Login | Live Chat & Podcast at 1:00PM Eastern on Sunday! |
 Search | |
| |
| Thread Tools |
20-Oct-2009, 10:12 PM
#1 | ||||||
| Internet Explorer, Firefox will not load plus BSOD All, Thanks for your help on this issue in advance. I know that my computer is infected with malware but it's been a while since I've done battle and these buggers have become more difficult to remove in the interim - figure I would get some help this time from the Pros. I currently cannot start either IE, Firefox, or Google Chrome. IE will not load and double clicking on the app results in a BSOD with a STOP: 0x0000008E exception code. Firefox starts and then crashes immediately. Chrome will start but will not load any pages whatsoever. Only Netscape works at the moment. Adaware scan is clean. Spybot S&D found a number of bugs including: Zlob.Downloader, Dropper.Mondo, Torpig, Win32.Agent.pz, and Win32.Bredolab.B. My HijackThis log is as follows: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:04:51 PM, on 10/20/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\basfipm.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Hewlett-Packard\HP Media Vault 2100\HPMVTray.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\System32\1XConfig.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PicoZip\PicoZipTray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\DvzCommon\DvzMsgr.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\Netscape\Netscape\Netscp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - {EEA590B3-0976-7A81-25F5-0545707825B0} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C:\Documents and Settings\HANK CHEN\Application Data\Mozilla\Profiles\default\7r22e9xl.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src "); (C:\Documents and Settings\HANK CHEN\Application Data\Mozilla\Profiles\default\7r22e9xl.slt\prefs.js) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2501dc7e-f8e8-6c15-ac49-4e0d689e4e18} - C:\WINDOWS\oxeyopogicab.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll O2 - BHO: (no name) - {EEA590B3-0976-7A81-25F5-0545707825B0} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [bascstray] BascsTray.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [TempRemove] "C:\Program Files\Crystal Ball\CB Predictor\terminator.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HPMVTray] "C:\Program Files\Hewlett-Packard\HP Media Vault 2100\HPMVTray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Cduboqoyejami] rundll32.exe "C:\WINDOWS\oxeyopogicab.dll",e O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PicoZip] C:\Program Files\PicoZip\PicoZipTray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: VPN Client.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [java_sun] Java (Sun) O16 - DPF: {41D2C0E9-DA08-4B73-B899-656371EAE058} (PhotoLdr Control) - http://hpmediavault/Webshare/ActivexDLL/PhotoLdr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D}: NameServer = 203.252.32.4,200.255.255.65 O17 - HKLM\System\CS1\Services\Tcpip\..\{1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D}: NameServer = 203.252.32.4,200.255.255.65 O17 - HKLM\System\CS3\Services\Tcpip\..\{1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D}: NameServer = 203.252.32.4,200.255.255.65 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: bersk.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: kbdbr.exe - Unknown owner - C:\WINDOWS\system32\kbdbr.exe (file missing) O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 10859 bytes Appreciate any help you guys can lend to my issue! |
| |
23-Oct-2009, 01:31 PM
#2 | ||||||
| Welcome to TSG  Download Combofix from this webpage: http://www.bleepingcomputer.com/comb...o-use-combofix **Note: It is important that it is saved directly to your desktop** -------------------------------------------------------------------- 1. Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. -------------------------------------------------------------------- Double click on combofix.exe & follow the prompts.
Do not mouseclick combofix's window while it's running. That may cause it to stall
__________________ Microsoft Valuable Professional Consumer--Security 2007-2010 Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here |
23-Oct-2009, 10:42 PM
#3 | ||||||
| Update from running Combofix Thanks for your help! Here's the result of the Combofix run: ComboFix 09-10-22.01 - Hank Chen 10/23/2009 21:16.2.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.178 [GMT -4:00] Running from: c:\documents and settings\Hank Chen\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Internet Explorer\rasadhlp.dll c:\program files\Internet Explorer\setupapi.dll c:\program files\Mozilla Firefox\rasadhlp.dll c:\program files\Mozilla Firefox\setupapi.dll c:\windows\imasilarefozuzi.dll c:\windows\oxeyopogicab.dll c:\windows\SPT320.dll c:\windows\system32\1.tmp c:\windows\system32\3.tmp c:\windows\system32\4.tmp c:\windows\system32\5.tmp c:\windows\system32\6.tmp c:\windows\system32\7.tmp c:\windows\system32\8.tmp c:\windows\system32\9.tmp c:\windows\system32\A.tmp c:\windows\system32\B.tmp c:\windows\system32\C.tmp c:\windows\system32\D.tmp c:\windows\system32\digiwet.dll c:\windows\system32\drivers\9d277716.sys c:\windows\system32\drivers\fad.sys c:\windows\system32\dumphive.exe c:\windows\system32\E.tmp c:\windows\system32\lowsec c:\windows\system32\lowsec\local.ds c:\windows\system32\lowsec\user.ds c:\windows\system32\paradise.dll c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MSASVC -------\Service_MsaSvc -------\Service_9d277716 ((((((((((((((((((((((((( Files Created from 2009-09-24 to 2009-10-24 ))))))))))))))))))))))))))))))) . 2009-10-23 19:38 . 2009-10-23 19:38 1735 ----a-w- c:\windows\aducosuw.dll 2009-10-23 12:35 . 2009-10-23 12:35 1735 ----a-w- c:\windows\ocepojuyiboxavow.dll 2009-10-22 23:22 . 2009-10-22 23:22 1735 ----a-w- c:\windows\itatanekule.dll 2009-10-22 19:36 . 2009-10-22 19:36 1735 ----a-w- c:\windows\ocelahet.dll 2009-10-22 01:19 . 2009-10-22 01:19 1735 ----a-w- c:\windows\eyejeroy.dll 2009-10-21 22:56 . 2009-10-21 22:56 1735 ----a-w- c:\windows\ahapahogevo.dll 2009-10-21 19:17 . 2009-10-21 19:17 1735 ----a-w- c:\windows\oxetafuzacan.dll 2009-10-21 18:11 . 2009-10-21 18:11 1735 ----a-w- c:\windows\esetofok.dll 2009-10-21 17:05 . 2009-10-21 17:05 1735 ----a-w- c:\windows\usiporereweril.dll 2009-10-21 13:47 . 2009-10-21 13:47 1735 ----a-w- c:\windows\usofiyupadewiyo.dll 2009-10-21 12:23 . 2009-10-21 12:23 1735 ----a-w- c:\windows\agitejig.dll 2009-10-21 11:17 . 2009-10-21 11:17 1735 ----a-w- c:\windows\ijaducen.dll 2009-10-21 10:11 . 2009-10-21 10:11 1735 ----a-w- c:\windows\osegatagacuticab.dll 2009-10-21 09:05 . 2009-10-21 09:05 1735 ----a-w- c:\windows\ufizifowasi.dll 2009-10-21 07:59 . 2009-10-21 07:59 1735 ----a-w- c:\windows\ileyozew.dll 2009-10-21 06:53 . 2009-10-21 06:53 1735 ----a-w- c:\windows\ofawubixax.dll 2009-10-21 05:47 . 2009-10-21 05:47 1735 ----a-w- c:\windows\enuyotevokomas.dll 2009-10-21 04:41 . 2009-10-21 04:41 1735 ----a-w- c:\windows\enolowunika.dll 2009-10-21 03:35 . 2009-10-21 03:35 1735 ----a-w- c:\windows\urukeyoj.dll 2009-10-21 02:29 . 2009-10-21 02:29 1735 ----a-w- c:\windows\isosohah.dll 2009-10-21 01:23 . 2009-10-21 01:23 1735 ----a-w- c:\windows\owulofose.dll 2009-10-21 01:03 . 2009-10-21 01:03 -------- d-----w- c:\program files\Trend Micro 2009-10-21 00:18 . 2009-10-21 00:18 1735 ----a-w- c:\windows\eqidilawetidalu.dll 2009-10-21 00:16 . 2009-10-21 00:17 -------- d-----w- c:\documents and settings\Hank Chen\Local Settings\Application Data\Temp 2009-10-20 23:40 . 2009-10-20 23:40 1735 ----a-w- c:\windows\Hwexohofa.dat 2009-10-20 22:42 . 2009-10-20 22:42 1735 ----a-w- c:\windows\isisapamot.dll 2009-10-20 12:26 . 2009-10-20 12:26 1735 ----a-w- c:\windows\olasijeg.dll 2009-10-20 12:17 . 2009-10-20 12:17 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-10-20 11:34 . 2009-10-20 11:34 1735 ----a-w- c:\windows\akugucoboj.dll 2009-10-20 10:28 . 2009-10-20 10:28 1735 ----a-w- c:\windows\enozesesu.dll 2009-10-20 09:22 . 2009-10-20 09:22 1735 ----a-w- c:\windows\amuyeval.dll 2009-10-20 08:16 . 2009-10-20 08:16 1735 ----a-w- c:\windows\aderaqil.dll 2009-10-20 07:10 . 2009-10-20 07:10 1735 ----a-w- c:\windows\ovayiyukejub.dll 2009-10-20 06:04 . 2009-10-20 06:04 1735 ----a-w- c:\windows\exoxitoke.dll 2009-10-20 04:58 . 2009-10-20 04:58 1735 ----a-w- c:\windows\orikuyepebeham.dll 2009-10-20 03:52 . 2009-10-20 03:52 1735 ----a-w- c:\windows\ewefatah.dll 2009-10-20 02:46 . 2009-10-20 02:46 1735 ----a-w- c:\windows\awuvuniw.dll 2009-10-20 01:40 . 2009-10-20 01:40 1735 ----a-w- c:\windows\utanulam.dll 2009-10-20 00:34 . 2009-10-20 00:34 1735 ----a-w- c:\windows\ebejazeti.dll 2009-10-19 16:47 . 2009-10-19 16:47 1735 ----a-w- c:\windows\ozigoxutuxunaka.dll 2009-10-19 13:17 . 2009-10-19 13:17 1735 ----a-w- c:\windows\eduniyanu.dll 2009-10-19 00:03 . 2009-10-19 00:03 1735 ----a-w- c:\windows\ugubecidu.dll 2009-10-17 19:21 . 2009-10-17 19:21 3121 ----a-w- c:\windows\ilelapeya.dll 2009-10-17 17:07 . 2009-10-17 17:07 3121 ----a-w- c:\windows\ocadipotafapi.dll 2009-10-16 12:16 . 2009-10-16 12:16 3121 ----a-w- c:\windows\ovabuyud.dll 2009-10-16 01:10 . 2009-10-16 01:10 3121 ----a-w- c:\windows\owegobey.dll 2009-10-16 00:04 . 2009-10-16 00:04 3121 ----a-w- c:\windows\ijohajilesoqaxa.dll 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2009-10-15 23:26 . 2009-10-15 23:26 3121 ----a-w- c:\windows\axusebebebagu.dll 2009-10-15 16:07 . 2009-10-15 16:07 3121 ----a-w- c:\windows\ifirulipiz.dll 2009-10-15 11:56 . 2009-10-15 11:56 3121 ----a-w- c:\windows\ofulijefedawev.dll 2009-10-14 17:10 . 2009-10-14 17:10 3121 ----a-w- c:\windows\icemutivo.dll 2009-10-14 12:27 . 2009-10-14 12:27 3121 ----a-w- c:\windows\utoxipabusaxupe.dll 2009-10-14 00:24 . 2009-10-14 00:24 3121 ----a-w- c:\windows\ovilamut.dll 2009-10-13 22:34 . 2009-10-13 22:34 3121 ----a-w- c:\windows\opuxatesuxid.dll 2009-10-13 19:50 . 2009-10-13 19:50 3121 ----a-w- c:\windows\isiyozoxujesazu.dll 2009-10-13 15:02 . 2009-10-13 15:02 3121 ----a-w- c:\windows\ihojecuxiqivoq.dll 2009-10-13 12:04 . 2009-10-13 12:04 3121 ----a-w- c:\windows\icohikilugo.dll 2009-10-13 00:40 . 2009-10-13 00:40 3121 ----a-w- c:\windows\ofetehihehate.dll 2009-10-12 18:15 . 2009-10-12 18:15 3121 ----a-w- c:\windows\uvaxecug.dll 2009-10-12 15:55 . 2009-10-12 15:55 3121 ----a-w- c:\windows\akexafesujo.dll 2009-10-12 11:28 . 2009-10-12 11:28 3121 ----a-w- c:\windows\ohozuteroyow.dll 2009-10-12 00:52 . 2009-10-12 00:52 3121 ----a-w- c:\windows\azubexob.dll 2009-10-11 23:46 . 2009-10-11 23:46 3121 ----a-w- c:\windows\upifepov.dll 2009-10-10 11:58 . 2009-10-10 11:58 3121 ----a-w- c:\windows\ucejifoha.dll 2009-10-10 00:46 . 2009-10-10 00:46 3121 ----a-w- c:\windows\emaxoret.dll 2009-10-09 21:01 . 2009-10-09 21:01 3121 ----a-w- c:\windows\amojacuq.dll 2009-10-09 19:34 . 2009-10-09 19:34 3121 ----a-w- c:\windows\oluroviqohuwu.dll 2009-09-28 11:28 . 2009-09-28 11:28 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-09-28 11:28 . 2009-09-28 11:28 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-09-28 11:28 . 2009-09-28 11:28 -------- d-sh--w- c:\documents and settings\Hank Chen\IETldCache 2009-09-27 21:07 . 2009-09-27 21:11 -------- dc-h--w- c:\windows\ie8 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-24 01:21 . 2005-04-29 04:07 -------- d-----w- c:\documents and settings\Hank Chen\Application Data\Skype 2009-10-21 00:28 . 2004-07-27 00:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-16 01:41 . 2004-07-20 02:54 -------- d-----w- c:\program files\Java 2009-10-16 00:31 . 2004-07-28 15:56 -------- d-----w- c:\program files\Google 2009-10-15 23:58 . 2004-07-27 00:06 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-08-28 13:18 . 2009-08-28 13:18 175616 --s-a-w- c:\windows\system32\drivers\xwoarh.sys 2008-09-05 15:49 . 2005-05-09 13:34 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PicoZip"="c:\program files\PicoZip\PicoZipTray.exe" [2004-07-05 449536] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-12-12 25343016] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] "Google Update"="c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-21 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint\Apoint.exe" [2004-02-02 155648] "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2004-03-05 487424] "DVDSentry"="c:\windows\System32\DSentry.exe" [2002-07-17 28672] "AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032] "PRONoMgr.exe"="c:\program files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2003-12-19 86016] "TempRemove"="c:\program files\Crystal Ball\CB Predictor\terminator.exe" [2003-11-06 7680] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-12-13 180269] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2005-12-20 278528] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-05 29744] "HPMVTray"="c:\program files\Hewlett-Packard\HP Media Vault 2100\HPMVTray.exe" [2008-01-24 374064] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] c:\documents and settings\Hank Chen\Start Menu\Programs\Startup\ HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-10-14 299008] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696] Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-7-1 24576] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2004-7-19 24576] VPN Client.lnk - c:\windows\Installer\{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}\Icon3E5562ED7.ico [2004-9-10 6144] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] 2004-01-13 19:17 110592 ----a-w- c:\windows\SYSTEM32\LgNotify.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Money 2006\\MNYCoreFiles\\msmoney.exe"= "c:\\Program Files\\Palm\\HOTSYNC.EXE"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASDriveMapper.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASCfg.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\HPMVTray.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASSelector.exe"= "c:\\Program Files\\NewTech Infosystems\\NTI Shadow 3\\shadow.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\DoTask.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 GTICARD;GTICARD;c:\windows\SYSTEM32\DRIVERS\gticard.sys [2/14/2003 4:03 PM 59328] S2 kbdbr.exe;kbdbr.exe;c:\windows\system32\kbdbr.exe --> c:\windows\system32\kbdbr.exe [?] S2 xwoarh;xwoarh;c:\windows\SYSTEM32\DRIVERS\xwoarh.sys [8/28/2009 9:18 AM 175616] S3 {E2B953A7-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-B;c:\windows\SYSTEM32\DRIVERS\wa301b.sys [1/1/1980 1:00 AM 33847] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11/3/2004 3:12 PM 29744] . Contents of the 'Scheduled Tasks' folder 2009-10-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1868879660-976857361-759642186-1005Core.job - c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-21 00:16] 2009-10-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1868879660-976857361-759642186-1005UA.job - c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-21 00:16] . . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D} = 203.252.32.4,200.255.255.65 DPF: {41D2C0E9-DA08-4B73-B899-656371EAE058} - hxxp://hpmediavault/Webshare/ActivexDLL/PhotoLdr.cab FF - ProfilePath - c:\documents and settings\Hank Chen\Application Data\Mozilla\Firefox\Profiles\cjqlaqna.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\Hank Chen\Application Data\Mozilla\Firefox\Profiles\cjqlaqna.default\extensions\firefox@tvunetwor ks.com\plugins\npTVUAx.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPUploader.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - HiddenExtension: XUL Cache: {E7E29EF7-AA72-4B0C-AFF9-4B3BC55673C5} - c:\documents and settings\Hank Chen\Local Settings\Application Data\{E7E29EF7-AA72-4B0C-AFF9-4B3BC55673C5} FF - HiddenExtension: XUL Cache: {21E7E408-EE4B-4372-B8DB-9F8905EDC627} - c:\documents and settings\Fay Chen\Local Settings\Application Data\{21E7E408-EE4B-4372-B8DB-9F8905EDC627}\ ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. - - - - ORPHANS REMOVED - - - - URLSearchHooks-{EEA590B3-0976-7A81-25F5-0545707825B0} - (no file) BHO-{2501dc7e-f8e8-6c15-ac49-4e0d689e4e18} - c:\windows\oxeyopogicab.dll BHO-{EEA590B3-0976-7A81-25F5-0545707825B0} - (no file) HKLM-Run-Cduboqoyejami - c:\windows\oxeyopogicab.dll HKLM-Run-bascstray - BascsTray.exe SafeBoot-xwoarh ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-23 21:27 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00, 79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00, \ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1260) c:\windows\System32\LgNotify.dll - - - - - - - > 'explorer.exe'(1840) c:\windows\system32\ieframe.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\S24EvMon.exe c:\windows\System32\SCardSvr.exe c:\windows\system32\ZCfgSvc.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\windows\System32\basfipm.exe c:\program files\Cisco Systems\VPN Client\cvpnd.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe c:\windows\system32\HPZipm12.exe c:\windows\System32\RegSrvc.exe c:\windows\system32\wdfmgr.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\wscntfy.exe c:\windows\System32\1XConfig.exe c:\combofix\CF10573.exe c:\windows\system32\igfxsrvc.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Apoint\Apntex.exe c:\program files\Skype\Plugin Manager\SkypePM.exe c:\combofix\PEV.cfxxe . ************************************************************************** . Completion time: 2009-10-24 21:33 - machine was rebooted ComboFix-quarantined-files.txt 2009-10-24 01:33 ComboFix2.txt 2007-04-29 05:35 Pre-Run: 667,586,560 bytes free Post-Run: 583,639,040 bytes free - - End Of File - - 7F488D41793EE2F5F7342888CDC5DF80 Here's the new Hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:36:51 PM, on 10/23/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\basfipm.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\1XConfig.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Hewlett-Packard\HP Media Vault 2100\HPMVTray.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\WINDOWS\explorer.exe C:\Program Files\Netscape\Netscape\Netscp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C:\Documents and Settings\HANK CHEN\Application Data\Mozilla\Profiles\default\7r22e9xl.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src "); (C:\Documents and Settings\HANK CHEN\Application Data\Mozilla\Profiles\default\7r22e9xl.slt\prefs.js) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [TempRemove] "C:\Program Files\Crystal Ball\CB Predictor\terminator.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [HPMVTray] "C:\Program Files\Hewlett-Packard\HP Media Vault 2100\HPMVTray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [PicoZip] C:\Program Files\PicoZip\PicoZipTray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: VPN Client.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [java_sun] Java (Sun) O16 - DPF: {41D2C0E9-DA08-4B73-B899-656371EAE058} (PhotoLdr Control) - http://hpmediavault/Webshare/ActivexDLL/PhotoLdr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D}: NameServer = 203.252.32.4,200.255.255.65 O17 - HKLM\System\CS1\Services\Tcpip\..\{1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D}: NameServer = 203.252.32.4,200.255.255.65 O17 - HKLM\System\CS3\Services\Tcpip\..\{1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D}: NameServer = 203.252.32.4,200.255.255.65 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: kbdbr.exe - Unknown owner - C:\WINDOWS\system32\kbdbr.exe (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 9781 bytes |
23-Oct-2009, 11:23 PM
#4 | ||||||
| Please make sure you connected to the internet because ComboFix will be uploading a file. 1. Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. 3. Open notepad and copy/paste the text in the quotebox below into it: Code: http://forums.techguy.org/malware-removal-hijackthis-logs/870264-internet-explorer-firefox-will-not.html#post6995080 Collect::[70] c:\windows\aducosuw.dll c:\windows\ocepojuyiboxavow.dll c:\windows\itatanekule.dll c:\windows\ocelahet.dll c:\windows\eyejeroy.dll c:\windows\ahapahogevo.dll c:\windows\oxetafuzacan.dll c:\windows\esetofok.dll c:\windows\usiporereweril.dll c:\windows\usofiyupadewiyo.dll c:\windows\agitejig.dll c:\windows\ijaducen.dll c:\windows\osegatagacuticab.dll c:\windows\ufizifowasi.dll c:\windows\ileyozew.dll c:\windows\ofawubixax.dll c:\windows\enuyotevokomas.dll c:\windows\enolowunika.dll c:\windows\urukeyoj.dll c:\windows\isosohah.dll c:\windows\owulofose.dll c:\windows\eqidilawetidalu.dll c:\windows\Hwexohofa.dat c:\windows\isisapamot.dll c:\windows\olasijeg.dll c:\windows\akugucoboj.dll c:\windows\enozesesu.dll c:\windows\amuyeval.dll c:\windows\aderaqil.dll c:\windows\ovayiyukejub.dll c:\windows\exoxitoke.dll c:\windows\orikuyepebeham.dll c:\windows\ewefatah.dll c:\windows\awuvuniw.dll c:\windows\utanulam.dll c:\windows\ebejazeti.dll c:\windows\ozigoxutuxunaka.dll c:\windows\eduniyanu.dll c:\windows\ugubecidu.dll c:\windows\ilelapeya.dll c:\windows\ocadipotafapi.dll c:\windows\ovabuyud.dll c:\windows\owegobey.dll c:\windows\ijohajilesoqaxa.dll c:\windows\axusebebebagu.dll c:\windows\ifirulipiz.dll c:\windows\ofulijefedawev.dll c:\windows\icemutivo.dll c:\windows\utoxipabusaxupe.dll c:\windows\ovilamut.dll c:\windows\opuxatesuxid.dll c:\windows\isiyozoxujesazu.dll c:\windows\ihojecuxiqivoq.dll c:\windows\icohikilugo.dll c:\windows\ofetehihehate.dll c:\windows\ofetehihehate.dll c:\windows\akexafesujo.dll c:\windows\ohozuteroyow.dll c:\windows\azubexob.dll c:\windows\upifepov.dll c:\windows\upifepov.dll c:\windows\emaxoret.dll c:\windows\amojacuq.dll c:\windows\oluroviqohuwu.dll c:\windows\system32\kbdbr.exe c:\windows\SYSTEM32\DRIVERS\xwoarh.sys Driver:: xwoarh kbdbr.exe  Refering to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. You receive a message that a file was submitted successfully
__________________ Microsoft Valuable Professional Consumer--Security 2007-2010 Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here |
24-Oct-2009, 10:53 PM
#5 | ||||||
| Done! The ComboFix.txt log is below. I forgot to mention two additional pieces of information: 1. Each time I ran ComboFix, I initially experienced a BSOD. Upon re-running, everything progressed smoothly 2. After the first ComboFix run, I already noted some improvements - Firefox began working again, but IE was still going to BSOD upon startup. Here's the log: ComboFix 09-10-24.01 - Hank Chen 10/24/2009 21:24.3.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.232 [GMT -4:00] Running from: c:\documents and settings\Hank Chen\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Hank Chen\Desktop\CFScript.txt file zipped: c:\windows\aderaqil.dll file zipped: c:\windows\aducosuw.dll file zipped: c:\windows\agitejig.dll file zipped: c:\windows\ahapahogevo.dll file zipped: c:\windows\akexafesujo.dll file zipped: c:\windows\akugucoboj.dll file zipped: c:\windows\amojacuq.dll file zipped: c:\windows\amuyeval.dll file zipped: c:\windows\awuvuniw.dll file zipped: c:\windows\axusebebebagu.dll file zipped: c:\windows\azubexob.dll file zipped: c:\windows\ebejazeti.dll file zipped: c:\windows\eduniyanu.dll file zipped: c:\windows\emaxoret.dll file zipped: c:\windows\enolowunika.dll file zipped: c:\windows\enozesesu.dll file zipped: c:\windows\enuyotevokomas.dll file zipped: c:\windows\eqidilawetidalu.dll file zipped: c:\windows\esetofok.dll file zipped: c:\windows\ewefatah.dll file zipped: c:\windows\exoxitoke.dll file zipped: c:\windows\eyejeroy.dll file zipped: c:\windows\Hwexohofa.dat file zipped: c:\windows\icemutivo.dll file zipped: c:\windows\icohikilugo.dll file zipped: c:\windows\ifirulipiz.dll file zipped: c:\windows\ihojecuxiqivoq.dll file zipped: c:\windows\ijaducen.dll file zipped: c:\windows\ijohajilesoqaxa.dll file zipped: c:\windows\ilelapeya.dll file zipped: c:\windows\ileyozew.dll file zipped: c:\windows\isisapamot.dll file zipped: c:\windows\isiyozoxujesazu.dll file zipped: c:\windows\isosohah.dll file zipped: c:\windows\itatanekule.dll file zipped: c:\windows\ocadipotafapi.dll file zipped: c:\windows\ocelahet.dll file zipped: c:\windows\ocepojuyiboxavow.dll file zipped: c:\windows\ofawubixax.dll file zipped: c:\windows\ofetehihehate.dll file zipped: c:\windows\ofulijefedawev.dll file zipped: c:\windows\ohozuteroyow.dll file zipped: c:\windows\olasijeg.dll file zipped: c:\windows\oluroviqohuwu.dll file zipped: c:\windows\opuxatesuxid.dll file zipped: c:\windows\orikuyepebeham.dll file zipped: c:\windows\osegatagacuticab.dll file zipped: c:\windows\ovabuyud.dll file zipped: c:\windows\ovayiyukejub.dll file zipped: c:\windows\ovilamut.dll file zipped: c:\windows\owegobey.dll file zipped: c:\windows\owulofose.dll file zipped: c:\windows\oxetafuzacan.dll file zipped: c:\windows\ozigoxutuxunaka.dll file zipped: c:\windows\SYSTEM32\DRIVERS\xwoarh.sys file zipped: c:\windows\ufizifowasi.dll file zipped: c:\windows\ugubecidu.dll file zipped: c:\windows\upifepov.dll file zipped: c:\windows\urukeyoj.dll file zipped: c:\windows\usiporereweril.dll file zipped: c:\windows\usofiyupadewiyo.dll file zipped: c:\windows\utanulam.dll file zipped: c:\windows\utoxipabusaxupe.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\aderaqil.dll c:\windows\aducosuw.dll c:\windows\agitejig.dll c:\windows\ahapahogevo.dll c:\windows\akexafesujo.dll c:\windows\akugucoboj.dll c:\windows\amojacuq.dll c:\windows\amuyeval.dll c:\windows\awuvuniw.dll c:\windows\axusebebebagu.dll c:\windows\azubexob.dll c:\windows\ebejazeti.dll c:\windows\eduniyanu.dll c:\windows\emaxoret.dll c:\windows\enolowunika.dll c:\windows\enozesesu.dll c:\windows\enuyotevokomas.dll c:\windows\eqidilawetidalu.dll c:\windows\esetofok.dll c:\windows\ewefatah.dll c:\windows\exoxitoke.dll c:\windows\eyejeroy.dll c:\windows\Hwexohofa.dat c:\windows\icemutivo.dll c:\windows\icohikilugo.dll c:\windows\ifirulipiz.dll c:\windows\ihojecuxiqivoq.dll c:\windows\ijaducen.dll c:\windows\ijohajilesoqaxa.dll c:\windows\ilelapeya.dll c:\windows\ileyozew.dll c:\windows\isisapamot.dll c:\windows\isiyozoxujesazu.dll c:\windows\isosohah.dll c:\windows\itatanekule.dll c:\windows\ocadipotafapi.dll c:\windows\ocelahet.dll c:\windows\ocepojuyiboxavow.dll c:\windows\ofawubixax.dll c:\windows\ofetehihehate.dll c:\windows\ofulijefedawev.dll c:\windows\ohozuteroyow.dll c:\windows\olasijeg.dll c:\windows\oluroviqohuwu.dll c:\windows\opuxatesuxid.dll c:\windows\orikuyepebeham.dll c:\windows\osegatagacuticab.dll c:\windows\ovabuyud.dll c:\windows\ovayiyukejub.dll c:\windows\ovilamut.dll c:\windows\owegobey.dll c:\windows\owulofose.dll c:\windows\oxetafuzacan.dll c:\windows\ozigoxutuxunaka.dll c:\windows\SYSTEM32\DRIVERS\xwoarh.sys c:\windows\ufizifowasi.dll c:\windows\ugubecidu.dll c:\windows\upifepov.dll c:\windows\urukeyoj.dll c:\windows\usiporereweril.dll c:\windows\usofiyupadewiyo.dll c:\windows\utanulam.dll c:\windows\utoxipabusaxupe.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_KBDBR.EXE -------\Legacy_xwoarh -------\Service_kbdbr.exe -------\Service_xwoarh ((((((((((((((((((((((((( Files Created from 2009-09-25 to 2009-10-25 ))))))))))))))))))))))))))))))) . 2009-10-21 01:03 . 2009-10-21 01:03 -------- d-----w- c:\program files\Trend Micro 2009-10-21 00:16 . 2009-10-21 00:17 -------- d-----w- c:\documents and settings\Hank Chen\Local Settings\Application Data\Temp 2009-10-20 12:17 . 2009-10-20 12:17 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2009-10-12 18:15 . 2009-10-12 18:15 3121 ----a-w- c:\windows\uvaxecug.dll 2009-10-10 11:58 . 2009-10-10 11:58 3121 ----a-w- c:\windows\ucejifoha.dll 2009-09-28 11:28 . 2009-09-28 11:28 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-09-28 11:28 . 2009-09-28 11:28 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-09-28 11:28 . 2009-09-28 11:28 -------- d-sh--w- c:\documents and settings\Hank Chen\IETldCache 2009-09-27 21:07 . 2009-09-27 21:11 -------- dc-h--w- c:\windows\ie8 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-25 01:30 . 2005-04-29 04:07 -------- d-----w- c:\documents and settings\Hank Chen\Application Data\Skype 2009-10-21 00:28 . 2004-07-27 00:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-16 01:41 . 2004-07-20 02:54 -------- d-----w- c:\program files\Java 2009-10-16 00:31 . 2004-07-28 15:56 -------- d-----w- c:\program files\Google 2009-10-15 23:58 . 2004-07-27 00:06 -------- d-----w- c:\program files\Spybot - Search & Destroy 2008-09-05 15:49 . 2005-05-09 13:34 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-24_01.27.54 ))))))))))))))))))))))))))))))))))))))))) . + 2009-10-25 01:35 . 2009-10-25 01:35 16384 c:\windows\Temp\Perflib_Perfdata_418.dat + 2009-10-25 01:35 . 2009-10-25 01:35 16384 c:\windows\Temp\Perflib_Perfdata_3f8.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PicoZip"="c:\program files\PicoZip\PicoZipTray.exe" [2004-07-05 449536] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-12-12 25343016] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] "Google Update"="c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-21 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint\Apoint.exe" [2004-02-02 155648] "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2004-03-05 487424] "DVDSentry"="c:\windows\System32\DSentry.exe" [2002-07-17 28672] "AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032] "PRONoMgr.exe"="c:\program files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2003-12-19 86016] "TempRemove"="c:\program files\Crystal Ball\CB Predictor\terminator.exe" [2003-11-06 7680] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-12-13 180269] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2005-12-20 278528] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-05 29744] "HPMVTray"="c:\program files\Hewlett-Packard\HP Media Vault 2100\HPMVTray.exe" [2008-01-24 374064] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "Cduboqoyejami"="c:\windows\oxeyopogicab.dll" [BU] c:\documents and settings\Hank Chen\Start Menu\Programs\Startup\ HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-10-14 299008] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696] Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-7-1 24576] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2004-7-19 24576] VPN Client.lnk - c:\windows\Installer\{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}\Icon3E5562ED7.ico [2004-9-10 6144] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] 2004-01-13 19:17 110592 ----a-w- c:\windows\SYSTEM32\LgNotify.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Money 2006\\MNYCoreFiles\\msmoney.exe"= "c:\\Program Files\\Palm\\HOTSYNC.EXE"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASDriveMapper.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASCfg.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\HPMVTray.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASSelector.exe"= "c:\\Program Files\\NewTech Infosystems\\NTI Shadow 3\\shadow.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\DoTask.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 GTICARD;GTICARD;c:\windows\SYSTEM32\DRIVERS\gticard.sys [2/14/2003 4:03 PM 59328] S3 {E2B953A7-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-B;c:\windows\SYSTEM32\DRIVERS\wa301b.sys [1/1/1980 1:00 AM 33847] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11/3/2004 3:12 PM 29744] . Contents of the 'Scheduled Tasks' folder 2009-10-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1868879660-976857361-759642186-1005Core.job - c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-21 00:16] 2009-10-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1868879660-976857361-759642186-1005UA.job - c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-21 00:16] . . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D} = 203.252.32.4,200.255.255.65 DPF: {41D2C0E9-DA08-4B73-B899-656371EAE058} - hxxp://hpmediavault/Webshare/ActivexDLL/PhotoLdr.cab FF - ProfilePath - c:\documents and settings\Hank Chen\Application Data\Mozilla\Firefox\Profiles\cjqlaqna.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPUploader.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - HiddenExtension: XUL Cache: {E7E29EF7-AA72-4B0C-AFF9-4B3BC55673C5} - c:\documents and settings\Hank Chen\Local Settings\Application Data\{E7E29EF7-AA72-4B0C-AFF9-4B3BC55673C5} FF - HiddenExtension: XUL Cache: {21E7E408-EE4B-4372-B8DB-9F8905EDC627} - c:\documents and settings\Fay Chen\Local Settings\Application Data\{21E7E408-EE4B-4372-B8DB-9F8905EDC627}\ ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. - - - - ORPHANS REMOVED - - - - BHO-{EEA590B3-0976-7A81-25F5-0545707825B0} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-24 21:35 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00, 79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00, \ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1260) c:\windows\System32\LgNotify.dll - - - - - - - > 'explorer.exe'(2424) c:\windows\system32\ieframe.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\S24EvMon.exe c:\windows\System32\SCardSvr.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\windows\System32\basfipm.exe c:\program files\Cisco Systems\VPN Client\cvpnd.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe c:\windows\system32\HPZipm12.exe c:\windows\System32\RegSrvc.exe c:\windows\system32\ZCfgSvc.exe c:\windows\system32\wdfmgr.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\wscntfy.exe c:\windows\System32\1XConfig.exe c:\combofix\CF15929.exe c:\windows\system32\igfxsrvc.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Apoint\Apntex.exe c:\program files\Skype\Plugin Manager\SkypePM.exe c:\combofix\PEV.cfxxe . ************************************************************************** . Completion time: 2009-10-25 21:45 - machine was rebooted ComboFix-quarantined-files.txt 2009-10-25 01:44 ComboFix2.txt 2009-10-24 01:33 ComboFix3.txt 2007-04-29 05:35 Pre-Run: 600,051,712 bytes free Post-Run: 314,232,832 bytes free - - End Of File - - 09239F81D52E60D218044230017C6A2B |
25-Oct-2009, 06:23 PM
#6 | ||||||
| 1. Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. 3. Open notepad and copy/paste the text in the quotebox below into it: Code: File:: c:\windows\uvaxecug.dll c:\windows\ucejifoha.dll Refering to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. ==================================================== Navigate to the following folder C:\Qoobox\Quarantine\ Please visit this site and follow the instructions for uploading the [70]-Submit_2009-10-24@24.21.zipfile.
__________________ Microsoft Valuable Professional Consumer--Security 2007-2010 Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here |
31-Oct-2009, 10:33 PM
#7 | ||||||
| Sorry for the delay. I uploaded the malware files as requested. Here's the new ComboFix.log. ComboFix 09-10-24.01 - Hank Chen 10/31/2009 21:08.4.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.311 [GMT -4:00] Running from: c:\documents and settings\Hank Chen\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Hank Chen\Desktop\CFScript.txt FILE :: "c:\windows\ucejifoha.dll" "c:\windows\uvaxecug.dll" . ((((((((((((((((((((((((( Files Created from 2009-10-01 to 2009-11-01 ))))))))))))))))))))))))))))))) . 2009-10-28 00:53 . 2009-10-28 00:53 -------- d-----w- C:\8bc6ec040f871e4edc209e29 2009-10-27 11:58 . 2009-10-27 11:58 -------- d-----w- c:\documents and settings\Hank Chen\Local Settings\Application Data\PCHealth 2009-10-26 01:13 . 2009-10-26 01:13 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2009-10-26 01:12 . 2009-10-26 01:12 -------- d-----w- c:\windows\system32\XPSViewer 2009-10-26 01:12 . 2009-10-26 01:12 -------- d-----w- c:\program files\MSBuild 2009-10-26 01:12 . 2009-10-26 01:12 -------- d-----w- c:\program files\Reference Assemblies 2009-10-26 01:11 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-10-26 01:11 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-10-26 01:11 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-10-26 01:11 . 2009-10-26 01:11 -------- d-----w- C:\f1b2e36d1e2d4eced3ab 2009-10-26 01:11 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-10-26 01:11 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-10-26 01:11 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-10-26 01:11 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll 2009-10-25 12:20 . 2009-10-25 12:20 -------- d-----w- c:\windows\system32\KB905474 2009-10-25 12:20 . 2009-03-11 02:26 1403264 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe 2009-10-25 12:20 . 2009-03-11 02:18 453512 ----a-w- c:\windows\system32\KB905474\wgasetup.exe 2009-10-25 12:08 . 2009-10-25 12:27 -------- d-----w- c:\windows\ie8updates 2009-10-25 02:03 . 2009-10-25 02:03 -------- d-sh--w- c:\documents and settings\Hank Chen\PrivacIE 2009-10-25 01:46 . 2009-08-29 08:08 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-10-25 01:46 . 2009-08-29 08:08 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-10-25 01:45 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2009-10-25 01:44 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll 2009-10-21 01:03 . 2009-10-21 01:03 -------- d-----w- c:\program files\Trend Micro 2009-10-21 00:16 . 2009-11-01 00:46 -------- d-----w- c:\documents and settings\Hank Chen\Local Settings\Application Data\Temp 2009-10-20 12:17 . 2009-10-20 12:17 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2009-10-12 18:15 . 2009-10-12 18:15 3121 ----a-w- c:\windows\uvaxecug.dll 2009-10-10 11:58 . 2009-10-10 11:58 3121 ----a-w- c:\windows\ucejifoha.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-01 01:16 . 2005-04-29 04:07 -------- d-----w- c:\documents and settings\Hank Chen\Application Data\Skype 2009-10-29 12:14 . 2004-08-02 14:47 58464 ----a-w- c:\documents and settings\Hank Chen\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-21 00:28 . 2004-07-27 00:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-16 01:41 . 2004-07-20 02:54 -------- d-----w- c:\program files\Java 2009-10-16 00:31 . 2004-07-28 15:56 -------- d-----w- c:\program files\Google 2009-10-15 23:58 . 2004-07-27 00:06 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-09-11 14:18 . 2004-03-19 22:40 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:03 . 2004-03-30 01:48 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 08:08 . 2004-02-06 23:05 916480 ----a-w- c:\windows\system32\wininet.dll 2009-08-26 08:00 . 2004-03-19 22:43 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-05 09:01 . 2002-12-12 05:14 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-05 00:44 . 2003-04-24 08:57 2189184 ------w- c:\windows\system32\ntoskrnl.exe 2009-08-04 14:20 . 2003-04-24 08:57 2066048 ------w- c:\windows\system32\ntkrnlpa.exe 2008-09-05 15:49 . 2005-05-09 13:34 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-24_01.27.54 ))))))))))))))))))))))))))))))))))))))))) . + 2009-10-31 12:35 . 2009-10-31 12:35 16384 c:\windows\Temp\Perflib_Perfdata_540.dat + 2004-03-19 22:44 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\wdigest.dll + 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\SYSTEM32\tzchange.exe + 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\SYSTEM32\TsWpfWrp.exe + 2004-03-19 22:43 . 2009-06-12 12:31 80896 c:\windows\SYSTEM32\tlntsess.exe + 2003-08-05 21:15 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\telnet.exe + 2009-10-26 01:11 . 2008-07-06 12:06 89088 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll + 2004-03-19 22:42 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\secur32.dll - 2004-03-19 22:42 . 2009-02-03 19:59 56832 c:\windows\SYSTEM32\secur32.dll + 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\SYSTEM32\PresentationHostProxy.dll + 2004-07-20 02:42 . 2009-10-26 01:17 80628 c:\windows\SYSTEM32\PERFC009.DAT + 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll + 2006-11-08 02:03 . 2009-08-29 08:08 55296 c:\windows\SYSTEM32\msfeedsbs.dll - 2006-11-08 02:03 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\msfeedsbs.dll + 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\SYSTEM32\mscories.dll + 2004-03-19 22:38 . 2009-08-29 08:08 25600 c:\windows\SYSTEM32\jsproxy.dll - 2004-03-19 22:38 . 2009-03-08 08:33 25600 c:\windows\SYSTEM32\jsproxy.dll + 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\SYSTEM32\infocardapi.dll + 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\SYSTEM32\icardres.dll + 2004-03-19 22:37 . 2009-07-29 04:37 81920 c:\windows\SYSTEM32\fontsub.dll + 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\SYSTEM32\dxva2.dll + 2004-03-19 22:38 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DRIVERS\ksecdd.sys + 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\DLLCACHE\wdigest.dll + 2009-06-12 12:31 . 2009-06-12 12:31 80896 c:\windows\SYSTEM32\DLLCACHE\tlntsess.exe + 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe + 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll - 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll - 2007-05-10 16:39 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll + 2007-05-10 16:39 . 2009-08-29 08:08 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll + 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\SYSTEM32\DLLCACHE\msasn1.dll + 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DLLCACHE\ksecdd.sys - 2006-05-10 05:22 . 2009-03-08 08:33 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll + 2006-05-10 05:22 . 2009-08-29 08:08 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll + 2009-07-29 04:37 . 2009-07-29 04:37 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll + 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll + 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll + 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\SYSTEM32\dfshim.dll + 2004-03-19 22:34 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\avifil32.dll - 2004-03-19 22:34 . 2008-04-14 00:11 84992 c:\windows\SYSTEM32\avifil32.dll + 2004-03-19 22:33 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\atl.dll - 2004-03-19 22:33 . 2008-04-14 00:11 58880 c:\windows\SYSTEM32\atl.dll + 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll + 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll + 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.d ll + 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe + 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe + 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe + 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe + 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll + 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll + 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe + 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll + 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll + 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll + 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions .dll + 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thu nk.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll - 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install. dll - 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install. dll + 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe - 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe - 2005-09-23 11:28 . 2005-09-23 11:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll - 2005-09-23 11:28 . 2005-09-23 11:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll - 2005-09-23 11:28 . 2005-09-23 11:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProce ssor.dll + 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProce ssor.dll + 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll - 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll - 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll - 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe - 2005-09-23 11:28 . 2005-09-23 11:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll - 2005-09-23 11:28 . 2005-09-23 11:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe - 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - 2005-09-23 11:28 . 2005-09-23 11:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2008-11-25 08:59 . 2008-11-25 08:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll - 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - 2005-09-23 11:28 . 2005-09-23 11:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2009-06-24 23:56 . 2009-06-24 23:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe - 2007-04-14 00:58 . 2007-04-14 00:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2008-05-28 04:49 . 2008-05-28 04:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - 2007-04-14 00:57 . 2007-04-14 00:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2008-05-28 04:49 . 2008-05-28 04:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2007-04-14 00:57 . 2007-04-14 00:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2008-05-28 04:49 . 2008-05-28 04:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2008-05-28 05:30 . 2008-05-28 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2007-04-14 01:30 . 2007-04-14 01:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2008-07-25 15:16 . 2008-07-25 15:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2008-07-25 15:16 . 2008-07-25 15:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\2098a4e.msp + 2009-10-26 01:10 . 2009-10-26 01:10 88576 c:\windows\Installer\2058394.msi + 2009-10-25 12:27 . 2009-03-08 08:33 12288 c:\windows\ie8updates\KB974455-IE8\xpshims.dll + 2009-10-25 12:27 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll + 2009-10-25 12:27 . 2009-03-08 08:33 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll + 2009-10-26 01:11 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\I386\filterpipelineprintproc.dll |
31-Oct-2009, 10:36 PM
#8 | ||||||
| Part 2 of the report + 2009-10-25 12:14 . 2009-10-25 12:14 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000. 0__b03f5f7f11d50a3a_29f076e8\System.Drawing.Design.dll + 2009-10-25 12:14 . 2009-10-25 12:14 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b0 3f5f7f11d50a3a_fcf75543\CustomMarshalers.dll + 2009-10-26 12:07 . 2009-10-26 12:07 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa4 42ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794 d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca174 7c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e 2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e 1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll + 2009-10-26 12:04 . 2009-10-26 12:04 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a 0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe + 2009-10-26 12:03 . 2009-10-26 12:03 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9 233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee4 1b59be62ecbd59613b\Microsoft.Vsa.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2e ab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d4 70d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d 6543b9fcc6\dfsvc.ni.exe + 2009-10-26 18:52 . 2009-10-26 18:52 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01 e5128805759121ea6c\Accessibility.ni.dll + 2009-10-26 01:12 . 2009-10-26 01:12 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364 e35\WindowsFormsIntegration.dll + 2009-10-26 01:12 . 2009-10-26 01:12 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UI AutomationTypes.dll + 2009-10-26 01:12 . 2009-10-26 01:12 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35 \UIAutomationProvider.dll + 2009-10-26 01:13 . 2009-10-26 01:13 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561 934e089\System.Windows.Presentation.dll + 2009-10-26 01:13 . 2009-10-26 01:13 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\S ystem.Web.Routing.dll + 2009-10-26 01:16 . 2009-10-26 01:16 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7 f11d50a3a\System.Web.RegularExpressions.dll + 2009-10-26 01:13 . 2009-10-26 01:13 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf385 6ad364e35\System.Web.DynamicData.Design.dll + 2009-10-26 01:13 . 2009-10-26 01:13 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364 e35\System.Web.Abstractions.dll + 2009-10-26 01:12 . 2009-10-26 01:12 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c 561934e089\System.ServiceModel.WasHosting.dll + 2009-10-26 01:12 . 2009-10-26 01:12 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561 934e089\System.ServiceModel.Install.dll + 2009-10-26 01:16 . 2009-10-26 01:16 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3 a\System.Drawing.Design.dll - 2008-05-30 02:21 . 2008-05-30 02:21 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3 a\System.Drawing.Design.dll + 2009-10-26 01:13 . 2009-10-26 01:13 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c5 61934e089\System.Data.DataSetExtensions.dll + 2009-10-26 01:17 . 2009-10-26 01:17 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f 11d50a3a\System.Configuration.Install.dll - 2008-05-30 02:21 . 2008-05-30 02:21 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f 11d50a3a\System.Configuration.Install.dll + 2009-10-26 01:13 . 2009-10-26 01:13 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0_ _31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2009-10-26 01:13 . 2009-10-26 01:13 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3 a\System.AddIn.Contract.dll + 2009-10-26 01:12 . 2009-10-26 01:12 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e3 5\PresentationFontCache.exe + 2009-10-26 01:12 . 2009-10-26 01:12 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad3 64e35\PresentationCFFRasterizer.dll - 2008-05-30 02:20 . 2008-05-30 02:20 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Micros oft.Vsa.dll + 2009-10-26 01:16 . 2009-10-26 01:16 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Micros oft.Vsa.dll + 2009-10-26 01:16 . 2009-10-26 01:16 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03 f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2008-05-30 02:20 . 2008-05-30 02:20 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03 f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-10-26 01:13 . 2009-10-26 01:13 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d5 0a3a\Microsoft.VisualC.STLCLR.dll + 2009-10-26 01:16 . 2009-10-26 01:16 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d 50a3a\Microsoft.VisualBasic.Vsa.dll - 2008-05-30 02:20 . 2008-05-30 02:20 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d 50a3a\Microsoft.VisualBasic.Vsa.dll + 2009-10-26 01:16 . 2009-10-26 01:16 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Utilities.dll + 2009-10-26 01:13 . 2009-10-26 01:13 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f 7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll + 2009-10-26 01:13 . 2009-10-26 01:13 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Framework.dll - 2008-05-30 02:20 . 2008-05-30 02:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Framework.dll + 2009-10-26 01:16 . 2009-10-26 01:16 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Framework.dll + 2009-10-26 01:16 . 2009-10-26 01:16 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2008-05-30 02:20 . 2008-05-30 02:20 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd. dll + 2009-10-26 01:16 . 2009-10-26 01:16 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd. dll - 2008-05-30 02:20 . 2008-05-30 02:20 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Access ibility.dll + 2009-10-26 01:16 . 2009-10-26 01:16 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Access ibility.dll - 2008-05-30 02:21 . 2008-05-30 02:21 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrappe r.dll + 2009-10-26 01:16 . 2009-10-26 01:16 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrappe r.dll + 2009-10-26 01:16 . 2009-10-26 01:16 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\Custo mMarshalers.dll + 2009-10-26 01:16 . 2009-10-26 01:16 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll + 2008-07-25 15:16 . 2008-07-25 15:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll - 2005-09-23 11:28 . 2005-09-23 11:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll - 2005-09-23 11:29 . 2005-09-23 11:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2008-07-25 15:17 . 2008-07-25 15:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2008-07-25 15:17 . 2008-07-25 15:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll - 2005-09-23 11:28 . 2005-09-23 11:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2008-07-25 15:17 . 2008-07-25 15:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2008-07-25 15:17 . 2008-07-25 15:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe - 2005-09-23 11:28 . 2005-09-23 11:28 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2008-07-25 15:16 . 2008-07-25 15:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2009-10-26 01:13 . 2009-10-26 01:13 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\ Sentinel.v3.5Client.dll + 2009-10-26 01:16 . 2009-10-26 01:16 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Micr osoft_VsaVb.dll - 2008-05-30 02:20 . 2008-05-30 02:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Micr osoft_VsaVb.dll - 2008-05-30 02:21 . 2008-05-30 02:21 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Mi crosoft.VisualC.Dll + 2009-10-26 01:17 . 2009-10-26 01:17 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Mi crosoft.VisualC.Dll + 2009-10-26 01:16 . 2009-10-26 01:16 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2008-05-30 02:21 . 2008-05-30 02:21 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecR emote.dll + 2009-10-26 01:16 . 2009-10-26 01:16 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecR emote.dll + 2009-10-26 01:16 . 2009-10-26 01:16 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2009-10-26 01:16 . 2009-10-26 01:16 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2008-05-30 02:20 . 2008-05-30 02:20 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll + 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll + 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll + 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\SYSTEM32\XPSViewer\XPSViewer.exe + 2004-08-04 07:56 . 2009-04-10 05:01 413032 c:\windows\SYSTEM32\wmspdmod.dll + 2004-08-04 07:56 . 2009-07-13 14:08 286720 c:\windows\SYSTEM32\wmpdxm.dll + 2003-10-21 16:06 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\wkssvc.dll - 2003-10-21 16:06 . 2008-04-14 00:12 132096 c:\windows\SYSTEM32\wkssvc.dll + 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\SYSTEM32\UIAutomationCore.dll + 2004-03-19 22:43 . 2009-07-29 04:37 119808 c:\windows\SYSTEM32\t2embed.dll + 2009-10-26 01:11 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\mxdwdrv.dll + 2009-10-26 01:11 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\mxdwdrv.dll + 2009-10-26 01:11 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\mxdwdrv.dll + 2009-10-26 01:11 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\mxdwdrv.dll + 2009-10-26 01:11 . 2008-07-06 12:06 147456 c:\windows\SYSTEM32\SPOOL\PRTPROCS\x64\filterpipelineprintproc.dll + 2009-10-26 01:11 . 2008-07-06 10:50 597504 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfilterpipelinesvc.exe - 2004-09-08 19:50 . 2007-05-15 08:08 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll + 2004-09-08 19:50 . 2008-03-13 04:52 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll + 2004-09-08 19:50 . 2008-07-06 12:06 744960 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll + 2004-09-08 19:50 . 2008-07-06 12:06 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll - 2004-09-08 19:50 . 2008-04-14 00:12 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll + 2009-10-26 01:11 . 2008-07-06 12:06 198656 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdui.dll + 2009-10-26 01:11 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdrv.dll + 2004-03-30 01:48 . 2009-06-25 08:25 147456 c:\windows\SYSTEM32\schannel.dll + 2004-03-06 02:16 . 2009-04-15 14:51 585216 c:\windows\SYSTEM32\rpcrt4.dll + 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\SYSTEM32\rgb9rast_2.dll + 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\SYSTEM32\PresentationNative_v0300.dll + 2008-07-30 00:35 . 2008-07-30 00:35 326160 c:\windows\SYSTEM32\PresentationHost.exe + 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\SYSTEM32\PresentationCFFRasterizerNative_v0300.dll + 2004-07-20 02:42 . 2009-10-26 01:17 463768 c:\windows\SYSTEM32\PERFH009.DAT + 2004-03-19 22:41 . 2009-08-29 08:08 206848 c:\windows\SYSTEM32\occache.dll - 2006-11-08 02:03 . 2009-03-08 08:32 594432 c:\windows\SYSTEM32\msfeeds.dll + 2006-11-08 02:03 . 2009-08-29 08:08 594432 c:\windows\SYSTEM32\msfeeds.dll + 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\SYSTEM32\mscorier.dll + 2008-07-25 15:16 . 2008-07-25 15:16 282112 c:\windows\SYSTEM32\mscoree.dll + 2004-03-30 01:48 . 2009-06-25 08:25 730112 c:\windows\SYSTEM32\lsasrv.dll + 2004-03-19 22:38 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\localspl.dll + 2004-03-19 22:38 . 2009-06-25 08:25 301568 c:\windows\SYSTEM32\kerberos.dll + 2003-01-13 19:57 . 2009-06-22 06:44 726528 c:\windows\SYSTEM32\jscript.dll - 2003-01-13 19:57 . 2009-03-08 08:33 726528 c:\windows\SYSTEM32\jscript.dll + 2004-03-19 22:38 . 2009-08-29 08:08 184320 c:\windows\SYSTEM32\iepeers.dll + 2004-03-19 22:38 . 2009-08-29 08:08 387584 c:\windows\SYSTEM32\iedkcs32.dll + 2004-03-19 22:38 . 2009-08-28 10:35 173056 c:\windows\SYSTEM32\ie4uinit.exe - 2004-03-19 22:38 . 2009-03-08 08:32 173056 c:\windows\SYSTEM32\ie4uinit.exe + 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\SYSTEM32\icardagt.exe + 2004-03-20 18:22 . 2009-10-26 11:59 216856 c:\windows\SYSTEM32\FNTCACHE.DAT + 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\SYSTEM32\evr.dll + 2004-08-04 07:56 . 2009-04-10 05:01 413032 c:\windows\SYSTEM32\DLLCACHE\wmspdmod.dll + 2004-08-04 07:56 . 2009-07-13 14:08 286720 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll + 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll + 2006-05-10 05:23 . 2009-08-29 08:08 916480 c:\windows\SYSTEM32\DLLCACHE\wininet.dll + 2009-07-29 04:37 . 2009-07-29 04:37 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll - 2006-08-21 14:52 . 2008-10-03 10:02 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll + 2006-08-21 14:52 . 2009-08-26 08:00 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll + 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\SYSTEM32\DLLCACHE\schannel.dll + 2009-04-15 14:51 . 2009-04-15 14:51 585216 c:\windows\SYSTEM32\DLLCACHE\rpcrt4.dll + 2006-10-17 17:04 . 2009-08-29 08:08 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll + 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\DLLCACHE\mswebdvd.dll + 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\SYSTEM32\DLLCACHE\msv1_0.dll + 2007-05-10 16:39 . 2009-08-29 08:08 594432 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll - 2007-05-10 16:39 . 2009-03-08 08:32 594432 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll + 2009-04-15 14:31 . 2009-06-25 08:25 730112 c:\windows\SYSTEM32\DLLCACHE\lsasrv.dll + 2009-05-07 15:32 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\DLLCACHE\localspl.dll + 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\SYSTEM32\DLLCACHE\kerberos.dll + 2008-05-09 10:53 . 2009-06-22 06:44 726528 c:\windows\SYSTEM32\DLLCACHE\jscript.dll - 2008-05-09 10:53 . 2009-03-08 08:33 726528 c:\windows\SYSTEM32\DLLCACHE\jscript.dll + 2006-05-10 05:22 . 2009-08-29 08:08 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll + 2006-11-07 08:27 . 2009-08-29 08:08 387584 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll - 2006-11-07 08:26 . 2009-03-08 08:32 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe + 2006-11-07 08:26 . 2009-08-28 10:35 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe + 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe + 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll + 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll + 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll + 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll + 2009-10-26 01:13 . 2009-10-26 01:13 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi + 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe + 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll + 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll + 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat + 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll + 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll + 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll + 2008-07-29 23:59 . 2008-07-29 23:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll + 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe + 2008-07-29 23:16 . 2008-07-29 23:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll + 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe + 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe + 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll + 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll + 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe + 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe + 2008-11-25 08:59 . 2008-11-25 08:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll |
31-Oct-2009, 10:39 PM
#9 | ||||||
| Part 3 of the report + 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll - 2005-09-23 11:28 . 2005-09-23 11:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll - 2005-09-23 11:28 . 2005-09-23 11:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll - 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization. Formatters.Soap.dll - 2005-09-23 11:28 . 2005-09-23 11:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization. Formatters.Soap.dll + 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll - 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wra pper.dll - 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Prot ocols.dll - 2005-09-23 11:28 . 2005-09-23 11:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Prot ocols.dll + 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll - 2005-09-23 11:28 . 2005-09-23 11:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2008-07-25 15:17 . 2008-07-25 15:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2008-11-25 08:59 . 2008-11-25 08:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compati bility.dll - 2005-09-23 11:29 . 2005-09-23 11:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compati bility.dll + 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compati bility.Data.dll - 2005-09-23 11:29 . 2005-09-23 11:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compati bility.Data.dll + 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe - 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe - 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll - 2007-04-14 00:58 . 2007-04-14 00:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2008-05-28 04:49 . 2008-05-28 04:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2008-05-28 04:48 . 2008-05-28 04:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2007-04-14 00:56 . 2007-04-14 00:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2008-05-28 05:30 . 2008-05-28 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - 2007-04-14 01:30 . 2007-04-14 01:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2009-03-20 15:48 . 2009-03-20 15:48 183808 c:\windows\Installer\2ca294d.msp + 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\20b0aaa.msp + 2009-10-26 01:13 . 2009-10-26 01:13 648192 c:\windows\Installer\20b0a87.msi + 2008-07-30 01:23 . 2008-07-30 01:23 250880 c:\windows\Installer\2098a57.msp + 2008-07-30 01:28 . 2008-07-30 01:28 278016 c:\windows\Installer\2098a55.msp + 2008-07-29 23:40 . 2008-07-29 23:40 291840 c:\windows\Installer\2098a53.msp + 2009-10-26 01:12 . 2009-10-26 01:12 137728 c:\windows\Installer\2098a4d.msi + 2008-07-29 21:35 . 2008-07-29 21:35 553472 c:\windows\Installer\2058399.msp + 2008-07-29 21:33 . 2008-07-29 21:33 506368 c:\windows\Installer\2058397.msp + 2008-07-29 21:37 . 2008-07-29 21:37 911360 c:\windows\Installer\2058396.msp + 2009-10-25 12:27 . 2009-03-08 08:34 914944 c:\windows\ie8updates\KB974455-IE8\wininet.dll + 2009-10-25 12:27 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll + 2009-10-25 12:27 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe + 2009-10-25 12:27 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB974455-IE8\occache.dll + 2009-10-25 12:27 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll + 2009-10-25 12:27 . 2009-03-08 08:33 246784 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll + 2009-10-25 12:27 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB974455-IE8\iepeers.dll + 2009-10-25 12:27 . 2009-03-08 18:09 391536 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll + 2009-10-25 12:27 . 2009-03-08 08:32 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe + 2009-10-25 12:08 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll + 2009-10-25 12:08 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe + 2009-10-25 12:08 . 2009-03-08 08:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll + 2009-10-26 01:11 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\I386\unires.dll + 2009-10-26 01:11 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\I386\unidrvui.dll + 2009-10-26 01:11 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\I386\unidrv.dll + 2009-10-26 01:11 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\I386\mxdwdui.dll + 2009-10-26 01:11 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\I386\mxdwdrv.dll + 2009-10-25 12:14 . 2009-10-25 12:14 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f 5f7f11d50a3a_f8194476\System.Drawing.dll + 2009-10-25 12:14 . 2009-10-25 12:14 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000. 0__b03f5f7f11d50a3a_ba17d0a3\System.Drawing.Design.dll + 2009-10-25 12:14 . 2009-10-25 12:14 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b0 3f5f7f11d50a3a_341f1b39\CustomMarshalers.dll + 2009-10-26 18:52 . 2009-10-26 18:52 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570b b23886a4f32294a\WsatConfig.ni.exe + 2009-10-26 12:07 . 2009-10-26 12:07 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a81809 9f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll + 2009-10-26 12:07 . 2009-10-26 12:07 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962 d47c722231c1478f180695\UIAutomationTypes.ni.dll + 2009-10-26 12:07 . 2009-10-26 12:07 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8 db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f 46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee2552 20d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f6204 4fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85d d57dd485ab60118ac292ff\System.Web.Entity.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e3 4fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5 659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec087 41a765c707bd9169346064a81\System.Web.Abstractions.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9a e6984c40157cf940bb519f7c\System.Transactions.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea33669 39280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da3322 2c048d683017f2095f04\System.Security.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16 d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.d ll + 2009-10-26 18:54 . 2009-10-26 18:54 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f 9b963ffb7495308\System.Net.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf0 2a6cb6f01169fe6fdb5d11\System.Management.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd 23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll + 2009-10-26 12:30 . 2009-10-26 12:30 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d62 6ec8cbf8149272d845\System.IO.Log.ni.dll + 2009-10-26 12:30 . 2009-10-26 12:30 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e7114 7704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd9 08175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll + 2009-10-26 18:54 . 2009-10-26 18:54 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd9 08175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll + 2009-10-26 12:06 . 2009-10-26 12:06 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b 6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07 332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a 2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f 476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3aca d6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34 573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495f f00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e 2d24305ad6cb08556e3779b75\System.Configuration.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e4 84e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6 be4504b785cc43574\System.AddIn.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc2 6083538ae69045\SMSvcHost.ni.exe + 2009-10-26 18:52 . 2009-10-26 18:52 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294 b4ed3aaa1c221891c7\SMDiagnostics.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876 fc1f65e64b811a28b020\ServiceModelReg.ni.exe + 2009-10-26 12:05 . 2009-10-26 12:05 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294 d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003aba f6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a6787 4d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9 a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516 ea46ab94590e\MSBuild.ni.exe + 2009-10-26 18:52 . 2009-10-26 18:52 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a 012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff 9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124 db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c3 4d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321eb f67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938be e3555c5aa8763d89a68f9\CustomMarshalers.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e31545 9bee67cbbaac85cb2\ComSvcConfig.ni.exe + 2009-10-26 18:52 . 2009-10-26 18:52 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3 976daebc0bcd2b5e2\AspNetMMCExt.ni.dll + 2009-10-26 01:12 . 2009-10-26 01:12 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3 856ad364e35\UIAutomationClientsideProviders.dll + 2009-10-26 01:12 . 2009-10-26 01:12 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\U IAutomationClient.dll + 2009-10-26 01:13 . 2009-10-26 01:13 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\Syst em.Xml.Linq.dll + 2009-10-26 01:13 . 2009-10-26 01:13 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364 e35\System.WorkflowServices.dll + 2009-10-26 01:12 . 2009-10-26 01:12 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364 e35\System.Workflow.Runtime.dll + 2009-10-26 01:16 . 2009-10-26 01:16 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\ System.Web.Services.dll - 2008-05-30 02:21 . 2008-05-30 02:21 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Web.Mobile.dll + 2009-10-26 01:16 . 2009-10-26 01:16 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Web.Mobile.dll + 2009-10-26 01:13 . 2009-10-26 01:13 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856 ad364e35\System.Web.Extensions.Design.dll + 2009-10-26 01:19 . 2009-10-26 01:19 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\Sy stem.Web.Entity.dll + 2009-10-26 01:13 . 2009-10-26 01:13 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934 e089\System.Web.Entity.Design.dll + 2009-10-26 01:19 . 2009-10-26 01:19 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e 35\System.Web.DynamicData.dll + 2009-10-26 01:12 . 2009-10-26 01:12 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System .Speech.dll + 2009-10-26 01:16 . 2009-10-26 01:16 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3 a\System.ServiceProcess.dll - 2008-05-30 02:21 . 2008-05-30 02:21 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3 a\System.ServiceProcess.dll + 2009-10-26 01:13 . 2009-10-26 01:13 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364 e35\System.ServiceModel.Web.dll - 2008-05-30 02:20 . 2008-05-30 02:20 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\Syst em.Security.dll + 2009-10-26 01:16 . 2009-10-26 01:16 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\Syst em.Security.dll + 2009-10-26 01:12 . 2009-10-26 01:12 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c56 1934e089\System.Runtime.Serialization.dll + 2009-10-26 01:16 . 2009-10-26 01:16 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2 .0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2008-05-30 02:21 . 2008-05-30 02:21 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2 .0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2009-10-26 01:16 . 2009-10-26 01:16 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e 089\System.Runtime.Remoting.dll + 2009-10-26 01:13 . 2009-10-26 01:13 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Ne t.dll - 2008-05-30 02:21 . 2008-05-30 02:21 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\Sys tem.Messaging.dll + 2009-10-26 01:16 . 2009-10-26 01:16 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\Sys tem.Messaging.dll + 2009-10-26 01:16 . 2009-10-26 01:16 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Management.dll + 2009-10-26 01:13 . 2009-10-26 01:13 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77 a5c561934e089\System.Management.Instrumentation.dll + 2009-10-26 01:12 . 2009-10-26 01:12 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System .IO.Log.dll + 2009-10-26 01:12 . 2009-10-26 01:12 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089 \System.IdentityModel.dll + 2009-10-26 01:12 . 2009-10-26 01:12 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c 561934e089\System.IdentityModel.Selectors.dll + 2009-10-26 01:16 . 2009-10-26 01:16 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\Syste m.Drawing.dll + 2009-10-26 01:16 . 2009-10-26 01:16 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d5 0a3a\System.DirectoryServices.dll - 2008-05-30 02:21 . 2008-05-30 02:21 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b0 3f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2009-10-26 01:16 . 2009-10-26 01:16 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b0 3f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2009-10-26 01:13 . 2009-10-26 01:13 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5 .0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2009-10-26 01:17 . 2009-10-26 01:17 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Deployment.dll + 2009-10-26 01:17 . 2009-10-26 01:17 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\S ystem.Data.SqlXml.dll + 2009-10-26 01:19 . 2009-10-26 01:19 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089 \System.Data.Services.dll + 2009-10-26 01:13 . 2009-10-26 01:13 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561 934e089\System.Data.Services.Design.dll + 2009-10-26 01:19 . 2009-10-26 01:19 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561 934e089\System.Data.Services.Client.dll + 2009-10-26 01:13 . 2009-10-26 01:13 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\Sys tem.Data.Linq.dll + 2009-10-26 01:13 . 2009-10-26 01:13 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c56193 4e089\System.Data.Entity.Design.dll + 2009-10-26 01:13 . 2009-10-26 01:13 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.C ore.dll + 2009-10-26 01:17 . 2009-10-26 01:17 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a \System.configuration.dll + 2009-10-26 01:13 . 2009-10-26 01:13 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System. AddIn.dll + 2009-10-26 01:17 . 2009-10-26 01:17 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dl l - 2008-05-30 02:21 . 2008-05-30 02:21 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dl l + 2009-10-26 01:12 . 2009-10-26 01:12 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiag nostics.dll + 2009-10-26 01:12 . 2009-10-26 01:12 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\Reach Framework.dll + 2009-10-26 01:12 . 2009-10-26 01:12 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\Prese ntationUI.dll + 2009-10-26 01:12 . 2009-10-26 01:12 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856 ad364e35\PresentationFramework.Royale.dll + 2009-10-26 01:12 . 2009-10-26 01:12 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad 364e35\PresentationFramework.Luna.dll + 2009-10-26 01:12 . 2009-10-26 01:12 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf385 6ad364e35\PresentationFramework.Classic.dll + 2009-10-26 01:12 . 2009-10-26 01:12 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad 364e35\PresentationFramework.Aero.dll + 2009-10-26 01:12 . 2009-10-26 01:12 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e 35\PresentationBuildTasks.dll |
31-Oct-2009, 10:41 PM
#10 | ||||||
| Part 4 of the report + 2009-10-26 01:16 . 2009-10-26 01:16 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3 a\Microsoft.VisualBasic.dll + 2009-10-26 01:16 . 2009-10-26 01:16 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b 03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2008-05-30 02:21 . 2008-05-30 02:21 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b 03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2008-05-30 02:21 . 2008-05-30 02:21 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0 .0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2009-10-26 01:16 . 2009-10-26 01:16 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0 .0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2009-10-26 01:12 . 2009-10-26 01:12 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7 f11d50a3a\Microsoft.Transactions.Bridge.dll + 2009-10-26 01:16 . 2009-10-26 01:16 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Mi crosoft.JScript.dll + 2009-10-26 01:16 . 2009-10-26 01:16 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3 a\Microsoft.Build.Tasks.dll + 2009-10-26 01:13 . 2009-10-26 01:13 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11 d50a3a\Microsoft.Build.Tasks.v3.5.dll + 2009-10-26 01:13 . 2009-10-26 01:13 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a 3a\Microsoft.Build.Engine.dll + 2009-10-26 01:16 . 2009-10-26 01:16 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a 3a\Microsoft.Build.Engine.dll + 2009-10-26 01:13 . 2009-10-26 01:13 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5 f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll + 2009-10-26 01:16 . 2009-10-26 01:16 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetM MCExt.dll + 2009-10-26 01:16 . 2009-10-26 01:16 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\Sy stem.Transactions.dll + 2009-10-26 01:12 . 2009-10-26 01:12 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System .Printing.dll + 2009-10-26 01:16 . 2009-10-26 01:16 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50 a3a\System.EnterpriseServices.Wrapper.dll + 2009-10-26 01:16 . 2009-10-26 01:16 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50 a3a\System.EnterpriseServices.dll - 2008-05-30 02:20 . 2008-05-30 02:20 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50 a3a\System.EnterpriseServices.dll + 2009-10-26 01:17 . 2009-10-26 01:17 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e0 89\System.Data.OracleClient.dll + 2009-10-26 01:12 . 2009-10-26 01:12 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5 f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2009-10-25 01:46 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.2 2319_x-ww_f0b4c2df\GdiPlus.dll + 2004-03-19 22:45 . 2009-05-20 16:24 2373504 c:\windows\SYSTEM32\WMVCore.dll + 2004-08-04 07:56 . 2009-07-13 14:08 5537792 c:\windows\SYSTEM32\wmp.dll - 2004-08-04 07:56 . 2007-04-30 12:20 5537792 c:\windows\SYSTEM32\wmp.dll + 2003-09-25 14:35 . 2009-04-17 12:26 1847168 c:\windows\SYSTEM32\win32k.sys + 2004-01-21 21:20 . 2009-08-29 08:08 1208832 c:\windows\SYSTEM32\urlmon.dll + 2009-10-26 01:11 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\xpssvcs.dll + 2009-10-26 01:11 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\xpssvcs.dll + 2009-10-26 01:11 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\xpssvcs.dll + 2009-10-26 01:11 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\xpssvcs.dll + 2009-10-26 01:11 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\XpsSvcs.dll - 2004-03-19 22:42 . 2008-04-14 00:12 1435648 c:\windows\SYSTEM32\query.dll + 2004-03-19 22:42 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\query.dll + 2003-05-30 14:00 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\quartz.dll + 2004-03-19 22:40 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\mstscax.dll + 2004-07-07 22:37 . 2009-08-29 08:08 5940224 c:\windows\SYSTEM32\mshtml.dll + 2006-10-17 16:57 . 2009-08-29 08:08 1985536 c:\windows\SYSTEM32\iertutil.dll + 2004-03-19 22:45 . 2009-05-20 16:24 2373504 c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll - 2004-08-04 07:56 . 2007-04-30 12:20 5537792 c:\windows\SYSTEM32\DLLCACHE\wmp.dll + 2004-08-04 07:56 . 2009-07-13 14:08 5537792 c:\windows\SYSTEM32\DLLCACHE\wmp.dll + 2008-10-14 19:37 . 2009-04-17 12:26 1847168 c:\windows\SYSTEM32\DLLCACHE\win32k.sys + 2006-05-10 05:23 . 2009-08-29 08:08 1208832 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll + 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\DLLCACHE\query.dll + 2008-05-07 05:12 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\DLLCACHE\quartz.dll + 2008-10-14 17:42 . 2009-08-05 00:44 2189184 c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe + 2008-10-14 17:42 . 2009-08-04 14:20 2023936 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe - 2008-10-14 17:42 . 2009-02-06 10:32 2023936 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe - 2008-10-14 17:42 . 2009-02-07 23:02 2066048 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe + 2008-10-14 17:42 . 2009-08-04 14:20 2066048 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe - 2008-10-14 17:43 . 2009-02-06 11:06 2145280 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe + 2008-10-14 17:43 . 2009-08-04 15:13 2145280 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe + 2009-06-10 13:19 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\DLLCACHE\mstscax.dll + 2006-05-19 15:08 . 2009-08-29 08:08 5940224 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll + 2007-05-10 16:39 . 2009-08-29 08:08 1985536 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll + 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe + 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll + 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe + 2008-12-05 23:35 . 2008-12-05 23:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll + 2008-07-30 01:10 . 2008-07-30 01:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll + 2008-07-30 01:10 . 2008-07-30 01:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll + 2008-12-06 00:12 . 2008-12-06 00:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll + 2008-07-25 15:16 . 2008-07-25 15:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2008-07-25 15:17 . 2008-07-25 15:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2008-11-25 08:59 . 2008-11-25 08:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2008-07-25 15:17 . 2008-07-25 15:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2008-07-25 15:17 . 2008-07-25 15:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2008-11-25 08:59 . 2008-11-25 08:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2008-11-25 08:59 . 2008-11-25 08:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2008-07-25 15:16 . 2008-07-25 15:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2008-05-28 05:35 . 2008-05-28 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2007-04-14 01:35 . 2007-04-14 01:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll + 2008-05-28 05:35 . 2008-05-28 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll - 2007-04-14 01:35 . 2007-04-14 01:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll - 2007-04-14 00:57 . 2007-04-14 00:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2008-05-28 04:48 . 2008-05-28 04:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2007-04-14 00:57 . 2007-04-14 00:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll + 2008-05-28 04:48 . 2008-05-28 04:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - 2007-04-14 00:50 . 2007-04-14 00:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2008-05-28 04:43 . 2008-05-28 04:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2008-12-13 13:57 . 2008-12-13 13:57 8397824 c:\windows\Installer\20b0a95.msp + 2008-07-29 23:26 . 2008-07-29 23:26 1043456 c:\windows\Installer\2098a56.msp + 2008-07-30 00:37 . 2008-07-30 00:37 2679808 c:\windows\Installer\2098a54.msp + 2008-07-30 01:15 . 2008-07-30 01:15 3697664 c:\windows\Installer\2098a52.msp + 2008-07-29 23:34 . 2008-07-29 23:34 1448448 c:\windows\Installer\2098a51.msp + 2008-07-30 00:22 . 2008-07-30 00:22 4137984 c:\windows\Installer\2098a50.msp + 2008-07-29 23:18 . 2008-07-29 23:18 3376640 c:\windows\Installer\2098a4f.msp + 2008-07-29 21:45 . 2008-07-29 21:45 2543616 c:\windows\Installer\205839d.msp + 2008-07-29 21:29 . 2008-07-29 21:29 2926080 c:\windows\Installer\205839c.msp + 2008-07-29 21:41 . 2008-07-29 21:41 6487040 c:\windows\Installer\205839b.msp + 2008-07-29 21:39 . 2008-07-29 21:39 3403264 c:\windows\Installer\205839a.msp + 2008-07-29 21:43 . 2008-07-29 21:43 1013248 c:\windows\Installer\2058398.msp + 2008-07-29 21:31 . 2008-07-29 21:31 6083072 c:\windows\Installer\2058395.msp + 2009-10-25 12:27 . 2009-03-08 08:34 1206784 c:\windows\ie8updates\KB974455-IE8\urlmon.dll + 2009-10-25 12:27 . 2009-03-08 08:41 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll + 2009-10-25 12:27 . 2009-03-08 08:32 1985024 c:\windows\ie8updates\KB974455-IE8\iertutil.dll + 2008-10-14 17:42 . 2009-08-05 00:44 2189184 c:\windows\Driver Cache\I386\ntoskrnl.exe + 2008-10-14 17:42 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\I386\ntkrpamp.exe - 2008-10-14 17:42 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\I386\ntkrpamp.exe - 2008-10-14 17:42 . 2009-02-07 23:02 2066048 c:\windows\Driver Cache\I386\ntkrnlpa.exe + 2008-10-14 17:42 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\I386\ntkrnlpa.exe - 2008-10-14 17:43 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\I386\ntkrnlmp.exe + 2008-10-14 17:43 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\I386\ntkrnlmp.exe + 2009-10-25 12:14 . 2009-10-25 12:14 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934 e089_efcb0f50\System.dll + 2009-10-25 12:13 . 2009-10-25 12:13 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934 e089_104975c7\System.dll + 2009-10-25 12:14 . 2009-10-25 12:14 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c56 1934e089_c53eef10\System.Xml.dll + 2009-10-25 12:15 . 2009-10-25 12:15 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c56 1934e089_302cc186\System.Xml.dll + 2009-10-25 12:14 . 2009-10-25 12:14 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0 __b77a5c561934e089_bf7dcaa7\System.Windows.Forms.dll + 2009-10-25 12:14 . 2009-10-25 12:14 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0 __b77a5c561934e089_a636480a\System.Windows.Forms.dll + 2009-10-25 12:15 . 2009-10-25 12:15 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f 5f7f11d50a3a_20fe0dc7\System.Drawing.dll + 2009-10-25 12:15 . 2009-10-25 12:15 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5 f7f11d50a3a_9a1e4da6\System.Design.dll + 2009-10-25 12:14 . 2009-10-25 12:14 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5 f7f11d50a3a_373166ae\System.Design.dll + 2009-10-25 12:14 . 2009-10-25 12:14 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c5619 34e089_a8f65f5a\mscorlib.dll + 2009-10-25 12:15 . 2009-10-25 12:15 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c5619 34e089_095d8548\mscorlib.dll + 2009-10-26 12:03 . 2009-10-26 12:03 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b 76327d6be9853755\WindowsBase.ni.dll + 2009-10-26 12:07 . 2009-10-26 12:07 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957 351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll + 2009-10-26 01:19 . 2009-10-26 01:19 7599104 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F5.tmp\System.dll + 2009-10-26 12:01 . 2009-10-26 12:02 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71b e1251ae395a\System.ni.dll + 2009-10-26 12:07 . 2009-10-26 12:07 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3b aaeff003dc4230f\System.Xml.ni.dll + 2009-10-26 18:56 . 2009-10-26 18:56 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da3 6954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fb e6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbb ac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002 a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec 931f439b3114e9031b65d6\System.Web.Mobile.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d 25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll + 2009-10-26 12:06 . 2009-10-26 12:06 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c 25c1643c85016e7422\System.Speech.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad1 7fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll + 2009-10-26 12:30 . 2009-10-26 12:30 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b 133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll + 2009-10-26 12:06 . 2009-10-26 12:06 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef34 3380aa002c220dc31e13\System.Printing.ni.dll + 2009-10-26 12:30 . 2009-10-26 12:30 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de847 9e54852f56996f79bc93acb13\System.IdentityModel.ni.dll + 2009-10-26 12:06 . 2009-10-26 12:06 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab 9202626ae44c18d226c\System.Drawing.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced 762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b5862448 6714fa71e5e35186850ff0\System.Deployment.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b002263 8b3f9fb158948a03\System.Data.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0 d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513 dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b 1137df5313f9baf7b246f\System.Data.Linq.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b 105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c6 35eb73403b8db33e\System.Core.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200 a6a8592d1b4ba861a7f\ReachFramework.ni.dll + 2009-10-26 12:05 . 2009-10-26 12:05 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a7379 4ddb9761cb321c9e7e2\PresentationUI.ni.dll + 2009-10-26 12:03 . 2009-10-26 12:03 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4 c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc 399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f 5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046 545831aa60963e84905968\Microsoft.JScript.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd24149 2d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d 8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582 681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll + 2009-10-26 01:12 . 2009-10-26 01:12 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsB ase.dll + 2009-10-26 01:17 . 2009-10-26 01:17 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2009-10-26 01:17 . 2009-10-26 01:17 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XM L.dll + 2009-10-26 01:12 . 2009-10-26 01:12 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf38 56ad364e35\System.Workflow.ComponentModel.dll + 2009-10-26 01:12 . 2009-10-26 01:12 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad 364e35\System.Workflow.Activities.dll + 2009-10-26 01:16 . 2009-10-26 01:16 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089 \System.Windows.Forms.dll + 2009-10-26 01:19 . 2009-10-26 01:19 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e3 5\System.Web.Extensions.dll + 2009-10-26 01:18 . 2009-10-26 01:18 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\ System.ServiceModel.dll + 2009-10-26 01:16 . 2009-10-26 01:16 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System .Design.dll + 2009-10-26 01:13 . 2009-10-26 01:13 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\S ystem.Data.Entity.dll + 2009-10-26 01:18 . 2009-10-26 01:18 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e3 5\PresentationFramework.dll + 2009-10-26 01:16 . 2009-10-26 01:16 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web. dll + 2009-10-26 01:17 . 2009-10-26 01:17 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Dat a.dll + 2009-10-26 01:12 . 2009-10-26 01:12 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\Prese ntationCore.dll + 2009-10-26 01:16 . 2009-10-26 01:16 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2007-07-12 03:27 . 2007-07-12 03:27 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2009-10-25 12:13 . 2009-10-25 12:13 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2009-10-25 12:13 . 2009-10-25 12:13 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web. dll - 2007-07-12 03:27 . 2007-07-12 03:27 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web. dll + 2005-05-12 04:11 . 2009-10-02 15:01 25198016 c:\windows\SYSTEM32\MRT.exe + 2006-11-08 02:03 . 2009-08-29 08:08 11069440 c:\windows\SYSTEM32\ieframe.dll + 2007-05-10 16:39 . 2009-08-29 08:08 11069440 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll + 2009-08-11 01:08 . 2009-08-11 01:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninsta ll.msp + 2009-08-15 00:32 . 2009-08-15 00:32 11110912 c:\windows\Installer\2ca294f.msp + 2009-08-15 00:32 . 2009-08-15 00:32 11110912 c:\windows\Installer\2ac86d0.msp + 2009-08-10 18:09 . 2009-08-10 18:09 17254912 c:\windows\Installer\2481eab.msp + 2008-12-13 14:21 . 2008-12-13 14:21 10473472 c:\windows\Installer\20b0a9f.msp + 2009-10-25 12:27 . 2009-03-08 08:39 11063808 c:\windows\ie8updates\KB974455-IE8\ieframe.dll + 2009-10-26 12:06 . 2009-10-26 12:06 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6340625 9e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619 abbf388d590134b\System.Web.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\41460330 13edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll + 2009-10-26 12:06 . 2009-10-26 12:06 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f 7bbd7818946519ed7f\System.Design.ni.dll + 2009-10-26 12:04 . 2009-10-26 12:04 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f 47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll + 2009-10-26 12:04 . 2009-10-26 12:04 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487c bef36165b3250030e3574\PresentationCore.ni.dll + 2009-10-26 01:18 . 2009-10-26 01:18 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d6873618869 90f3ca0f49816\mscorlib.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 c:\documents and settings\Hank Chen\Start Menu\Programs\Startup\ HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-10-14 299008] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] 2004-01-13 19:17 110592 ----a-w- c:\windows\SYSTEM32\LgNotify.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Money 2006\\MNYCoreFiles\\msmoney.exe"= "c:\\Program Files\\Palm\\HOTSYNC.EXE"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASDriveMapper.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASCfg.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\HPMVTray.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\NASSelector.exe"= "c:\\Program Files\\NewTech Infosystems\\NTI Shadow 3\\shadow.exe"= "c:\\Program Files\\Hewlett-Packard\\HP Media Vault 2100\\DoTask.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 GTICARD;GTICARD;c:\windows\SYSTEM32\DRIVERS\gticard.sys [2/14/2003 4:03 PM 59328] S3 {E2B953A7-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-B;c:\windows\SYSTEM32\DRIVERS\wa301b.sys [1/1/1980 1:00 AM 33847] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11/3/2004 3:12 PM 29744] . Contents of the 'Scheduled Tasks' folder 2009-11-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1868879660-976857361-759642186-1005Core.job - c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-21 00:16] 2009-11-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1868879660-976857361-759642186-1005UA.job - c:\documents and settings\Hank Chen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-21 00:16] 2009-10-31 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-10-25 02:18] . . |
31-Oct-2009, 10:42 PM
#11 | ||||||
| Last part of the report ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {1B05AFD6-682C-4E0C-9A7A-DD3AB58CA55D} = 203.252.32.4,200.255.255.65 DPF: {41D2C0E9-DA08-4B73-B899-656371EAE058} - hxxp://hpmediavault/Webshare/ActivexDLL/PhotoLdr.cab FF - ProfilePath - c:\documents and settings\Hank Chen\Application Data\Mozilla\Firefox\Profiles\cjqlaqna.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPUploader.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - HiddenExtension: XUL Cache: {E7E29EF7-AA72-4B0C-AFF9-4B3BC55673C5} - c:\documents and settings\Hank Chen\Local Settings\Application Data\{E7E29EF7-AA72-4B0C-AFF9-4B3BC55673C5} FF - HiddenExtension: XUL Cache: {21E7E408-EE4B-4372-B8DB-9F8905EDC627} - c:\documents and settings\Fay Chen\Local Settings\Application Data\{21E7E408-EE4B-4372-B8DB-9F8905EDC627}\ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. - - - - ORPHANS REMOVED - - - - BHO-{EEA590B3-0976-7A81-25F5-0545707825B0} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-31 21:16 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1264) c:\windows\System32\LgNotify.dll - - - - - - - > 'explorer.exe'(2644) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . Completion time: 2009-11-01 21:19 ComboFix-quarantined-files.txt 2009-11-01 01:19 ComboFix2.txt 2009-10-25 01:45 ComboFix3.txt 2009-10-24 01:33 ComboFix4.txt 2007-04-29 05:35 Pre-Run: 1,699,840 bytes free Post-Run: 43,270,144 bytes free - - End Of File - - 4D73D8A011DA150B1CB130EF76F5DE34 |
02-Nov-2009, 08:37 PM
#12 | ||||||
| Did you upload that file for me? Please run the CFScript again it didn't get copy and pasted correctly. Thanks |
03-Nov-2009, 12:37 AM
#13 | ||||||
| Yes, I uploaded both files in the C:\QooBox\Quarantine folder, although they are named slightly different than you describe: [70]-Submit_2009-10-24_21.12.53 [70]-Submit_2009-10-24_21.24.09 You are correct, the script didn't seem to run correctly the first time. I re-ran it, successfully (I believe) this time. Is there anyway to post the log file without having to post it in 4 chunks due to the 30K character limitation? Here's the first part of the updated log file: ComboFix 09-11-01.04 - Hank Chen 11/02/2009 23:16.4.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.289 [GMT -5:00] Running from: c:\documents and settings\Hank Chen\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Hank Chen\Desktop\CFScript.txt FILE :: "c:\windows\ucejifoha.dll" "c:\windows\uvaxecug.dll" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\ucejifoha.dll c:\windows\uvaxecug.dll . ((((((((((((((((((((((((( Files Created from 2009-10-03 to 2009-11-03 ))))))))))))))))))))))))))))))) . 2009-11-03 03:55 . 2009-11-03 03:55 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-02 15:52 . 2009-11-02 15:52 -------- d-----w- c:\documents and settings\Fay Chen\Local Settings\Application Data\Mozilla 2009-11-02 15:52 . 2009-11-02 15:52 -------- d-sh--w- c:\documents and settings\Fay Chen\PrivacIE 2009-11-02 15:51 . 2009-11-02 15:51 -------- d-sh--w- c:\documents and settings\Fay Chen\IETldCache 2009-11-02 13:00 . 2009-11-02 13:00 -------- d-sh--w- c:\documents and settings\Hank Chen.CHENTEL2\IETldCache 2009-11-02 13:00 . 2009-11-02 13:00 -------- d--h--w- c:\documents and settings\Hank Chen.CHENTEL2\WLANProfiles 2009-11-02 13:00 . 2009-11-03 03:31 -------- d-----w- c:\documents and settings\Hank Chen.CHENTEL2 2009-11-02 12:44 . 2009-11-02 13:00 -------- d-----w- c:\documents and settings\TEMP 2009-11-01 17:09 . 2009-11-01 17:09 -------- d-----w- C:\412a1002f5adfc2f4cee 2009-10-28 00:53 . 2009-10-28 00:53 -------- d-----w- C:\8bc6ec040f871e4edc209e29 2009-10-27 11:58 . 2009-10-27 11:58 -------- d-----w- c:\documents and settings\Hank Chen\Local Settings\Application Data\PCHealth 2009-10-26 01:13 . 2009-10-26 01:13 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2009-10-26 01:12 . 2009-10-26 01:12 -------- d-----w- c:\windows\system32\XPSViewer 2009-10-26 01:12 . 2009-10-26 01:12 -------- d-----w- c:\program files\MSBuild 2009-10-26 01:12 . 2009-10-26 01:12 -------- d-----w- c:\program files\Reference Assemblies 2009-10-26 01:11 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-10-26 01:11 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-10-26 01:11 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-10-26 01:11 . 2009-10-26 01:11 -------- d-----w- C:\f1b2e36d1e2d4eced3ab 2009-10-26 01:11 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-10-26 01:11 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-10-26 01:11 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-10-26 01:11 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll 2009-10-25 12:20 . 2009-10-25 12:20 -------- d-----w- c:\windows\system32\KB905474 2009-10-25 12:20 . 2009-03-11 02:26 1403264 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe 2009-10-25 12:20 . 2009-03-11 02:18 453512 ----a-w- c:\windows\system32\KB905474\wgasetup.exe 2009-10-25 12:08 . 2009-10-25 12:27 -------- d-----w- c:\windows\ie8updates 2009-10-25 02:03 . 2009-10-25 02:03 -------- d-sh--w- c:\documents and settings\Hank Chen\PrivacIE 2009-10-25 01:46 . 2009-08-29 08:08 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-10-25 01:46 . 2009-08-29 08:08 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-10-25 01:45 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2009-10-25 01:44 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll 2009-10-21 01:03 . 2009-10-21 01:03 -------- d-----w- c:\program files\Trend Micro 2009-10-21 00:16 . 2009-11-01 00:46 -------- d-----w- c:\documents and settings\Hank Chen\Local Settings\Application Data\Temp 2009-10-20 12:17 . 2009-10-20 12:17 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2009-10-15 23:52 . 2009-10-15 23:52 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-03 04:21 . 2005-04-29 04:07 -------- d-----w- c:\documents and settings\Hank Chen\Application Data\Skype 2009-11-03 04:02 . 2009-11-03 04:02 5102 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2009-11-02 15:39 . 2004-07-28 15:56 -------- d-----w- c:\program files\Google 2009-11-02 13:00 . 2004-12-13 20:06 -------- d-----w- c:\program files\Real 2009-10-29 12:14 . 2004-08-02 14:47 58464 ----a-w- c:\documents and settings\Hank Chen\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-21 00:28 . 2004-07-27 00:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-16 01:41 . 2004-07-20 02:54 -------- d-----w- c:\program files\Java 2009-10-15 23:58 . 2004-07-27 00:06 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-09-11 14:18 . 2004-03-19 22:40 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:03 . 2004-03-30 01:48 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 08:08 . 2004-02-06 23:05 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:00 . 2004-03-19 22:43 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-05 09:01 . 2002-12-12 05:14 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2008-09-05 15:49 . 2005-05-09 13:34 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-24_01.27.54 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-03 03:57 . 2009-11-03 03:57 16384 c:\windows\Temp\Perflib_Perfdata_118.dat + 2004-03-19 22:44 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\wdigest.dll + 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\SYSTEM32\tzchange.exe + 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\SYSTEM32\TsWpfWrp.exe + 2004-03-19 22:43 . 2009-06-12 12:31 80896 c:\windows\SYSTEM32\tlntsess.exe + 2003-08-05 21:15 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\telnet.exe + 2009-10-26 01:11 . 2008-07-06 12:06 89088 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll + 2004-03-19 22:42 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\secur32.dll - 2004-03-19 22:42 . 2009-02-03 19:59 56832 c:\windows\SYSTEM32\secur32.dll + 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\SYSTEM32\PresentationHostProxy.dll + 2004-07-20 02:42 . 2009-11-03 04:02 81146 c:\windows\SYSTEM32\PERFC009.DAT + 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll + 2006-11-08 02:03 . 2009-08-29 08:08 55296 c:\windows\SYSTEM32\msfeedsbs.dll - 2006-11-08 02:03 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\msfeedsbs.dll + 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\SYSTEM32\mscories.dll - 2004-03-19 22:38 . 2009-03-08 08:33 25600 c:\windows\SYSTEM32\jsproxy.dll + 2004-03-19 22:38 . 2009-08-29 08:08 25600 c:\windows\SYSTEM32\jsproxy.dll + 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\SYSTEM32\infocardapi.dll + 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\SYSTEM32\icardres.dll + 2004-03-19 22:37 . 2009-07-29 04:37 81920 c:\windows\SYSTEM32\fontsub.dll + 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\SYSTEM32\dxva2.dll + 2004-03-19 22:38 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DRIVERS\ksecdd.sys + 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\DLLCACHE\wdigest.dll + 2009-06-12 12:31 . 2009-06-12 12:31 80896 c:\windows\SYSTEM32\DLLCACHE\tlntsess.exe + 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe + 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll - 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll - 2007-05-10 16:39 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll + 2007-05-10 16:39 . 2009-08-29 08:08 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll + 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\SYSTEM32\DLLCACHE\msasn1.dll + 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DLLCACHE\ksecdd.sys - 2006-05-10 05:22 . 2009-03-08 08:33 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll + 2006-05-10 05:22 . 2009-08-29 08:08 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll + 2009-07-29 04:37 . 2009-07-29 04:37 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll + 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll + 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll + 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\SYSTEM32\dfshim.dll + 2004-03-19 22:34 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\avifil32.dll - 2004-03-19 22:34 . 2008-04-14 00:11 84992 c:\windows\SYSTEM32\avifil32.dll - 2004-03-19 22:33 . 2008-04-14 00:11 58880 c:\windows\SYSTEM32\atl.dll + 2004-03-19 22:33 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\atl.dll + 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll + 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll + 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.d ll + 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe + 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe + 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe + 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe + 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll + 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll + 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe + 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll + 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll + 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll + 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions .dll + 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thu nk.dll - 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install. dll - 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install. dll + 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe - 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe - 2005-09-23 11:28 . 2005-09-23 11:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll - 2005-09-23 11:28 . 2005-09-23 11:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll - 2005-09-23 11:28 . 2005-09-23 11:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProce ssor.dll + 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProce ssor.dll + 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll - 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll - 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll - 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll - 2005-09-23 11:28 . 2005-09-23 11:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe - 2005-09-23 11:28 . 2005-09-23 11:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll - 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll - 2005-09-23 11:28 . 2005-09-23 11:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2008-11-25 08:59 . 2008-11-25 08:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll - 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - 2005-09-23 11:28 . 2005-09-23 11:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2009-06-24 23:56 . 2009-06-24 23:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe + 2008-05-28 04:49 . 2008-05-28 04:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - 2007-04-14 00:58 . 2007-04-14 00:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - 2007-04-14 00:57 . 2007-04-14 00:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2008-05-28 04:49 . 2008-05-28 04:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2008-05-28 04:49 . 2008-05-28 04:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2007-04-14 00:57 . 2007-04-14 00:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2008-05-28 05:30 . 2008-05-28 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2007-04-14 01:30 . 2007-04-14 01:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2008-07-25 15:16 . 2008-07-25 15:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2008-07-25 15:16 . 2008-07-25 15:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\2098a4e.msp + 2009-10-26 01:10 . 2009-10-26 01:10 88576 c:\windows\Installer\2058394.msi + 2009-10-25 12:27 . 2009-03-08 08:33 12288 c:\windows\ie8updates\KB974455-IE8\xpshims.dll + 2009-10-25 12:27 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll + 2009-10-25 12:27 . 2009-03-08 08:33 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll + 2009-10-26 01:11 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\I386\filterpipelineprintproc.dll + 2009-10-25 12:14 . 2009-10-25 12:14 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000. 0__b03f5f7f11d50a3a_29f076e8\System.Drawing.Design.dll + 2009-10-25 12:14 . 2009-10-25 12:14 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b0 3f5f7f11d50a3a_fcf75543\CustomMarshalers.dll + 2009-10-26 12:07 . 2009-10-26 12:07 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa4 42ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794 d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll + 2009-10-26 18:55 . 2009-10-26 18:55 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca174 7c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e 2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll + 2009-10-26 18:53 . 2009-10-26 18:53 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e 1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll + 2009-10-26 12:04 . 2009-10-26 12:04 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a 0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe + 2009-10-26 12:03 . 2009-10-26 12:03 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9 233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll + 2009-10-26 18:54 . 2009-10-26 18:54 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee4 1b59be62ecbd59613b\Microsoft.Vsa.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2e ab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d4 70d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll + 2009-10-26 18:52 . 2009-10-26 18:52 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d 6543b9fcc6\dfsvc.ni.exe + 2009-10-26 18:52 . 2009-10-26 18:52 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01 e5128805759121ea6c\Accessibility.ni.dll + 2009-10-26 01:12 . 2009-10-26 01:12 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364 e35\WindowsFormsIntegration.dll + 2009-10-26 01:12 . 2009-10-26 01:12 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UI AutomationTypes.dll + 2009-10-26 01:12 . 2009-10-26 01:12 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35 \UIAutomationProvider.dll + 2009-10-26 01:13 . 2009-10-26 01:13 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561 934e089\System.Windows.Presentation.dll + 2009-10-26 01:13 . 2009-10-26 01:13 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\S ystem.Web.Routing.dll + 2009-11-03 04:08 . 2009-11-03 04:08 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7 f11d50a3a\System.Web.RegularExpressions.dll + 2009-10-26 01:13 . 2009-10-26 01:13 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf385 6ad364e35\System.Web.DynamicData.Design.dll |
03-Nov-2009, 01:47 PM
#14 | ||||||
| how is everything running?? |
04-Nov-2009, 10:34 AM
#15 | ||||||
| Everything is running well now - thanks so much for your help!! A strange event did occur 2 days ago though. While shutting down the computer, a Windows update was being installed but seemed to stall so I just unplugged the computer and took out the battery. Upon reboot, it seems like the user profile got corrupted as a totally different desktop came up. I used system restore to get the computer back to where it was before, and that worked out well. After that I re-ran Combofix as you instructed and everything worked out fine after that. Separately - I am very careful with not downloading / installing anything suspicious on my computer. Any insight on what happened this time / how the malware got my on system or tips for avoiding this in the future? Again, many thanks. |
|
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
| You Are Using:  |
Advertisements do not imply our endorsement of that product or service. All times are GMT -4. The time now is 05:21 PM. Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved. |  |
Facebook
Twitter
TechGuy.tv
TSG Mobile