|
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:15, on 13/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,
O2 - BHO: MSN helper - {5D63F90D-F193-4277-B27B-FE70C9C55D6F} - wrten2.dll (file missing)
O3 - Toolbar: (no name) - {6226BA26-C017-4007-928C-DE9715C6FA67} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe (User 'Default user')
O4 - Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/j...ows-i586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: cru629.dat
O23 - Service: Alerter AlerterALG (AlerterALG) - Unknown owner - C:\WINDOWS\TEMP\korxwapbwp.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 6190 bytes
|
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31988
Loc: belfast
|
|
Please download ComboFix from Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
- Please, never rename Combofix unless instructed.
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
 
When the only tool you own is a hammer, every problem begins to look like a nail. 
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
thanx bricat, here's logs as requested!
ComboFix 09-10-13.01 - W33 K3RR 14/10/2009 12:25.5.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1919.1494 [GMT 1:00]
Running from: c:\documents and settings\W33 K3RR\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD0EC-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00FC-0D24-347CA8A3377C}
AV: Freedom *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\W33 K3RR\Application Data\wujurekop.reg
c:\documents and settings\W33 K3RR\Start Menu\Programs\Startup\runit_32.lnk
c:\program files\Common Files\yqyrycuguv.vbs
c:\windows\Fonts\acrsec.fon
c:\windows\Installer\ce00b3.msp
c:\windows\system32\c2d.dat
c:\windows\system32\drivers\SKYNETuwykmoth.sys
c:\windows\system32\idm.dat
c:\windows\system32\jc.dat
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\migoc.inf
c:\windows\system32\q1.dat
c:\windows\system32\sdra64.exe
c:\windows\system32\SKYNETbgrftjcb.dat
c:\windows\system32\SKYNETecqfpmts.dll
c:\windows\system32\SKYNETetxfqulv.dll
c:\windows\system32\SKYNETiginetjk.dll
c:\windows\system32\SKYNETihyxwbwa.dat
c:\windows\system32\SKYNETqgoeyjuu.dll
c:\windows\system32\SKYNETqhxftewt.dll
c:\windows\system32\SKYNETtkibmkxq.dll
c:\windows\system32\SKYNETxyffjyvk.dll
c:\windows\vvuxq62447.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SKYNETxrxumepx
-------\Legacy_SKYNETxrxumepx
-------\Legacy_MSDVDR
((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
.
2009-09-29 21:40 . 2009-09-29 21:40 1 ----a-w- c:\windows\system32\xd.dat
2009-09-29 19:49 . 2009-09-29 19:49 46080 ----a-w- c:\windows\system32\wrten2.dll
2009-09-29 19:47 . 2009-09-29 19:47 46080 ----a-w- c:\windows\system32\wtmet1.dll
2009-09-24 13:33 . 2009-09-24 13:33 44032 ----a-w- c:\windows\system32\kmf0.dll
2009-09-22 09:29 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2009-09-22 09:27 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\scripting
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\l2schemas
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\en
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\bits
2009-09-22 09:09 . 2009-09-22 09:09 -------- d-----w- c:\windows\EHome
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-14 11:38 . 2009-01-20 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-14 11:35 . 2009-01-20 12:33 565280 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-14 11:35 . 2009-01-20 12:33 3211296 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-14 11:35 . 2009-01-20 12:33 3012 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-14 11:35 . 2009-01-20 12:33 26168 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-14 11:11 . 2008-04-20 17:16 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-14 02:00 . 2008-03-02 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-07 22:16 . 2009-05-14 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\LimeWire
2009-09-22 12:05 . 2009-01-20 12:34 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-09-22 12:05 . 2009-01-20 12:34 107547 ----a-w- c:\windows\system32\drivers\klin.dat
2009-09-18 20:48 . 2009-07-01 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-12 13:42 . 2009-09-12 13:42 16078 ----a-w- c:\windows\latalak.sys
2009-09-12 13:42 . 2009-09-12 13:42 15926 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
2009-09-12 13:42 . 2009-09-12 13:42 15115 ----a-w- c:\windows\wenylunoxa.com
2009-09-12 13:42 . 2009-09-12 13:42 13857 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
2009-09-12 13:42 . 2009-09-12 13:42 12355 ----a-w- c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11881 ----a-w- c:\documents and settings\All Users\Application Data\ytuwopi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11454 ----a-w- c:\program files\Common Files\inurik.dll
2009-09-12 13:42 . 2009-09-12 13:42 11012 ----a-w- c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
2009-09-12 13:42 . 2009-09-12 13:42 10399 ----a-w- c:\documents and settings\All Users\Application Data\tyzupu.bin
2009-09-06 22:52 . 2008-06-24 14:31 111968 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-06 22:51 . 2009-03-17 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\GetRightToGo
2009-09-06 22:46 . 2007-08-31 17:07 -------- d-----w- c:\program files\Microsoft Works
2009-09-06 22:45 . 2009-09-06 22:45 -------- d-----w- c:\program files\Microsoft.NET
2009-09-06 22:17 . 2005-09-14 18:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\MSBuild
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\Reference Assemblies
2009-08-22 17:18 . 2009-08-22 17:18 -------- d-----w- c:\program files\MSXML 6.0
2009-08-06 18:24 . 2004-08-10 15:56 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2004-08-10 15:56 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2005-05-26 03:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2004-08-10 15:56 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2004-08-10 15:56 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2004-08-10 15:37 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2004-08-10 15:56 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-03-05 15:33 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2007-03-05 15:33 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2004-08-10 15:56 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-10 15:38 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:37 . 2004-08-10 15:38 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2004-08-10 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 18:55 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\atl.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-05-27 1573104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-14 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-06 201992]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\LimeWire Gold\\LimeWireGold.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 19:29 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 20:02 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [25/03/2008 21:07 24592]
S2 AlerterALG;Alerter AlerterALG;c:\windows\TEMP\korxwapbwp.exe service --> c:\windows\TEMP\korxwapbwp.exe service [?]
S3 bfastfao;bfastfao;\??\c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys --> c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys [?]
S4 Radialpoint Security Services;Virgin Broadband PCguard;c:\windows\system32\dllhost.exe [10/08/2004 16:37 5120]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D07CDF07-B01D-4A9E-BEF4-0A1BA518203B}]
rundll32 wrten2.dll,laspi
.
Contents of the 'Scheduled Tasks' folder
2009-10-14 c:\windows\Tasks\HDReg.job
- c:\apps\HDReg\HDRegRem.exe [2005-09-14 10:14]
2009-10-14 c:\windows\Tasks\User_Feed_Synchronization-{DBB51C1C-E6BF-40D9-BCDE-B8F49ABDF1F5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 18:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
.
- - - - ORPHANS REMOVED - - - -
BHO-{5D63F90D-F193-4277-B27B-FE70C9C55D6F} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-14 12:37
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1244)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll
- - - - - - - > 'explorer.exe'(2928)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\UAService7.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-10-14 12:43 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-14 11:43
ComboFix2.txt 2009-01-16 22:03
Pre-Run: 165,338,972,160 bytes free
Post-Run: 165,028,720,640 bytes free
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
226 --- E O F --- 2009-10-14 02:00
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:15:38, on 14/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: (no name) - {5D63F90D-F193-4277-B27B-FE70C9C55D6F} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/j...ows-i586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Alerter AlerterALG (AlerterALG) - Unknown owner - C:\WINDOWS\TEMP\korxwapbwp.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 5807 bytes
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31988
Loc: belfast
|
|
Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open *notepad* and copy/paste the text in the quotebox below into it:
Quote:
Killall::
File::
c:\windows\system32\xd.dat
c:\windows\system32\wrten2.dll
c:\windows\system32\wtmet1.dll
c:\windows\system32\kmf0.dll
c:\windows\latalak.sys
c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
c:\windows\wenylunoxa.com
c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
c:\documents and settings\All Users\Application Data\ytuwopi.dll
c:\program files\Common Files\inurik.dll
c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
c:\documents and settings\All Users\Application Data\tyzupu.bin
c:\windows\TEMP\korxwapbwp.exe
c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys
Driver::
AlerterALG
bfastfao
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D07CDF07-B01D-4A9E-BEF4-0A1BA518203B}]
Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.
Referring to the picture above, drag CFScript.txt into ComboFix.exe.
This will start ComboFix again.(it may ask you to reboot your computer)
When finished, it shall produce a log for you at C:\ComboFix.txt
Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please and
let me know how it is running.
*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
Thx again bricat, done as u asked and here's the results!
ComboFix 09-10-13.01 - W33 K3RR 15/10/2009 14:38.6.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1919.1482 [GMT 1:00]
Running from: c:\documents and settings\W33 K3RR\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\W33 K3RR\Desktop\CFScript.txt.shs
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD0EC-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00FC-0D24-347CA8A3377C}
AV: Freedom *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((( Files Created from 2009-09-15 to 2009-10-15 )))))))))))))))))))))))))))))))
.
2009-10-14 16:01 . 2009-10-14 16:01 -------- d-----w- c:\program files\Microsoft
2009-09-29 21:40 . 2009-09-29 21:40 1 ----a-w- c:\windows\system32\xd.dat
2009-09-29 19:49 . 2009-09-29 19:49 46080 ----a-w- c:\windows\system32\wrten2.dll
2009-09-29 19:47 . 2009-09-29 19:47 46080 ----a-w- c:\windows\system32\wtmet1.dll
2009-09-24 13:33 . 2009-09-24 13:33 44032 ----a-w- c:\windows\system32\kmf0.dll
2009-09-22 09:29 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2009-09-22 09:27 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\scripting
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\l2schemas
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\en
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\bits
2009-09-22 09:09 . 2009-09-22 09:09 -------- d-----w- c:\windows\EHome
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-15 13:34 . 2009-01-20 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-15 13:31 . 2009-01-20 12:33 606240 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-15 13:31 . 2009-01-20 12:33 3211296 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-15 13:31 . 2009-01-20 12:33 3152 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-15 13:31 . 2009-01-20 12:33 26168 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-15 02:08 . 2008-03-02 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-14 12:58 . 2009-01-20 12:34 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 12:58 . 2009-01-20 12:34 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 11:11 . 2008-04-20 17:16 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-07 22:16 . 2009-05-14 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\LimeWire
2009-09-18 20:48 . 2009-07-01 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-12 13:42 . 2009-09-12 13:42 16078 ----a-w- c:\windows\latalak.sys
2009-09-12 13:42 . 2009-09-12 13:42 15926 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
2009-09-12 13:42 . 2009-09-12 13:42 15115 ----a-w- c:\windows\wenylunoxa.com
2009-09-12 13:42 . 2009-09-12 13:42 13857 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
2009-09-12 13:42 . 2009-09-12 13:42 12355 ----a-w- c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11881 ----a-w- c:\documents and settings\All Users\Application Data\ytuwopi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11454 ----a-w- c:\program files\Common Files\inurik.dll
2009-09-12 13:42 . 2009-09-12 13:42 11012 ----a-w- c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
2009-09-12 13:42 . 2009-09-12 13:42 10399 ----a-w- c:\documents and settings\All Users\Application Data\tyzupu.bin
2009-09-11 14:18 . 2004-08-10 15:38 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 22:52 . 2008-06-24 14:31 111968 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-06 22:51 . 2009-03-17 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\GetRightToGo
2009-09-06 22:46 . 2007-08-31 17:07 -------- d-----w- c:\program files\Microsoft Works
2009-09-06 22:45 . 2009-09-06 22:45 -------- d-----w- c:\program files\Microsoft.NET
2009-09-06 22:17 . 2005-09-14 18:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-04 21:03 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-10 15:38 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-10 15:37 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-10 15:37 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-10 15:38 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\MSBuild
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\Reference Assemblies
2009-08-22 17:18 . 2009-08-22 17:18 -------- d-----w- c:\program files\MSXML 6.0
2009-08-06 18:24 . 2004-08-10 15:56 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2004-08-10 15:56 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2005-05-26 03:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2004-08-10 15:56 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2004-08-10 15:56 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2004-08-10 15:37 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2004-08-10 15:56 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-03-05 15:33 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2007-03-05 15:33 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2004-08-10 15:56 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-10 15:38 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 19:44 . 2004-08-10 15:38 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 21:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2004-08-10 15:38 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2004-08-10 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-26 15:44 . 2009-07-26 15:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 18:55 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22 . 2004-08-10 15:38 1435648 ----a-w- c:\windows\system32\query.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-14_11.38.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-13 14:51 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2008-04-13 14:51 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 44544 c:\windows\system32\pngfilt.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-10 15:38 . 2009-10-15 02:10 73136 c:\windows\system32\perfc009.dat
+ 2006-11-07 21:03 . 2009-08-29 07:36 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 27648 c:\windows\system32\jsproxy.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
+ 2006-11-07 03:26 . 2009-08-28 10:28 13824 c:\windows\system32\ieudinit.exe
- 2006-11-07 03:26 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
- 2004-08-10 15:37 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 44544 c:\windows\system32\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-28 10:28 70656 c:\windows\system32\ie4uinit.exe
- 2004-08-10 15:37 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
+ 2006-10-17 11:58 . 2009-08-29 07:36 63488 c:\windows\system32\icardie.dll
- 2006-10-17 11:58 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2007-05-09 23:35 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-05-09 23:35 . 2009-08-28 10:28 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-10 15:37 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 15:37 . 2009-08-28 10:28 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-10 15:37 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-10-10 23:55 . 2009-08-29 07:36 63488 c:\windows\system32\dllcache\icardie.dll
- 2007-10-10 23:55 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2006-10-17 12:03 . 2009-08-29 07:36 17408 c:\windows\system32\dllcache\corpol.dll
- 2006-10-17 12:03 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-12-31 04:52 . 2009-10-15 12:08 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-12-31 04:52 . 2009-10-14 11:24 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-10-15 02:28 . 2009-10-15 12:08 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-13 20:58 . 2007-04-13 20:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-13 21:30 . 2007-04-13 21:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2009-10-14 16:01 . 2009-10-14 16:01 27136 c:\windows\Installer\f335a5.msi
+ 2009-10-14 16:01 . 2009-10-14 16:01 83456 c:\windows\Installer\f3359d.msi
+ 2009-10-14 16:02 . 2009-10-14 16:02 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-09-06 22:05 . 2009-10-15 02:03 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
- 2009-09-06 22:05 . 2009-09-09 22:26 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2006-10-26 20:17 . 2006-10-26 20:17 11072 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 87344 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2009-10-15 02:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\pngfilt.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 52224 c:\windows\ie7updates\KB974455-IE7\msfeedsbs.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 27648 c:\windows\ie7updates\KB974455-IE7\jsproxy.dll
+ 2009-10-15 02:04 . 2009-06-29 11:07 13824 c:\windows\ie7updates\KB974455-IE7\ieudinit.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\iernonce.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 78336 c:\windows\ie7updates\KB974455-IE7\ieencode.dll
+ 2009-10-15 02:04 . 2009-06-29 11:07 70656 c:\windows\ie7updates\KB974455-IE7\ie4uinit.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 63488 c:\windows\ie7updates\KB974455-IE7\icardie.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 17408 c:\windows\ie7updates\KB974455-IE7\corpol.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_0c6b0d1d\System.Drawing.Design.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_33d322ae\CustomMarshalers.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2009-10-15 02:12 . 2009-10-15 02:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-22 17:24 . 2009-08-22 17:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-22 17:24 . 2009-08-22 17:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-10 15:38 . 2009-04-01 22:02 604160 c:\windows\system32\wmspdmod.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 233472 c:\windows\system32\webcheck.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 105984 c:\windows\system32\url.dll
+ 2004-08-10 15:38 . 2009-10-15 02:10 447512 c:\windows\system32\perfh009.dat
- 2004-08-10 15:38 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 102912 c:\windows\system32\occache.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 671232 c:\windows\system32\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 193024 c:\windows\system32\msrating.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 477696 c:\windows\system32\mshtmled.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 459264 c:\windows\system32\msfeeds.dll
- 2006-10-17 11:57 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2006-10-17 11:57 . 2009-08-29 07:36 268288 c:\windows\system32\iertutil.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 385024 c:\windows\system32\iedkcs32.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll
- 2006-10-17 11:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 11:27 . 2009-08-29 07:36 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-10 15:37 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
+ 2004-08-10 15:37 . 2009-08-27 05:18 161792 c:\windows\system32\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 153088 c:\windows\system32\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-10 15:38 . 2009-04-01 22:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 832512 c:\windows\system32\dllcache\wininet.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 233472 c:\windows\system32\dllcache\webcheck.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2006-10-17 12:05 . 2009-08-29 07:36 105984 c:\windows\system32\dllcache\url.dll
- 2006-10-17 12:05 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-10 15:38 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2004-08-10 15:38 . 2008-10-03 10:15 247326 c:\windows\system32\dllcache\strmdll.dll
- 2006-10-17 12:04 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
+ 2006-10-17 12:04 . 2009-08-29 07:36 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2006-10-17 12:04 . 2009-08-27 05:18 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-05-09 23:35 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-10 15:37 . 2009-08-27 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 133120 c:\windows\system32\dllcache\extmgr.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-11-07 03:26 . 2009-08-29 07:36 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-11-07 03:26 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 124928 c:\windows\system32\advpack.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 20:58 . 2007-04-13 20:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 20:56 . 2007-04-13 20:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2007-04-13 21:30 . 2007-04-13 21:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-10-14 16:02 . 2009-10-14 16:02 430080 c:\windows\Installer\f335cd.msi
+ 2009-10-14 16:01 . 2009-10-14 16:01 155648 c:\windows\Installer\f335b1.msi
+ 2009-09-06 22:49 . 2009-10-15 02:08 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2009-09-06 22:05 . 2009-10-15 02:02 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-09-06 22:05 . 2009-09-09 22:26 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-10-27 14:23 . 2006-10-27 14:23 347432 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-26 19:55 . 2006-10-26 19:55 272744 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 263520 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 19:09 . 2006-10-26 19:09 590144 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 624456 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 413472 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-26 19:09 . 2006-10-26 19:09 136008 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 248632 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 465200 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 14:16 . 2006-10-27 14:16 176976 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 594256 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-26 19:34 . 2006-10-26 19:34 192848 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-26 19:34 . 2006-10-26 19:34 660792 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 497504 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 340248 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 133936 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2009-10-15 02:04 . 2009-06-29 16:12 827392 c:\windows\ie7updates\KB974455-IE7\wininet.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 233472 c:\windows\ie7updates\KB974455-IE7\webcheck.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 105984 c:\windows\ie7updates\KB974455-IE7\url.dll
+ 2009-10-15 02:04 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB974455-IE7\spuninst\updspapi.dll
+ 2009-10-15 02:04 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB974455-IE7\spuninst\spuninst.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 102912 c:\windows\ie7updates\KB974455-IE7\occache.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 671232 c:\windows\ie7updates\KB974455-IE7\mstime.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 193024 c:\windows\ie7updates\KB974455-IE7\msrating.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 477696 c:\windows\ie7updates\KB974455-IE7\mshtmled.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 459264 c:\windows\ie7updates\KB974455-IE7\msfeeds.dll
+ 2009-10-15 02:04 . 2009-06-29 08:35 634632 c:\windows\ie7updates\KB974455-IE7\iexplore.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 268288 c:\windows\ie7updates\KB974455-IE7\iertutil.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 385024 c:\windows\ie7updates\KB974455-IE7\iedkcs32.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 380928 c:\windows\ie7updates\KB974455-IE7\ieapfltr.dll
+ 2009-10-15 02:04 . 2009-06-29 08:33 161792 c:\windows\ie7updates\KB974455-IE7\ieakui.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 230400 c:\windows\ie7updates\KB974455-IE7\ieaksie.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 153088 c:\windows\ie7updates\KB974455-IE7\ieakeng.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 133120 c:\windows\ie7updates\KB974455-IE7\extmgr.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 214528 c:\windows\ie7updates\KB974455-IE7\dxtrans.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 347136 c:\windows\ie7updates\KB974455-IE7\dxtmsft.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 124928 c:\windows\ie7updates\KB974455-IE7\advpack.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2b24bd73\System.Drawing.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fb4d0ff3\System.Drawing.Design.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_d48a4fbc\CustomMarshalers.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2009-10-15 02:13 . 2009-10-15 02:13 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2009-10-15 02:12 . 2009-10-15 02:12 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 250928 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2009-10-14 16:13 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 3598336 c:\windows\system32\mshtml.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 6067200 c:\windows\system32\ieframe.dll
- 2006-11-07 21:03 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll
+ 2006-07-25 20:33 . 2009-08-29 07:36 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-09-22 09:28 . 2009-08-04 19:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-09-22 09:28 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-09-22 09:28 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-07 18:02 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-07 18:02 . 2009-02-07 18:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-09-22 09:28 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-09-22 09:28 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-07-28 11:28 . 2009-08-29 07:36 3598336 c:\windows\system32\dllcache\mshtml.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2007-05-09 23:35 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2008-11-25 03:59 . 2008-11-25 03:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 21:35 . 2007-04-13 21:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 21:35 . 2007-04-13 21:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 20:50 . 2007-04-13 20:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-03-30 21:20 . 2007-03-30 21:20 5800960 c:\windows\Installer\21f8fea.msp
+ 2008-04-11 17:08 . 2008-04-11 17:08 6302720 c:\windows\Installer\21f8f79.msp
+ 2008-04-11 17:48 . 2008-04-11 17:48 6774272 c:\windows\Installer\21f8f3c.msp
+ 2009-09-18 08:30 . 2009-09-18 08:30 5016576 c:\windows\Installer\21f8f27.msp
+ 2009-09-29 08:08 . 2009-09-29 08:08 6747648 c:\windows\Installer\21f8f14.msp
+ 2007-06-01 14:54 . 2007-06-01 14:54 9626624 c:\windows\Installer\21f8ee2.msp
+ 2009-09-06 22:49 . 2009-10-15 02:08 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-10-27 14:04 . 2006-10-27 14:04 7980848 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 2939704 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-27 14:18 . 2006-10-27 14:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 19:42 . 2006-10-26 19:42 8423224 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 9581360 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2009-10-15 02:04 . 2009-06-29 16:12 1159680 c:\windows\ie7updates\KB974455-IE7\urlmon.dll
+ 2009-10-15 02:04 . 2009-07-19 13:33 3597824 c:\windows\ie7updates\KB974455-IE7\mshtml.dll
+ 2009-10-15 02:04 . 2009-07-19 13:32 6067200 c:\windows\ie7updates\KB974455-IE7\ieframe.dll
+ 2009-09-22 09:28 . 2009-08-04 19:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-09-22 09:28 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-09-22 09:28 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-07 18:02 . 2009-02-07 18:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-07 18:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-09-22 09:28 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-09-22 09:28 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-15 02:03 . 2009-10-15 02:03 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_87aa0b29\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_250ec89f\System.dll
+ 2009-10-15 02:02 . 2009-10-1
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
hink this is full log
ComboFix 09-10-13.01 - W33 K3RR 15/10/2009 14:38.6.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1919.1482 [GMT 1:00]
Running from: c:\documents and settings\W33 K3RR\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\W33 K3RR\Desktop\CFScript.txt.shs
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD0EC-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00FC-0D24-347CA8A3377C}
AV: Freedom *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((( Files Created from 2009-09-15 to 2009-10-15 )))))))))))))))))))))))))))))))
.
2009-10-14 16:01 . 2009-10-14 16:01 -------- d-----w- c:\program files\Microsoft
2009-09-29 21:40 . 2009-09-29 21:40 1 ----a-w- c:\windows\system32\xd.dat
2009-09-29 19:49 . 2009-09-29 19:49 46080 ----a-w- c:\windows\system32\wrten2.dll
2009-09-29 19:47 . 2009-09-29 19:47 46080 ----a-w- c:\windows\system32\wtmet1.dll
2009-09-24 13:33 . 2009-09-24 13:33 44032 ----a-w- c:\windows\system32\kmf0.dll
2009-09-22 09:29 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2009-09-22 09:27 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\scripting
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\l2schemas
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\en
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\bits
2009-09-22 09:09 . 2009-09-22 09:09 -------- d-----w- c:\windows\EHome
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-15 13:34 . 2009-01-20 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-15 13:31 . 2009-01-20 12:33 606240 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-15 13:31 . 2009-01-20 12:33 3211296 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-15 13:31 . 2009-01-20 12:33 3152 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-15 13:31 . 2009-01-20 12:33 26168 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-15 02:08 . 2008-03-02 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-14 12:58 . 2009-01-20 12:34 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 12:58 . 2009-01-20 12:34 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 11:11 . 2008-04-20 17:16 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-07 22:16 . 2009-05-14 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\LimeWire
2009-09-18 20:48 . 2009-07-01 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-12 13:42 . 2009-09-12 13:42 16078 ----a-w- c:\windows\latalak.sys
2009-09-12 13:42 . 2009-09-12 13:42 15926 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
2009-09-12 13:42 . 2009-09-12 13:42 15115 ----a-w- c:\windows\wenylunoxa.com
2009-09-12 13:42 . 2009-09-12 13:42 13857 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
2009-09-12 13:42 . 2009-09-12 13:42 12355 ----a-w- c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11881 ----a-w- c:\documents and settings\All Users\Application Data\ytuwopi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11454 ----a-w- c:\program files\Common Files\inurik.dll
2009-09-12 13:42 . 2009-09-12 13:42 11012 ----a-w- c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
2009-09-12 13:42 . 2009-09-12 13:42 10399 ----a-w- c:\documents and settings\All Users\Application Data\tyzupu.bin
2009-09-11 14:18 . 2004-08-10 15:38 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 22:52 . 2008-06-24 14:31 111968 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-06 22:51 . 2009-03-17 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\GetRightToGo
2009-09-06 22:46 . 2007-08-31 17:07 -------- d-----w- c:\program files\Microsoft Works
2009-09-06 22:45 . 2009-09-06 22:45 -------- d-----w- c:\program files\Microsoft.NET
2009-09-06 22:17 . 2005-09-14 18:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-04 21:03 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-10 15:38 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-10 15:37 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-10 15:37 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-10 15:38 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\MSBuild
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\Reference Assemblies
2009-08-22 17:18 . 2009-08-22 17:18 -------- d-----w- c:\program files\MSXML 6.0
2009-08-06 18:24 . 2004-08-10 15:56 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2004-08-10 15:56 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2005-05-26 03:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2004-08-10 15:56 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2004-08-10 15:56 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2004-08-10 15:37 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2004-08-10 15:56 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-03-05 15:33 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2007-03-05 15:33 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2004-08-10 15:56 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-10 15:38 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 19:44 . 2004-08-10 15:38 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 21:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2004-08-10 15:38 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2004-08-10 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-26 15:44 . 2009-07-26 15:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 18:55 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22 . 2004-08-10 15:38 1435648 ----a-w- c:\windows\system32\query.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-14_11.38.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-13 14:51 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2008-04-13 14:51 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 44544 c:\windows\system32\pngfilt.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-10 15:38 . 2009-10-15 02:10 73136 c:\windows\system32\perfc009.dat
+ 2006-11-07 21:03 . 2009-08-29 07:36 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 27648 c:\windows\system32\jsproxy.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
+ 2006-11-07 03:26 . 2009-08-28 10:28 13824 c:\windows\system32\ieudinit.exe
- 2006-11-07 03:26 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
- 2004-08-10 15:37 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 44544 c:\windows\system32\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-28 10:28 70656 c:\windows\system32\ie4uinit.exe
- 2004-08-10 15:37 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
+ 2006-10-17 11:58 . 2009-08-29 07:36 63488 c:\windows\system32\icardie.dll
- 2006-10-17 11:58 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2007-05-09 23:35 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-05-09 23:35 . 2009-08-28 10:28 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-10 15:37 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 15:37 . 2009-08-28 10:28 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-10 15:37 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-10-10 23:55 . 2009-08-29 07:36 63488 c:\windows\system32\dllcache\icardie.dll
- 2007-10-10 23:55 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2006-10-17 12:03 . 2009-08-29 07:36 17408 c:\windows\system32\dllcache\corpol.dll
- 2006-10-17 12:03 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-12-31 04:52 . 2009-10-15 12:08 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-12-31 04:52 . 2009-10-14 11:24 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-10-15 02:28 . 2009-10-15 12:08 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-13 20:58 . 2007-04-13 20:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-13 21:30 . 2007-04-13 21:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2009-10-14 16:01 . 2009-10-14 16:01 27136 c:\windows\Installer\f335a5.msi
+ 2009-10-14 16:01 . 2009-10-14 16:01 83456 c:\windows\Installer\f3359d.msi
+ 2009-10-14 16:02 . 2009-10-14 16:02 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-09-06 22:05 . 2009-10-15 02:03 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
- 2009-09-06 22:05 . 2009-09-09 22:26 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2006-10-26 20:17 . 2006-10-26 20:17 11072 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 87344 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2009-10-15 02:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\pngfilt.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 52224 c:\windows\ie7updates\KB974455-IE7\msfeedsbs.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 27648 c:\windows\ie7updates\KB974455-IE7\jsproxy.dll
+ 2009-10-15 02:04 . 2009-06-29 11:07 13824 c:\windows\ie7updates\KB974455-IE7\ieudinit.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\iernonce.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 78336 c:\windows\ie7updates\KB974455-IE7\ieencode.dll
+ 2009-10-15 02:04 . 2009-06-29 11:07 70656 c:\windows\ie7updates\KB974455-IE7\ie4uinit.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 63488 c:\windows\ie7updates\KB974455-IE7\icardie.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 17408 c:\windows\ie7updates\KB974455-IE7\corpol.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_0c6b0d1d\System.Drawing.Design.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_33d322ae\CustomMarshalers.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2009-10-15 02:12 . 2009-10-15 02:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-22 17:24 . 2009-08-22 17:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-22 17:24 . 2009-08-22 17:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-10 15:38 . 2009-04-01 22:02 604160 c:\windows\system32\wmspdmod.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 233472 c:\windows\system32\webcheck.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 105984 c:\windows\system32\url.dll
+ 2004-08-10 15:38 . 2009-10-15 02:10 447512 c:\windows\system32\perfh009.dat
- 2004-08-10 15:38 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 102912 c:\windows\system32\occache.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 671232 c:\windows\system32\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 193024 c:\windows\system32\msrating.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 477696 c:\windows\system32\mshtmled.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 459264 c:\windows\system32\msfeeds.dll
- 2006-10-17 11:57 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2006-10-17 11:57 . 2009-08-29 07:36 268288 c:\windows\system32\iertutil.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 385024 c:\windows\system32\iedkcs32.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll
- 2006-10-17 11:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 11:27 . 2009-08-29 07:36 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-10 15:37 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
+ 2004-08-10 15:37 . 2009-08-27 05:18 161792 c:\windows\system32\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 153088 c:\windows\system32\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-10 15:38 . 2009-04-01 22:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 832512 c:\windows\system32\dllcache\wininet.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 233472 c:\windows\system32\dllcache\webcheck.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2006-10-17 12:05 . 2009-08-29 07:36 105984 c:\windows\system32\dllcache\url.dll
- 2006-10-17 12:05 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-10 15:38 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2004-08-10 15:38 . 2008-10-03 10:15 247326 c:\windows\system32\dllcache\strmdll.dll
- 2006-10-17 12:04 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
+ 2006-10-17 12:04 . 2009-08-29 07:36 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2006-10-17 12:04 . 2009-08-27 05:18 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-05-09 23:35 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-10 15:37 . 2009-08-27 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 133120 c:\windows\system32\dllcache\extmgr.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-11-07 03:26 . 2009-08-29 07:36 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-11-07 03:26 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 124928 c:\windows\system32\advpack.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 20:58 . 2007-04-13 20:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 20:56 . 2007-04-13 20:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2007-04-13 21:30 . 2007-04-13 21:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-10-14 16:02 . 2009-10-14 16:02 430080 c:\windows\Installer\f335cd.msi
+ 2009-10-14 16:01 . 2009-10-14 16:01 155648 c:\windows\Installer\f335b1.msi
+ 2009-09-06 22:49 . 2009-10-15 02:08 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2009-09-06 22:05 . 2009-10-15 02:02 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-09-06 22:05 . 2009-09-09 22:26 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-10-27 14:23 . 2006-10-27 14:23 347432 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-26 19:55 . 2006-10-26 19:55 272744 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 263520 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 19:09 . 2006-10-26 19:09 590144 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 624456 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 413472 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-26 19:09 . 2006-10-26 19:09 136008 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 248632 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 465200 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 14:16 . 2006-10-27 14:16 176976 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 594256 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-26 19:34 . 2006-10-26 19:34 192848 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-26 19:34 . 2006-10-26 19:34 660792 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 497504 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 340248 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 133936 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2009-10-15 02:04 . 2009-06-29 16:12 827392 c:\windows\ie7updates\KB974455-IE7\wininet.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 233472 c:\windows\ie7updates\KB974455-IE7\webcheck.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 105984 c:\windows\ie7updates\KB974455-IE7\url.dll
+ 2009-10-15 02:04 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB974455-IE7\spuninst\updspapi.dll
+ 2009-10-15 02:04 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB974455-IE7\spuninst\spuninst.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 102912 c:\windows\ie7updates\KB974455-IE7\occache.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 671232 c:\windows\ie7updates\KB974455-IE7\mstime.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 193024 c:\windows\ie7updates\KB974455-IE7\msrating.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 477696 c:\windows\ie7updates\KB974455-IE7\mshtmled.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 459264 c:\windows\ie7updates\KB974455-IE7\msfeeds.dll
+ 2009-10-15 02:04 . 2009-06-29 08:35 634632 c:\windows\ie7updates\KB974455-IE7\iexplore.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 268288 c:\windows\ie7updates\KB974455-IE7\iertutil.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 385024 c:\windows\ie7updates\KB974455-IE7\iedkcs32.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 380928 c:\windows\ie7updates\KB974455-IE7\ieapfltr.dll
+ 2009-10-15 02:04 . 2009-06-29 08:33 161792 c:\windows\ie7updates\KB974455-IE7\ieakui.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 230400 c:\windows\ie7updates\KB974455-IE7\ieaksie.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 153088 c:\windows\ie7updates\KB974455-IE7\ieakeng.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 133120 c:\windows\ie7updates\KB974455-IE7\extmgr.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 214528 c:\windows\ie7updates\KB974455-IE7\dxtrans.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 347136 c:\windows\ie7updates\KB974455-IE7\dxtmsft.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 124928 c:\windows\ie7updates\KB974455-IE7\advpack.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2b24bd73\System.Drawing.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fb4d0ff3\System.Drawing.Design.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_d48a4fbc\CustomMarshalers.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2009-10-15 02:13 . 2009-10-15 02:13 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2009-10-15 02:12 . 2009-10-15 02:12 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 250928 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2009-10-14 16:13 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 3598336 c:\windows\system32\mshtml.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 6067200 c:\windows\system32\ieframe.dll
- 2006-11-07 21:03 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll
+ 2006-07-25 20:33 . 2009-08-29 07:36 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-09-22 09:28 . 2009-08-04 19:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-09-22 09:28 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-09-22 09:28 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-07 18:02 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-07 18:02 . 2009-02-07 18:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-09-22 09:28 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-09-22 09:28 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-07-28 11:28 . 2009-08-29 07:36 3598336 c:\windows\system32\dllcache\mshtml.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2007-05-09 23:35 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2008-11-25 03:59 . 2008-11-25 03:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 21:35 . 2007-04-13 21:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 21:35 . 2007-04-13 21:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 20:50 . 2007-04-13 20:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-03-30 21:20 . 2007-03-30 21:20 5800960 c:\windows\Installer\21f8fea.msp
+ 2008-04-11 17:08 . 2008-04-11 17:08 6302720 c:\windows\Installer\21f8f79.msp
+ 2008-04-11 17:48 . 2008-04-11 17:48 6774272 c:\windows\Installer\21f8f3c.msp
+ 2009-09-18 08:30 . 2009-09-18 08:30 5016576 c:\windows\Installer\21f8f27.msp
+ 2009-09-29 08:08 . 2009-09-29 08:08 6747648 c:\windows\Installer\21f8f14.msp
+ 2007-06-01 14:54 . 2007-06-01 14:54 9626624 c:\windows\Installer\21f8ee2.msp
+ 2009-09-06 22:49 . 2009-10-15 02:08 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-10-27 14:04 . 2006-10-27 14:04 7980848 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 2939704 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-27 14:18 . 2006-10-27 14:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 19:42 . 2006-10-26 19:42 8423224 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 9581360 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2009-10-15 02:04 . 2009-06-29 16:12 1159680 c:\windows\ie7updates\KB974455-IE7\urlmon.dll
+ 2009-10-15 02:04 . 2009-07-19 13:33 3597824 c:\windows\ie7updates\KB974455-IE7\mshtml.dll
+ 2009-10-15 02:04 . 2009-07-19 13:32 6067200 c:\windows\ie7updates\KB974455-IE7\ieframe.dll
+ 2009-09-22 09:28 . 2009-08-04 19:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-09-22 09:28 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-09-22 09:28 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-07 18:02 . 2009-02-07 18:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-07 18:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-09-22 09:28 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-09-22 09:28 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-15 02:03 . 2009-10-15 02:03 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_87aa0b29\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_250ec89f\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 2088960 c:\windows\as
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
Ahd HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:52:34, on 15/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: (no name) - {5D63F90D-F193-4277-B27B-FE70C9C55D6F} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/j...ows-i586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Alerter AlerterALG (AlerterALG) - Unknown owner - C:\WINDOWS\TEMP\korxwapbwp.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 5456 bytes
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
ComboFix 09-10-13.01 - W33 K3RR 15/10/2009 14:38.6.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1919.1482 [GMT 1:00]
Running from: c:\documents and settings\W33 K3RR\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\W33 K3RR\Desktop\CFScript.txt.shs
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD0EC-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00FC-0D24-347CA8A3377C}
AV: Freedom *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((( Files Created from 2009-09-15 to 2009-10-15 )))))))))))))))))))))))))))))))
.
2009-10-14 16:01 . 2009-10-14 16:01 -------- d-----w- c:\program files\Microsoft
2009-09-29 21:40 . 2009-09-29 21:40 1 ----a-w- c:\windows\system32\xd.dat
2009-09-29 19:49 . 2009-09-29 19:49 46080 ----a-w- c:\windows\system32\wrten2.dll
2009-09-29 19:47 . 2009-09-29 19:47 46080 ----a-w- c:\windows\system32\wtmet1.dll
2009-09-24 13:33 . 2009-09-24 13:33 44032 ----a-w- c:\windows\system32\kmf0.dll
2009-09-22 09:29 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2009-09-22 09:27 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\scripting
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\l2schemas
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\en
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\bits
2009-09-22 09:09 . 2009-09-22 09:09 -------- d-----w- c:\windows\EHome
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-15 13:34 . 2009-01-20 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-15 13:31 . 2009-01-20 12:33 606240 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-15 13:31 . 2009-01-20 12:33 3211296 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-15 13:31 . 2009-01-20 12:33 3152 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-15 13:31 . 2009-01-20 12:33 26168 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-15 02:08 . 2008-03-02 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-14 12:58 . 2009-01-20 12:34 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 12:58 . 2009-01-20 12:34 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 11:11 . 2008-04-20 17:16 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-07 22:16 . 2009-05-14 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\LimeWire
2009-09-18 20:48 . 2009-07-01 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-12 13:42 . 2009-09-12 13:42 16078 ----a-w- c:\windows\latalak.sys
2009-09-12 13:42 . 2009-09-12 13:42 15926 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
2009-09-12 13:42 . 2009-09-12 13:42 15115 ----a-w- c:\windows\wenylunoxa.com
2009-09-12 13:42 . 2009-09-12 13:42 13857 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
2009-09-12 13:42 . 2009-09-12 13:42 12355 ----a-w- c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11881 ----a-w- c:\documents and settings\All Users\Application Data\ytuwopi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11454 ----a-w- c:\program files\Common Files\inurik.dll
2009-09-12 13:42 . 2009-09-12 13:42 11012 ----a-w- c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
2009-09-12 13:42 . 2009-09-12 13:42 10399 ----a-w- c:\documents and settings\All Users\Application Data\tyzupu.bin
2009-09-11 14:18 . 2004-08-10 15:38 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 22:52 . 2008-06-24 14:31 111968 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-06 22:51 . 2009-03-17 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\GetRightToGo
2009-09-06 22:46 . 2007-08-31 17:07 -------- d-----w- c:\program files\Microsoft Works
2009-09-06 22:45 . 2009-09-06 22:45 -------- d-----w- c:\program files\Microsoft.NET
2009-09-06 22:17 . 2005-09-14 18:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-04 21:03 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-10 15:38 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-10 15:37 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-10 15:37 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-10 15:38 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\MSBuild
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\Reference Assemblies
2009-08-22 17:18 . 2009-08-22 17:18 -------- d-----w- c:\program files\MSXML 6.0
2009-08-06 18:24 . 2004-08-10 15:56 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2004-08-10 15:56 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2005-05-26 03:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2004-08-10 15:56 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2004-08-10 15:56 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2004-08-10 15:37 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2004-08-10 15:56 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-03-05 15:33 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2007-03-05 15:33 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2004-08-10 15:56 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-10 15:38 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 19:44 . 2004-08-10 15:38 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 21:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2004-08-10 15:38 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2004-08-10 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-26 15:44 . 2009-07-26 15:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 18:55 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22 . 2004-08-10 15:38 1435648 ----a-w- c:\windows\system32\query.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-14_11.38.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-13 14:51 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2008-04-13 14:51 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 44544 c:\windows\system32\pngfilt.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-10 15:38 . 2009-10-15 02:10 73136 c:\windows\system32\perfc009.dat
+ 2006-11-07 21:03 . 2009-08-29 07:36 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 27648 c:\windows\system32\jsproxy.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
+ 2006-11-07 03:26 . 2009-08-28 10:28 13824 c:\windows\system32\ieudinit.exe
- 2006-11-07 03:26 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
- 2004-08-10 15:37 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 44544 c:\windows\system32\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-28 10:28 70656 c:\windows\system32\ie4uinit.exe
- 2004-08-10 15:37 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
+ 2006-10-17 11:58 . 2009-08-29 07:36 63488 c:\windows\system32\icardie.dll
- 2006-10-17 11:58 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2007-05-09 23:35 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-05-09 23:35 . 2009-08-28 10:28 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-10 15:37 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 15:37 . 2009-08-28 10:28 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-10 15:37 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-10-10 23:55 . 2009-08-29 07:36 63488 c:\windows\system32\dllcache\icardie.dll
- 2007-10-10 23:55 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2006-10-17 12:03 . 2009-08-29 07:36 17408 c:\windows\system32\dllcache\corpol.dll
- 2006-10-17 12:03 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-12-31 04:52 . 2009-10-15 12:08 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-12-31 04:52 . 2009-10-14 11:24 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-10-15 02:28 . 2009-10-15 12:08 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-13 20:58 . 2007-04-13 20:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-13 21:30 . 2007-04-13 21:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2009-10-14 16:01 . 2009-10-14 16:01 27136 c:\windows\Installer\f335a5.msi
+ 2009-10-14 16:01 . 2009-10-14 16:01 83456 c:\windows\Installer\f3359d.msi
+ 2009-10-14 16:02 . 2009-10-14 16:02 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-09-06 22:05 . 2009-10-15 02:03 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
- 2009-09-06 22:05 . 2009-09-09 22:26 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2006-10-26 20:17 . 2006-10-26 20:17 11072 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 87344 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2009-10-15 02:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\pngfilt.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 52224 c:\windows\ie7updates\KB974455-IE7\msfeedsbs.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 27648 c:\windows\ie7updates\KB974455-IE7\jsproxy.dll
+ 2009-10-15 02:04 . 2009-06-29 11:07 13824 c:\windows\ie7updates\KB974455-IE7\ieudinit.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB974455-IE7\iernonce.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 78336 c:\windows\ie7updates\KB974455-IE7\ieencode.dll
+ 2009-10-15 02:04 . 2009-06-29 11:07 70656 c:\windows\ie7updates\KB974455-IE7\ie4uinit.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 63488 c:\windows\ie7updates\KB974455-IE7\icardie.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 17408 c:\windows\ie7updates\KB974455-IE7\corpol.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_0c6b0d1d\System.Drawing.Design.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_33d322ae\CustomMarshalers.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2009-10-15 02:12 . 2009-10-15 02:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-22 17:24 . 2009-08-22 17:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-22 17:24 . 2009-08-22 17:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-10 15:38 . 2009-04-01 22:02 604160 c:\windows\system32\wmspdmod.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 233472 c:\windows\system32\webcheck.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 105984 c:\windows\system32\url.dll
+ 2004-08-10 15:38 . 2009-10-15 02:10 447512 c:\windows\system32\perfh009.dat
- 2004-08-10 15:38 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 102912 c:\windows\system32\occache.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 671232 c:\windows\system32\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 193024 c:\windows\system32\msrating.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 477696 c:\windows\system32\mshtmled.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 459264 c:\windows\system32\msfeeds.dll
- 2006-10-17 11:57 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2006-10-17 11:57 . 2009-08-29 07:36 268288 c:\windows\system32\iertutil.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 385024 c:\windows\system32\iedkcs32.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll
- 2006-10-17 11:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 11:27 . 2009-08-29 07:36 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-10 15:37 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
+ 2004-08-10 15:37 . 2009-08-27 05:18 161792 c:\windows\system32\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 153088 c:\windows\system32\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-10 15:38 . 2009-04-01 22:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 832512 c:\windows\system32\dllcache\wininet.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 233472 c:\windows\system32\dllcache\webcheck.dll
- 2006-11-07 21:03 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2006-10-17 12:05 . 2009-08-29 07:36 105984 c:\windows\system32\dllcache\url.dll
- 2006-10-17 12:05 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-10 15:38 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2004-08-10 15:38 . 2008-10-03 10:15 247326 c:\windows\system32\dllcache\strmdll.dll
- 2006-10-17 12:04 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
+ 2006-10-17 12:04 . 2009-08-29 07:36 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2004-08-10 15:38 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2006-10-17 12:04 . 2009-08-27 05:18 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-05-09 23:35 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-05-09 23:35 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-10 15:37 . 2009-08-27 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 133120 c:\windows\system32\dllcache\extmgr.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-06-23 11:02 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-06-23 11:02 . 2009-08-29 07:36 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-11-07 03:26 . 2009-08-29 07:36 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-11-07 03:26 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-10 15:37 . 2009-08-29 07:36 124928 c:\windows\system32\advpack.dll
- 2004-08-10 15:37 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 20:58 . 2007-04-13 20:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 20:56 . 2007-04-13 20:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2007-04-13 21:30 . 2007-04-13 21:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-10-14 16:02 . 2009-10-14 16:02 430080 c:\windows\Installer\f335cd.msi
+ 2009-10-14 16:01 . 2009-10-14 16:01 155648 c:\windows\Installer\f335b1.msi
+ 2009-09-06 22:49 . 2009-10-15 02:08 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2009-09-06 22:05 . 2009-10-15 02:02 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-09-06 22:05 . 2009-09-09 22:26 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-10-27 14:23 . 2006-10-27 14:23 347432 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-26 19:55 . 2006-10-26 19:55 272744 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 263520 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 19:09 . 2006-10-26 19:09 590144 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 624456 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 413472 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-26 19:09 . 2006-10-26 19:09 136008 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 248632 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 465200 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 14:16 . 2006-10-27 14:16 176976 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 594256 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-26 19:34 . 2006-10-26 19:34 192848 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-26 19:34 . 2006-10-26 19:34 660792 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 497504 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 340248 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 133936 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2009-10-15 02:04 . 2009-06-29 16:12 827392 c:\windows\ie7updates\KB974455-IE7\wininet.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 233472 c:\windows\ie7updates\KB974455-IE7\webcheck.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 105984 c:\windows\ie7updates\KB974455-IE7\url.dll
+ 2009-10-15 02:04 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB974455-IE7\spuninst\updspapi.dll
+ 2009-10-15 02:04 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB974455-IE7\spuninst\spuninst.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 102912 c:\windows\ie7updates\KB974455-IE7\occache.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 671232 c:\windows\ie7updates\KB974455-IE7\mstime.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 193024 c:\windows\ie7updates\KB974455-IE7\msrating.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 477696 c:\windows\ie7updates\KB974455-IE7\mshtmled.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 459264 c:\windows\ie7updates\KB974455-IE7\msfeeds.dll
+ 2009-10-15 02:04 . 2009-06-29 08:35 634632 c:\windows\ie7updates\KB974455-IE7\iexplore.exe
+ 2009-10-15 02:04 . 2009-06-29 16:12 268288 c:\windows\ie7updates\KB974455-IE7\iertutil.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 385024 c:\windows\ie7updates\KB974455-IE7\iedkcs32.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 380928 c:\windows\ie7updates\KB974455-IE7\ieapfltr.dll
+ 2009-10-15 02:04 . 2009-06-29 08:33 161792 c:\windows\ie7updates\KB974455-IE7\ieakui.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 230400 c:\windows\ie7updates\KB974455-IE7\ieaksie.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 153088 c:\windows\ie7updates\KB974455-IE7\ieakeng.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 133120 c:\windows\ie7updates\KB974455-IE7\extmgr.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 214528 c:\windows\ie7updates\KB974455-IE7\dxtrans.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 347136 c:\windows\ie7updates\KB974455-IE7\dxtmsft.dll
+ 2009-10-15 02:04 . 2009-06-29 16:12 124928 c:\windows\ie7updates\KB974455-IE7\advpack.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2b24bd73\System.Drawing.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fb4d0ff3\System.Drawing.Design.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_d48a4fbc\CustomMarshalers.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2009-10-15 02:13 . 2009-10-15 02:13 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2009-10-15 02:12 . 2009-10-15 02:12 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-15 02:15 . 2009-10-15 02:15 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 250928 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2009-10-14 16:13 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-10 15:38 . 2009-08-29 07:36 3598336 c:\windows\system32\mshtml.dll
+ 2006-11-07 21:03 . 2009-08-29 07:36 6067200 c:\windows\system32\ieframe.dll
- 2006-11-07 21:03 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll
+ 2006-07-25 20:33 . 2009-08-29 07:36 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-09-22 09:28 . 2009-08-04 19:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-09-22 09:28 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-09-22 09:28 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-07 18:02 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-07 18:02 . 2009-02-07 18:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-09-22 09:28 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-09-22 09:28 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-07-28 11:28 . 2009-08-29 07:36 3598336 c:\windows\system32\dllcache\mshtml.dll
+ 2007-05-09 23:35 . 2009-08-29 07:36 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2007-05-09 23:35 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2008-11-25 03:59 . 2008-11-25 03:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 21:35 . 2007-04-13 21:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 21:35 . 2007-04-13 21:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 20:57 . 2007-04-13 20:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 20:50 . 2007-04-13 20:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-03-30 21:20 . 2007-03-30 21:20 5800960 c:\windows\Installer\21f8fea.msp
+ 2008-04-11 17:08 . 2008-04-11 17:08 6302720 c:\windows\Installer\21f8f79.msp
+ 2008-04-11 17:48 . 2008-04-11 17:48 6774272 c:\windows\Installer\21f8f3c.msp
+ 2009-09-18 08:30 . 2009-09-18 08:30 5016576 c:\windows\Installer\21f8f27.msp
+ 2009-09-29 08:08 . 2009-09-29 08:08 6747648 c:\windows\Installer\21f8f14.msp
+ 2007-06-01 14:54 . 2007-06-01 14:54 9626624 c:\windows\Installer\21f8ee2.msp
+ 2009-09-06 22:49 . 2009-10-15 02:08 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-09-06 22:49 . 2009-10-15 02:08 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
- 2009-09-06 22:49 . 2009-10-14 02:00 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-10-27 14:04 . 2006-10-27 14:04 7980848 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 2939704 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-27 14:18 . 2006-10-27 14:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 19:42 . 2006-10-26 19:42 8423224 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-27 14:04 . 2006-10-27 14:04 9581360 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2009-10-15 02:04 . 2009-06-29 16:12 1159680 c:\windows\ie7updates\KB974455-IE7\urlmon.dll
+ 2009-10-15 02:04 . 2009-07-19 13:33 3597824 c:\windows\ie7updates\KB974455-IE7\mshtml.dll
+ 2009-10-15 02:04 . 2009-07-19 13:32 6067200 c:\windows\ie7updates\KB974455-IE7\ieframe.dll
+ 2009-09-22 09:28 . 2009-08-04 19:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-09-22 09:28 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-09-22 09:28 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-07 18:02 . 2009-02-07 18:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-07 18:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-09-22 09:28 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-09-22 09:28 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-15 02:03 . 2009-10-15 02:03 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_87aa0b29\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_250ec89f\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\Sy
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31988
Loc: belfast
|
|
Unfortunately the combofix text is too long for the forum and the bottom half is missing.
can you copy and paste the bottom half back here please.
also :-
 Please download Malwarebytes' Anti-Malware from Here.
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply along with a fresh HJT log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
2nd half of log! thx again
+ 2009-02-07 18:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-09-22 09:28 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-09-22 09:28 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-15 02:03 . 2009-10-15 02:03 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_87aa0b29\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_250ec89f\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_5f639e2d\System.Xml.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_07202584\System.Xml.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f2db33da\System.Windows.Forms.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_c8bed891\System.Windows.Forms.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_36b85781\System.Drawing.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_55dbe767\System.Design.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_46739806\System.Design.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_6582b46e\mscorlib.dll
+ 2009-10-15 02:03 . 2009-10-15 02:03 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4110e63a\mscorlib.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll
+ 2009-10-15 02:16 . 2009-10-15 02:16 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-22 17:24 . 2009-08-22 17:24 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-10-15 02:10 . 2009-10-15 02:10 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-12-22 16:39 . 2007-12-22 16:39 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-12-22 16:39 . 2007-12-22 16:39 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-15 02:02 . 2009-10-15 02:02 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2006-10-06 15:54 . 2009-10-02 18:01 25198016 c:\windows\system32\MRT.exe
+ 2009-08-10 20:08 . 2009-08-10 20:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-14 19:32 . 2009-08-14 19:32 11110912 c:\windows\Installer\21f8ff3.msp
+ 2008-08-11 10:51 . 2008-08-11 10:51 15916544 c:\windows\Installer\21f8fd7.msp
+ 2008-10-20 09:16 . 2008-10-20 09:16 13211648 c:\windows\Installer\21f8fc4.msp
+ 2008-01-28 17:10 . 2008-01-28 17:10 14201344 c:\windows\Installer\21f8faf.msp
+ 2008-08-11 10:49 . 2008-08-11 10:49 22457344 c:\windows\Installer\21f8f8c.msp
+ 2008-09-24 11:05 . 2008-09-24 11:05 16381440 c:\windows\Installer\21f8f62.msp
+ 2009-02-25 18:05 . 2009-02-25 18:05 11840000 c:\windows\Installer\21f8f50.msp
+ 2009-08-10 13:09 . 2009-08-10 13:09 17254912 c:\windows\Installer\21f8f0c.msp
+ 2009-02-25 18:07 . 2009-02-25 18:07 11646464 c:\windows\Installer\21f8ef5.msp
+ 2006-10-26 20:13 . 2006-10-26 20:13 14674216 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-27 14:23 . 2006-10-27 14:23 17483560 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 12813096 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 14:26 . 2006-10-27 14:26 16870712 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 14:07 . 2006-10-27 14:07 17891112 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2009-10-15 02:13 . 2009-10-15 02:13 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2009-10-15 02:17 . 2009-10-15 02:17 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll
+ 2009-10-15 02:15 . 2009-10-15 02:15 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll
+ 2009-10-15 02:13 . 2009-10-15 02:13 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2009-10-15 02:12 . 2009-10-15 02:12 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2009-10-15 02:11 . 2009-10-15 02:11 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-05-27 1573104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-14 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-06 201992]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\LimeWire Gold\\LimeWireGold.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 19:29 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 20:02 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [25/03/2008 21:07 24592]
S2 AlerterALG;Alerter AlerterALG;c:\windows\TEMP\korxwapbwp.exe service --> c:\windows\TEMP\korxwapbwp.exe service [?]
S3 bfastfao;bfastfao;\??\c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys --> c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys [?]
S4 Radialpoint Security Services;Virgin Broadband PCguard;c:\windows\system32\dllhost.exe [10/08/2004 16:37 5120]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D07CDF07-B01D-4A9E-BEF4-0A1BA518203B}]
rundll32 wrten2.dll,laspi
.
Contents of the 'Scheduled Tasks' folder
2009-10-15 c:\windows\Tasks\HDReg.job
- c:\apps\HDReg\HDRegRem.exe [2005-09-14 10:14]
2009-10-15 c:\windows\Tasks\User_Feed_Synchronization-{DBB51C1C-E6BF-40D9-BCDE-B8F49ABDF1F5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 18:36]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.google.com
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
.
- - - - ORPHANS REMOVED - - - -
BHO-{5D63F90D-F193-4277-B27B-FE70C9C55D6F} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-15 14:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1244)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll
- - - - - - - > 'explorer.exe'(192)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-10-15 14:44
ComboFix-quarantined-files.txt 2009-10-15 13:44
ComboFix2.txt 2009-10-14 11:43
ComboFix3.txt 2009-01-16 22:03
Pre-Run: 163,846,606,848 bytes free
Post-Run: 163,868,934,144 bytes free
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
701 --- E O F --- 2009-10-15 02:11
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
Malwarebytes' Anti-Malware 1.41
Database version: 2968
Windows 5.1.2600 Service Pack 3
15/10/2009 18:46:05
mbam-log-2009-10-15 (18-46-05).txt
Scan type: Quick Scan
Objects scanned: 117241
Time elapsed: 4 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5d63f90d-f193-4277-b27b-fe70c9c55d6f} (Password.Stealer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{d07cdf07-b01d-4a9e-bef4-0a1ba518203b} (Password.Stealer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d63f90d-f193-4277-b27b-fe70c9c55d6f} (Password.Stealer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AlerterALG (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\kmf0.dll (Spyware.Ambler) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wtmet1.dll (Password.Stealer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xd.dat (Malware.Trace) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:15, on 15/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/j...ows-i586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 5667 bytes
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31988
Loc: belfast
|
|
Download Killbox from here.
Double-click killbox.exe on your desktop.
Select the option "Delete on reboot".
Now highlight and 'copy' the entire list of filepaths below:
c:\windows\TEMP\korxwapbwp.exe
c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys
c:\windows\system32\wrten2.dll
c:\windows\system32\wtmet1.dll
c:\windows\system32\kmf0.dll
Open 'file' in the killbox menu at the top and choose 'Paste from clipboard'
Now you will see, this is pasted in the "Full Path of File to Delete"-field.
There's a little arrow (dropdown-arrow) next to that field.
If you expand it, these lines should be there together!
Then press the red button with a white X in it.
Killbox will tell you that all listed files will be deleted on next reboot.
Click YES
When it asks if you would like to Reboot now, click YES
If you get a "PendingFileRenameOperations Registry Data has been Removed by External Process!" message then just restart manually.
then post a fresh combofix log.
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
As requested
ComboFix 09-10-19.02 - W33 K3RR 20/10/2009 14:23.7.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1919.1405 [GMT 1:00]
Running from: c:\documents and settings\W33 K3RR\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD0EC-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00FC-0D24-347CA8A3377C}
AV: Freedom *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((( Files Created from 2009-09-20 to 2009-10-20 )))))))))))))))))))))))))))))))
.
2009-10-20 12:53 . 2009-10-20 13:02 -------- d-----w- C:\!KillBox
2009-10-15 17:40 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-15 17:39 . 2009-10-15 17:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-15 17:39 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 16:01 . 2009-10-14 16:01 -------- d-----w- c:\program files\Microsoft
2009-09-22 09:29 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2009-09-22 09:27 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\scripting
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\l2schemas
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\en
2009-09-22 09:16 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\bits
2009-09-22 09:09 . 2009-09-22 09:09 -------- d-----w- c:\windows\EHome
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-20 13:18 . 2009-01-20 12:33 630816 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-20 13:18 . 2009-01-20 12:33 3236 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-20 13:15 . 2009-01-20 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-20 13:13 . 2009-01-20 12:33 3211296 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-20 13:13 . 2009-01-20 12:33 26168 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-20 02:07 . 2008-03-02 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-20 02:04 . 2007-08-31 17:07 -------- d-----w- c:\program files\Microsoft Works
2009-10-14 12:58 . 2009-01-20 12:34 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 12:58 . 2009-01-20 12:34 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 11:11 . 2008-04-20 17:16 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-07 22:16 . 2009-05-14 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\LimeWire
2009-09-18 20:48 . 2009-07-01 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-12 13:42 . 2009-09-12 13:42 16078 ----a-w- c:\windows\latalak.sys
2009-09-12 13:42 . 2009-09-12 13:42 15926 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
2009-09-12 13:42 . 2009-09-12 13:42 15115 ----a-w- c:\windows\wenylunoxa.com
2009-09-12 13:42 . 2009-09-12 13:42 13857 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
2009-09-12 13:42 . 2009-09-12 13:42 12355 ----a-w- c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11881 ----a-w- c:\documents and settings\All Users\Application Data\ytuwopi.dll
2009-09-12 13:42 . 2009-09-12 13:42 11454 ----a-w- c:\program files\Common Files\inurik.dll
2009-09-12 13:42 . 2009-09-12 13:42 11012 ----a-w- c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
2009-09-12 13:42 . 2009-09-12 13:42 10399 ----a-w- c:\documents and settings\All Users\Application Data\tyzupu.bin
2009-09-11 14:18 . 2004-08-10 15:38 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 22:52 . 2008-06-24 14:31 111968 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-06 22:51 . 2009-03-17 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\GetRightToGo
2009-09-06 22:45 . 2009-09-06 22:45 -------- d-----w- c:\program files\Microsoft.NET
2009-09-06 22:17 . 2005-09-14 18:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-04 21:03 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-10 15:38 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-10 15:37 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-10 15:37 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-10 15:38 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\MSBuild
2009-08-22 17:21 . 2009-08-22 17:21 -------- d-----w- c:\program files\Reference Assemblies
2009-08-22 17:18 . 2009-08-22 17:18 -------- d-----w- c:\program files\MSXML 6.0
2009-08-17 22:33 . 2009-08-17 22:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 18:24 . 2004-08-10 15:56 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2004-08-10 15:56 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2005-05-26 03:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2004-08-10 15:56 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2004-08-10 15:56 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2004-08-10 15:37 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2004-08-10 15:56 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-03-05 15:33 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2007-03-05 15:33 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2004-08-10 15:56 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-10 15:38 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 19:44 . 2004-08-10 15:38 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 21:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2004-08-10 15:38 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2004-08-10 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-26 15:44 . 2009-07-26 15:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
.
((((((((((((((((((((((((((((( SnapShot_2009-10-15_13.43.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-18 21:54 . 2009-10-18 21:54 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-12-31 04:52 . 2009-10-15 12:08 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-31 04:52 . 2009-10-18 21:54 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-10-15 02:28 . 2009-10-15 12:08 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-10-18 21:54 . 2009-10-18 21:54 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-09-06 22:49 . 2009-10-15 02:08 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-04-02 13:23 . 2009-04-02 13:23 10104 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\XLCALL32.DLL
+ 2009-04-03 17:01 . 2009-04-03 17:01 71504 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\XL12CNVP.DLL
+ 2009-04-03 16:57 . 2009-04-03 16:57 21320 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\WRD12EXE.EXE
+ 2006-07-24 09:50 . 2006-07-24 09:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\VBAME.DLL
+ 2009-01-06 20:31 . 2009-01-06 20:31 48512 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\PUBTRAP.DLL
+ 2006-07-24 09:50 . 2006-07-24 09:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\MSADDNDR.DLL
+ 2006-10-26 20:13 . 2006-10-26 20:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\XL12CNVP.DLL
+ 2009-09-06 22:46 . 2009-09-06 22:46 12096 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\WORDPOL.DLL
+ 2006-10-26 21:58 . 2006-10-26 21:58 33080 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\VPREVIEW.EXE
+ 2009-09-06 22:45 . 2009-09-06 22:45 12080 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\VBIDEPOL.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 64288 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\VBIDEPIA.DLL
+ 2006-10-26 18:59 . 2006-10-26 18:59 15672 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SMARTTAGINSTALL.EXE
+ 2006-10-26 18:49 . 2006-10-26 18:49 34104 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SETLANG.EXE
+ 2006-10-26 19:55 . 2006-10-26 19:55 55056 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SCANOST.EXE
+ 2006-10-26 19:55 . 2006-10-26 19:55 76576 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\RM.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 40424 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\REFIEBAR.DLL
+ 2006-10-26 20:13 . 2006-10-26 20:13 38168 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 39208 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\RECALL.DLL
+ 2006-10-26 19:09 . 2006-10-26 19:09 48448 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PUBTRAP.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 12112 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPTPOL.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 53048 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLVBA.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 46864 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-26 18:59 . 2006-10-26 18:59 46936 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OSETUPPS.DLL
+ 2006-10-26 19:59 . 2006-10-26 19:59 18760 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OPHPROXY.DLL
+ 2006-10-26 18:59 . 2006-10-26 18:59 16728 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OMUOPTINPS.DLL
+ 2006-10-26 19:00 . 2006-10-26 19:00 23392 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OISCTRL.DLL
+ 2006-10-27 14:11 . 2006-10-27 14:11 54680 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OFFRHD.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 11544 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OFFICEPL.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 65824 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 12104 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSTAGPOL.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 20280 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSTAGPIA.DLL
+ 2006-10-26 18:59 . 2006-10-26 18:59 43832 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSSH.DLL
+ 2006-10-27 14:26 . 2006-10-27 14:26 35152 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSOSTYLE.DLL
+ 2006-10-26 18:52 . 2006-10-26 18:52 66368 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSOMSE.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 67896 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSOHTMED.EXE
+ 2006-10-27 14:01 . 2006-10-27 14:01 76088 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSOHEV.DLL
+ 2006-10-26 20:13 . 2006-10-26 20:13 26936 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 18:48 . 2006-10-26 18:48 14664 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 18:59 . 2006-10-26 18:59 19768 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSMH.DLL
+ 2006-10-26 18:52 . 2006-10-26 18:52 48424 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSE7.EXE
+ 2006-10-26 20:18 . 2006-10-26 20:18 66880 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 21312 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MLSHEXT.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 89400 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\METCONV.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 12096 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\GRAPHPOL.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 12096 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\EXCELPOL.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 35160 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\DUMPSTER.DLL
+ 2006-10-26 20:30 . 2006-10-26 20:30 65312 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 53576 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\AUTHZAX.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 56120 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-27 14:00 . 2006-10-27 14:00 47976 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-26 20:18 . 2006-10-26 20:18 94016 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACCOLK.DLL
+ 2009-10-20 02:04 . 2009-10-20 02:04 10576 c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 11112 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 11136 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 11152 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 19320 c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2004-08-10 15:46 . 2009-10-20 13:03 392776 c:\windows\system32\FNTCACHE.DAT
- 2004-08-10 15:46 . 2009-09-23 02:09 392776 c:\windows\system32\FNTCACHE.DAT
+ 2007-10-14 22:44 . 2007-10-14 22:44 324608 c:\windows\Installer\e2c46b.msp
+ 2007-10-14 22:46 . 2007-10-14 22:46 324608 c:\windows\Installer\e2c465.msp
+ 2009-05-26 17:53 . 2009-05-26 17:53 579072 c:\windows\Installer\6095c50.msp
- 2009-09-06 22:49 . 2009-10-15 02:08 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
- 2009-09-06 22:42 . 2009-09-06 22:42 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-10-20 02:02 . 2009-10-20 02:02 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2007-06-07 18:51 . 2007-06-07 18:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\SSGEN.DLL
+ 2009-03-06 02:41 . 2009-03-06 02:41 589704 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\PUBCONV.DLL
+ 2009-01-08 09:59 . 2009-01-08 09:59 624520 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\PTXT9.DLL
+ 2008-10-25 05:21 . 2008-10-25 05:21 136072 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\PRTF9.DLL
+ 2009-10-20 02:04 . 2009-10-20 02:04 350064 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\PPTPIA.DLL
+ 2009-04-03 17:04 . 2009-04-03 17:04 521064 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\POWERPNT.EXE
+ 2007-06-07 18:51 . 2007-06-07 18:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\OUTLFLTR.DLL
+ 2008-11-03 23:04 . 2008-11-03 23:04 498072 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\MORPH9.DLL
+ 2006-10-26 19:49 . 2006-10-26 19:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\WRD12CVR.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 781104 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-07-28 14:21 . 2006-07-28 14:21 277320 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-26 20:18 . 2006-10-26 20:18 502608 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-10-26 19:06 . 2006-10-26 19:06 439600 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 19:13 . 2006-10-26 19:13 503624 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-27 14:16 . 2006-10-27 14:16 408880 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\RTFHTML.DLL
+ 2006-10-26 20:07 . 2006-10-26 20:07 368968 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPSLAX.DLL
+ 2006-10-26 20:30 . 2006-10-26 20:30 482088 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-07-26 17:53 . 2006-07-26 17:53 459080 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 138512 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OUTLCTL.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 254776 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OLKFSTUB.DLL
+ 2006-10-26 19:00 . 2006-10-26 19:00 285008 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-26 19:00 . 2006-10-26 19:00 998208 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 19:00 . 2006-10-26 19:00 274744 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-20 07:37 . 2006-10-20 07:37 637744 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OGALEGIT.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 416544 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OFFICE.DLL
+ 2006-10-26 19:06 . 2006-10-26 19:06 232816 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 18:55 . 2006-10-26 18:55 538904 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 145688 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSTORE.EXE
+ 2006-10-26 18:55 . 2006-10-26 18:55 832800 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 12:56 . 2006-10-26 12:56 505136 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 18:50 . 2006-10-26 18:50 672024 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 13:47 . 2006-10-26 13:47 727840 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSPROOF6.DLL
+ 2006-10-26 12:56 . 2006-10-26 12:56 436520 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 428816 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-27 13:59 . 2006-10-27 13:59 161080 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 12:58 . 2006-10-26 12:58 290576 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSCDM.DLL
+ 2006-10-26 18:52 . 2006-10-26 18:52 460616 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MODHELP.DLL
+ 2006-10-26 18:55 . 2006-10-26 18:55 828704 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 138024 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-26 19:00 . 2006-10-26 19:00 178488 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\IETAG.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 173328 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 150320 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\GRAPHPIA.DLL
+ 2006-10-27 14:09 . 2006-10-27 14:09 983376 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 154960 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ENVELOPE.DLL
+ 2006-10-26 19:55 . 2006-10-26 19:55 116544 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\EMABLT32.DLL
+ 2006-10-26 19:12 . 2006-10-26 19:12 106824 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\DSSM.EXE
+ 2006-10-26 19:12 . 2006-10-26 19:12 189760 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-26 18:59 . 2006-10-26 18:59 205616 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-27 14:41 . 2006-10-27 14:41 399640 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 371568 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 14:40 . 2006-10-27 14:40 208760 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 224104 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 551800 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 289648 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 260976 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 392048 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-27 14:00 . 2006-10-27 14:00 387960 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 279352 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 207736 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 629616 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 338800 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-27 14:00 . 2006-10-27 14:00 191360 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-27 14:00 . 2006-10-27 14:00 576376 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-26 20:18 . 2006-10-26 20:18 162616 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 14:00 . 2006-10-27 14:00 576376 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2009-10-20 02:04 . 2009-10-20 02:04 423784 c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2009-10-20 02:04 . 2009-10-20 02:04 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2009-10-20 02:06 . 2009-10-20 02:06 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2009-10-20 02:04 . 2009-10-20 02:04 149352 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2007-10-14 22:43 . 2007-10-14 22:43 5749760 c:\windows\Installer\e2c44d.msp
+ 2009-05-04 06:46 . 2009-05-04 06:46 8299008 c:\windows\Installer\6095e53.msp
+ 2009-05-26 17:54 . 2009-05-26 17:54 4192768 c:\windows\Installer\6095e3f.msp
+ 2009-05-04 06:47 . 2009-05-04 06:47 9124864 c:\windows\Installer\6095e27.msp
+ 2009-04-24 11:30 . 2009-04-24 11:30 2583552 c:\windows\Installer\6095e13.msp
+ 2009-08-05 06:49 . 2009-08-05 06:49 3457024 c:\windows\Installer\6095dfe.msp
+ 2009-04-24 11:28 . 2009-04-24 11:28 4450816 c:\windows\Installer\6095de9.msp
+ 2009-07-27 03:31 . 2009-07-27 03:31 3738624 c:\windows\Installer\6095dd4.msp
+ 2009-04-04 16:10 . 2009-04-04 16:10 1282560 c:\windows\Installer\6095dc1.msp
+ 2009-04-04 16:10 . 2009-04-04 16:10 7888384 c:\windows\Installer\6095dba.msp
+ 2009-04-04 16:10 . 2009-04-04 16:10 9926144 c:\windows\Installer\6095db1.msp
+ 2009-04-04 09:14 . 2009-04-04 09:14 1094656 c:\windows\Installer\6095c5b.msp
+ 2009-08-18 12:08 . 2009-08-18 12:08 1373696 c:\windows\Installer\6095c3e.msp
+ 2009-04-24 11:29 . 2009-04-24 11:29 9013760 c:\windows\Installer\6095bf3.msp
+ 2009-09-06 22:49 . 2009-10-20 02:07 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-09-06 22:49 . 2009-10-20 02:07 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
- 2009-09-06 22:49 . 2009-10-15 02:08 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-04-03 16:57 . 2009-04-03 16:57 4671320 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\WRD12CNV.DLL
+ 2008-11-21 02:12 . 2008-11-21 02:12 3750256 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\VVIEWER.DLL
+ 2008-10-25 08:35 . 2008-10-25 08:35 1847160 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\VVIEWDWG.DLL
+ 2009-04-03 17:04 . 2009-04-03 17:04 8468840 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\PPCORE.DLL
+ 2009-02-05 10:36 . 2009-02-05 10:36 1640800 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\OGL.DLL
+ 2009-03-06 02:41 . 2009-03-06 02:41 9589096 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\MSPUB.EXE
+ 2006-10-26 21:58 . 2006-10-26 21:58 3732792 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2006-10-26 22:00 . 2006-10-26 22:00 1841984 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-09-29 23:42 . 2006-09-29 23:42 2583344 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-27 13:57 . 2006-10-27 13:57 2330968 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 18:52 . 2006-10-26 18:52 2012480 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 19:07 . 2006-10-26 19:07 6536992 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-10-26 19:14 . 2006-10-26 19:14 7033152 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-26 13:47 . 2006-10-26 13:47 1512304 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\NLSD0000.DLL
+ 2006-10-26 19:00 . 2006-10-26 19:00 6635320 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-27 14:10 . 2006-10-27 14:10 5281592 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 19:02 . 2006-10-26 19:02 2526520 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-26 18:21 . 2006-10-26 18:21 1682232 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2009-09-06 22:45 . 2009-09-06 22:45 1276720 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\EXCELPIA.DLL
+ 2006-10-27 14:00 . 2006-10-27 14:00 1751904 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2009-10-20 02:04 . 2009-10-20 02:04 1279848 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2007-10-14 22:43 . 2007-10-14 22:43 12743168 c:\windows\Installer\e2c458.msp
+ 2007-10-14 22:43 . 2007-10-14 22:43 21981184 c:\windows\Installer\e2c428.msp
+ 2008-05-21 00:30 . 2008-05-21 00:30 14308864 c:\windows\Installer\e2c3b3.msp
+ 2009-04-04 16:09 . 2009-04-04 16:09 15190016 c:\windows\Installer\6095c7b.msp
+ 2009-04-04 10:36 . 2009-04-04 10:36 21390848 c:\windows\Installer\6095c5c.msp
+ 2009-08-18 11:50 . 2009-08-18 11:50 12022272 c:\windows\Installer\6095c2b.msp
+ 2009-04-03 17:01 . 2009-04-03 17:01 15108448 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\XL12CNV.EXE
+ 2009-04-03 17:11 . 2009-04-03 17:11 18330984 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.6425\EXCEL.EXE
+ 2006-10-27 14:14 . 2006-10-27 14:14 14151456 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-27 14:01 . 2006-10-27 14:01 10371880 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2007-10-14 22:43 . 2007-10-14 22:43 229852160 c:\windows\Installer\e2c421.msp
+ 2009-04-04 16:08 . 2009-04-04 16:08 343058432 c:\windows\Installer\6095da7.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-05-27 1573104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-14 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-06 201992]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\LimeWire Gold\\LimeWireGold.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 19:29 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 20:02 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [25/03/2008 21:07 24592]
S3 bfastfao;bfastfao;\??\c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys --> c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys [?]
S4 Radialpoint Security Services;Virgin Broadband PCguard;c:\windows\system32\dllhost.exe [10/08/2004 16:37 5120]
.
Contents of the 'Scheduled Tasks' folder
2009-10-20 c:\windows\Tasks\HDReg.job
- c:\apps\HDReg\HDRegRem.exe [2005-09-14 10:14]
2009-10-20 c:\windows\Tasks\User_Feed_Synchronization-{DBB51C1C-E6BF-40D9-BCDE-B8F49ABDF1F5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 18:36]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.google.com
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 14:28
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1236)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll
- - - - - - - > 'explorer.exe'(2480)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: ~,10time:~,-3
ComboFix-quarantined-files.txt 2009-10-20 13:31
ComboFix2.txt 2009-10-15 13:44
ComboFix3.txt 2009-10-14 11:43
ComboFix4.txt 2009-01-16 22:03
Pre-Run: 162,427,850,752 bytes free
Post-Run: 162,381,250,560 bytes free
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 4675D9A38BB0E02925FD4AC64BDF110B
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31988
Loc: belfast
|
|
Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
for some reason you have 4 versions of AVIRA anti virus running, also
AV Freedom also Kaspersky Internet Security ??
go to ADD\REMOVE PROGRAMS in the control panel and remove ALL of them.
then :-
Disconnect from the internet
1. Close any open browsers.
Open *notepad* and copy/paste the text in the quotebox below into it:
Quote:
Killall::
File::
c:\windows\latalak.sys
c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
c:\windows\wenylunoxa.com
c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
c:\documents and settings\All Users\Application Data\ytuwopi.dll
c:\program files\Common Files\inurik.dll
c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
c:\documents and settings\All Users\Application Data\tyzupu.bin
Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.
Referring to the picture above, drag CFScript.txt into ComboFix.exe.
This will start ComboFix again.(it may ask you to reboot your computer)
When finished, it shall produce a log for you at C:\ComboFix.txt
NOW reinstall AVIRA.
If there is a trojan downloader hiding somewhere, waiting 5 days to answer isn't helping us, it's installing the rubbish as fast as i am removing it.
Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please and
let me know how it is running.
*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
Sorry for the delay bricat. Its been october week here and been away for a few days.
Will be on the ball and keeping up to date now.
Just one thing, don't have any AVIRA anti virus or AV Freedom in my add and remove programs or indeed use them, all my security is with Kaspersky Internet Security. Should i remove this and reinstall once i have carried out ur instruction?
Thx
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
Ok Bricat, here goes this is with Kasp disabled and disconnected from internet :
ComboFix 09-10-19.02 - W33 K3RR 22/10/2009 10:40.8.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1919.1226 [GMT 1:00]
Running from: c:\documents and settings\W33 K3RR\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\W33 K3RR\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD0EC-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00EB-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00FC-0D24-347CA8A3377C}
AV: Freedom *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FILE ::
"c:\documents and settings\All Users\Application Data\tyzupu.bin"
"c:\documents and settings\All Users\Application Data\ytuwopi.dll"
"c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll"
"c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat"
"c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com"
"c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat"
"c:\program files\Common Files\inurik.dll"
"c:\windows\latalak.sys"
"c:\windows\wenylunoxa.com"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\tyzupu.bin
c:\documents and settings\All Users\Application Data\ytuwopi.dll
c:\documents and settings\W33 K3RR\Application Data\asenevibi.dll
c:\documents and settings\W33 K3RR\Application Data\pelyvivary.dat
c:\documents and settings\W33 K3RR\Local Settings\Application Data\nifykimiv.com
c:\documents and settings\W33 K3RR\Local Settings\Application Data\qixydaxufu.dat
c:\program files\Common Files\inurik.dll
c:\windows\latalak.sys
c:\windows\wenylunoxa.com
.
((((((((((((((((((((((((( Files Created from 2009-09-22 to 2009-10-22 )))))))))))))))))))))))))))))))
.
2009-10-20 13:39 . 2009-10-20 13:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-10-20 12:53 . 2009-10-20 13:02 -------- d-----w- C:\!KillBox
2009-10-15 17:40 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-15 17:39 . 2009-10-15 17:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-15 17:39 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 16:01 . 2009-10-14 16:01 -------- d-----w- c:\program files\Microsoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-22 09:48 . 2009-01-20 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-22 09:45 . 2009-01-20 12:33 630816 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-22 09:45 . 2009-01-20 12:33 3236 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-22 09:45 . 2009-01-20 12:33 3211296 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-22 09:45 . 2009-01-20 12:33 26168 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-22 09:36 . 2009-05-14 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\LimeWire
2009-10-20 21:38 . 2008-06-24 14:31 112352 ----a-w- c:\documents and settings\W33 K3RR\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-20 13:39 . 2007-03-01 16:57 -------- d-----w- c:\program files\DivX
2009-10-20 02:07 . 2008-03-02 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-20 02:04 . 2007-08-31 17:07 -------- d-----w- c:\program files\Microsoft Works
2009-10-14 12:58 . 2009-01-20 12:34 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 12:58 . 2009-01-20 12:34 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 11:11 . 2008-04-20 17:16 -------- d-----w- c:\program files\Messenger Plus! Live
2009-09-18 20:48 . 2009-07-01 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-11 14:18 . 2004-08-10 15:38 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 22:51 . 2009-03-17 17:05 -------- d-----w- c:\documents and settings\W33 K3RR\Application Data\GetRightToGo
2009-09-06 22:45 . 2009-09-06 22:45 -------- d-----w- c:\program files\Microsoft.NET
2009-09-06 22:17 . 2005-09-14 18:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-04 21:03 . 2004-08-10 15:37 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-10 15:38 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-10 15:37 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-10 15:37 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-10 15:38 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 22:33 . 2009-08-17 22:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 18:24 . 2004-08-10 15:56 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2004-08-10 15:56 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2005-05-26 03:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2004-08-10 15:56 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2004-08-10 15:56 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2004-08-10 15:37 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2004-08-10 15:56 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-03-05 15:33 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2007-03-05 15:33 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2004-08-10 15:56 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-10 15:38 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 19:44 . 2004-08-10 15:38 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 21:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2004-08-10 15:38 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2004-08-10 15:37 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-26 15:44 . 2009-07-26 15:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
.
((((((((((((((((((((((((((((( SnapShot_2009-10-20_13.29.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-22 09:47 . 2009-10-22 09:47 16384 c:\windows\temp\Perflib_Perfdata_768.dat
+ 2009-10-20 13:39 . 2009-10-20 13:39 152576 c:\windows\Installer\1733f5.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-05-27 1573104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-14 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-06 201992]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\LimeWire Gold\\LimeWireGold.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 19:29 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 20:02 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [25/03/2008 21:07 24592]
S3 bfastfao;bfastfao;\??\c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys --> c:\docume~1\FRANKM~1\LOCALS~1\Temp\bfastfao.sys [?]
S4 Radialpoint Security Services;Virgin Broadband PCguard;c:\windows\system32\dllhost.exe [10/08/2004 16:37 5120]
.
Contents of the 'Scheduled Tasks' folder
2009-10-22 c:\windows\Tasks\HDReg.job
- c:\apps\HDReg\HDRegRem.exe [2005-09-14 10:14]
2009-10-22 c:\windows\Tasks\User_Feed_Synchronization-{DBB51C1C-E6BF-40D9-BCDE-B8F49ABDF1F5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 18:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://www.google.com
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-22 10:47
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll
- - - - - - - > 'explorer.exe'(816)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\UAService7.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\Ati2evxx.exe
c:\combofix\CF26016.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Completion time: ~,10time:~,-3machine was rebootedCombobatch-by
ComboFix-quarantined-files.txt 2009-10-22 09:51
ComboFix2.txt 2009-10-20 13:31
ComboFix3.txt 2009-10-15 13:44
ComboFix4.txt 2009-10-14 11:43
ComboFix5.txt 2009-10-22 09:39
Pre-Run: 162,482,720,768 bytes free
Post-Run: 162,461,933,568 bytes free
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 3F550F3EF3EF310BDE4D4FF375EAEF4D
|
jokerr65
regular
Reg'd: Thu
Posts: 61
|
|
Fresh HJT as requested :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:56:10, on 22/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/j...ows-i586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 5449 bytes
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31988
Loc: belfast
|
|
that looks clean now, just some tidying up to do.
combofix cleanup.
Time for some housekeeping
- Click START then RUN
- Now type Combofix /u in the runbox and click OK
[list] 
When shown the disclaimer, Select "2"[/list]
The above procedure will:
- Delete the following:[list]
- ComboFix and its associated files and folders.
- VundoFix backups, if present
- The C:\Deckard folder, if present
- The C:_OtMoveIt folder, if present
Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Reset System Restore.[/list]
Then :-
Download and scan with CCleaner - CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
- Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
Then select "Cookies"
Move any cookies you wish to retain, e.g. login cookies, in the left-hand window to the right-hand window by highlighting them and clicking the right arrow in the centre.
- Then select the items you wish to clean up.
In the Windows Tab:
• Clean all entries in the "Internet Explorer" section.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.
In the Applications Tab:
• Clean all entries in the Mozilla Firefox Section.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.
- Click the "Run Cleaner" button.
- A pop up box will appear advising this process will permanently delete files from your system.
- Click "OK" and it will scan and clean your system.
- Click "exit" when done.
then DEFRAG your C:\ drive.
to help speed up your system.
then let us know how the computer is running.
HOW DID I GET INFECTED
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
|
|
Previous
Index
Next
Threaded
Edit
Reply
Quote
