Tregt internett (combofix, HJT)

**Gavekort** · 17. mars 2009

ComboFix 09-03-15.01 - Fredrik 2009-03-17 8:26:19.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1188 [GMT 1:00]

Running from: e:\documents and settings\Fredrik\Desktop\ComboFix.exe

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

E:\install.exe

G:\install.exe

.

((((((((((((((((((((((((( Files Created from 2009-02-17 to 2009-03-17 )))))))))))))))))))))))))))))))

.

2009-03-16 12:11 . 2009-03-16 12:15

d-------- e:\program files\Google

2009-03-16 12:11 . 2009-03-16 13:12

d-------- e:\documents and settings\All Users\Application Data\Google Updater

2009-03-16 09:34 . 2009-03-16 09:36

d-------- e:\program files\Emote

2009-03-16 09:06 . 2009-03-16 09:06 83 --a------ e:\windows\wwp.INI

2009-03-15 14:23 . 2009-03-15 14:23

d--h-c--- e:\documents and settings\All Users\Application Data\{EFBDC0EC-2698-4A44-8AAD-4113D6D8BB82}

2009-03-15 14:22 . 2009-03-15 14:22

d--h-c--- e:\documents and settings\All Users\Application Data\{902029B2-957E-4066-85FA-30DA31731718}

2009-03-15 13:16 . 2007-08-08 09:52 185,856 --a------ e:\windows\system32\drivers\rig3usb.sys

2009-03-15 13:16 . 2007-08-08 09:52 25,600 --a------ e:\windows\system32\drivers\rig3avs.sys

2009-03-15 13:14 . 2009-03-15 14:22

d-------- e:\program files\Common Files\Native Instruments

2009-03-15 13:14 . 2009-03-15 13:14

d-------- e:\program files\Common Files\Digidesign

2009-03-15 13:12 . 2009-03-15 13:16

d-------- e:\program files\Native Instruments

2009-03-14 00:27 . 2009-03-14 00:27

d-------- e:\program files\Microsoft Games

2009-03-13 22:41 . 2009-03-13 22:41

d-------- e:\program files\Team17

2009-03-11 22:36 . 2008-04-14 13:00 221,184 --a------ e:\windows\system32\wmpns.dll

2009-03-11 22:36 . 2009-03-11 22:36 1,374 --a------ e:\windows\imsins.BAK

2009-03-06 20:49 . 2009-03-10 08:43

d-------- e:\windows\system32\Adobe

2009-03-06 20:49 . 2009-01-16 18:34 499,712 --a------ e:\windows\system32\msvcp71.dll

2009-03-06 20:49 . 2009-01-16 18:34 348,160 --a------ e:\windows\system32\msvcr71.dll

2009-03-03 13:57 . 2008-10-10 04:52 4,379,984 --a------ e:\windows\system32\D3DX9_40.dll

2009-03-03 13:57 . 2008-10-10 04:52 2,036,576 --a------ e:\windows\system32\D3DCompiler_40.dll

2009-03-03 13:57 . 2008-10-27 10:04 514,384 --a------ e:\windows\system32\XAudio2_3.dll

2009-03-03 13:57 . 2008-10-10 04:52 452,440 --a------ e:\windows\system32\d3dx10_40.dll

2009-03-03 13:57 . 2008-10-27 10:04 235,856 --a------ e:\windows\system32\xactengine3_3.dll

2009-03-03 13:57 . 2008-10-27 10:04 70,992 --a------ e:\windows\system32\XAPOFX1_2.dll

2009-03-03 13:57 . 2008-10-27 10:04 23,376 --a------ e:\windows\system32\X3DAudio1_5.dll

2009-03-03 13:56 . 2009-03-03 13:57

d--h----- e:\windows\msdownld.tmp

2009-03-03 13:56 . 2009-03-03 13:56

d-------- e:\windows\Logs

2009-03-03 13:56 . 2009-03-03 13:56

d-------- e:\program files\Utherverse Digital Inc

2009-03-02 20:31 . 2009-03-02 20:33

d-------- e:\program files\eMule

2009-03-02 11:35 . 2009-03-02 11:36

d-------- e:\program files\FileZilla FTP Client

2009-02-28 22:59 . 2009-02-28 23:02

d-------- e:\program files\Postal2

2009-02-28 22:58 . 1999-12-17 08:13 86,016 --a------ e:\windows\unvise32.exe

2009-02-28 22:56 . 2009-02-28 23:15

d-------- e:\program files\Postal2STP

2009-02-26 16:47 . 2009-02-26 16:47

d-------- e:\program files\Spotify

2009-02-26 16:47 . 2009-03-17 08:29

d-------- e:\documents and settings\Fredrik\Application Data\Spotify

2009-02-24 21:41 . 2009-02-24 21:41

d-------- e:\documents and settings\Fredrik\Application Data\Windows Live Writer

2009-02-24 19:48 . 2009-02-24 19:48

d-------- e:\program files\Microsoft Sync Framework

2009-02-24 19:48 . 2009-02-24 19:48

d-------- e:\program files\Microsoft Office Outlook Connector

2009-02-24 19:48 . 2009-02-06 18:08 55,152 --a------ e:\windows\system32\drivers\fssfltr_tdi.sys

2009-02-24 19:47 . 2009-02-24 19:47

d-------- e:\program files\Microsoft SQL Server Compact Edition

2009-02-23 17:10 . 2009-02-23 22:34

d-------- e:\windows\system32\NtmsData

2009-02-23 17:07 . 2007-06-29 14:47 34,304 --a------ e:\windows\system32\drivers\AmdLLD.sys

2009-02-23 01:48 . 2009-03-02 10:03 22,528 --a------ e:\windows\system32\drivers\nhcDriver.sys

2009-02-22 20:01 . 2009-02-23 01:48

d-------- e:\program files\Notebook Hardware Control

2009-02-20 08:04 . 2009-02-20 08:05

d-------- e:\program files\Malwarebytes' Anti-Malware

2009-02-20 08:04 . 2009-02-11 10:19 38,496 --a------ e:\windows\system32\drivers\mbamswissarmy.sys

2009-02-20 08:04 . 2009-02-11 10:19 15,504 --a------ e:\windows\system32\drivers\mbam.sys

2009-02-20 07:50 . 2009-02-20 07:50

d-------- e:\program files\Minilyrics

2009-02-20 07:50 . 2009-03-10 08:20

d-------- E:\Lyrics

2009-02-20 07:50 . 2009-03-17 01:34

d-------- e:\documents and settings\Fredrik\Application Data\MiniLyrics

2009-02-18 14:37 . 2009-02-18 14:37

d-------- e:\program files\Mp3 Duplicate Finder

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-17 07:10 --------- d-----w e:\documents and settings\Fredrik\Application Data\foobar2000

2009-03-17 06:16 --------- d-----w e:\documents and settings\Fredrik\Application Data\uTorrent

2009-03-15 13:23 --------- d-----w e:\program files\VstPlugins

2009-03-13 23:33 --------- d--h--w e:\program files\InstallShield Installation Information

2009-03-13 08:47 --------- d-----w e:\program files\FreeCap

2009-03-11 21:36 --------- d-----w e:\documents and settings\All Users\Application Data\Microsoft Help

2009-03-03 08:18 --------- d-----w e:\program files\Activision

2009-03-02 16:01 --------- d-----w e:\documents and settings\Fredrik\Application Data\FileZilla

2009-03-01 00:57 --------- d-----w e:\program files\SpeedFan

2009-03-01 00:39 --------- d-----w e:\documents and settings\Fredrik\Application Data\dvdcss

2009-02-27 14:53 --------- d-----w e:\program files\Microsoft Silverlight

2009-02-24 18:49 --------- d-----w e:\program files\Microsoft

2009-02-24 18:48 --------- d-----w e:\program files\Windows Live

2009-02-23 16:09 --------- d-----w e:\program files\AMD

2009-02-19 10:28 --------- d-----w e:\documents and settings\Fredrik\Application Data\vlc

2009-02-11 12:38 34 ----a-w e:\documents and settings\Fredrik\jagex_runescape_preferences.dat

2009-02-09 11:08 1,847,552 ----a-w e:\windows\system32\win32k.sys

2009-02-06 18:03 307,576 ----a-w e:\windows\WLXPGSS.SCR

2009-02-06 17:52 49,504 ----a-w e:\windows\system32\sirenacm.dll

2009-02-03 08:30 --------- d-----w e:\documents and settings\Fredrik\Application Data\Audacity

2009-02-02 17:43 271,360 ----a-w e:\windows\system32\drivers\atksgt.sys

2009-02-02 17:43 18,048 ----a-w e:\windows\system32\drivers\lirsgt.sys

2009-02-01 15:55 --------- d-----w e:\program files\Guitar Pro 5

2009-01-30 07:47 22,328 ----a-w e:\windows\system32\drivers\PnkBstrK.sys

2009-01-30 07:47 103,736 ----a-w e:\windows\system32\PnkBstrB.exe

2009-01-29 07:57 --------- d-----w e:\program files\Prism

2009-01-29 07:56 --------- d-----w e:\documents and settings\Fredrik\Application Data\WebApps

2009-01-29 07:56 --------- d-----w e:\documents and settings\Fredrik\Application Data\Prism

2009-01-27 11:37 --------- d-----w e:\program files\My Lockbox

2009-01-27 07:48 43,520 ----a-w e:\windows\system32\CmdLineExt03.dll

2009-01-26 21:56 --------- d-----w e:\program files\Activision Value

2009-01-26 11:20 66,872 ----a-w e:\windows\system32\PnkBstrA.exe

2009-01-26 11:18 22,328 ----a-w e:\documents and settings\Fredrik\Application Data\PnkBstrK.sys

2009-01-26 08:44 --------- d-----w e:\documents and settings\All Users\Application Data\YoYoGames

2009-01-25 17:48 --------- d-----w e:\program files\World of Warcraft

2009-01-23 23:47 --------- d-----w e:\documents and settings\Fredrik\Application Data\Ulead Systems

2009-01-23 23:47 --------- d-----w e:\documents and settings\All Users\Application Data\Ulead Systems

2009-01-23 23:45 --------- d-----w e:\documents and settings\All Users\Application Data\Nero

2009-01-23 23:43 --------- d-----w e:\program files\Ulead Systems

2009-01-23 23:43 --------- d-----w e:\program files\Common Files\Ulead Systems

2009-01-23 23:27 --------- d-----w e:\program files\Nero

2009-01-23 16:53 --------- d-----w e:\documents and settings\Fredrik\Application Data\ESET

2009-01-23 16:52 --------- d-----w e:\program files\ESET

2009-01-23 16:52 --------- d-----w e:\documents and settings\All Users\Application Data\ESET

2009-01-23 16:51 --------- d-----w e:\documents and settings\All Users\Application Data\Avg8

2009-01-23 16:12 --------- d-----w e:\program files\Trend Micro

2009-01-23 15:47 --------- d-----w e:\program files\Kg

2009-01-23 12:42 --------- d-----w e:\program files\Windows Desktop Search

2009-01-23 12:09 --------- d-----w e:\program files\Microsoft Virtual PC

2009-01-23 11:48 --------- d-----w e:\program files\Sandboxie

2009-01-23 11:13 --------- d-----w e:\program files\WIDCOMM

2009-01-23 08:53 --------- d-----w e:\documents and settings\All Users\Application Data\Last.fm

2009-01-23 08:52 --------- d-----w e:\program files\Last.fm

2009-01-23 07:44 --------- d-----w e:\program files\Audacity 1.3 Beta (Unicode)

2009-01-22 18:15 --------- d-----w e:\documents and settings\Fredrik\Application Data\DivX

2009-01-22 18:09 --------- d-----w e:\documents and settings\Fredrik\Application Data\LG Electronics

2009-01-22 18:08 --------- d-----w e:\program files\DivX

2009-01-22 18:06 --------- d-----w e:\program files\LG Electronics

2009-01-22 18:05 --------- d-----w e:\program files\LG PC Suite 2

2009-01-21 16:37 --------- d-----w e:\program files\rgcaudio software

2009-01-21 07:09 --------- d--h--w e:\program files\Zero G Registry

2009-01-21 06:59 --------- d-----w e:\program files\ASIO4ALL v2

2009-01-20 19:07 --------- d-----w e:\program files\MSXML 4.0

2009-01-20 17:29 --------- d-----w e:\program files\NOS

2009-01-20 17:29 --------- d-----w e:\program files\Image-Line

2009-01-20 17:29 --------- d-----w e:\documents and settings\All Users\Application Data\NOS

2009-01-20 17:28 --------- d-----w e:\program files\Outsim

2009-01-20 12:00 --------- d-----w e:\program files\UT2004

2009-01-20 07:54 --------- d-----w e:\program files\THQ

2009-01-19 12:18 --------- d-----w e:\program files\Siemens

2009-01-19 09:48 --------- d-----w e:\program files\Game_Maker7

2009-01-19 07:31 --------- d-----w e:\program files\Common Files\Adobe AIR

2009-01-19 07:30 --------- d-----w e:\program files\Common Files\Adobe

2009-01-18 21:32 --------- d-----w e:\program files\VideoLAN

2009-01-18 16:54 --------- d-----w e:\program files\Windows Live SkyDrive

2009-01-18 16:52 --------- d-----w e:\program files\Common Files\Windows Live

2009-01-18 12:40 --------- d-----w e:\program files\NeoSmart Technologies

2009-01-17 23:23 --------- d-----w e:\program files\Warcraft III

2009-01-17 23:09 --------- d-----w e:\program files\RivaTuner v2.22

2009-01-16 07:06 2,829 ----a-w e:\windows\War3Unin.pif

2009-01-16 07:06 126,976 ----a-w e:\windows\War3Unin.exe

2009-01-14 09:20 410,984 ----a-w e:\windows\system32\deploytk.dll

2009-01-14 07:58 87,280 ----a-w e:\windows\system32\bcmwlcoi.dll

2008-12-20 23:56 827,904 ----a-w e:\windows\system32\wininet.dll

.

((((((((((((((((((((((((((((( snapshot@2009-01-23_17.25.50.25 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-07-09 07:38:24 17,272 ----a-w e:\windows\$hf_mig$\KB960715\spmsg.dll

+ 2008-07-09 07:38:25 231,288 ----a-w e:\windows\$hf_mig$\KB960715\spuninst.exe

+ 2008-07-09 07:38:24 26,488 ----a-w e:\windows\$hf_mig$\KB960715\update\spcustom.dll

+ 2008-11-15 17:18:04 755,576 ----a-w e:\windows\$hf_mig$\KB960715\update\update.exe

+ 2008-07-09 07:38:37 382,840 ----a-w e:\windows\$hf_mig$\KB960715\update\updspapi.dll

+ 2008-07-09 07:38:25 231,288 -c----w e:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe

+ 2008-07-09 07:38:37 382,840 -c----w e:\windows\$NtUninstallKB960715$\spuninst\updspapi.dll

- 2009-01-15 08:22:52 53,248 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2009-03-13 23:33:25 53,248 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

- 2009-01-15 08:22:52 12,800 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2009-03-13 23:33:25 12,800 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

- 2009-01-15 08:22:53 473,600 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2009-03-13 23:33:25 473,600 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2009-01-26 11:19:04 2,676,224 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-26 11:19:05 2,846,720 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-26 11:19:06 563,712 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-01-15 08:22:53 567,296 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-03-13 23:33:23 567,296 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-03-13 23:33:25 576,000 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-26 11:19:07 577,024 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-26 11:19:07 577,536 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-26 11:19:08 577,536 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-26 11:19:08 578,560 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-26 11:19:10 578,560 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-01-15 08:22:54 145,920 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2009-03-13 23:33:26 145,920 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

- 2009-01-15 08:22:54 159,232 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

+ 2009-03-13 23:33:26 159,232 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

- 2009-01-15 08:22:54 364,544 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2009-03-13 23:33:26 364,544 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

- 2009-01-15 08:22:55 178,176 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2009-03-13 23:33:26 178,176 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

- 2009-01-15 08:22:51 223,232 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2009-03-13 23:33:24 223,232 ----a-w e:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2009-02-24 18:47:18 236,392 ----a-w e:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll

+ 2009-02-24 20:47:00 15,872 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f0e9a97ade4529d4caeccd467aa8e7db\Microsoft.VisualC.ni.dll

+ 2009-02-22 19:26:49 4,868,096 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\nhc\719dbbd3c849dc8d07fffedbe392e4bc\nhc.ni.exe

+ 2009-02-24 20:47:03 1,115,136 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\57f7cf02ea17b36bc3d9c75c22d0f551\System.Data.OracleClient.ni.dll

+ 2009-02-24 20:47:02 771,584 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3736ba3ecac186f9c5d85f01bda2be98\System.Runtime.Remoting.ni.dll

+ 2009-02-24 20:47:09 145,920 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\62b65d3d289454341e3af905242ab44d\WindowsLive.Client.ni.dll

+ 2009-02-24 20:47:05 258,048 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\15238f39a0218c2aea4ba3191f4c24ef\WindowsLive.Writer.Mshtml.ni.dll

+ 2009-02-24 20:47:00 152,064 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\272ad9757326dae2c20b8639cffded5b\WindowsLive.Writer.HtmlParser.ni.dll

+ 2009-02-24 20:47:06 1,104,896 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\28d67eaf85a7c51faa26958b2517a4e2\WindowsLive.Writer.ApplicationFramework.ni.dll

+ 2009-02-24 20:46:59 313,856 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\31abd26477d1ba30db1cacc0fee4d955\WindowsLive.Writer.Interop.SHDocVw.ni.dll

+ 2009-02-24 20:47:07 118,272 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3e60997db3f5c7b80930e743b40c859f\WindowsLive.Writer.Extensibility.ni.dll

+ 2009-02-24 20:46:56 843,264 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3f27e73e97d5d09b0f7ba8b0ce697425\WindowsLive.Writer.Controls.ni.dll

+ 2009-02-24 20:46:58 319,488 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\642db0e8a7c0848bc24a4e2d3081bc51\WindowsLive.Writer.Interop.ni.dll

+ 2009-02-24 20:47:04 428,032 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\67a0dbad49a00632c03e1112e8daaee2\WindowsLive.Writer.Localization.ni.dll

+ 2009-02-24 20:47:10 594,432 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\69abadc1a288dabb051ecb756d741519\WindowsLive.Writer.HtmlEditor.ni.dll

+ 2009-02-24 20:47:11 118,784 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6ccf2d7002ba7323fd5cc9d3595da10b\WindowsLive.Writer.FileDestinations.ni.dll

+ 2009-02-24 20:47:07 99,840 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8f229ad3ece638924d0674e548acaee0\WindowsLive.Writer.Api.ni.dll

+ 2009-02-24 20:47:00 334,848 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\98c63fba541c3811e0bb051e1eedacc1\WindowsLive.Writer.Interop.Mshtml.ni.dll

+ 2009-02-24 20:47:11 321,536 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a6094d4864d2568c5047da4318447edf\WindowsLive.Writer.SpellChecker.ni.dll

+ 2009-02-24 20:46:59 173,568 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b58e170a44e70671b215372f9ea1ccef\WindowsLive.Writer.BrowserControl.ni.dll

+ 2009-02-24 20:47:12 117,760 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cfc7f9bcc1f88d61548a47368ad3bd94\WindowsLive.Writer.Instrumentation.ni.dll

+ 2009-02-24 20:47:08 851,456 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d4e1e0cd4ca7a30274695b7693baad9c\WindowsLive.Writer.BlogClient.ni.dll

+ 2009-02-24 20:46:55 6,390,272 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\da5d60d7708d4edfb6e1411ed47d02fa\WindowsLive.Writer.PostEditor.ni.dll

+ 2009-02-24 20:46:58 2,002,432 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e2e4243c6d0761d0a0e9f9a0893a5c59\WindowsLive.Writer.CoreServices.ni.dll

+ 2009-02-24 20:47:04 108,544 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e638afe12334f82cb8c5c5a83981e082\WindowsLive.Writer.Passport.ni.dll

+ 2009-02-24 20:47:12 627,200 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\29d215a062576bf9f39bc552659eff2b\WindowsLiveLocal.WriterPlugin.ni.dll

+ 2009-02-24 20:46:49 47,616 ----a-w e:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\585c77b48d8e88e8e0feac0c58d205f1\WindowsLiveWriter.ni.exe

+ 2008-10-16 20:24:09 124,928 -c----w e:\windows\ie7updates\KB961260-IE7\advpack.dll

+ 2008-10-16 20:24:09 347,136 -c----w e:\windows\ie7updates\KB961260-IE7\dxtmsft.dll

+ 2008-10-16 20:24:09 214,528 -c----w e:\windows\ie7updates\KB961260-IE7\dxtrans.dll

+ 2008-10-16 20:24:09 132,608 -c----w e:\windows\ie7updates\KB961260-IE7\extmgr.dll

+ 2008-10-16 20:24:09 63,488 -c----w e:\windows\ie7updates\KB961260-IE7\icardie.dll

+ 2008-10-16 12:46:08 70,656 -c----w e:\windows\ie7updates\KB961260-IE7\ie4uinit.exe

+ 2008-10-16 20:24:09 153,088 -c----w e:\windows\ie7updates\KB961260-IE7\ieakeng.dll

+ 2008-10-16 20:24:09 230,400 -c----w e:\windows\ie7updates\KB961260-IE7\ieaksie.dll

+ 2008-10-15 06:33:26 161,792 -c----w e:\windows\ie7updates\KB961260-IE7\ieakui.dll

+ 2008-10-16 20:24:09 380,928 -c----w e:\windows\ie7updates\KB961260-IE7\ieapfltr.dll

+ 2008-10-16 20:24:09 388,608 -c----w e:\windows\ie7updates\KB961260-IE7\iedkcs32.dll

+ 2008-10-16 20:24:09 6,068,224 -c----w e:\windows\ie7updates\KB961260-IE7\ieframe.dll

+ 2008-10-16 20:24:09 44,544 -c----w e:\windows\ie7updates\KB961260-IE7\iernonce.dll

+ 2008-10-16 20:24:09 267,776 -c----w e:\windows\ie7updates\KB961260-IE7\iertutil.dll

+ 2008-10-16 12:46:08 13,824 -c----w e:\windows\ie7updates\KB961260-IE7\ieudinit.exe

+ 2008-10-15 06:34:58 633,632 -c----w e:\windows\ie7updates\KB961260-IE7\iexplore.exe

+ 2008-10-16 20:24:10 27,648 -c----w e:\windows\ie7updates\KB961260-IE7\jsproxy.dll

+ 2008-10-16 20:24:10 459,264 -c----w e:\windows\ie7updates\KB961260-IE7\msfeeds.dll

+ 2008-10-16 20:24:10 52,224 -c----w e:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll

+ 2008-12-13 06:26:56 3,594,752 -c----w e:\windows\ie7updates\KB961260-IE7\mshtml.dll

+ 2008-10-16 20:24:10 477,696 -c----w e:\windows\ie7updates\KB961260-IE7\mshtmled.dll

+ 2008-10-16 20:24:10 193,024 -c----w e:\windows\ie7updates\KB961260-IE7\msrating.dll

+ 2008-10-16 20:24:10 671,232 -c----w e:\windows\ie7updates\KB961260-IE7\mstime.dll

+ 2008-10-16 20:24:10 102,912 -c----w e:\windows\ie7updates\KB961260-IE7\occache.dll

+ 2008-10-16 20:24:10 44,544 -c----w e:\windows\ie7updates\KB961260-IE7\pngfilt.dll

+ 2007-03-06 01:22:41 213,216 -c----w e:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w e:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll

+ 2008-10-16 20:24:10 105,984 -c----w e:\windows\ie7updates\KB961260-IE7\url.dll

+ 2008-10-16 20:24:11 1,163,264 -c----w e:\windows\ie7updates\KB961260-IE7\urlmon.dll

+ 2008-10-16 20:24:11 233,472 -c----w e:\windows\ie7updates\KB961260-IE7\webcheck.dll

+ 2008-10-16 20:24:11 827,904 -c----w e:\windows\ie7updates\KB961260-IE7\wininet.dll

- 2009-01-18 16:55:12 80,395 ----a-r e:\windows\Installer\{0AAA9C97-74D4-47CE-B089-0B147EF3553C}\MsblIco.Exe

+ 2009-02-24 18:46:52 80,395 ----a-r e:\windows\Installer\{0AAA9C97-74D4-47CE-B089-0B147EF3553C}\MsblIco.Exe

+ 2009-02-24 18:47:50 132,096 ----a-r e:\windows\Installer\{3C52E7DA-C431-4239-B66B-1BF703D5B194}\WLXPhotoGalleryIcon.exe

+ 2009-03-16 11:15:30 363,246 ----a-r e:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\ARPPRODUCTICON.exe

+ 2009-03-16 11:15:30 25,214 ----a-r e:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe

+ 2009-03-16 11:15:30 25,214 ----a-r e:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe

+ 2009-03-16 11:15:30 25,214 ----a-r e:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe

+ 2009-03-16 11:15:30 25,214 ----a-r e:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe

+ 2009-03-16 11:15:30 25,214 ----a-r e:\windows\Installer\{548EAC70-EE00-11DD-908C-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe

+ 2009-02-24 18:47:10 58,945 ----a-r e:\windows\Installer\{63C1109E-D977-49ED-BCE3-D00D0BF187D6}\wlmail.exe

+ 2009-03-13 23:32:33 61,440 ----a-r e:\windows\Installer\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}\ARPPRODUCTICON.exe

+ 2009-02-23 16:07:15 300,318 ----a-r e:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\_55699751CB48445A6D7518.exe

+ 2009-02-23 16:07:15 300,318 ----a-r e:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\_6FEFF9B68218417F98F549.exe

+ 2009-02-23 16:07:15 300,318 ----a-r e:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\ico.exe

- 2009-01-22 15:18:29 1,165,584 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2009-03-11 21:36:26 1,165,584 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

- 2009-01-22 15:18:31 20,240 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2009-03-11 21:36:27 20,240 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

- 2009-01-22 15:18:29 159,504 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2009-03-11 21:36:26 159,504 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

- 2009-01-22 15:18:30 184,080 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

+ 2009-03-11 21:36:27 184,080 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2009-01-22 15:18:31 217,864 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

+ 2009-03-11 21:36:27 217,864 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

- 2009-01-22 15:18:32 18,704 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

+ 2009-03-11 21:36:27 18,704 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2009-01-22 15:18:32 35,088 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

+ 2009-03-11 21:36:27 35,088 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

- 2009-01-22 15:18:30 845,584 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2009-03-11 21:36:27 845,584 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

- 2009-01-22 15:18:30 922,384 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

+ 2009-03-11 21:36:27 922,384 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

- 2009-01-22 15:18:31 272,648 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

+ 2009-03-11 21:36:27 272,648 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

- 2009-01-22 15:18:32 888,080 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

+ 2009-03-11 21:36:27 888,080 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

- 2009-01-22 15:18:29 1,172,240 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2009-03-11 21:36:26 1,172,240 ----a-r e:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2009-02-24 18:49:00 29,316 ----a-r e:\windows\Installer\{95120000-0120-0409-0000-0000000FF1CE}\olc_setup.exe

+ 2009-01-23 23:43:37 360,518 ----a-r e:\windows\Installer\{A3BE3F1E-2472-4211-8735-E8239BE49D9F}\ARPPRODUCTICON.exe

+ 2009-01-23 16:34:29 40,960 ----a-r e:\windows\Installer\{ECD942FB-A68D-4536-994B-00BA538D9D63}\ARPPRODUCTICON.exe

+ 2009-01-23 16:34:29 40,960 ----a-r e:\windows\Installer\{ECD942FB-A68D-4536-994B-00BA538D9D63}\New_Shortcut_S1653_E17B720AC24948DD82DE289E64D5CAA3.exe

+ 2009-02-24 18:46:12 62,304 ----a-r e:\windows\Installer\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}\IconWlc.exe

- 2004-09-29 10:38:58 2,676,224 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll

+ 2004-09-29 11:38:58 2,676,224 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll

- 2005-05-26 13:15:56 576,000 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-05-26 14:15:56 576,000 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll

- 2005-07-22 15:21:34 577,024 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-07-22 16:21:34 577,024 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll

- 2005-09-28 12:11:52 577,536 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-09-28 13:11:52 577,536 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll

- 2006-03-31 09:27:50 578,560 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll

+ 2006-03-31 10:27:50 578,560 ----a-w e:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll

+ 2009-01-16 18:17:04 114,688 ----a-w e:\windows\system32\Adobe\Director\np32dsw.dll

+ 2009-01-16 18:25:34 202,168 ----a-w e:\windows\system32\Adobe\Director\SwDir.dll

+ 2009-01-16 18:17:42 499,712 ----a-w e:\windows\system32\Adobe\Shockwave 11\Control.dll

+ 2009-01-16 17:58:24 1,798,144 ----a-w e:\windows\system32\Adobe\Shockwave 11\dirapi.dll

+ 2009-01-16 18:17:46 9,216 ----a-w e:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll

+ 2009-01-16 17:45:12 703,488 ----a-w e:\windows\system32\Adobe\Shockwave 11\gi.dll

+ 2009-01-16 17:45:12 1,145,896 ----a-w e:\windows\system32\Adobe\Shockwave 11\gt.exe

+ 2009-01-16 17:45:12 52,288 ----a-w e:\windows\system32\Adobe\Shockwave 11\gtapi.dll

+ 2009-01-16 17:54:42 892,928 ----a-w e:\windows\system32\Adobe\Shockwave 11\iml32.dll

+ 2009-01-16 18:16:22 266,240 ----a-w e:\windows\system32\Adobe\Shockwave 11\Plugin.dll

+ 2009-01-16 18:18:16 446,464 ----a-w e:\windows\system32\Adobe\Shockwave 11\Proj.dll

+ 2009-01-16 18:25:14 460,216 ----a-w e:\windows\system32\Adobe\Shockwave 11\SwHelper_1103472.exe

+ 2009-01-16 18:16:08 114,688 ----a-w e:\windows\system32\Adobe\Shockwave 11\SwInit.exe

+ 2009-01-16 18:16:06 94,208 ----a-w e:\windows\system32\Adobe\Shockwave 11\SwMenu.dll

+ 2009-01-16 17:45:12 58,736 ----a-w e:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL

+ 1999-06-25 09:55:30 149,504 ----a-w e:\windows\system32\Adobe\Shockwave 11\UNWISE.EXE

- 2008-10-16 20:24:09 124,928 ----a-w e:\windows\system32\advpack.dll

+ 2008-12-20 23:55:43 124,928 ----a-w e:\windows\system32\advpack.dll

- 2007-05-16 14:45:16 1,124,720 ----a-w e:\windows\system32\D3DCompiler_34.dll

+ 2007-05-16 15:45:16 1,124,720 ----a-w e:\windows\system32\D3DCompiler_34.dll

- 2007-05-16 14:45:16 443,752 ----a-w e:\windows\system32\d3dx10_34.dll

+ 2007-05-16 15:45:16 443,752 ----a-w e:\windows\system32\d3dx10_34.dll

- 2005-05-26 13:34:52 2,297,552 ----a-w e:\windows\system32\d3dx9_26.dll

+ 2005-05-26 14:34:52 2,297,552 ----a-w e:\windows\system32\d3dx9_26.dll

- 2005-07-22 17:59:04 2,319,568 ----a-w e:\windows\system32\d3dx9_27.dll

+ 2005-07-22 18:59:04 2,319,568 ----a-w e:\windows\system32\d3dx9_27.dll

- 2006-03-31 10:40:58 2,388,176 ----a-w e:\windows\system32\d3dx9_30.dll

+ 2006-03-31 11:40:58 2,388,176 ----a-w e:\windows\system32\d3dx9_30.dll

- 2006-09-28 14:05:20 2,414,360 ----a-w e:\windows\system32\d3dx9_31.dll

+ 2006-09-28 15:05:20 2,414,360 ----a-w e:\windows\system32\d3dx9_31.dll

- 2007-05-16 14:45:16 3,497,832 ----a-w e:\windows\system32\d3dx9_34.dll

+ 2007-05-16 15:45:16 3,497,832 ----a-w e:\windows\system32\d3dx9_34.dll

- 2008-10-16 20:24:09 124,928 -c--a-w e:\windows\system32\dllcache\advpack.dll

+ 2008-12-20 23:55:43 124,928 -c--a-w e:\windows\system32\dllcache\advpack.dll

- 2008-10-16 20:24:09 347,136 -c--a-w e:\windows\system32\dllcache\dxtmsft.dll

+ 2008-12-20 23:55:44 347,136 -c--a-w e:\windows\system32\dllcache\dxtmsft.dll

- 2008-10-16 20:24:09 214,528 -c--a-w e:\windows\system32\dllcache\dxtrans.dll

+ 2008-12-20 23:55:44 214,528 -c--a-w e:\windows\system32\dllcache\dxtrans.dll

- 2008-10-16 20:24:09 132,608 -c--a-w e:\windows\system32\dllcache\extmgr.dll

+ 2008-12-20 23:55:44 132,608 -c--a-w e:\windows\system32\dllcache\extmgr.dll

+ 2008-04-14 04:41:56 21,504 -c--a-w e:\windows\system32\dllcache\hidserv.dll

- 2008-10-16 20:24:09 63,488 -c----w e:\windows\system32\dllcache\icardie.dll

+ 2008-12-20 23:55:45 63,488 -c----w e:\windows\system32\dllcache\icardie.dll

- 2008-10-16 12:46:08 70,656 -c--a-w e:\windows\system32\dllcache\ie4uinit.exe

+ 2008-12-19 09:41:51 70,656 -c--a-w e:\windows\system32\dllcache\ie4uinit.exe

- 2008-10-16 20:24:09 153,088 -c--a-w e:\windows\system32\dllcache\ieakeng.dll

+ 2008-12-20 23:55:45 153,088 -c--a-w e:\windows\system32\dllcache\ieakeng.dll

- 2008-10-16 20:24:09 230,400 -c--a-w e:\windows\system32\dllcache\ieaksie.dll

+ 2008-12-20 23:55:45 230,400 -c--a-w e:\windows\system32\dllcache\ieaksie.dll

- 2008-10-15 06:33:26 161,792 -c--a-w e:\windows\system32\dllcache\ieakui.dll

+ 2008-12-19 05:24:02 161,792 -c--a-w e:\windows\system32\dllcache\ieakui.dll

- 2008-10-16 20:24:09 380,928 -c----w e:\windows\system32\dllcache\ieapfltr.dll

+ 2008-12-20 23:55:46 380,928 -c----w e:\windows\system32\dllcache\ieapfltr.dll

- 2008-10-16 20:24:09 388,608 -c--a-w e:\windows\system32\dllcache\iedkcs32.dll

+ 2008-12-20 23:55:46 388,608 -c--a-w e:\windows\system32\dllcache\iedkcs32.dll

- 2008-10-16 20:24:09 6,068,224 -c----w e:\windows\system32\dllcache\ieframe.dll

+ 2008-12-20 23:55:50 6,068,736 -c----w e:\windows\system32\dllcache\ieframe.dll

- 2008-10-16 20:24:09 44,544 -c--a-w e:\windows\system32\dllcache\iernonce.dll

+ 2008-12-20 23:55:50 44,544 -c--a-w e:\windows\system32\dllcache\iernonce.dll

- 2008-10-16 20:24:09 267,776 -c----w e:\windows\system32\dllcache\iertutil.dll

+ 2008-12-20 23:55:50 267,776 -c----w e:\windows\system32\dllcache\iertutil.dll

- 2008-10-16 12:46:08 13,824 -c----w e:\windows\system32\dllcache\ieudinit.exe

+ 2008-12-19 09:41:52 13,824 -c----w e:\windows\system32\dllcache\ieudinit.exe

- 2008-10-15 06:34:58 633,632 -c--a-w e:\windows\system32\dllcache\iexplore.exe

+ 2008-12-19 05:25:30 634,024 -c--a-w e:\windows\system32\dllcache\iexplore.exe

- 2008-10-16 20:24:10 27,648 -c--a-w e:\windows\system32\dllcache\jsproxy.dll

+ 2008-12-20 23:55:51 27,648 -c--a-w e:\windows\system32\dllcache\jsproxy.dll

- 2008-10-16 20:24:10 459,264 -c----w e:\windows\system32\dllcache\msfeeds.dll

+ 2008-12-20 23:55:51 459,264 -c----w e:\windows\system32\dllcache\msfeeds.dll

- 2008-10-16 20:24:10 52,224 -c----w e:\windows\system32\dllcache\msfeedsbs.dll

+ 2008-12-20 23:55:51 52,224 -c----w e:\windows\system32\dllcache\msfeedsbs.dll

- 2008-12-13 06:26:56 3,594,752 -c--a-w e:\windows\system32\dllcache\mshtml.dll

+ 2009-01-16 16:24:38 3,596,288 -c--a-w e:\windows\system32\dllcache\mshtml.dll

- 2008-10-16 20:24:10 477,696 -c--a-w e:\windows\system32\dllcache\mshtmled.dll

+ 2008-12-20 23:55:56 477,696 -c--a-w e:\windows\system32\dllcache\mshtmled.dll

- 2008-10-16 20:24:10 193,024 -c--a-w e:\windows\system32\dllcache\msrating.dll

+ 2008-12-20 23:55:56 193,024 -c--a-w e:\windows\system32\dllcache\msrating.dll

- 2008-10-16 20:24:10 671,232 -c--a-w e:\windows\system32\dllcache\mstime.dll

+ 2008-12-20 23:55:57 671,232 -c--a-w e:\windows\system32\dllcache\mstime.dll

- 2008-10-16 20:24:10 102,912 -c--a-w e:\windows\system32\dllcache\occache.dll

+ 2008-12-20 23:55:57 102,912 -c--a-w e:\windows\system32\dllcache\occache.dll

- 2008-10-16 20:24:10 44,544 -c--a-w e:\windows\system32\dllcache\pngfilt.dll

+ 2008-12-20 23:55:57 44,544 -c--a-w e:\windows\system32\dllcache\pngfilt.dll

- 2008-04-14 12:00:00 144,384 -c--a-w e:\windows\system32\dllcache\schannel.dll

+ 2008-12-05 06:54:55 144,896 -c--a-w e:\windows\system32\dllcache\schannel.dll

- 2008-04-13 23:15:16 49,408 -c--a-w e:\windows\system32\dllcache\stream.sys

+ 2004-07-09 03:27:28 48,512 -c--a-w e:\windows\system32\dllcache\stream.sys

- 2008-10-16 20:24:10 105,984 -c--a-w e:\windows\system32\dllcache\url.dll

+ 2008-12-20 23:55:57 105,984 -c--a-w e:\windows\system32\dllcache\url.dll

- 2008-10-16 20:24:11 1,163,264 -c--a-w e:\windows\system32\dllcache\urlmon.dll

+ 2008-12-20 23:55:59 1,163,264 -c--a-w e:\windows\system32\dllcache\urlmon.dll

- 2008-10-16 20:24:11 233,472 -c--a-w e:\windows\system32\dllcache\webcheck.dll

+ 2008-12-20 23:55:59 233,472 -c--a-w e:\windows\system32\dllcache\webcheck.dll

- 2008-09-15 12:25:27 1,846,912 -c--a-w e:\windows\system32\dllcache\win32k.sys

+ 2009-02-09 11:08:53 1,847,552 -c--a-w e:\windows\system32\dllcache\win32k.sys

- 2008-10-16 20:24:11 827,904 -c--a-w e:\windows\system32\dllcache\wininet.dll

+ 2008-12-20 23:56:00 827,904 -c--a-w e:\windows\system32\dllcache\wininet.dll

- 2008-03-11 14:42:24 10,834,944 -c--a-w e:\windows\system32\dllcache\wmp.dll

+ 2008-11-11 17:34:42 10,838,016 -c--a-w e:\windows\system32\dllcache\wmp.dll

+ 2006-11-10 13:08:50 24,064 ----a-w e:\windows\system32\drivers\ATITool.sys

+ 2007-12-13 19:13:02 17,264 ----a-w e:\windows\system32\drivers\mprifl.sys

+ 2005-07-25 09:04:08 48,640 ------w e:\windows\system32\drivers\ser2pl.sys

+ 2005-01-14 16:14:07 47,616 ----a-w e:\windows\system32\drivers\sfdrv01.sys

+ 2004-10-28 10:47:59 6,656 ----a-w e:\windows\system32\drivers\sfhlp02.sys

+ 2004-12-03 10:20:41 20,544 ----a-w e:\windows\system32\drivers\sfsync02.sys

- 2008-04-13 23:15:16 49,408 ----a-w e:\windows\system32\drivers\stream.sys

+ 2004-07-09 03:27:28 48,512 ----a-w e:\windows\system32\drivers\stream.sys

+ 2004-12-23 03:47:10 27,392 ----a-r e:\windows\system32\drivers\ULCDRHlp.sys

+ 2009-02-06 17:08:42 55,152 -c--a-w e:\windows\system32\DRVSTORE\fssfltr_A1BAE7BA557F7F8ABCBF040E8C71D6B14223DCB0\fssfltr_tdi.sys

- 2008-10-16 20:24:09 347,136 ----a-w e:\windows\system32\dxtmsft.dll

+ 2008-12-20 23:55:44 347,136 ----a-w e:\windows\system32\dxtmsft.dll

- 2008-10-16 20:24:09 214,528 ----a-w e:\windows\system32\dxtrans.dll

+ 2008-12-20 23:55:44 214,528 ----a-w e:\windows\system32\dxtrans.dll

- 2008-10-16 20:24:09 132,608 ----a-w e:\windows\system32\extmgr.dll

+ 2008-12-20 23:55:44 132,608 ----a-w e:\windows\system32\extmgr.dll

- 2009-01-22 07:19:57 267,008 ----a-w e:\windows\system32\FNTCACHE.DAT

+ 2009-03-12 00:31:03 269,392 ----a-w e:\windows\system32\FNTCACHE.DAT

+ 2008-04-14 04:41:56 21,504 ----a-w e:\windows\system32\hidserv.dll

- 2008-10-16 20:24:09 63,488 ----a-w e:\windows\system32\icardie.dll

+ 2008-12-20 23:55:45 63,488 ----a-w e:\windows\system32\icardie.dll

- 2008-10-16 12:46:08 70,656 ----a-w e:\windows\system32\ie4uinit.exe

+ 2008-12-19 09:41:51 70,656 ----a-w e:\windows\system32\ie4uinit.exe

- 2008-10-16 20:24:09 153,088 ----a-w e:\windows\system32\ieakeng.dll

+ 2008-12-20 23:55:45 153,088 ----a-w e:\windows\system32\ieakeng.dll

- 2008-10-16 20:24:09 230,400 ----a-w e:\windows\system32\ieaksie.dll

+ 2008-12-20 23:55:45 230,400 ----a-w e:\windows\system32\ieaksie.dll

- 2008-10-15 06:33:26 161,792 ----a-w e:\windows\system32\ieakui.dll

+ 2008-12-19 05:24:02 161,792 ----a-w e:\windows\system32\ieakui.dll

- 2008-10-16 20:24:09 380,928 ----a-w e:\windows\system32\ieapfltr.dll

+ 2008-12-20 23:55:46 380,928 ----a-w e:\windows\system32\ieapfltr.dll

- 2008-10-16 20:24:09 388,608 ----a-w e:\windows\system32\iedkcs32.dll

+ 2008-12-20 23:55:46 388,608 ----a-w e:\windows\system32\iedkcs32.dll

- 2008-10-16 20:24:09 6,068,224 ----a-w e:\windows\system32\ieframe.dll

+ 2008-12-20 23:55:50 6,068,736 ----a-w e:\windows\system32\ieframe.dll

- 2008-10-16 20:24:09 44,544 ----a-w e:\windows\system32\iernonce.dll

+ 2008-12-20 23:55:50 44,544 ----a-w e:\windows\system32\iernonce.dll

- 2008-10-16 20:24:09 267,776 ----a-w e:\windows\system32\iertutil.dll

+ 2008-12-20 23:55:50 267,776 ----a-w e:\windows\system32\iertutil.dll

- 2008-10-16 12:46:08 13,824 ----a-w e:\windows\system32\ieudinit.exe

+ 2008-12-19 09:41:52 13,824 ----a-w e:\windows\system32\ieudinit.exe

- 2008-10-16 20:24:10 27,648 ----a-w e:\windows\system32\jsproxy.dll

+ 2008-12-20 23:55:51 27,648 ----a-w e:\windows\system32\jsproxy.dll

- 2008-04-14 04:41:58 4,096 ----a-w e:\windows\system32\ksuser.dll

+ 2002-12-11 23:14:32 4,096 ----a-w e:\windows\system32\ksuser.dll

+ 2008-12-04 00:03:22 53,248 ----a-w e:\windows\system32\Macromed\Common\SwSupport.dll

+ 2008-10-05 03:16:26 235,936 ----a-r e:\windows\system32\Macromed\Flash\FlashUtil10a.exe

+ 2009-03-03 12:57:23 88,590 ----a-w e:\windows\system32\Macromed\Flash\uninstall_activeX.exe

+ 2008-12-03 23:59:26 581,632 ----a-w e:\windows\system32\Macromed\Shockwave 10\Control.dll

+ 2008-12-03 23:59:30 1,490,944 ----a-w e:\windows\system32\Macromed\Shockwave 10\dirapiX.dll

+ 2008-12-03 23:59:26 24,576 ----a-w e:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll

+ 2008-12-03 23:59:30 606,208 ----a-w e:\windows\system32\Macromed\Shockwave 10\iml32X.dll

+ 2008-12-03 23:59:26 339,968 ----a-w e:\windows\system32\Macromed\Shockwave 10\Plugin.dll

+ 2008-12-03 23:59:26 475,136 ----a-w e:\windows\system32\Macromed\Shockwave 10\PluginPing.dll

+ 2008-12-03 23:59:26 180,224 ----a-w e:\windows\system32\Macromed\Shockwave 10\Proj.dll

+ 2008-12-03 23:59:26 77,824 ----a-w e:\windows\system32\Macromed\Shockwave 10\SwInit.exe

+ 2008-12-03 23:59:26 86,016 ----a-w e:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll

+ 2008-12-03 23:59:26 98,304 ----a-w e:\windows\system32\Macromed\Shockwave 10\SwOnce.dll

- 2009-01-09 16:35:30 20,853,704 ----a-w e:\windows\system32\MRT.exe

+ 2009-02-25 11:55:00 24,768,960 ----a-w e:\windows\system32\MRT.exe

- 2008-10-16 20:24:10 459,264 ----a-w e:\windows\system32\msfeeds.dll

+ 2008-12-20 23:55:51 459,264 ----a-w e:\windows\system32\msfeeds.dll

- 2008-10-16 20:24:10 52,224 ----a-w e:\windows\system32\msfeedsbs.dll

+ 2008-12-20 23:55:51 52,224 ----a-w e:\windows\system32\msfeedsbs.dll

- 2008-12-13 06:26:56 3,594,752 ----a-w e:\windows\system32\mshtml.dll

+ 2009-01-16 16:24:38 3,596,288 ----a-w e:\windows\system32\mshtml.dll

- 2008-10-16 20:24:10 477,696 ----a-w e:\windows\system32\mshtmled.dll

+ 2008-12-20 23:55:56 477,696 ----a-w e:\windows\system32\mshtmled.dll

- 2008-10-16 20:24:10 193,024 ----a-w e:\windows\system32\msrating.dll

+ 2008-12-20 23:55:56 193,024 ----a-w e:\windows\system32\msrating.dll

- 2008-10-16 20:24:10 671,232 ----a-w e:\windows\system32\mstime.dll

+ 2008-12-20 23:55:57 671,232 ----a-w e:\windows\system32\mstime.dll

- 2008-10-16 20:24:10 102,912 ----a-w e:\windows\system32\occache.dll

+ 2008-12-20 23:55:57 102,912 ----a-w e:\windows\system32\occache.dll

- 2009-01-23 12:48:10 69,274 ----a-w e:\windows\system32\perfc009.dat

+ 2009-03-17 06:44:59 69,622 ----a-w e:\windows\system32\perfc009.dat

- 2009-01-23 12:48:10 437,504 ----a-w e:\windows\system32\perfh009.dat

+ 2009-03-17 06:44:59 437,836 ----a-w e:\windows\system32\perfh009.dat

- 2008-10-16 20:24:10 44,544 ----a-w e:\windows\system32\pngfilt.dll

+ 2008-12-20 23:55:57 44,544 ----a-w e:\windows\system32\pngfilt.dll

- 2008-04-14 12:00:00 144,384 ----a-w e:\windows\system32\schannel.dll

+ 2008-12-05 06:54:55 144,896 ----a-w e:\windows\system32\schannel.dll

- 2007-11-30 12:39:22 17,272 ------w e:\windows\system32\spmsg.dll

+ 2007-11-30 11:18:51 17,272 ------w e:\windows\system32\spmsg.dll

- 2007-11-30 11:18:51 26,488 ----a-w e:\windows\system32\spupdsvc.exe

+ 2007-07-27 08:41:38 26,488 ----a-w e:\windows\system32\spupdsvc.exe

- 2008-10-16 20:24:10 105,984 ----a-w e:\windows\system32\url.dll

+ 2008-12-20 23:55:57 105,984 ----a-w e:\windows\system32\url.dll

- 2008-10-16 20:24:11 1,163,264 ----a-w e:\windows\system32\urlmon.dll

+ 2008-12-20 23:55:59 1,163,264 ----a-w e:\windows\system32\urlmon.dll

- 2008-10-16 20:24:11 233,472 ----a-w e:\windows\system32\webcheck.dll

+ 2008-12-20 23:55:59 233,472 ----a-w e:\windows\system32\webcheck.dll

- 2008-03-11 14:42:24 10,834,944 ----a-w e:\windows\system32\wmp.dll

+ 2008-11-11 17:34:42 10,838,016 ----a-w e:\windows\system32\wmp.dll

- 2006-03-31 10:39:48 229,584 ----a-w e:\windows\system32\xactengine2_1.dll

+ 2006-03-31 11:39:48 229,584 ----a-w e:\windows\system32\xactengine2_1.dll

- 2006-05-31 05:24:16 230,168 ----a-w e:\windows\system32\xactengine2_2.dll

+ 2006-05-31 06:24:16 230,168 ----a-w e:\windows\system32\xactengine2_2.dll

- 2006-07-28 07:30:32 236,824 ----a-w e:\windows\system32\xactengine2_3.dll

+ 2006-07-28 08:30:32 236,824 ----a-w e:\windows\system32\xactengine2_3.dll

- 2006-09-28 14:05:56 237,848 ----a-w e:\windows\system32\xactengine2_4.dll

+ 2006-09-28 15:05:56 237,848 ----a-w e:\windows\system32\xactengine2_4.dll

- 2007-04-04 16:55:00 261,480 ----a-w e:\windows\system32\xactengine2_7.dll

+ 2007-04-04 17:55:00 261,480 ----a-w e:\windows\system32\xactengine2_7.dll

- 2006-03-31 10:39:24 62,672 ----a-w e:\windows\system32\xinput1_1.dll

+ 2006-03-31 11:39:24 62,672 ----a-w e:\windows\system32\xinput1_1.dll

- 2006-07-28 07:30:14 62,744 ----a-w e:\windows\system32\xinput1_2.dll

+ 2006-07-28 08:30:14 62,744 ----a-w e:\windows\system32\xinput1_2.dll

- 2007-04-04 16:53:42 81,768 ----a-w e:\windows\system32\xinput1_3.dll

+ 2007-04-04 17:53:42 81,768 ----a-w e:\windows\system32\xinput1_3.dll

+ 2009-03-16 21:14:23 16,384 ----atw e:\windows\Temp\Perflib_Perfdata_118.dat

+ 2006-12-01 21:37:42 516,096 ----a-w e:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcm80.dll

+ 2006-12-01 21:39:00 1,061,376 ----a-w e:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcp80.dll

+ 2006-12-01 21:36:20 796,672 ----a-w e:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcr80.dll

+ 2009-03-13 23:29:20 1,230,336 ----a-w e:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll

+ 2007-12-03 17:58:42 479,232 ----a-w e:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcm80.dll

+ 2007-12-04 01:56:54 558,080 ----a-w e:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcp80.dll

+ 2007-12-04 01:56:56 635,904 ----a-w e:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcr80.dll

+ 2005-09-23 00:35:10 65,536 ----a-w e:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll

+ 2007-11-07 00:19:32 161,784 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll

+ 2007-11-07 00:19:38 1,156,600 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll

+ 2007-11-07 00:19:38 1,162,744 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll

+ 2007-11-06 21:51:08 59,904 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll

+ 2007-11-06 21:51:08 59,904 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll

+ 2007-11-07 00:19:16 41,472 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll

+ 2007-11-07 00:19:16 41,984 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll

+ 2007-11-07 00:19:28 60,928 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll

+ 2007-11-07 00:19:22 54,272 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll

+ 2007-11-07 00:19:22 59,392 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll

+ 2007-11-07 00:19:22 59,392 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll

+ 2007-11-07 00:19:28 60,416 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll

+ 2007-11-07 00:19:28 59,392 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll

+ 2007-11-07 00:19:16 47,104 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll

+ 2007-11-07 00:19:16 46,592 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll

+ 2007-11-07 00:19:22 54,272 ----a-w e:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="e:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

"SandboxieControl"="e:\program files\Sandboxie\SbieCtrl.exe" [2009-01-05 336896]

"msnmsgr"="e:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]

"GrooveMonitor"="e:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"SunJavaUpdateSched"="e:\program files\Java\jre6\bin\jusched.exe" [2009-01-14 136600]

"SoundMAXPnP"="e:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]

"flockbox"="e:\program files\My Lockbox\flockbox.exe" [2007-12-14 1071472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

e:\documents and settings\Fredrik\Start Menu\Programs\Startup\

Bluetooth.lnk - e:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213]

OneNote 2007 Screen Clipper og Launcher.lnk - e:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "e:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-12-22 11:05 356352 e:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.dvacm"= e:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm

[HKLM\~\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]

path=e:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk

backup=e:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

--a------ 2008-06-12 02:38 34672 e:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]

--a------ 2008-11-10 17:35 942080 e:\program files\FileZilla Server\FileZilla Server Interface.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--------- 2008-04-14 05:42 1695232 e:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

--a------ 2009-02-06 18:51 3885408 e:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

--a------ 2008-12-22 11:05 1830128 e:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"e:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=

"e:\\Program Files\\FileZilla Server\\FileZilla Server Interface.exe"=

"e:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"e:\\Program Files\\Messenger\\msmsgs.exe"=

"e:\\Program Files\\AOE2\\AOE2\\age2_x1.exe"=

"e:\\Program Files\\Warcraft III\\Warcraft III.exe"=

"e:\\Program Files\\uTorrent\\uTorrent.exe"=

"e:\\WINDOWS\\system32\\dplaysvr.exe"=

"e:\\Program Files\\UT2004\\System\\UT2004.exe"=

"e:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=

"e:\\Documents and Settings\\Fredrik\\Desktop\\Applikasjoner\\wowclient-downloader.exe"=

"e:\\WINDOWS\\system32\\PnkBstrA.exe"=

"e:\\WINDOWS\\system32\\PnkBstrB.exe"=

"e:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"e:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"e:\\Program Files\\Spotify\\spotify.exe"=

"e:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"e:\\Program Files\\eMule\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"21:TCP"= 21:TCP:Filezilla server

"14147:TCP"= 14147:TCP:Filezilla admin

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 MPRIFL;MPRIFL;e:\windows\system32\drivers\mprifl.sys [2009-01-27 17264]

R1 SASDIFSV;SASDIFSV;e:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]

R1 SASKUTIL;SASKUTIL;e:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]

R2 fssfltr;FssFltr;e:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-24 55152]

R2 SeaPort;SeaPort;e:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]

R3 SbieDrv;SbieDrv;e:\program files\Sandboxie\SbieDrv.sys [2009-01-05 103936]

S2 gupdate1c9a62871d0691a;Googles oppdateringstjeneste (gupdate1c9a62871d0691a);e:\program files\Google\Update\GoogleUpdate.exe [2009-03-16 133104]

S3 fsssvc;Windows Live Family Safety;e:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

S3 HP24X;HP PC Card Smart Card Reader;e:\windows\system32\drivers\HP24X.sys [2007-07-17 35072]

S3 rig3avs;rig3avs;e:\windows\system32\drivers\rig3avs.sys [2009-03-15 25600]

S3 rig3usb;rig3usb;e:\windows\system32\drivers\rig3usb.sys [2009-03-15 185856]

S3 SASENUM;SASENUM;e:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]

\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e0ea5a0-ed16-11dd-bcee-00210002d3b4}]

\Shell\AutoRun\command - G:\LaunchU3.exe -a

.

Contents of the 'Scheduled Tasks' folder

2009-03-16 e:\windows\Tasks\Google Software Updater.job

- e:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-16 12:11]

2009-03-17 e:\windows\Tasks\GoogleUpdateTaskMachine.job

- e:\program files\Google\Update\GoogleUpdate.exe [2009-03-16 12:14]

2009-03-16 e:\windows\Tasks\NeroLiveEpgUpdate-SKOLE-DINGS_Fredrik.job

- e:\program files\Nero\Nero 9\Nero Live\NeroLive.exe []

2009-03-16 e:\windows\Tasks\User_Feed_Synchronization-{3A5965CB-E74C-4B82-AE78-23E30BE0C5F5}.job

- e:\windows\system32\msfeedssync.exe [2007-08-13 17:36]

.

------- Supplementary Scan -------

.

uStart Page = www.tek.no

IE: E&ksporter til Microsoft Excel - e:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - e:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

FF - ProfilePath - e:\documents and settings\Fredrik\Application Data\Mozilla\Firefox\Profiles\69jio7r9.default\

FF - plugin: e:\documents and settings\Fredrik\Application Data\Mozilla\Firefox\Profiles\69jio7r9.default\extensions\[email protected]\plugins\NPYYGInstantPlay.dll

FF - plugin: e:\program files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll

FF - plugin: e:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: e:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: e:\program files\Windows Live\Photo Gallery\NPWLPG.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-17 08:28:59

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(908)

e:\program files\SUPERAntiSpyware\SASWINLO.dll

e:\windows\system32\Ati2evxx.dll

.

Completion time: 2009-03-17 8:30:16

ComboFix-quarantined-files.txt 2009-03-17 07:30:14

ComboFix2.txt 2009-01-26 08:55:44

ComboFix3.txt 2009-01-23 16:26:34

Pre-Run: 70 928 572 416 bytes free

Post-Run: 71,059,652,608 bytes free

668 --- E O F --- 2009-03-16 02:02:14

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:26:53, on 17.03.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.20978)

Boot mode: Normal

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\Ati2evxx.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

E:\WINDOWS\system32\Ati2evxx.exe

E:\WINDOWS\system32\spoolsv.exe

E:\Program Files\Google\Update\GoogleUpdate.exe

E:\Program Files\Java\jre6\bin\jqs.exe

E:\WINDOWS\system32\PnkBstrA.exe

E:\Program Files\Sandboxie\SbieSvc.exe

E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

E:\Program Files\Java\jre6\bin\jusched.exe

E:\Program Files\Analog Devices\Core\smax4pnp.exe

E:\Program Files\My Lockbox\flockbox.exe

E:\WINDOWS\system32\ctfmon.exe

E:\Program Files\DAEMON Tools Lite\daemon.exe

E:\Program Files\Sandboxie\SbieCtrl.exe

E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

E:\Program Files\Last.fm\LastFM.exe

E:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

E:\WINDOWS\system32\svchost.exe

E:\Program Files\Spotify\spotify.exe

E:\WINDOWS\system32\notepad.exe

E:\WINDOWS\explorer.exe

E:\Program Files\Mozilla Firefox\firefox.exe

E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.tek.no

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [startCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [flockbox] E:\Program Files\My Lockbox\flockbox.exe /a

O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [sandboxieControl] "E:\Program Files\Sandboxie\SbieCtrl.exe"

O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Bluetooth.lnk = ?

O4 - Startup: OneNote 2007 Screen Clipper og Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Send to &Bluetooth Device... - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O13 - Gopher Prefix:

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: !SASWinLogon - E:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - E:\Program Files\FileZilla Server\FileZilla Server.exe

O23 - Service: Googles oppdateringstjeneste (gupdate1c9a62871d0691a) (gupdate1c9a62871d0691a) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Sandboxie Service (SbieSvc) - tzuk - E:\Program Files\Sandboxie\SbieSvc.exe

--

End of file - 7796 bytes

MBAM fant ingenting.

norbat · 17. mars 2009

Er det bare din pc som er treg på internett (hvis det er flere pc'n tilkoblet nettverket ditt)?

Har du installert noe rundt tidpunktet da det ble tregt?

Logg inn

Tregt internett (combofix, HJT)

Anbefalte innlegg

Gavekort

Lenke til kommentar

Videoannonse

norbat

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Populær nå

Overrasket? Nei, det er FrP på gang igjen 1 2 3 4 9

Hvem er aktive 0 medlemmer