 2010-11-30 15:10 . 2006-09-28 22:05 3977496 c:\windows\system32\d3dx9_31.dll

+ 2010-11-30 15:10 . 2006-03-31 18:41 3927248 c:\windows\system32\d3dx9_30.dll

+ 2010-11-30 15:10 . 2006-02-03 14:43 3830992 c:\windows\system32\d3dx9_29.dll

+ 2010-11-30 15:10 . 2005-12-06 00:09 3815120 c:\windows\system32\d3dx9_28.dll

+ 2010-11-30 15:10 . 2005-07-23 01:59 3807440 c:\windows\system32\d3dx9_27.dll

+ 2010-11-30 15:10 . 2005-05-26 21:34 3767504 c:\windows\system32\d3dx9_26.dll

+ 2010-11-30 15:10 . 2005-03-18 23:19 3823312 c:\windows\system32\d3dx9_25.dll

+ 2010-11-30 15:10 . 2005-02-06 01:45 3544272 c:\windows\system32\d3dx9_24.dll

+ 2011-12-29 20:27 . 2010-05-26 17:41 1907552 c:\windows\system32\d3dcsx_43.dll

+ 2011-12-29 20:27 . 2009-09-04 23:29 5554512 c:\windows\system32\d3dcsx_42.dll

+ 2011-12-29 20:27 . 2010-05-26 17:41 2526056 c:\windows\system32\D3DCompiler_43.dll

+ 2011-12-29 20:27 . 2009-09-04 23:29 2582888 c:\windows\system32\D3DCompiler_42.dll

+ 2011-12-29 20:27 . 2009-03-09 21:27 2430312 c:\windows\system32\D3DCompiler_41.dll

+ 2011-12-29 20:27 . 2008-10-15 12:22 2605920 c:\windows\system32\D3DCompiler_40.dll

+ 2010-11-30 15:11 . 2008-07-12 14:18 1942552 c:\windows\system32\D3DCompiler_39.dll

+ 2010-11-30 15:11 . 2008-05-30 20:11 1941528 c:\windows\system32\D3DCompiler_38.dll

+ 2010-11-30 15:11 . 2008-03-05 21:56 1860120 c:\windows\system32\D3DCompiler_37.dll

+ 2010-11-30 15:11 . 2007-10-12 21:14 2006552 c:\windows\system32\D3DCompiler_36.dll

+ 2010-11-30 15:11 . 2007-07-20 00:14 1985904 c:\windows\system32\D3DCompiler_35.dll

+ 2010-11-30 15:11 . 2007-05-16 22:45 1401200 c:\windows\system32\D3DCompiler_34.dll

+ 2010-11-30 15:10 . 2007-03-12 22:42 1400176 c:\windows\system32\D3DCompiler_33.dll

+ 2011-07-07 14:34 . 2010-11-20 13:26 2067456 c:\windows\system32\d3d9.dll

+ 2011-07-07 14:35 . 2010-11-20 13:26 1838080 c:\windows\system32\d3d10warp.dll

+ 2009-07-13 23:46 . 2009-07-14 01:40 1267712 c:\windows\system32\d3d10.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 1065984 c:\windows\system32\cryptui.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 1456128 c:\windows\system32\crypt32.dll

+ 2009-07-14 00:07 . 2009-07-14 01:40 1393152 c:\windows\system32\connect.dll

+ 2009-07-14 00:01 . 2009-07-14 01:40 1735680 c:\windows\system32\comsvcs.dll

+ 2009-07-13 23:59 . 2009-07-14 01:26 1297408 c:\windows\system32\comres.dll

+ 2009-07-13 23:58 . 2009-07-14 01:40 1208832 c:\windows\system32\cmncliM.dll

+ 2009-07-14 00:27 . 2009-07-14 01:41 6100480 c:\windows\system32\chtbrkr.dll

+ 2009-07-14 00:28 . 2009-07-14 01:41 1675776 c:\windows\system32\chsbrkr.dll

+ 2009-07-13 23:50 . 2009-07-14 01:38 1175552 c:\windows\system32\certutil.exe

+ 2011-07-07 14:34 . 2010-11-20 13:25 1796096 c:\windows\system32\certmgr.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 1975296 c:\windows\system32\CertEnroll.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 1133568 c:\windows\system32\cdosys.dll

+ 2009-07-13 23:56 . 2009-07-14 01:25 6214144 c:\windows\system32\CardGames.dll

+ 2011-07-07 14:33 . 2010-11-20 13:32 2217856 c:\windows\system32\bootres.dll

+ 2011-07-07 14:34 . 2010-11-20 13:25 1927680 c:\windows\system32\authui.dll

+ 2011-07-07 14:34 . 2010-11-20 13:39 5066752 c:\windows\system32\AuthFWSnapin.dll

+ 2009-11-03 13:51 . 2009-07-29 19:38 2622976 c:\windows\system32\atiumd6a.dll

+ 2009-11-03 13:51 . 2009-07-29 19:43 4059648 c:\windows\system32\atiumd64.dll

+ 2009-11-03 13:51 . 2009-07-29 19:53 2921984 c:\windows\system32\atidxx64.dll

+ 2009-11-03 13:51 . 2009-07-29 19:16 4289536 c:\windows\system32\aticaldd64.dll

+ 2009-07-14 00:30 . 2009-07-14 01:40 2134528 c:\windows\system32\apds.dll

+ 2009-07-13 23:31 . 2009-07-14 01:40 3739136 c:\windows\system32\AdvancedInstallers\cmiv2.dll

+ 2011-07-07 14:33 . 2010-11-20 13:25 3745792 c:\windows\system32\accessibilitycpl.dll

- 2009-07-14 04:45 . 2012-05-27 01:57 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:45 . 2012-06-01 02:28 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

- 2009-12-27 04:04 . 2012-05-30 14:56 3221464 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2009-12-27 04:04 . 2012-05-31 19:58 3221464 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2009-12-27 04:04 . 2012-05-24 16:53 2784428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-8192.dat

+ 2009-12-27 04:04 . 2012-05-31 19:58 2784428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-8192.dat

+ 2012-04-29 02:43 . 2012-04-29 02:43 8459264 c:\windows\Installer\8efb2.msp

+ 2011-07-07 14:32 . 2010-11-20 13:16 12625920 c:\windows\system32\wmploc.DLL

+ 2011-07-07 14:34 . 2010-11-20 13:27 14633472 c:\windows\system32\wmp.dll

+ 2009-07-14 02:34 . 2012-06-01 02:20 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2012-02-15 21:51 . 2012-01-04 10:44 14172672 c:\windows\system32\shell32.dll

+ 2012-02-15 21:51 . 2012-01-04 10:44 14172672 c:\windows\system32\shell32(84).dll

+ 2009-07-14 00:33 . 2009-07-14 01:31 12038656 c:\windows\system32\NlsLexicons0007.dll

+ 2009-07-14 00:32 . 2009-07-14 01:31 11722752 c:\windows\system32\NlsLexicons0001.dll

+ 2012-04-13 00:22 . 2012-02-28 07:34 17790976 c:\windows\system32\mshtml.dll

+ 2010-11-03 04:06 . 2012-05-24 19:33 57848688 c:\windows\system32\MRT.exe

+ 2011-07-07 14:33 . 2010-11-20 13:26 10085888 c:\windows\system32\migwiz\wet.dll

+ 2012-05-24 15:53 . 2012-05-24 15:53 11590304 c:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll

+ 2009-07-13 23:57 . 2009-07-14 01:28 20268032 c:\windows\system32\imageres.dll

+ 2012-04-13 00:22 . 2012-02-28 07:02 10888704 c:\windows\system32\ieframe.dll

+ 2009-07-13 21:59 . 2009-06-10 20:37 11572512 c:\windows\system32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvlddmkm.sys

+ 2009-11-03 13:51 . 2009-07-29 19:38 11660800 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atioglxx.dll

+ 2009-11-03 13:51 . 2009-07-29 20:00 15072768 c:\windows\system32\DriverStore\FileRepository\c7_85730.inf_amd64_neutral_1031b20cce13a6f4\B_85955\atio6axx.dll

+ 2009-11-03 13:51 . 2009-07-29 20:00 15072768 c:\windows\system32\atio6axx.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-27 39408]

"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]

"AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2011-12-13 357800]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2010-07-18 1774080]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

kisa.exe [2012-3-25 193024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"HideSCAHealth"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

@="FSFilter Activity Monitor"

.

R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Defender Pro\Defender Pro Firewall\bdfwfpf.sys [x]

R2 BDVEDISK;BDVEDISK;c:\program files\Defender Pro\Defender Pro\bdvedisk.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664]

R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe [2009-08-24 126392]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 257696]

R3 Arrakis3;Defender Pro Arrakis Server;c:\program files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe [x]

R3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [x]

R3 cpuz134;cpuz134;c:\users\MONTANO\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664]

R3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\DRIVERS\htcusbnet.sys [x]

R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]

R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]

R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]

R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]

R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [x]

R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x]

R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-03-31 92160]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]

S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440]

S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\SymcPCCULaunchSvc.exe [2011-10-08 123320]

S2 X5XS64Ex;X5XS64Ex;c:\program files (x86)\Free Ride Games\X5XS64Ex.Sys [2009-08-19 51744]

S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-03-11 55328]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:54]

.

2012-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50]

.

2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50]

.

2012-05-27 c:\windows\Tasks\HPCeeScheduleForMONTANO.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 10:22]

.

2012-05-31 c:\windows\Tasks\PCDRScheduledMaintenance.job

- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Defender Pro Antiphishing Helper 32"="c:\program files\Defender Pro\Defender Pro\Antispam32\IEShow.exe" [bU]

"Defender Pro Antiphishing Helper"="c:\program files\Defender Pro\Defender Pro\IEShow.exe" [bU]

"DPAgent"="c:\program files\Defender Pro\Defender Pro\bdagent.exe" [bU]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uLocal Page = c:\windows\system32\blank.htm

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

FF - ProfilePath - c:\users\MONTANO\AppData\Roaming\Mozilla\Firefox\Profiles\n53618fo.default\

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-{f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file)

Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\services\PCCUJobMgr]

"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-05-31 21:49:19

ComboFix-quarantined-files.txt 2012-06-01 02:49

ComboFix2.txt 2012-05-30 15:30

.

Pre-Run: 181,763,588,096 bytes free

Post-Run: 181,545,549,824 bytes free

.

- - End Of File - - B1B6DF04523108A0D8D1C7D9EA83EAC6

Link to post
Share on other sites

well it seems to be running okay. however I when I started my comp up the first time it said preparing to download, then like rebooted and then at the normal blue windows screen it said configuring windows,as in the last time I shut off my computer it asked to update it but I don't remember it asking me to update when I shut it down. other than that so far programs seem to be okay. I am still missing a few desktop items but I can always put them back on. (and I don't remember which ones its been four months since I have been able to use my computer normally.) but I do know I had a least a whole nother row of them.

Link to post
Share on other sites

We're not in the clear just yet. Let's run an online scan to verify there aren't any traces we have missed:

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats is Unchecked and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Sounds good. You can also try BitDefender ;):

Please use the Internet Explorer and run a BitDefender Online scan from Here

  • Please check I agree with the Terms and Conditions and click Start Here
  • You will need to allow an Active X install for the scan to run.
  • Leave the scanning options at default and click Start Scan

Please post the results in your next reply.

Link to post
Share on other sites

ESET report

C:\ProgramData\Microsoft\Windows\DRM\DB9A.tmp Win64/Olmarik.AD trojan

C:\ProgramData\Microsoft\Windows\DRM\DBBA.tmp Win64/Olmarik.AD trojan

C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir Win64/Sirefef.G trojan

C:\System Volume Information\SystemRestore\FRStaging\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\kisa.exe Win32/Spy.Zbot.YW trojan

C:\System Volume Information\SystemRestore\FRStaging\Users\MONTANO\AppData\Roaming\Ihihuhe\gysiyv.exe Win32/Spy.Zbot.YW trojan

C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\consrv.dll Win64/Sirefef.G trojan

C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\mwsejcap.dll Win64/Sirefef.W trojan

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\main[1].htm JS/Kryptik.GH trojan

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\page[3].htm HTML/Iframe.B.Gen virus

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\wwww_toh_info[1].htm HTML/Iframe.B.Gen virus

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-10a72f5a a variant of Win32/Kryptik.ZLB trojan

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-5608fe38 a variant of Win32/Kryptik.ZLB trojan

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.GK trojan

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\zaea0000\svc0000\tsk0000.dta Win64/Sirefef.W trojan

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.GK trojan

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan

C:\Users\All Users\Microsoft\Windows\DRM\DB9A.tmp Win64/Olmarik.AD trojan

C:\Users\All Users\Microsoft\Windows\DRM\DBBA.tmp Win64/Olmarik.AD trojan

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\kisa.exe Win32/Spy.Zbot.YW trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\88743cf-48eef822 a variant of Java/TrojanDownloader.Agent.ME trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-1760bb9f a variant of Java/Exploit.CVE-2010-4452.B trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-1d8c5877 a variant of Java/Exploit.CVE-2010-4452.B trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-3f87a641 a variant of Java/Exploit.CVE-2010-4452.B trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-451c9019 a variant of Java/Exploit.CVE-2010-4452.B trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-551ca4d5 a variant of Java/Exploit.CVE-2010-4452.B trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-64bb05b9 a variant of Java/Exploit.CVE-2010-4452.B trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\25bd15e5-5fe2a7ee Java/Exploit.Blacole trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\60d9c47e-2082df05 a variant of Java/TrojanDownloader.OpenStream.NCE trojan

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\60d9c47e-78465f5f a variant of Java/TrojanDownloader.OpenStream.NCE trojan

C:\Users\MONTANO\Desktop\COMPUTER SCANNERS\RK_Quarantine\vdizr.dll.vir a variant of Win32/Medfos.AA trojan

C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XU21YMGR\627[1].pdf JS/Exploit.Pdfka.PIZ.Gen trojan

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OA31YTGA\google[1].htm JS/Kryptik.LH trojan

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\E215.tmp a variant of Win32/Kryptik.BG trojan

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\jar_cache7599784343417601543.tmp Java/Exploit.CVE-2012-0507.D trojan

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BK trojan

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\SoftwareUpdate.exe a variant of Win32/Kryptik.BG trojan

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\main[1].htm JS/Kryptik.GH trojan

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\page[3].htm HTML/Iframe.B.Gen virus

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\wwww_toh_info[1].htm HTML/Iframe.B.Gen virus

C:\Windows\System32\config\systemprofile\AppData\Local\{16372a17-7501-43b2-1ffb-1cfeac42d69e}\n Win64/Sirefef.W trojan

C:\Windows\System32\config\systemprofile\AppData\Local\{BEFAC6CF-A8A8-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-10a72f5a a variant of Win32/Kryptik.ZLB trojan

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-5608fe38 a variant of Win32/Kryptik.ZLB trojan

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\main[1].htm JS/Kryptik.GH trojan

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\page[3].htm HTML/Iframe.B.Gen virus

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\wwww_toh_info[1].htm HTML/Iframe.B.Gen virus

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{16372a17-7501-43b2-1ffb-1cfeac42d69e}\n Win64/Sirefef.W trojan

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{BEFAC6CF-A8A8-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan

C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-10a72f5a a variant of Win32/Kryptik.ZLB trojan

C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-5608fe38 a variant of Win32/Kryptik.ZLB trojan

Link to post
Share on other sites

Hmmm. Go ahead and run the ESET scan once again, but this time, set it to quarantine/delete any found entries.

After that, please run ComboFix once again. Also, please run a Malwarebytes Full Scan and post the log it creates.

Let me know how things go. :)

Link to post
Share on other sites

ESET Report-

C:\ProgramData\Microsoft\Windows\DRM\DB9A.tmp Win64/Olmarik.AD trojan cleaned by deleting - quarantined

C:\ProgramData\Microsoft\Windows\DRM\DBBA.tmp Win64/Olmarik.AD trojan cleaned by deleting - quarantined

C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir Win64/Sirefef.G trojan cleaned by deleting - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\kisa.exe Win32/Spy.Zbot.YW trojan cleaned by deleting - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Users\MONTANO\AppData\Roaming\Ihihuhe\gysiyv.exe Win32/Spy.Zbot.YW trojan cleaned by deleting - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\consrv.dll Win64/Sirefef.G trojan cleaned by deleting - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\mwsejcap.dll Win64/Sirefef.W trojan cleaned by deleting - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\main[1].htm JS/Kryptik.GH trojan cleaned by deleting - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\page[3].htm HTML/Iframe.B.Gen virus deleted - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\wwww_toh_info[1].htm HTML/Iframe.B.Gen virus deleted - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-10a72f5a a variant of Win32/Kryptik.ZLB trojan cleaned by deleting - quarantined

C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-5608fe38 a variant of Win32/Kryptik.ZLB trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.GK trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\29.05.2012_00.07.49\zaea0000\svc0000\tsk0000.dta Win64/Sirefef.W trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.GK trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\30.05.2012_21.17.32\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan cleaned by deleting - quarantined

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\kisa.exe Win32/Spy.Zbot.YW trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\88743cf-48eef822 a variant of Java/TrojanDownloader.Agent.ME trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-1760bb9f a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-1d8c5877 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-3f87a641 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-451c9019 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-551ca4d5 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\41ddfa0-64bb05b9 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\25bd15e5-5fe2a7ee Java/Exploit.Blacole trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\60d9c47e-2082df05 a variant of Java/TrojanDownloader.OpenStream.NCE trojan cleaned by deleting - quarantined

C:\Users\MONTANO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\60d9c47e-78465f5f a variant of Java/TrojanDownloader.OpenStream.NCE trojan cleaned by deleting - quarantined

C:\Users\MONTANO\Desktop\COMPUTER SCANNERS\RK_Quarantine\vdizr.dll.vir a variant of Win32/Medfos.AA trojan cleaned by deleting - quarantined

C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XU21YMGR\627[1].pdf JS/Exploit.Pdfka.PIZ.Gen trojan cleaned by deleting - quarantined

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OA31YTGA\google[1].htm JS/Kryptik.LH trojan cleaned by deleting - quarantined

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\E215.tmp a variant of Win32/Kryptik.BG trojan cleaned by deleting - quarantined

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\jar_cache7599784343417601543.tmp Java/Exploit.CVE-2012-0507.D trojan cleaned by deleting - quarantined

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BK trojan cleaned by deleting - quarantined

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\SoftwareUpdate.exe a variant of Win32/Kryptik.BG trojan cleaned by deleting - quarantined

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\main[1].htm JS/Kryptik.GH trojan cleaned by deleting - quarantined

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\page[3].htm HTML/Iframe.B.Gen virus deleted - quarantined

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\071MURPS\wwww_toh_info[1].htm HTML/Iframe.B.Gen virus deleted - quarantined

C:\Windows\System32\config\systemprofile\AppData\Local\{16372a17-7501-43b2-1ffb-1cfeac42d69e}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined

C:\Windows\System32\config\systemprofile\AppData\Local\{BEFAC6CF-A8A8-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-10a72f5a a variant of Win32/Kryptik.ZLB trojan cleaned by deleting - quarantined

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\c52ab06-5608fe38 a variant of Win32/Kryptik.ZLB trojan cleaned by deleting - quarantined

Link to post
Share on other sites

COMBOFIX Report -

ComboFix 12-06-04.03 - MONTANO 06/05/2012 1:14.3.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1790.625 [GMT -5:00]

Running from: c:\users\MONTANO\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-05-05 to 2012-06-05 )))))))))))))))))))))))))))))))

.

.

2012-06-05 06:29 . 2012-06-05 06:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-05 01:03 . 2012-06-05 01:03 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D3C6F16-5786-408D-9DC3-80E227B974F9}\offreg.dll

2012-06-01 22:28 . 2012-05-15 06:41 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D3C6F16-5786-408D-9DC3-80E227B974F9}\mpengine.dll

2012-06-01 17:56 . 2012-06-01 17:56 -------- d-----w- c:\program files (x86)\ESET

2012-06-01 03:06 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-06-01 03:06 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys

2012-06-01 03:06 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-06-01 03:06 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-05-29 05:10 . 2012-05-31 02:20 -------- d-----w- C:\TDSSKiller_Quarantine

2012-05-29 04:27 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-29 04:22 . 2012-05-29 04:22 -------- d-----w- c:\users\MONTANO\AppData\Roaming\Defender Pro

2012-05-24 17:43 . 2012-05-24 17:43 -------- d-----w- c:\program files\iPod

2012-05-24 17:43 . 2012-05-28 07:31 -------- d-----w- c:\program files\iTunes

2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-05-24 17:34 . 2012-05-28 07:32 -------- d-----w- c:\program files (x86)\QuickTime

2012-05-24 17:05 . 2012-05-24 17:05 -------- d-----w- C:\found.001

2012-05-24 16:41 . 2012-03-30 11:35 1918320 ---ha-w- c:\windows\system32\drivers\tcpip.sys

2012-05-24 16:41 . 2012-03-03 06:35 1544704 ---ha-w- c:\windows\system32\DWrite.dll

2012-05-24 16:41 . 2012-03-03 05:31 1077248 ---ha-w- c:\windows\SysWow64\DWrite.dll

2012-05-24 16:41 . 2012-03-31 05:42 1732096 ---ha-w- c:\program files\Windows Journal\NBDoc.DLL

2012-05-24 16:41 . 2012-03-31 05:40 1367552 ---ha-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-24 16:41 . 2012-03-31 04:29 936960 ---ha-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-24 16:41 . 2012-03-31 05:40 1402880 ---ha-w- c:\program files\Windows Journal\JNWDRV.dll

2012-05-24 16:41 . 2012-03-31 05:40 1393664 ---ha-w- c:\program files\Windows Journal\JNTFiltr.dll

2012-05-24 16:30 . 2012-03-17 07:58 75120 ---ha-w- c:\windows\system32\drivers\partmgr.sys

2012-05-14 00:51 . 2012-05-24 15:53 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-24 15:54 . 2012-04-05 04:24 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-05-24 15:54 . 2011-05-18 01:42 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

.

.

((((((((((((((((((((((((((((( SnapShot_2012-06-01_02.44.50 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-11-03 14:23 . 2012-06-05 01:04 78640 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-06-05 01:04 49704 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-12-27 10:54 . 2012-06-05 01:04 28696 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-930483190-3313529808-3006562705-1000_UserData.bin

+ 2009-12-26 21:31 . 2012-06-05 01:09 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-12-26 21:31 . 2012-05-30 16:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-12-26 21:31 . 2012-06-05 01:09 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-12-26 21:31 . 2012-05-30 16:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-06-05 01:09 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-30 16:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:46 . 2012-06-05 01:09 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2012-06-05 01:02 . 2012-06-05 01:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-06-01 02:21 . 2012-06-01 02:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-06-05 01:02 . 2012-06-05 01:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-06-01 02:21 . 2012-06-01 02:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 02:36 . 2012-06-01 02:28 640686 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-06-05 01:09 640686 c:\windows\system32\perfh009.dat

- 2009-07-14 02:36 . 2012-06-01 02:28 112668 c:\windows\system32\perfc009.dat

+ 2009-07-14 02:36 . 2012-06-05 01:09 112668 c:\windows\system32\perfc009.dat

+ 2010-02-26 02:46 . 2012-02-23 15:18 279656 c:\windows\system32\MpSigStub.exe

- 2009-07-14 04:45 . 2012-03-25 14:06 337520 c:\windows\system32\FNTCACHE.DAT

+ 2009-07-14 04:45 . 2012-06-01 17:20 337520 c:\windows\system32\FNTCACHE.DAT

- 2009-07-14 05:01 . 2012-05-31 19:58 297012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-06-04 12:45 297012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2012-04-04 17:38 . 2012-04-04 17:38 787560 c:\windows\Downloaded Program Files\qsax64.dll

- 2009-07-14 04:45 . 2012-06-01 02:28 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:45 . 2012-06-04 04:53 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

- 2009-12-27 04:04 . 2012-05-31 19:58 3221464 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2009-12-27 04:04 . 2012-06-04 12:46 3221464 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2009-12-27 04:04 . 2012-06-04 12:45 2995774 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-8192.dat

- 2009-07-14 02:34 . 2012-06-01 02:20 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2009-07-14 02:34 . 2012-06-04 02:48 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-27 39408]

"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]

"AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2011-12-13 357800]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2010-07-18 1774080]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"HideSCAHealth"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

@="FSFilter Activity Monitor"

.

R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Defender Pro\Defender Pro Firewall\bdfwfpf.sys [x]

R2 BDVEDISK;BDVEDISK;c:\program files\Defender Pro\Defender Pro\bdvedisk.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664]

R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe [2009-08-24 126392]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 257696]

R3 Arrakis3;Defender Pro Arrakis Server;c:\program files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe [x]

R3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [x]

R3 cpuz134;cpuz134;c:\users\MONTANO\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664]

R3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\DRIVERS\htcusbnet.sys [x]

R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]

R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]

R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]

R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]

R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [x]

R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x]

R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-03-31 92160]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]

S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440]

S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\SymcPCCULaunchSvc.exe [2011-10-08 123320]

S2 X5XS64Ex;X5XS64Ex;c:\program files (x86)\Free Ride Games\X5XS64Ex.Sys [2009-08-19 51744]

S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-03-11 55328]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:54]

.

2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50]

.

2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50]

.

2012-06-04 c:\windows\Tasks\HPCeeScheduleForMONTANO.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 10:22]

.

2012-05-31 c:\windows\Tasks\PCDRScheduledMaintenance.job

- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Defender Pro Antiphishing Helper 32"="c:\program files\Defender Pro\Defender Pro\Antispam32\IEShow.exe" [bU]

"Defender Pro Antiphishing Helper"="c:\program files\Defender Pro\Defender Pro\IEShow.exe" [bU]

"DPAgent"="c:\program files\Defender Pro\Defender Pro\bdagent.exe" [bU]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uLocal Page = c:\windows\system32\blank.htm

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

TCP: DhcpNameServer = 192.168.7.254

FF - ProfilePath - c:\users\MONTANO\AppData\Roaming\Mozilla\Firefox\Profiles\n53618fo.default\

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-{f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file)

Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\services\PCCUJobMgr]

"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-06-05 01:35:10

ComboFix-quarantined-files.txt 2012-06-05 06:35

ComboFix2.txt 2012-06-01 02:49

ComboFix3.txt 2012-05-30 15:30

.

Pre-Run: 185,340,452,864 bytes free

Post-Run: 185,027,911,680 bytes free

.

- - End Of File - - CAFA616E45D9996D1691D219AE7C7413

Link to post
Share on other sites

MALWARE Report

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.05.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

MONTANO :: FAMILY-PC [administrator]

6/5/2012 1:38:00 AM

mbam-log-2012-06-05 (01-38-00).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 1193311

Time elapsed: 3 hour(s), 45 minute(s), 41 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\MONTANO\Desktop\COMPUTER SCANNERS\RK_Quarantine\woasmg.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

My apolgies for the delay.

I think you look clean. :)

Let's see what programs of yours need updating:

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.41

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Scholastic's I SPY Fantasy

Scholastic's I SPY Fun House

Scholastic's I SPY Treasure Hunt

McAfee SiteAdvisor

Malwarebytes Anti-Malware version 1.61.0.1400

Java 6 Update 22

Java version out of date!

Adobe Flash Player 11.2.202.235

Adobe Reader 9 Adobe Reader out of date!

Mozilla Firefox 10.0.2 Firefox out of Date!

Google Chrome 17.0.963.83

Google Chrome 19.0.1084.52

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.