ComboFix 10-09-12.04 - Administrator 09/13/2010 11:44:39.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.279 [GMT -7:00]
Running from: c:\documents and settings\Administrator.ALO.000\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((( Files Created from 2010-08-13 to 2010-09-13 )))))))))))))))))))))))))))))))
.
2010-09-13 14:14 . 2009-08-07 02:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-09-13 05:30 . 2008-08-29 00:37 41080 ----a-w- c:\windows\system32\NicInstG.dll
2010-09-13 05:30 . 2007-08-07 07:28 28272 ----a-w- c:\windows\system32\NicCo2.dll
2010-09-13 05:30 . 2007-12-14 19:06 121440 ----a-w- c:\windows\system32\e1000msg.dll
2010-09-13 05:20 . 2010-09-13 05:20 -------- d-----w- c:\program files\ATI Technologies
2010-09-13 05:18 . 2010-09-13 05:18 -------- d-----w- c:\windows\system32\drivers\INF
2010-09-13 05:18 . 2010-09-13 05:18 -------- d-----w- c:\windows\system32\drivers\system32
2010-09-13 05:17 . 2010-09-13 05:17 -------- d-----w- c:\windows\system32\AsusUSBSwitch
2010-09-13 05:16 . 2010-09-13 05:16 -------- d-----w- C:\Compaq
2010-09-13 05:14 . 2010-09-13 05:14 -------- d-----w- C:\hp
2010-09-13 05:13 . 2010-09-13 05:13 -------- d-----w- C:\Ibmtools
2010-09-13 05:10 . 2010-09-13 05:32 -------- d-----w- c:\program files\Intel
2010-09-13 05:10 . 2008-12-04 16:31 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-09-13 05:10 . 2010-09-13 05:10 -------- d-----w- C:\Intel
2010-09-13 04:57 . 2010-09-13 04:57 469235 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Blitware\DriverRobot\downloads\84021c284b39003970732cd428056f10\sp27449.exe
2010-09-13 04:57 . 2010-09-13 04:57 2638675 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Blitware\DriverRobot\downloads\9076a43a7252a5aeec3c83c2044ad2a6\qi3z05us.exe
2010-09-13 04:49 . 2010-09-13 04:49 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Blitware
2010-09-13 04:49 . 2010-09-13 04:49 -------- d-----w- c:\program files\Driver Robot
2010-09-13 04:20 . 2010-09-13 04:20 -------- d-----w- c:\windows\system32\winrm
2010-09-13 04:20 . 2010-09-13 04:20 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2010-09-13 04:18 . 2010-09-13 04:18 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-13 04:06 . 2010-09-13 04:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\LogiShrd
2010-09-13 04:02 . 2008-05-02 09:38 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-09-13 04:02 . 2010-09-13 04:02 10134 ----a-r- c:\documents and settings\Administrator.ALO.000\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
2010-09-13 04:02 . 2010-09-13 04:03 -------- d-----w- c:\program files\Common Files\Logishrd
2010-09-12 19:08 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-12 19:08 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-12 19:08 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-12 19:08 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-12 19:08 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-12 19:08 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-12 19:08 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-12 19:07 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-12 19:07 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-12 16:39 . 2010-09-12 16:40 -------- d-----w- c:\program files\MusicMp3Downloader
2010-09-12 15:15 . 2010-09-12 15:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Conduit
2010-09-12 15:15 . 2010-09-12 15:15 -------- d-----w- c:\program files\Conduit
2010-09-12 15:15 . 2010-09-12 15:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\SuperMP3Download
2010-09-12 15:11 . 2010-09-12 15:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SuperMP3Download
2010-09-12 15:10 . 2010-09-12 15:10 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Thinstall
2010-09-12 15:10 . 2010-09-12 15:10 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Thinstall
2010-09-10 11:28 . 2010-09-10 11:28 52224 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-09-10 11:28 . 2010-09-10 11:28 117760 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-09-10 11:28 . 2010-09-10 11:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2010-09-10 11:28 . 2010-09-10 11:28 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\SUPERAntiSpyware.com
2010-09-09 22:16 . 2010-09-09 22:16 -------- d-----w- c:\program files\Alwil Software
2010-09-09 17:29 . 2010-08-30 21:33 43008 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-09-09 17:29 . 2010-08-30 21:33 338944 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-09-09 17:29 . 2010-08-30 21:34 1496064 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-09-09 17:29 . 2010-08-30 21:33 346112 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-09-08 05:11 . 2010-09-08 05:11 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\IObit
2010-09-08 03:25 . 2010-09-08 03:25 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Microsoft Help
2010-09-08 03:24 . 2010-09-08 03:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2010-09-07 23:13 . 2010-09-07 23:39 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\IObit
2010-09-07 23:13 . 2010-09-07 23:13 -------- d-----w- c:\program files\IObit
2010-09-07 22:55 . 2010-09-10 21:37 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Auslogics
2010-09-07 22:52 . 2010-09-07 22:52 -------- d-----w- c:\program files\Auslogics
2010-09-05 07:18 . 2010-09-05 07:29 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\MusicMP3Downloader
2010-09-05 07:18 . 2010-09-05 07:18 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\MusicMP3Downloader
2010-09-04 15:50 . 2010-09-04 15:50 247136 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\IDM\idmmzcc3\components2\idmmzcc.dll
2010-09-04 05:00 . 2010-09-04 05:00 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Application Data\TuneUp Software
2010-09-04 04:08 . 2010-09-04 04:08 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\TuneUp Software
2010-09-04 04:08 . 2010-09-07 21:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2010-09-04 04:08 . 2010-09-04 04:08 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-09-04 00:01 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-04 00:01 . 2010-09-04 00:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-04 00:01 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-02 03:47 . 2010-07-26 17:13 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-02 03:47 . 2010-09-02 03:47 -------- d-----w- c:\program files\ffdshow
2010-09-02 03:25 . 2009-08-12 04:21 1021440 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\BSplayer PRO\AC3 Filter\ac3filter_intl.dll
2010-09-02 03:24 . 2010-09-02 03:43 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\BSplayer PRO
2010-09-02 03:24 . 2010-09-02 03:43 -------- d-----w- c:\program files\Webteh
2010-09-01 07:19 . 2010-09-09 08:29 -------- d-----w- c:\program files\LimeWire
2010-09-01 00:49 . 2009-01-29 02:49 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-08-31 17:44 . 2010-08-31 17:44 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\Xilisoft
2010-08-31 17:44 . 2010-08-31 17:44 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Xilisoft
2010-08-31 09:19 . 2010-08-31 09:23 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Nero
2010-08-31 07:22 . 2010-08-31 12:43 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Nero
2010-08-31 06:32 . 2010-08-31 06:44 47360 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\pcouffin.sys
2010-08-31 06:32 . 2010-08-31 06:32 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-08-31 06:32 . 2010-08-31 06:44 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Vso
2010-08-30 15:41 . 2010-08-30 15:41 -------- d--h--w- c:\windows\PIF
2010-08-30 07:46 . 2010-09-04 15:50 251232 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2010-08-30 07:43 . 2010-09-05 20:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\IDM
2010-08-30 05:28 . 2010-09-07 23:35 -------- d-----w- c:\program files\Internet Download Manager
2010-08-30 04:19 . 2010-08-30 04:19 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2010-08-30 02:45 . 2010-09-07 23:35 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\WinAVI
2010-08-30 01:28 . 2010-09-02 01:33 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\MozillaControl
2010-08-30 01:24 . 2010-09-02 01:33 -------- d-----w- C:\aidualc3
2010-08-29 22:51 . 2010-08-29 22:59 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SpeedBit
2010-08-27 08:59 . 2010-09-13 18:41 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\DMCache
2010-08-25 14:40 . 2010-08-25 14:36 76768 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2010-08-22 23:32 . 2010-08-22 23:35 -------- d-----w- c:\documents and settings\Administrator.ALO.000\dwhelper
2010-08-20 23:06 . 2010-08-20 23:06 -------- d-s---w- c:\documents and settings\NetworkService.NT AUTHORITY.000\UserData
2010-08-16 08:51 . 2010-08-16 08:51 -------- d-----w- c:\program files\Free M4a to MP3 Converter
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-13 16:55 . 2010-03-10 22:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\MegauploadToolbar
2010-09-13 05:55 . 2009-09-04 17:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-13 04:03 . 2010-09-13 04:03 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-09-13 04:02 . 2010-03-10 19:01 -------- d-----w- c:\program files\Common Files\Logitech
2010-09-12 02:58 . 2010-03-29 02:49 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2010-09-10 11:31 . 2009-09-04 14:47 -------- d-----w- c:\program files\Windows Media Connect 2
2010-09-09 08:54 . 2010-03-07 02:40 471040 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v4jjs4oc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.dll
2010-09-09 08:54 . 2010-03-06 20:53 73728 ----a-w- c:\documents and settings\Administrator\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
2010-09-09 08:54 . 2010-03-06 20:53 102400 ----a-w- c:\documents and settings\Administrator\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
2010-09-09 08:54 . 2010-03-06 20:53 8462336 ----a-w- c:\documents and settings\Administrator\Application Data\LimeWire\browser\xulrunner\xul.dll
2010-09-09 00:27 . 2010-03-26 15:23 20408 ----a-w- c:\documents and settings\Administrator.ALO.000\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-06 02:00 . 2010-04-26 05:15 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\vlc
2010-09-05 09:02 . 2010-07-26 00:17 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\dvdcss
2010-09-01 01:03 . 2010-07-13 09:10 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-08-31 19:54 . 2010-07-02 19:21 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Epson
2010-08-31 19:52 . 2010-07-02 17:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\EPSON
2010-08-31 00:55 . 2010-07-26 00:25 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\Media Player Classic
2010-08-22 20:38 . 2008-04-13 23:00 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2010-08-14 08:52 . 2010-03-06 21:56 -------- d-----w- c:\program files\QuickTime
2010-08-14 08:51 . 2010-04-14 06:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2010-08-14 08:50 . 2010-08-14 08:50 -------- d-----w- c:\program files\Apple Software Update
2010-08-14 08:50 . 2010-08-14 08:50 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2010-08-14 01:18 . 2010-07-13 09:46 -------- d-----w- c:\program files\DVDVideoSoft
2010-08-07 21:30 . 2010-08-07 06:57 1 ----a-w- c:\documents and settings\Administrator.ALO.000\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-07 06:56 . 2010-08-07 06:56 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\OpenOffice.org
2010-08-03 11:05 . 2010-07-13 09:12 -------- d-----w- c:\documents and settings\Administrator.ALO.000\Application Data\AVS4YOU
2010-07-29 06:41 . 2010-07-10 04:52 64216 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY.000\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-07-26 08:48 . 2010-07-26 08:48 -------- d-----w- c:\program files\Babylon
2010-07-26 00:01 . 2010-07-26 00:01 -------- d-----w- c:\program files\AC3Filter
2010-06-30 12:31 . 2008-04-13 23:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:10 . 2008-04-13 23:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:10 . 2008-04-13 23:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2008-04-13 23:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-13 23:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-13 23:00 80384 ----a-w- c:\windows\system32\iccvid.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-09-10_19.24.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-09 21:56 . 2009-10-09 21:56 14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 12288 c:\windows\system32\wsmplpxy.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 23:22 . 2009-10-09 23:22 69632 c:\windows\system32\winrs.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 24064 c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
+ 2008-04-14 05:42 . 2008-04-14 12:42 74240 c:\windows\system32\usbui.dll
- 2008-04-14 05:42 . 2008-04-13 23:00 74240 c:\windows\system32\usbui.dll
- 2010-03-28 08:44 . 2007-07-27 17:41 26488 c:\windows\system32\spupdsvc.exe
+ 2010-03-28 08:44 . 2009-03-23 17:50 26488 c:\windows\system32\spupdsvc.exe
- 2010-04-12 15:04 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
+ 2010-04-12 15:04 . 2009-03-23 17:50 17272 c:\windows\system32\spmsg.dll
+ 2010-09-13 05:55 . 2008-04-14 07:06 68224 c:\windows\system32\ReinstallBackups030\DriverFiles\i386\pci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:06 37248 c:\windows\system32\ReinstallBackups029\DriverFiles\i386\isapnp.sys
+ 2010-09-13 05:31 . 2001-06-22 18:25 53248 c:\windows\system32\ReinstallBackups028\DriverFiles\Prounstl.exe
+ 2010-09-13 05:31 . 2001-07-20 14:40 23040 c:\windows\system32\ReinstallBackups028\DriverFiles\IntelNic.dll
+ 2010-09-13 05:31 . 2002-11-12 18:02 99840 c:\windows\system32\ReinstallBackups028\DriverFiles\e1000325.sys
+ 2010-09-13 05:18 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:18 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbhub.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 30208 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbehci.sys
+ 2010-09-13 05:55 . 2008-04-13 23:00 24960 c:\windows\system32\ReinstallBackups026\DriverFiles\i386\pciidex.sys
+ 2010-09-13 05:55 . 2008-04-13 23:00 96512 c:\windows\system32\ReinstallBackups026\DriverFiles\i386\atapi.sys
+ 2010-09-13 05:55 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:55 . 2008-04-14 07:15 20608 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbuhci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbhub.sys
+ 2010-09-13 05:55 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:55 . 2008-04-14 07:15 20608 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbuhci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbhub.sys
+ 2010-09-13 05:55 . 2008-04-14 12:42 74240 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbui.dll
+ 2010-09-13 05:55 . 2008-04-14 07:15 20608 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbuhci.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 59520 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbhub.sys
+ 2010-09-13 04:03 . 2008-04-14 08:09 14592 c:\windows\system32\ReinstallBackups020\DriverFiles\i386\kbdhid.sys
+ 2010-09-13 04:03 . 2008-04-14 08:09 24576 c:\windows\system32\ReinstallBackups020\DriverFiles\i386\kbdclass.sys
+ 2010-09-13 04:03 . 2007-01-23 23:45 33296 c:\windows\system32\ReinstallBackups012\DriverFiles\LMouFilt.Sys
+ 2010-09-13 04:03 . 2008-02-29 10:13 35344 c:\windows\system32\ReinstallBackups012\DriverFiles\LHidFilt.Sys
+ 2010-09-13 04:03 . 2001-08-17 21:48 12160 c:\windows\system32\ReinstallBackups012\DriverFiles\i386\mouhid.sys
+ 2010-09-13 04:03 . 2008-04-14 08:09 23040 c:\windows\system32\ReinstallBackups012\DriverFiles\i386\mouclass.sys
+ 2009-10-09 23:22 . 2009-10-09 23:22 42496 c:\windows\system32\pwrshplugin.dll
+ 2008-04-13 23:00 . 2009-10-08 21:56 20480 c:\windows\system32\oleaccrc.dll
+ 2010-03-28 08:43 . 2008-05-02 09:40 84496 c:\windows\system32\KemXML.dll
- 2008-04-13 23:00 . 2008-04-13 23:00 20608 c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 20608 c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 59520 c:\windows\system32\drivers\usbhub.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 59520 c:\windows\system32\drivers\usbhub.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 30208 c:\windows\system32\drivers\usbehci.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 30208 c:\windows\system32\drivers\usbehci.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 74240 c:\windows\system32\drivers\system32\usbui.dll
+ 2010-09-13 05:18 . 2008-04-13 23:00 20608 c:\windows\system32\drivers\system32\DRIVERS\usbuhci.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 59520 c:\windows\system32\drivers\system32\DRIVERS\usbhub.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 37248 c:\windows\system32\drivers\system32\DRIVERS\isapnp.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 24960 c:\windows\system32\drivers\pciidex.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 24960 c:\windows\system32\drivers\pciidex.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 68224 c:\windows\system32\drivers\pci.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 68224 c:\windows\system32\drivers\pci.sys
+ 2001-08-17 13:48 . 2001-08-17 20:48 12160 c:\windows\system32\drivers\mouhid.sys
- 2001-08-17 13:48 . 2001-08-17 21:48 12160 c:\windows\system32\drivers\mouhid.sys
+ 2008-04-14 00:09 . 2008-04-14 07:09 23040 c:\windows\system32\drivers\mouclass.sys
- 2008-04-14 00:09 . 2008-04-14 08:09 23040 c:\windows\system32\drivers\mouclass.sys
+ 2010-03-28 08:43 . 2008-02-29 10:13 36880 c:\windows\system32\drivers\LMouFilt.Sys
+ 2010-03-28 08:43 . 2008-02-29 10:13 35344 c:\windows\system32\drivers\LHidFilt.Sys
- 2008-04-13 23:00 . 2008-04-14 08:09 14592 c:\windows\system32\drivers\kbdhid.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 14592 c:\windows\system32\drivers\kbdhid.sys
- 2008-04-13 23:00 . 2008-04-14 08:09 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 24576 c:\windows\system32\drivers\kbdclass.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 37248 c:\windows\system32\drivers\isapnp.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 37248 c:\windows\system32\drivers\isapnp.sys
+ 2008-11-27 02:20 . 2008-11-27 02:20 30816 c:\windows\system32\drivers\iqvw32.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 96512 c:\windows\system32\drivers\atapi.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 96512 c:\windows\system32\drivers\atapi.sys
+ 2008-04-14 05:42 . 2008-04-14 12:42 74240 c:\windows\system32\dllcache\usbui.dll
+ 2008-04-13 23:00 . 2008-04-14 07:15 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 68224 c:\windows\system32\dllcache\pci.sys
+ 2008-04-13 23:00 . 2009-10-08 21:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
- 2001-08-17 13:48 . 2001-08-17 21:48 12160 c:\windows\system32\dllcache\mouhid.sys
+ 2001-08-17 13:48 . 2001-08-17 20:48 12160 c:\windows\system32\dllcache\mouhid.sys
- 2008-04-14 00:09 . 2008-04-14 08:09 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2008-04-14 00:09 . 2008-04-14 07:09 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 14592 c:\windows\system32\dllcache\kbdhid.sys
- 2008-04-13 23:00 . 2008-04-14 08:09 14592 c:\windows\system32\dllcache\kbdhid.sys
+ 2008-04-13 23:00 . 2008-04-14 07:09 24576 c:\windows\system32\dllcache\kbdclass.sys
- 2008-04-13 23:00 . 2008-04-14 08:09 24576 c:\windows\system32\dllcache\kbdclass.sys
+ 2008-04-13 23:00 . 2008-04-14 07:06 37248 c:\windows\system32\dllcache\isapnp.sys
+ 2008-04-13 23:00 . 2008-04-14 07:10 96512 c:\windows\system32\dllcache\atapi.sys
+ 2010-09-13 05:17 . 2005-10-27 22:34 20480 c:\windows\system32\AsusUSBSwitch\AsUsbSw.exe
+ 2010-09-13 05:17 . 2005-09-30 18:13 20480 c:\windows\system32\AsusUSBSwitch\AsUsbSetup.exe
+ 2010-09-13 05:17 . 2005-08-15 23:12 50688 c:\windows\system32\AsusUSBSwitch\AsMultiLang.dll
+ 2010-03-28 08:43 . 2008-02-29 10:12 76304 c:\windows\KHALMNPR.Exe
+ 2010-09-13 04:18 . 2010-09-13 04:18 38400 c:\windows\Installer\c6710.msi
+ 2010-09-13 04:19 . 2010-09-13 04:19 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-13 05:32 . 2010-09-13 05:32 40960 c:\windows\Installer\{777AD08E-B32A-4456-AFE1-094DBECEB268}\ARPPRODUCTICON.exe
+ 2010-09-13 04:03 . 2010-09-13 04:03 10134 c:\windows\Installer\{0C826C5B-B131-423A-A229-C71B3CACCD6A}\ARPPRODUCTICON.exe
+ 2010-09-13 05:17 . 2006-06-23 21:48 32768 c:\windows\inf\UpdateUSB.exe
+ 2010-09-13 04:23 . 2010-09-13 04:23 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\34fe99136a2a52306499615d9d0d0e74\Microsoft.WSMan.Runtime.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\3d05a3219a430d76825fe4ccc9edf675\Microsoft.WSMan.Management.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a79a6e4a8bb69504dd5282d90ab05e23\Microsoft.PowerShell.GPowerShell.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\939818eb30e31949fd3a523fc7d8de42\Microsoft.PowerShell.GraphicalHost.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 31744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\642276a950670a66fcb19cac8a327e45\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5059d3e89b4450ea0adffe6c7b4ca992\Microsoft.PowerShell.Security.resources.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 67072 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\23cb96335bdd8996d925ebfe72fd91c8\Microsoft.PowerShell.Editor.resources.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 45568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\13ded54c292128122faea6a4380d4bca\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\104c56efa3a4835752536ed035bdf2d8\Microsoft.PowerShell.Commands.Diagnostics.resources.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 38912 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#e79c6a000be2c7df28ac68eb02a026d\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\86190801f195b014ec18234ad4816432\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 14848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\2cce9000758d15842b5bb7099bd83cde\Microsoft.BackgroundIntelligentTransfer.Management.resources.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 13824 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 16896 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Editor.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 49152 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 10752 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 57344 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\1.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll
+ 2009-10-09 21:57 . 2009-10-09 21:57 20480 c:\windows\$968930Uinstall_KB968930$\PSCustomSetupUtil.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 2048 c:\windows\system32\winrsmgr.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 4608 c:\windows\system32\windowspowershell\v1.0\pwrshmsg.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 4096 c:\windows\system32\windowspowershell\v1.0\powershell_ise.resources.dll
+ 2010-09-13 05:18 . 2008-04-13 23:00 7168 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\hccoin.dll
+ 2010-09-13 05:55 . 2008-04-13 23:00 5504 c:\windows\system32\ReinstallBackups026\DriverFiles\i386\intelide.sys
+ 2008-04-13 23:00 . 2001-08-17 20:51 3328 c:\windows\system32\drivers\pciide.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 3328 c:\windows\system32\drivers\pciide.sys
+ 2008-04-13 23:00 . 2001-08-17 20:51 3328 c:\windows\system32\dllcache\pciide.sys
+ 2010-09-13 04:20 . 2010-09-13 04:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 9216 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 9216 c:\windows\$968930Uinstall_KB968930$\PSSetupNativeUtils.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 209408 c:\windows\system32\WsmWmiPl.dll
+ 2009-10-09 23:22 . 2009-10-09 23:22 368640 c:\windows\system32\WsmRes.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 139776 c:\windows\system32\WsmAuto.dll
+ 2009-10-09 21:56 . 2009-10-09 21:56 225280 c:\windows\system32\wsmanhttpconfig.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 233984 c:\windows\system32\winrscmd.dll
+ 2009-08-01 06:27 . 2009-08-01 06:27 201184 c:\windows\system32\winrm.vbs
+ 2009-10-09 23:23 . 2009-10-09 23:23 148480 c:\windows\system32\windowspowershell\v1.0\pspluginwkr.dll
+ 2009-10-09 21:57 . 2009-10-09 21:57 204800 c:\windows\system32\windowspowershell\v1.0\powershell_ise.exe
+ 2009-10-09 21:56 . 2009-10-09 21:56 448000 c:\windows\system32\windowspowershell\v1.0\powershell.exe
+ 2009-10-09 21:57 . 2009-10-09 21:57 112640 c:\windows\system32\windowspowershell\v1.0\Modules\BitsTransfer\microsoft.backgroundintelligenttransfer.management.interop.dll
+ 2009-07-16 17:22 . 2009-07-16 17:22 126976 c:\windows\system32\windowspowershell\v1.0\CompiledComposition.Microsoft.PowerShell.GPowerShell.dll
+ 2009-10-09 23:23 . 2009-10-09 23:23 178176 c:\windows\system32\wevtfwd.dll
+ 2008-07-30 03:59 . 2009-10-08 21:57 611328 c:\windows\system32\uiautomationcore.dll
+ 2010-09-13 05:18 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups027\DriverFiles\i386\usbport.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups025\DriverFiles\i386\usbport.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups023\DriverFiles\i386\usbport.sys
+ 2010-09-13 05:55 . 2008-04-14 07:15 143872 c:\windows\system32\ReinstallBackups022\DriverFiles\i386\usbport.sys
+ 2010-09-13 04:03 . 2007-01-23 23:44 101136 c:\windows\system32\ReinstallBackups012\DriverFiles\KHALMNPR.Exe
+ 2010-03-28 09:13 . 2008-11-13 14:41 252544 c:\windows\system32\Prounstl.exe
+ 2007-11-29 00:25 . 2007-11-29 00:25 227928 c:\windows\system32\PRONtObj.dll
+ 2008-04-13 23:00 . 2009-10-08 21:57 220160 c:\windows\system32\oleacc.dll
+ 2006-04-07 18:07 . 2006-04-07 18:07 548864 c:\windows\system32\ncscrt8_p.dll
+ 2006-04-07 18:05 . 2006-04-07 18:05 622592 c:\windows\system32\ncscrt8.dll
+ 2008-12-11 23:13 . 2008-12-11 23:13 180224 c:\windows\system32\Ncs2Setp.dll
+ 2008-12-11 22:44 . 2008-12-11 22:44 145968 c:\windows\system32\ncs2instutility.dll
+ 2008-12-11 23:06 . 2008-12-11 23:06 756272 c:\windows\system32\ncs2dmix.dll
+ 2009-08-07 02:23 . 2009-08-07 02:23 215904 c:\windows\system32\muweb.dll
+ 2010-03-28 08:43 . 2008-05-02 09:40 117264 c:\windows\system32\KemWnd.dll
+ 2010-03-28 08:43 . 2008-05-02 09:39 145936 c:\windows\system32\KemUtil.dll
+ 2010-03-28 08:43 . 2008-05-02 09:39 170512 c:\windows\system32\kemutb.dll
- 2008-04-13 23:00 . 2008-04-13 23:00 143872 c:\windows\system32\drivers\usbport.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 143872 c:\windows\system32\drivers\usbport.sys
+ 2010-09-13 05:18 . 2008-04-13 23:00 143872 c:\windows\system32\drivers\system32\DRIVERS\usbport.sys
+ 2008-11-12 10:28 . 2008-11-12 10:28 115848 c:\windows\system32\drivers\ianswxp.sys
+ 2010-03-28 09:13 . 2008-08-20 21:18 171152 c:\windows\system32\drivers\e1000325.sys
+ 2008-04-13 23:00 . 2008-04-14 07:15 143872 c:\windows\system32\dllcache\usbport.sys
+ 2008-04-13 23:00 . 2009-10-08 21:57 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2010-09-13 05:17 . 2005-07-06 16:23 474624 c:\windows\system32\AsusUSBSwitch\AsusSetup.exe
+ 2008-12-11 23:06 . 2008-12-11 23:06 518704 c:\windows\system32\accesor.dll
+ 2010-06-04 15:26 . 1998-10-29 23:45 306688 c:\windows\IsUninst.exe
+ 2010-09-13 04:23 . 2010-09-13 04:23 250368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\e732ae44611dbec5dda52e088e17741d\System.Management.Automation.resources.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\a90fef2e90e3c1c1de3bf24a835dcfa0\Microsoft.WSMan.Management.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ff9583e53a4bec6da6aae423a613ba6c\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f449b2674e5198e37ce8642b27a94823\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8aece00b9a77cc2d75a921465abcce57\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2010-09-13 04:23 . 2010-09-13 04:23 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\715cee741bcf47ecaf75a856c156f3cb\Microsoft.PowerShell.Security.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3d7d5070c97ef550f64bc835a8959341\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 253952 c:\windows\assembly\GAC_MSIL\System.Management.Automation.resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.resources.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 274432 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 278528 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 651264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 991232 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Editor.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 200704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 618496 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 262144 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 102400 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll
+ 2010-09-13 04:20 . 2009-06-18 01:59 379184 c:\windows\$968930Uinstall_KB968930$\spuninst\updspapi.dll
+ 2010-09-13 04:20 . 2009-06-18 01:59 221488 c:\windows\$968930Uinstall_KB968930$\spuninst\spuninst.exe
+ 2009-10-09 23:23 . 2009-10-09 23:23 1107456 c:\windows\system32\WsmSvc.dll
+ 2010-03-28 08:43 . 2007-06-22 19:34 1419232 c:\windows\system32\WdfCoInstaller01005.dll
+ 2010-09-13 04:03 . 2007-06-22 19:34 1419232 c:\windows\system32\ReinstallBackups012\DriverFiles\WdfCoInstaller01005.dll
+ 2008-12-11 22:32 . 2008-12-11 22:32 1481264 c:\windows\system32\ncscolib.dll
+ 2010-09-13 04:03 . 2010-09-13 04:03 2933248 c:\windows\Installer\e9829.msi
+ 2010-09-13 04:02 . 2010-09-13 04:02 2587648 c:\windows\Installer\e980c.msi
+ 2010-09-13 05:32 . 2010-09-13 05:32 5319680 c:\windows\Installer\7ebba.msi
+ 2010-09-13 04:23 . 2010-09-13 04:23 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\47a2229038c869951b36a1081a3c8768\System.Management.Automation.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6408339c6991217900316808e44f5158\Microsoft.PowerShell.Editor.ni.dll
+ 2010-09-13 04:21 . 2010-09-13 04:21 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3a9a012a1f912cefb0ef9f69781264c8\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2010-09-13 04:22 . 2010-09-13 04:22 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\27894b3ee67930492bb4925dc27c9e6b\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2010-09-13 04:20 . 2010-09-13 04:20 2682880 c:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
+ 2010-09-13 04:18 . 2010-09-13 04:18 20242432 c:\windows\Installer\c6716.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-08-25 14:36 70264 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-10-19 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-10-19 126976]
"readericon10"="c:\program files\Multimedia Card Reader\readericon10.exe" [2007-05-03 131072]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"Asus USB Switch"="c:\windows\system32\AsusUSBSwitch\AsUsbSw.exe" [2005-10-27 20480]
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-8-19 503808]
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-10 805392]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 09:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*
isabled:Windows Remote Management
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/12/2010 12:08 PM 165584]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [8/25/2010 7:40 AM 76768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/12/2010 12:08 PM 17744]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [3/28/2010 1:43 AM 10640]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/3/2010 5:01 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/3/2010 5:01 PM 20952]
S0 cerc6;cerc6; [x]
S1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS --> c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.SYS --> c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [?]
S3 libusb0;LibUsb-Win32 - Kernel Driver 1.1.14.3, 06/11/2010;c:\windows\system32\drivers\libusb0.sys [6/14/2010 9:13 PM 21504]
S3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS --> c:\program files\SUPERAntiSpyware\SASENUM.SYS [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [4/13/2008 4:00 PM 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
2010-09-13 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-09-07 21:11]
2010-09-13 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-09-07 18:08]
2010-09-13 c:\windows\Tasks\Driver Robot.job
- c:\program files\Driver Robot\Driver Robot.lnk [2010-09-13 04:49]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5555
IE: &Download All using 4shared Desktop
IE: &Download All with FlashGet
IE: &Download with FlashGet
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
LSP: c:\windows\system32\idmmbc.dll
FF - ProfilePath - c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\documents and settings\Administrator.ALO.000\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\Administrator.ALO.000\Application Data\Mozilla\Firefox\Profiles\7s5vudf7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
BHO-{9384bd4c-dd14-4be9-80f7-f6277511e4f5} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, <a href="http://www.gmer.net" target="_blank">http://www.gmer.net</a>
Rootkit scan 2010-09-13 11:50
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{148c1a30-91e2-428c-b867-0575c5c799f6}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f1
"Therad"=dword:00000017
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):52,c1,bb,99,4f,5c,1d,a5,2c,87,8f,35,b7,db,6c,6e,83,3b,e1,85,d2,
e0,59,4b,75,1a,5f,0b,03,85,19,ea,bb,a9,17,13,db,29,0f,f7,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(800)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
- - - - - - - > 'explorer.exe'(2428)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-09-13 11:53:55
ComboFix-quarantined-files.txt 2010-09-13 18:53
ComboFix2.txt 2010-09-10 19:27
Pre-Run: 24,770,605,056 bytes free
Post-Run: 24,952,274,944 bytes free
- - End Of File - - 4FBB1F7D17FFCDDC5E9095EB35A78A3C