Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Running Slow Combofix Log


  • This topic is locked This topic is locked
1 reply to this topic

#1 PaulJohnVicente

PaulJohnVicente

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:44 AM

Posted 18 March 2008 - 02:35 PM

Hello all,
Recently I installed some photoshop filter and effects and my computer started to run slower and some rundll32 errors began to occur. I have run spybot, avast antivirus, avg antispyware, highjackthis and combofix but I am still not sure if the problem is solved so here is the combofix log:

Any help please!Thanks.

ComboFix 08-03-17.1 - Paul John Vicente 2008-03-18 19:06:13.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.2070.18.2778 [GMT 0:00]
Executando de: C:\Documents and Settings\Paul John Vicente\Ambiente de trabalho\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM83858920.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\dfrasgwl.dll
C:\WINDOWS\system32\duoihhgc.dll
C:\WINDOWS\system32\dwnuwmai.dll
C:\WINDOWS\system32\fqbubxjx.dll
C:\WINDOWS\system32\fvhvutcr.dll
C:\WINDOWS\system32\geebx.dll
C:\WINDOWS\system32\lwgsarfd.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nnnkjgh.dll
C:\WINDOWS\system32\opnmjgg.dll
C:\WINDOWS\system32\pmnkigg.dll
C:\WINDOWS\system32\quxamkal.dll
C:\WINDOWS\system32\rbxardhn.dll
C:\WINDOWS\system32\sjsuvawy.ini
C:\WINDOWS\system32\tcvkblku.dll
C:\WINDOWS\system32\tjhjixow.ini
C:\WINDOWS\system32\ufqhjnha.dll
C:\WINDOWS\system32\uqouelpy.dll
C:\WINDOWS\system32\vlbpiglr.dll
C:\WINDOWS\system32\vtuvsrs.dll
C:\WINDOWS\system32\woxijhjt.dll
C:\WINDOWS\system32\wrcbutiq.dll
C:\WINDOWS\system32\wybeg.ini
C:\WINDOWS\system32\wybeg.ini2
C:\WINDOWS\system32\xbeeg.ini
C:\WINDOWS\system32\xbeeg.ini2
C:\WINDOWS\system32\xkbomlxe.dll
C:\WINDOWS\system32\yjknouyj.dll
C:\WINDOWS\system32\ywavusjs.dll

.
((((((((((((((((((((((( Ficheiros criados de 2008-02-18 to 2008-03-18 ))))))))))))))))))))))))))))))))
.

2008-03-18 18:35 . 2008-03-18 18:35 <DIR> d-------- C:\ComboFix(2)
2008-03-17 19:01 . 2008-03-17 19:01 <DIR> d-------- C:\Documents and Settings\Paul John Vicente\Application Data\Grisoft
2008-03-17 18:51 . 2008-03-17 18:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-17 18:51 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-17 18:11 . 2008-03-17 18:11 <DIR> d-------- C:\Programas\Corel
2008-03-17 11:37 . 2008-03-17 11:37 <DIR> d-------- C:\WINDOWS\Sun
2008-03-17 11:19 . 2008-03-17 17:04 <DIR> d-------- C:\Programas\Conduit
2008-03-17 08:15 . 2008-03-17 15:34 594 ---hs---- C:\WINDOWS\system32\vravhbfx.ini
2008-03-17 06:45 . 2008-03-17 07:46 474 ---hs---- C:\WINDOWS\system32\hekvsdmx.ini
2008-03-16 06:42 . 2008-03-17 06:42 354 ---hs---- C:\WINDOWS\system32\vybmtcac.ini
2008-03-15 06:39 . 2008-03-16 06:39 294 ---hs---- C:\WINDOWS\system32\wxydtjdc.ini
2008-03-14 19:38 . 2008-03-18 18:39 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-14 19:34 . 2008-03-14 19:16 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-14 19:34 . 2008-03-14 19:34 2,576 --a------ C:\WINDOWS\unins000.dat
2008-03-13 19:09 . 2008-03-13 19:09 <DIR> d-------- C:\Programas\Java
2008-03-13 19:09 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-13 19:07 . 2008-03-13 19:07 <DIR> d-------- C:\Programas\Ficheiros comuns\Java
2008-03-13 16:35 . 2004-08-30 21:00 1,466,368 --a------ C:\WINDOWS\system32\WinSpooler.exe
2008-03-13 16:35 . 2008-03-13 16:35 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-03-10 13:45 . 2008-03-10 13:46 <DIR> d-------- C:\Documents and Settings\Paul John Vicente\Application Data\VideoEgg
2008-03-07 09:37 . 2008-03-07 09:57 <DIR> d-------- C:\Programas\Windows Live
2008-03-07 09:37 . 2008-03-07 09:40 <DIR> d--hsc--- C:\Programas\Ficheiros comuns\WindowsLiveInstaller
2008-03-07 09:36 . 2008-03-07 09:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-05 17:25 . 2008-03-05 17:25 <DIR> dr-h----- C:\Documents and Settings\Paul John Vicente\Application Data\yahoo!
2008-03-05 15:14 . 2008-03-05 17:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-02-28 20:10 . 2008-02-28 20:10 <DIR> d-------- C:\Documents and Settings\Paul John Vicente\Application Data\Nero
2008-02-25 16:22 . 2008-02-25 16:22 <DIR> d-------- C:\Programas\Ficheiros comuns\PCSuite
2008-02-25 16:21 . 2008-02-25 16:21 <DIR> d-------- C:\Programas\PC Connectivity Solution
2008-02-25 15:50 . 2008-02-25 15:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nokia
2008-02-25 15:50 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-02-25 15:50 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-02-25 15:50 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-02-25 15:50 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-02-25 15:50 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-25 15:49 . 2008-02-25 17:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-02-25 15:43 . 2008-02-25 17:09 <DIR> d--hs---- C:\Documents and Settings\Paul John Vicente\Phone Browser
2008-02-25 15:43 . 2008-02-25 15:43 <DIR> d-------- C:\Documents and Settings\Paul John Vicente\Application Data\Datalayer
2008-02-25 15:42 . 2008-02-25 15:42 <DIR> d-------- C:\Documents and Settings\Paul John Vicente\Application Data\Nokia Multimedia Player
2008-02-25 10:30 . 2008-02-25 17:07 <DIR> d-------- C:\Programas\Ficheiros comuns\Nokia
2008-02-25 10:30 . 2008-02-25 17:00 <DIR> d-------- C:\Documents and Settings\Paul John Vicente\Application Data\Nokia
2008-02-25 10:30 . 2008-02-25 15:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-25 10:29 . 2008-02-25 17:07 <DIR> d-------- C:\Programas\Nokia
2008-02-25 10:29 . 2008-02-25 10:29 <DIR> d-------- C:\Programas\DIFX
2008-02-25 10:29 . 2008-02-25 17:08 <DIR> d-------- C:\Documents and Settings\Paul John Vicente\Application Data\PC Suite
2008-02-25 10:29 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-02-25 10:28 . 2008-02-25 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-02-25 10:19 . 2008-02-25 10:19 <DIR> d-------- C:\Programas\MSXML 6.0
2008-02-22 13:14 . 2008-03-17 09:38 2,828 --ahs---- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
2008-02-22 13:14 . 2008-02-22 13:14 8 -r-hs---- C:\Documents and Settings\All Users\Application Data\C1971CF8B0.sys

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-17 17:04 --------- d-----w C:\Programas\Nexus_Radio
2008-03-17 17:00 --------- d-----w C:\Programas\Nexus Radio
2008-03-14 19:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-14 19:37 --------- d-----w C:\Programas\Spybot - Search & Destroy
2008-03-12 12:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-10 13:47 196,608 ----a-w C:\WINDOWS\system32\drivers\nStandard.bin
2008-02-22 13:14 --------- d-----w C:\Documents and Settings\Paul John Vicente\Application Data\Corel
2008-02-07 13:51 --------- d-----w C:\Documents and Settings\Paul John Vicente\Application Data\Autodesk
2008-02-07 13:28 --------- d-----w C:\Programas\Ficheiros comuns\Autodesk Shared
2008-02-07 13:28 --------- d-----w C:\Programas\AutoCAD 2007
2008-02-07 13:28 --------- d-----w C:\Programas\AnswerWorks 4.0
2008-02-07 13:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-02-07 13:25 --------- d-----w C:\Programas\Autodesk
2008-02-04 18:54 --------- d-----w C:\Documents and Settings\Paul John Vicente\Application Data\Creative
2008-02-04 18:50 --------- d--h--w C:\Programas\InstallShield Installation Information
2008-02-04 18:50 --------- d-----w C:\Programas\Creative
2008-02-01 19:44 --------- d-----w C:\Programas\TuneUp Utilities 2007
.

((((((((((((((((((((((((((((( snapshot@2008-03-07_15.15.11.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2000-08-31 08:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2007-08-28 23:19:32 136,064 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\CONTAB32.DLL
+ 2007-08-24 04:49:12 89,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\DLGSETP.DLL
+ 2007-10-05 20:37:38 17,927,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\EXCEL.EXE
+ 2007-08-24 04:49:40 342,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\MIMEDIR.DLL
+ 2007-08-28 23:20:20 2,949,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OLMAPI32.DLL
+ 2007-08-24 05:42:40 663,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OMSMAIN.DLL
+ 2007-08-24 05:42:44 195,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OMSXP32.DLL
+ 2007-08-28 23:20:44 600,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OUTLMIME.DLL
+ 2007-09-06 18:01:10 12,836,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OUTLOOK.EXE
+ 2007-08-28 23:22:04 180,128 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\OUTLPH.DLL
+ 2007-08-24 04:51:48 416,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\PSTPRX32.DLL
+ 2007-08-24 04:52:08 266,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\SCNPST32.DLL
+ 2007-08-24 04:52:10 275,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\SCNPST64.DLL
+ 2007-10-02 20:00:06 14,708,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\XL12CNV.EXE
+ 2007-08-24 05:14:14 13,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6215\XLCALL32.DLL
+ 2005-12-08 03:18:40 258,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ArtisticMediaTool.dll
+ 2005-12-08 03:18:40 98,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ArtisticMediaToolCore.dll
+ 2005-12-08 03:18:42 946,176 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\BaseToolCore.dll
+ 2005-12-08 03:18:42 122,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\BezierFreeHandToolCore.dll
+ 2005-12-08 03:18:42 49,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\BezierTool.dll
+ 2005-12-08 03:18:44 237,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\BlendTool.dll
+ 2005-12-08 03:18:44 172,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\BlendToolCore.dll
+ 2005-12-08 03:18:44 57,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\bsplinecore.dll
+ 2005-12-07 23:38:56 339,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\cap.exe
+ 2005-12-08 03:18:44 26,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\Caphk.dll
+ 2005-12-07 23:39:04 57,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\Capture.exe
+ 2005-12-08 03:18:44 57,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CDRAUTOSENSE.dll
+ 2005-12-07 23:52:34 163,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrConv.exe
+ 2005-12-08 03:18:46 3,305,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrCore.dll
+ 2005-12-08 03:18:46 147,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrCpr.dll
+ 2005-12-08 03:18:46 376,832 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CDRCRV.dll
+ 2005-12-08 03:18:46 417,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CDRFLT.dll
+ 2005-12-08 03:18:46 307,200 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrFnt.dll
+ 2005-12-08 03:18:46 1,486,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrGfx.dll
+ 2005-12-08 03:18:46 31,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrHlp.dll
+ 2005-12-08 03:18:46 180,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrIco.dll
+ 2005-12-08 03:18:46 86,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrOLE.dll
+ 2005-12-08 03:18:46 1,105,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrPDF.dll
+ 2005-12-08 03:18:46 110,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrPDFCmp.dll
+ 2005-12-08 03:18:46 208,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrPDFUI.dll
+ 2005-12-08 03:18:48 1,740,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrPrn.dll
+ 2005-12-08 03:18:48 901,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrPsi.dll
+ 2005-12-08 03:18:48 1,200,128 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\cdrrip.dll
+ 2005-12-08 03:18:48 208,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrSty.dll
+ 2005-12-08 03:18:48 1,343,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrTra.dll
+ 2005-12-08 03:18:48 131,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrTxr.dll
+ 2005-12-08 03:18:48 860,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrTxt.dll
+ 2005-12-08 03:18:48 1,318,912 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CdrTxtUI.dll
+ 2005-12-08 03:18:48 237,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CDRUTL.dll
+ 2005-12-08 03:18:50 102,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ConnectorTool.dll
+ 2005-12-08 03:18:50 34,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ConnectorToolCore.dll
+ 2005-12-08 03:18:50 225,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ContourTool.dll
+ 2005-12-08 03:18:56 9,711,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CorelDrw.dll
+ 2005-12-08 01:11:48 196,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CorelDRW.exe
+ 2005-12-08 03:18:56 6,184,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CorelPP.dll
+ 2005-12-08 01:23:34 86,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CorelPP.exe
+ 2005-12-08 03:18:56 471,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLCLR.dll
+ 2005-12-08 03:18:56 442,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLCMNRES.dll
+ 2005-12-08 03:18:58 835,584 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLCTL.dll
+ 2005-12-08 03:18:58 892,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLCUI.dll
+ 2005-12-08 03:18:58 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlDocAnalyzer.dll
+ 2005-12-08 03:18:58 339,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLFOM.dll
+ 2005-12-08 03:18:58 548,864 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLFOMUI.dll
+ 2005-12-08 03:18:58 1,703,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLFRMWK.dll
+ 2005-12-08 03:18:58 397,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFUI.dll
+ 2005-12-08 03:19:00 561,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFX.dll
+ 2005-12-08 03:19:00 516,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFX3D.dll
+ 2005-12-08 03:19:00 815,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXAdjustTrans.dll
+ 2005-12-08 03:19:00 430,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXArtStrokes.dll
+ 2005-12-08 03:19:00 405,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXBlur.dll
+ 2005-12-08 03:19:00 139,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXClrTrans.dll
+ 2005-12-08 03:19:00 110,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXContour.dll
+ 2005-12-08 03:19:00 200,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXControls.dll
+ 2005-12-08 03:19:00 503,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXCreative.dll
+ 2005-12-08 03:19:00 311,296 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXCustom.dll
+ 2005-12-08 03:19:02 507,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXDistort.dll
+ 2005-12-08 03:19:02 294,912 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXNoise.dll
+ 2005-12-08 03:19:02 249,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXRender.dll
+ 2005-12-08 03:19:02 184,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXSharpen.dll
+ 2005-12-08 03:19:02 376,832 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlFXTexture.dll
+ 2005-12-08 03:19:02 86,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLI18N.dll
+ 2005-12-08 03:19:02 34,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlImgToolbox.dll
+ 2005-12-08 03:19:02 10,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlITBClient.dll
+ 2005-12-08 03:19:02 593,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlIUI.dll
+ 2005-12-08 03:19:02 200,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLLSHAPE.dll
+ 2005-12-08 03:19:02 172,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlMath.dll
+ 2005-12-08 03:19:20 942,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLPDFImport.dll
+ 2005-12-08 03:19:02 41,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlPPD.dll
+ 2005-12-08 03:19:02 225,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlPreflight.dll
+ 2005-12-08 03:19:02 151,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlRcvyCore.dll
+ 2005-12-08 03:19:04 90,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\crltransient.dll
+ 2005-12-08 03:19:04 27,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CrlTwain.dll
+ 2005-12-08 03:19:04 417,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLUTL.dll
+ 2005-12-08 03:19:04 225,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\crlvect.dll
+ 2005-12-08 03:19:04 73,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CRLWEB.dll
+ 2005-12-07 23:36:14 225,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\CSBProf.exe
+ 2005-12-08 03:19:04 258,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\DimensionTool.dll
+ 2005-12-08 03:19:04 53,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\DimensionToolCore.dll
+ 2005-12-08 03:19:04 163,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\DistortionTool.dll
+ 2005-12-08 03:19:06 167,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\DropShadowTool.dll
+ 2005-12-08 03:19:06 19,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\DrwBrushToolCore.dll
+ 2005-12-08 03:19:06 86,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\DrwRoughenTool.dll
+ 2005-12-08 02:30:16 1,347,584 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\dsrdr20.dll
+ 2005-12-08 03:19:06 81,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\EllipseTool.dll
+ 2005-12-08 03:19:06 69,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\EllipseToolCore.dll
+ 2005-12-08 03:19:06 225,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\EnvPerspTool.dll
+ 2005-12-08 03:19:06 94,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\EraserTool.dll
+ 2005-12-08 03:19:06 15,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\EraserToolCore.dll
+ 2005-12-08 03:19:08 339,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ExtrudeTool.dll
+ 2005-12-08 03:19:08 135,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\EyeDropperTool.dll
+ 2005-12-08 03:19:08 18,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\EyeDropperToolCore.dll
+ 2005-12-08 03:19:08 73,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\FHTransformTool.dll
+ 2005-12-08 03:19:08 155,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\FillTool.dll
+ 2005-12-08 03:19:08 348,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\FillToolCore.dll
+ 2005-03-08 11:33:44 147,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\Fn3API.dll
+ 2005-12-08 03:19:08 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\FreeHandTool.dll
+ 2005-12-08 03:19:08 57,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\GraphPaperTool.dll
+ 2005-12-08 03:19:10 49,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\GraphPaperToolCore.dll
+ 2005-12-08 02:08:40 114,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\imstype.DLL
+ 2005-12-08 02:10:02 1,212,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ISGDI32.DLL
+ 2005-12-08 03:19:10 57,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\KnifeTool.dll
+ 2005-12-08 03:19:10 16,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\KnifeToolCore.dll
+ 2005-12-08 03:19:10 163,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\LiveShapeTool.dll
+ 2005-12-08 03:19:10 18,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\LiveShapeToolCore.dll
+ 2005-12-08 03:19:10 118,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\MeshFillTool.dll
+ 2005-12-08 03:19:10 69,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\MeshFillToolCore.dll
+ 2005-12-08 03:19:10 110,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\NodeEditTool.dll
+ 2005-12-08 03:19:10 135,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\NodeEditToolCore.dll
+ 2005-12-08 03:19:12 126,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\OutlineTool.dll
+ 2005-12-08 03:19:12 90,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\OutlineToolCore.dll
+ 2005-12-08 03:19:12 81,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PartialDeleteTool.dll
+ 2005-12-08 03:19:12 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PenTool.dll
+ 2005-12-08 03:19:12 184,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PickTool.dll
+ 2005-12-08 03:19:12 212,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PickToolCore.dll
+ 2005-12-08 03:19:14 13,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\pluginbasetoolcore.dll
+ 2005-12-08 03:19:14 102,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PolygonTool.dll
+ 2005-12-08 03:19:14 86,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PolygonToolCore.dll
+ 2005-12-08 03:19:14 73,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PolylineTool.dll
+ 2005-12-08 03:19:14 13,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PolylineToolCore.dll
+ 2005-12-08 03:19:14 372,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPBrush.dll
+ 2005-12-08 03:19:14 229,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPCrop.dll
+ 2005-12-08 03:19:14 90,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPEyedrop.dll
+ 2005-12-08 03:19:16 159,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPFill.dll
+ 2005-12-08 03:19:16 241,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPMask.dll
+ 2005-12-08 03:19:16 196,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPNode.dll
+ 2005-12-08 03:19:16 114,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPPick.dll
+ 2005-12-08 03:19:16 192,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPShape.dll
+ 2005-12-08 03:19:18 204,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPText.dll
+ 2005-12-08 03:19:18 344,064 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPTrans.dll
+ 2005-12-08 03:19:18 86,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPWeb.dll
+ 2005-12-08 03:19:18 86,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PPZoom.dll
+ 2005-12-07 23:29:24 110,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PrintWiz.exe
+ 2005-12-08 03:19:18 32,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\PromptToolCore.dll
+ 2005-12-08 03:19:18 5,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\QD3Dts.dll
+ 2005-12-07 23:24:32 249,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\RecoShapeFactory.dll
+ 2005-12-08 03:19:18 98,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\RectangleTool.dll
+ 2005-12-08 03:19:18 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\RectangleToolCore.dll
+ 2005-12-08 03:19:18 253,952 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ScComp.dll
+ 2005-12-08 03:17:50 114,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ScCRes.dll
+ 2005-12-08 03:19:18 237,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ScInt.dll
+ 2005-12-08 03:19:18 122,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ShapeRecognitionTool.dll
+ 2005-12-08 03:19:18 13,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ShapeRecognitionToolCore.dll
+ 2005-12-08 03:19:18 98,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\SmudgeTool.dll
+ 2005-12-08 03:19:18 69,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\SpiralTool.dll
+ 2005-12-08 03:19:18 57,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\SpiralToolCore.dll
+ 2005-12-08 03:19:20 249,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\SymbolTool.dll
+ 2005-12-08 03:19:20 155,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\TextTool.dll
+ 2005-12-08 03:19:20 69,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ThreePtCurveTool.dll
+ 2005-12-08 03:19:20 69,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ThreePtEllipseTool.dll
+ 2005-12-08 03:19:20 69,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ThreePtRectTool.dll
+ 2005-12-08 03:19:20 221,184 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\TransparencyTool.dll
+ 2005-12-08 03:19:20 45,056 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\TransparencyToolCore.dll
+ 2005-12-07 22:48:40 9,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\UnregIco.exe
+ 2005-12-08 03:19:24 122,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\Visio2000.dll
+ 2005-12-08 03:19:24 102,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\Visio5.dll
+ 2005-12-08 03:19:20 155,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ZoomPanTool.dll
+ 2005-12-08 03:19:20 21,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.0.0\ZoomPanToolCore.dll
+ 2006-06-05 06:35:16 872,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\8358123696A4F79448550924160B9E4E\13.1.0\CdrTxt.dll
+ 2008-03-17 18:33:02 65,536 ----a-r C:\WINDOWS\Installer\{32A72502-BC2C-4C39-ACEA-BC3D463F0697}\ARPPRODUCTICON.exe
+ 2008-03-17 18:15:59 65,536 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\ARPPRODUCTICON.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9_1.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut90.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut900.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9000.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9001.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut901.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut902.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut91.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut910.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9100.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut9101.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut911.exe
+ 2008-03-17 18:15:59 45,056 ----a-r C:\WINDOWS\Installer\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}\NewShortcut912.exe
+ 2008-03-17 18:14:10 22,758 ----a-r C:\WINDOWS\Installer\{63218538-4A69-497F-8455-904261B0E9E4}\ARPPRODUCTICON.exe
+ 2008-03-17 18:14:10 65,536 ----a-r C:\WINDOWS\Installer\{63218538-4A69-497F-8455-904261B0E9E4}\NewShortcut1.exe
+ 2008-03-17 18:14:10 65,536 ----a-r C:\WINDOWS\Installer\{63218538-4A69-497F-8455-904261B0E9E4}\NewShortcut2.exe
+ 2008-03-17 18:14:10 65,536 ----a-r C:\WINDOWS\Installer\{63218538-4A69-497F-8455-904261B0E9E4}\NewShortcut4.exe
+ 2008-03-17 18:14:10 65,536 ----a-r C:\WINDOWS\Installer\{63218538-4A69-497F-8455-904261B0E9E4}\NewShortcut5.exe
+ 2008-03-17 18:14:10 65,536 ----a-r C:\WINDOWS\Installer\{63218538-4A69-497F-8455-904261B0E9E4}\NewShortcut8.exe
- 2008-02-13 09:52:03 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-03-12 12:16:06 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-02-13 09:52:03 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-03-12 12:16:06 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-02-13 09:52:03 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-03-12 12:16:06 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-02-13 09:52:03 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-03-12 12:16:06 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-02-13 09:52:03 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-03-12 12:16:06 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-02-13 09:52:03 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-03-12 12:16:06 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-02-13 09:52:04 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-03-12 12:16:06 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-02-13 09:52:03 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-03-12 12:16:06 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-02-13 09:52:03 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-03-12 12:16:06 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-02-13 09:52:03 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-03-12 12:16:06 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-02-13 09:52:03 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-03-12 12:16:06 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-02-13 09:52:03 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-03-12 12:16:06 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-03-17 18:15:46 65,536 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\ARPPRODUCTICON.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1028.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1031.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1036.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1040.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1041.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1042.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1043.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1046.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_1053.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_2052.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
+ 2008-03-17 18:15:46 34,304 ----a-r C:\WINDOWS\Installer\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}\misc.exe_3082.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
- 2008-02-29 09:55:28 2,944,056 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-03-17 18:55:36 2,943,504 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-02-22 01:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-22 01:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-22 02:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2008-02-04 23:09:46 18,214,008 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-03-05 16:30:54 19,148,408 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-03-18 19:10:35 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_648.dat
+ 2008-03-17 18:12:28 1,230,336 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 11:00 15360]
"WMPNSCFG"="C:\Programas\Windows Media Player\WMPNSCFG.exe" [2007-01-05 20:08 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 06:49 16126464 C:\WINDOWS\RTHDCPL.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 13:00 79224]
"Acrobat Assistant 8.0"="C:\Programas\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 19:54 623992]
"Adobe_ID0EYTHM"="C:\PROGRA~1\FICHEI~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160]
"KBDriver"="C:\Programas\Keyboard Driver\OEMDriver.exe" [2006-07-25 20:07 151552]
"GrooveMonitor"="C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"!AVG Anti-Spyware"="C:\Programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"= WinSpooler.exe
"WinUpdating"= WinUpdating.exe

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnkjgh]
nnnkjgh.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=C:\Programas\Windows Media Player\WMPNSCFG.exe
"MsnMsgr"="C:\Programas\Windows Live\Messenger\MsnMsgr.Exe" /background
"PC Suite Tray"="C:\Programas\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GrooveMonitor"="C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe"
"Alcmtr"=ALCMTR.EXE
"ISUSScheduler"="C:\Programas\Ficheiros comuns\InstallShield\UpdateService\issch.exe" -start
"NeroFilterCheck"=C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
"StartCCC"=C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
"ISUSPM Startup"="C:\Programas\Ficheiros comuns\InstallShield\UpdateService\ISUSPM.exe" -startup
"SunJavaUpdateSched"="C:\Programas\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programas\\Bonjour\\mDNSResponder.exe"=
"C:\\Programas\\Ficheiros comuns\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"C:\\Programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"C:\\Programas\\PhotoPRINT SERVER-PRO 4.6v2\\Program\\App2.exe"=
"C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programas\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-04 11:00]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-10-23 17:48]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 06:12]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2007-10-23 17:48]
S2 Par1284;Par1284;C:\Programas\PhotoPRINT SERVER-PRO 4.6v2\Program\Par1284.sys [2005-03-02 11:13]
S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2005-04-14 01:00]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a930d864-e600-11dc-adf1-001d6093e9ad}]
\Shell\Auto\command - UFO.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL UFO.exe

.
Conteúdo da pasta 'Tarefas Agendadas'
"2008-03-14 17:16:29 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Programas\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-03-18 18:30:05 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Programas\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-18 19:11:24
Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso
Ficheiros ocultos: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Programas\Alwil Software\Avast4\ashWebSv.exe
C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
.
**************************************************************************
.
Tempo para conclusão: 2008-03-18 19:14:41 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-18 19:14:39
ComboFix2.txt 2008-03-07 15:15:30
.
2008-03-12 12:16:12 --- E O F ---

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:44 AM

Posted 18 March 2008 - 09:31 PM

ComboFix logs should not to be posted outside the HijackThis forums. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic explaining the nature of your problem. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

This topic is now closed.
The BC Staff
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users