Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Installer error and google redirect problems


  • This topic is locked This topic is locked
16 replies to this topic

#1 Ch2is

Ch2is

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 17 September 2009 - 05:39 PM

I've been having problems with google installer errors popping up every 10 minutes or so, also i'm being redirected to a random site every time i click a google search result links

Rootrepeal isn't working, every time i try to open it an error pops up and says "Could not read the boot sector. Try adjusting the Disk Access level in the options dialog. "

here is my DDS log





DDS (Ver_09-07-30.01) - NTFSx86
Run by Compaq_Owner at 0:43:58.14 on Thu 09/17/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1214.187 [GMT -4:00]

AV: Trend Micro AntiVirus - Virus Protection *On-access scanning disabled* (Outdated) {9596F8E6-38C3-4C51-80B9-8C94D2E25B07}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
C:\Program Files\VentSrv\ventrilo_svc.exe
C:\Program Files\VentSrv\ventrilo_srv.exe
C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe
C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Compaq_Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\ParetoLogic\PLAVEngine\ScanningProcess.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm265YYUS&fl=0&ptb=Iyi25adOF66mXViAPAgkHw&url=http://www.ask.com/web&q={searchTerms}&l=zu&o=sb
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
TB: IE Custom Tools: {c4dfa6f3-1245-41e5-8e60-7d31427f01b3} - c:\program files\video add-on\ictmdl.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
uRun: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /S
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [braviax] c:\windows\system32\braviax.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Octoshape Streaming Services] "c:\documents and settings\compaq_owner\application data\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun
uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
mRun: [Trend Micro AntiVirus 2007] c:\program files\trend micro\antivirus 2007\tavui.exe -1 --delay 15
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [ParetoLogic Anti-Virus PLUS] "c:\program files\paretologic\anti-virus plus\Pareto_AV.lnk" -NM -hidesplash
uPolicies-system: EnableProfileQuota = 1 (0x1)
IE: &Search
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
LSP: %SYSTEMROOT%\system32\tmlsp.dll
LSP: c:\windows\system32\INetHTTPFilter.dll
Trusted Zone: louisvillmojo.com
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - hxxps://setup.bellsouth.net/wizlet/PWReset/static/controls/WebflowActiveXInstaller_4-2-1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Filter: text/html - {679f30ad-0663-4524-acdf-9baa92358865} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: jkkLCtqO - jkkLCtqO.dll
Notify: ssqOGwTK - ssqOGwTK.dll
AppInit_DLLs: avgrsstx.dll izzgsq.dll c:\docume~1\compaq~1\locals~1\temp\74044687855mxx.dll c:\windows\system32\tuhuguhi.dll c:\windows\system32\bekalite.dll c:\windows\system32\gafilumu.dll c:\windows\system32\puzohilo.dll c:\windows\system32\limobudo.dll ,c:\windows\system32\fudimapo.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: aposiopetic: {91316323-2ad5-4794-9589-52a2eaa60a68} - c:\windows\system32\shlahsd.dll
STS: c:\windows\system32\sdcvddd.dll: {d76ab2a1-00f3-42bd-f434-00bbc39c8953} - c:\windows\system32\sdcvddd.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\jkkKaxYr
LSA: Notification Packages = scecli c:\windows\system32\gafilumu.dll c:\windows\system32\puzohilo.dll c:\windows\system32\limobudo.dll c:\windows\system32\fudimapo.dll

================= FIREFOX ===================

FF - ProfilePath -

============= SERVICES / DRIVERS ===============

R0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-7-31 42376]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-14 335752]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-12-14 27784]
R1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-7-31 66952]
R1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-7-31 81288]
R1 KLIF;KLIF;c:\windows\system32\drivers\klif.sys [2009-9-16 186128]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-12-14 298776]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-7-31 356920]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-7-31 1073544]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-9-4 1247600]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-2-25 36368]
R2 tmproxy;Trend Micro Proxy Service;c:\program files\trend micro\antivirus 2007\components\TmProxy.exe [2007-1-22 566872]
R2 ZeppelinService;plasservice;c:\program files\common files\paretologic\plas\plasservice.exe [2009-2-18 587216]
S2 edbqhrp;edbqhrp;\??\c:\windows\system32\drivers\aiabybbupj.sys --> c:\windows\system32\drivers\aiabybbupj.sys [?]
S2 fhdofykvhayzqjz;fhdofykvhayzqjz;\??\c:\windows\system32\drivers\lcbjfiegedfht.sys --> c:\windows\system32\drivers\lcbjfiegedfht.sys [?]
S2 fvjs;fvjs;c:\windows\system32\drivers\kzxykxd.sys --> c:\windows\system32\drivers\kzxykxd.sys [?]
S2 gupdate1c9876f9547267c;Google Update Service (gupdate1c9876f9547267c);c:\program files\google\update\GoogleUpdate.exe [2009-2-5 133104]
S2 rlyvhtln;rlyvhtln;c:\windows\system32\drivers\ddrusb.sys --> c:\windows\system32\drivers\ddrusb.sys [?]
S2 SheellHWD;Shell Hardware Detecetion;c:\program files\common files\microsoft shared\msinfo\upsetup.exe --> c:\program files\common files\microsoft shared\msinfo\upsetup.exe [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-8-4 24652]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]

=============== Created Last 30 ================

2009-09-16 23:52 5,460 a------- c:\windows\system32\9375dow5loader143z.bin
2009-09-16 20:03 14,018 a------- c:\windows\6432adzwar59478.bin
2009-09-16 02:33 32 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-09-16 02:33 32 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-09-16 02:33 32 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-09-16 02:33 32 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-09-16 02:09 5,089 a------- C:\rollback.ini
2009-09-16 02:00 <DIR> --d----- c:\program files\ParetoLogic
2009-09-16 02:00 <DIR> --d----- c:\program files\common files\ParetoLogic
2009-09-16 02:00 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ParetoLogic Anti-Virus PLUS
2009-09-16 02:00 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ParetoLogic
2009-09-14 00:06 12,355 a------- c:\windows\9cfzvir1955.bin
2009-09-12 17:06 5,215 a------- c:\windows\55dad9wnlzader81.exe
2009-09-10 22:45 11,123 a------- c:\windows\system32\1057859y70z.ocx
2009-09-10 16:36 3,548 a------- c:\windows\40dzv9r5195.bin
2009-09-09 23:55 17,845 a------- c:\windows\z3710virus579.cpl
2009-09-09 00:34 2,681 a------- c:\windows\329estea5z57.exe
2009-09-08 09:53 15,544 a------- c:\windows\system32\94z8spy65d5.exe
2009-09-06 11:48 6,332 a------- c:\windows\2455backd5or2559z.ocx
2009-09-05 20:52 9,346 a------- c:\windows\4e75addw9re96z.bin
2009-09-05 00:04 54,156 a---h--- c:\windows\QTFont.qfn
2009-09-05 00:04 1,409 a------- c:\windows\QTFont.for
2009-09-03 15:02 10,668 a------- c:\windows\6529spa5boz59.exe
2009-09-03 15:00 3,448 a------- c:\windows\10z95spy59e9.dll
2009-09-03 07:53 8,843 a------- c:\windows\system32\2a39spar5ez216.exe
2009-09-02 17:28 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-09-02 17:28 <DIR> --d----- c:\docume~1\compaq~1\applic~1\SUPERAntiSpyware.com
2009-09-01 12:56 14,689 a------- c:\windows\system32\23zd9pyware5239.cpl
2009-09-01 06:31 13,907 a------- c:\windows\system32\23509p52fz.ocx
2009-08-31 00:23 <DIR> --d----- c:\docume~1\compaq~1\applic~1\Octoshape
2009-08-28 08:36 18,395 a------- c:\windows\5395spambotzd3.exe
2009-08-27 20:02 17,749 a------- c:\windows\system32\4c05d9znloader667.exe
2009-08-27 02:55 17,139 a------- c:\windows\system32\1485zvi9us45c.cpl
2009-08-27 01:00 11,533 a------- c:\windows\system32\75cfsparsz1189.exe
2009-08-26 23:23 15,512 a------- c:\windows\499zt5ief889.cpl
2009-08-26 17:55 13,257 a------- c:\windows\50591spamz9t65d.dll
2009-08-25 16:21 11,714 a------- c:\windows\system32\2656worm35z9.dll
2009-08-25 00:47 4,687 a------- c:\windows\297z4t5oj59b.exe
2009-08-24 04:20 11,136 a------- c:\windows\z9535t9oj5bf.ocx
2009-08-23 09:27 10,805 a------- c:\windows\system32\534109acztool7a6.dll
2009-08-22 01:15 16,464 a------- c:\windows\39195ackdoor1z41.exe
2009-08-20 17:31 7,458 a------- c:\windows\system32\1019virz59a8.dll
2009-08-19 19:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2009-08-18 11:25 13,117 a------- c:\windows\system32\233595a9ktzol5d.ocx

==================== Find3M ====================

2009-08-16 22:50 14,414 a------- c:\windows\2z653ha9ktool55d.bin
2009-08-16 08:39 9,294 a------- c:\windows\system32\12907n9t5azvirus282.dll
2009-08-14 00:34 14,511 a------- c:\windows\zb83thief9915.bin
2009-08-13 19:30 9,326 a------- c:\windows\6f5c5pazse1946.exe
2009-08-11 22:42 16,185 a------- c:\windows\system32\2z035ha5ktool99c.dll
2009-08-10 05:12 37,376 a--sh--- c:\windows\system32\denekilo.dll
2009-08-10 02:54 3,641 a------- c:\windows\5dbfzp9rse5213.dll
2009-08-09 17:12 84,480 a--sh--- c:\windows\system32\tufemivu.dll
2009-08-09 17:12 37,888 a--sh--- c:\windows\system32\pujadoli.dll
2009-08-09 05:11 84,480 a--sh--- c:\windows\system32\vosevodi.dll
2009-08-08 17:11 84,480 a--sh--- c:\windows\system32\fejogeku.dll
2009-08-08 05:11 84,480 a--sh--- c:\windows\system32\firahufu.dll
2009-08-08 05:11 37,888 a--sh--- c:\windows\system32\mivohilu.dll
2009-08-07 19:28 9,971 a------- c:\windows\system32\557s9a5se221z.bin
2009-08-07 17:11 85,504 a--sh--- c:\windows\system32\lolayelo.dll
2009-08-07 17:11 38,912 a--sh--- c:\windows\system32\kufefele.dll
2009-08-06 23:13 5,830 a------- c:\windows\system32\194bthrea59969z.exe
2009-08-03 01:07 37,888 a--sh--- c:\windows\system32\keradebu.dll
2009-08-02 03:18 6,619 a------- c:\windows\system32\496095oj2fz.dll
2009-07-26 20:33 11,448 a------- c:\windows\system32\21evirz9545.bin
2009-07-24 03:37 13,523 a------- c:\windows\system32\92z83spambot375.bin
2009-07-23 08:32 6,300 a------- c:\windows\system32\zcd6t95eat6655.bin
2009-07-23 04:09 16,601 a------- c:\windows\37dzbac9d5or229.bin
2009-07-18 03:34 8,160 a------- c:\windows\system32\598sp5rse165z.exe
2009-07-17 12:18 15,190 a------- c:\windows\system32\9424not-a-9irus572z.dll
2009-07-14 15:07 2,906 a------- c:\windows\8888not-z-vir5s569.dll
2009-07-14 10:01 3,645 a------- c:\windows\z74599py5dc5.dll
2009-07-14 08:40 10,708 a------- c:\windows\system32\5c77sp5waz92953.dll
2009-07-13 13:21 49,664 a--sh--- c:\windows\system32\devajusi.dll
2009-07-13 04:19 6,580 a------- c:\windows\62z9vi51181.exe
2009-07-12 18:18 7,697 a------- c:\windows\203z0s956e3.bin
2009-07-11 11:26 8,252 a------- c:\windows\system32\4332downl9zder1335.bin
2009-07-09 06:48 17,764 a------- c:\windows\system32\12947zorm250.bin
2009-07-07 12:24 18,367 a------- c:\windows\4d36addwa5e2z589.dll
2009-07-06 22:27 10,794 a------- c:\windows\9635spambot98cz.dll
2009-07-03 01:26 14,192 a------- c:\windows\2886zvi5us30e9.exe
2009-06-28 04:08 10,892 a------- c:\windows\716eb9ckdoorz657.exe
2009-06-27 02:03 5,497 a------- c:\windows\6939not-a5viruz13d.bin
2009-06-26 23:10 11,149 a------- c:\windows\z1635vi9usa3.dll
2009-06-26 18:01 10,864 a------- c:\windows\5e9bspyzare1599.exe
2009-06-26 03:32 9,489 a------- c:\windows\5349wormd2z.exe
2009-06-25 08:56 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-06-24 01:44 8,579 a------- c:\windows\system32\54ca9dwzre963.exe
2009-06-19 18:18 2,946 a------- c:\windows\15771z9rus45c.exe
2008-08-27 21:35 0 a------- c:\docume~1\compaq~1\applic~1\wklnhst.dat
2008-06-16 14:35 22,328 a------- c:\docume~1\compaq~1\applic~1\PnkBstrK.sys
2007-09-12 15:43 8 a------- c:\docume~1\compaq~1\applic~1\usb.dat.bin
2007-10-06 14:17 88 a--shr-- c:\windows\system32\07DCECF924.sys
2008-12-15 00:01 928,525 a--sh--- c:\windows\system32\hRYbLkkj.ini2
2007-10-06 14:18 2,516 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-01-22 16:03 414,169 a--sh--- c:\windows\system32\rYxaKkkj.ini2
2008-12-13 22:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008121320081214\index.dat

============= FINISH: 0:45:42.53 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:42 PM

Posted 26 September 2009 - 06:46 PM

Hello Ch2is,

I (as well as MicroSoft, McAfee and Symantec) recommend that you DO NOT have more than one anti virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms".

It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection.

In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove one of these.
Trend Micro AntiVirus or AVG Anti-Virus Free

Let me know when you have removed one of them, and which one you removed.

*********************

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
  • Please download Java Version 6 Update 16
  • Click the "Free Java Download" button.
  • Click "Free Java Download" again
  • Save the file jxpiinstall.exe to your desktop
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    Examples of older versions in Add or Remove Programs:
    J2SE Runtime Environment 5.0 Update 6
    Java 6 Update 5

  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jxpiinstall.exe to install the newest version.
*********************

Note: If you already have Malwarebytes installed on your computer, then update, run it and post the log.

Please download Malwarebytes' Anti-Malware from one of these places:
http://download.cnet.com/Malwarebytes-Anti...&tag=button
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/mbam/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Edited by SifuMike, 26 September 2009 - 06:56 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 Ch2is

Ch2is
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 29 September 2009 - 09:16 PM

I removed Trend antivirus and installed the latest java.

made sure my malwarebytes was up to date and ran a scan the following is the log from that scan.




Malwarebytes' Anti-Malware 1.38
Database version: 2297
Windows 5.1.2600 Service Pack 2

9/29/2009 10:08:27 PM
mbam-log-2009-09-29 (22-08-27).txt

Scan type: Quick Scan
Objects scanned: 116513
Time elapsed: 23 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.

#4 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:42 PM

Posted 29 September 2009 - 11:55 PM

Hi Ch2is,

Yyou still have a rookit so we will run ComboFix.

You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert.
It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.

Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
Please read Combofix's Disclaimer.
Further, ComboFix logs are not permitted outside the HijackThis forums and then only when requested by a HJT Team member.

You need to disable your AVG Antivirus before running ComboFix, as it will prevent it from running.

To disable AVG antivirus:
Please open the AVG Control Center program -> double-click on the "AVG Resident Shield" component (looks like this: Posted Image) -> deselect the "Turn on AVG Resident Shield" checkmark and save the setting.
When you need to enable the AVG Resident Shield, just open the AVG Control Center program -> double-click on the "AVG Resident Shield" component -> select the "Turn on AVG Resident Shield" checkmark and save the setting.


Note: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this copy.

Please visit this webpage for instructions for downloading and running ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

To work properly, you must install ComboFix on the Desktop..
Post the log from ComboFix in your next reply,

A caution - ComboFix may reset a number of Internet Explorer's settings, including making IE the default browser.
ComboFix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal and increase security. If this is an issue or makes it difficult for you -- please tell me.
Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
Do not run Combofix more than once.
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.
The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.
Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

Edited by SifuMike, 29 September 2009 - 11:56 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 Ch2is

Ch2is
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 30 September 2009 - 06:34 PM

I disabled the avg resist shield and downloaded combofix to my desktop but the program would not open.

#6 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:42 PM

Posted 30 September 2009 - 06:59 PM

Ch2is,


Delete the version of ComboFix you have on your desktop. <=== IMPORTANT


Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**
  • If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".
  • During the download, rename Combofix to Combo-Fix as follows:

    Posted Image

    Posted Image

  • It is important you rename Combofix during the download, but not after.
  • Please do not rename Combofix to other names, but only to the one indicated.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combo-Fix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" .
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**


Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything unless told to do so while we are fixing your problem.

Edited by SifuMike, 30 September 2009 - 07:01 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 Ch2is

Ch2is
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 30 September 2009 - 08:13 PM

ran combofix and here is my log


ComboFix 09-09-30.01 - Compaq_Owner 09/30/2009 20:26.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1214.656 [GMT -4:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\documents and settings\All Users\Application Data\90240926.ini
c:\documents and settings\Compaq_Owner\Desktop\AntiSpywareMaster.lnk
c:\documents and settings\Compaq_Owner\Local Settings\Temporary Internet Files\fbk.sts
c:\program files\Common
c:\program files\Helper
c:\program files\Internet Explorer\msimg32.dll
c:\windows\10278not-a-5i9zs514.exe
c:\windows\1045d5wnload9r20z6.dll
c:\windows\104935acztool25d9.exe
c:\windows\10505not9a-5izus501.bin
c:\windows\10a7tz59at27835.exe
c:\windows\10z95spy59e9.dll
c:\windows\1129sparse29z5.bin
c:\windows\11303n5t-azvirus4809.bin
c:\windows\115bs5ywar9z83.cpl
c:\windows\1205viru9225z.bin
c:\windows\12720zro975b.cpl
c:\windows\12744hzckto5l599.bin
c:\windows\12c5thie9z11.exe
c:\windows\12zor9519.ocx
c:\windows\13099spambot50z.cpl
c:\windows\131z9hacktool655.ocx
c:\windows\132425rzj1659.ocx
c:\windows\13685vi5usz09.ocx
c:\windows\13772ziru526f9.bin
c:\windows\1399spaz5e429.cpl
c:\windows\13f3spywa9e312z5.ocx
c:\windows\1428not-a-9ir5z557.ocx
c:\windows\14580tr9zc5.cpl
c:\windows\145esparz511229.bin
c:\windows\145z9ddware12.bin
c:\windows\14638s9y56z.exe
c:\windows\147339a5ktool30z.ocx
c:\windows\14846n5t-a-vi9zs1be.ocx
c:\windows\15103virzs1e19.dll
c:\windows\1512ad9ware91z.exe
c:\windows\151c5ir104z9.cpl
c:\windows\15279wor97zb.dll
c:\windows\15565zpy9d0.bin
c:\windows\155edownlza9er2738.bin
c:\windows\15771z9rus45c.exe
c:\windows\158spam95z424.bin
c:\windows\1593worz5f9.bin
c:\windows\15955zot-a9virusf7.ocx
c:\windows\15993not-z9v5rus1bb.dll
c:\windows\161z2s9ambot52e.ocx
c:\windows\16346wo5m7z49.exe
c:\windows\168v5rz2989.cpl
c:\windows\16d2spz9are2150.bin
c:\windows\17556not9a-virusz4e.exe
c:\windows\17zbadd5a9e173.dll
c:\windows\18506v59us5z1.ocx
c:\windows\18758not-9-virzs55e.ocx
c:\windows\189z8w5r9139.cpl
c:\windows\1913z9ot-a-virus6e65.exe
c:\windows\19405zpy57d.dll
c:\windows\1942zvir5s3ae.bin
c:\windows\1944steal285z9.exe
c:\windows\19551spazbot50e.ocx
c:\windows\19580w9z51e6.ocx
c:\windows\1970zp5525.ocx
c:\windows\1974sparsez552.exe
c:\windows\19791trzj6fa5.dll
c:\windows\19855zot-a-virus163.cpl
c:\windows\198919z5j3a6.cpl
c:\windows\1azdad9w5re548.dll
c:\windows\1b9bstza52531.exe
c:\windows\1c02s5e9l2z71.bin
c:\windows\1cd2backdozr25995.bin
c:\windows\1dz5ste9l4735.dll
c:\windows\1e845ownload9r3199z.dll
c:\windows\1z023vi9us3305.dll
c:\windows\1z129pambot25.exe
c:\windows\1z55hacktool1329.bin
c:\windows\1z889ir27765.exe
c:\windows\203z0s956e3.bin
c:\windows\2091hacktzo57b6.cpl
c:\windows\20941notza-9irus65c.cpl
c:\windows\20c55zr22339.cpl
c:\windows\21169not9a-viruz4e75.bin
c:\windows\215cz9r2454.exe
c:\windows\225zvi95s37c.exe
c:\windows\23650not-a-virus6z9.bin
c:\windows\2455backd5or2559z.ocx
c:\windows\24z759p5mbot34b.cpl
c:\windows\25167virus4f9z.bin
c:\windows\2522w9zm515.dll
c:\windows\25243szy539.dll
c:\windows\2531addwar5z59.bin
c:\windows\254z9troj294.exe
c:\windows\25581not-9zvirus759.exe
c:\windows\25667no5-z-v9rus4f0.ocx
c:\windows\25946not-a-zirus7f5.ocx
c:\windows\25a0addzare2719.bin
c:\windows\25z6vir7909.exe
c:\windows\25z9495rus546.cpl
c:\windows\26409zr825.bin
c:\windows\2655spy9are1z56.bin
c:\windows\26963sp9m5ot5z4.cpl
c:\windows\26cdst5alz859.cpl
c:\windows\27134v9zus2b5.ocx
c:\windows\27140tr9jz65.cpl
c:\windows\27622s5azbot9e4.dll
c:\windows\27955nzt-a-virus631.bin
c:\windows\2796spy9z5e2479.cpl
c:\windows\2821thre9t251z0.bin
c:\windows\2829thiez22915.cpl
c:\windows\28729not5a-vi9uz532.dll
c:\windows\2886zv95usa5.ocx
c:\windows\2886zvi5us30e9.exe
c:\windows\28992n5t-z-virus490.ocx
c:\windows\28zc9a5kdoor3158.cpl
c:\windows\2929zspam9ot545.dll
c:\windows\2948z5r9807.ocx
c:\windows\295z5hief8079.bin
c:\windows\295z6hackto5l238.cpl
c:\windows\297z4t5oj59b.exe
c:\windows\2996ad5zare604.cpl
c:\windows\2997viru52az.dll
c:\windows\299aspzrse3571.ocx
c:\windows\299z95r3199.cpl
c:\windows\29cfthi5fz91.ocx
c:\windows\2adcdow59oaderz068.ocx
c:\windows\2b4bvir29z95.exe
c:\windows\2b9cdo5zloa9er1268.exe
c:\windows\2bc9s9ea529z1.exe
c:\windows\2c85spy9a5e1z39.bin
c:\windows\2c9aa5dwarez1.bin
c:\windows\2dd2sze5l1691.exe
c:\windows\2ea6dozn9oader1506.cpl
c:\windows\2edown9oad5rz552.cpl
c:\windows\2ee85parse114z9.exe
c:\windows\2z653ha9ktool55d.bin
c:\windows\2z79tr5j71d.dll
c:\windows\2zcat59ef711.cpl
c:\windows\30026t9oj7z35.bin
c:\windows\30z42spa95ot207.exe
c:\windows\30zbstea956.exe
c:\windows\312d5zwnloader28869.exe
c:\windows\31448spamboz3a59.bin
c:\windows\31465ziru51b9.cpl
c:\windows\31509w9rz765.ocx
c:\windows\31558not-a9vir5sz91.bin
c:\windows\3159zworm699.exe
c:\windows\31z69virus60d5.ocx
c:\windows\3226t9zea56826.exe
c:\windows\32541zo9m59.cpl
c:\windows\32914wozm155.cpl
c:\windows\329estea5z57.exe
c:\windows\3356bzckdoor924.cpl
c:\windows\335zs9eal494.bin
c:\windows\33zsp9mbot775.ocx
c:\windows\356zv5r999.dll
c:\windows\370zth9ef2581.bin
c:\windows\3793doznl5ader1692.cpl
c:\windows\37dzbac9d5or229.bin
c:\windows\3869downzoader2145.cpl
c:\windows\3869tzief756.ocx
c:\windows\3888hac9toolz5a.ocx
c:\windows\390zhac9tool15.dll
c:\windows\39195ackdoor1z41.exe
c:\windows\393spywarz5233.cpl
c:\windows\39699wzrm17d5.dll
c:\windows\3974thz951527.exe
c:\windows\3995zirus5c8.ocx
c:\windows\39b1spz5are3001.dll
c:\windows\39e2thr9atz31455.bin
c:\windows\3b12thi9f685z.exe
c:\windows\3bb6thze51399.bin
c:\windows\3c07st5alz489.ocx
c:\windows\3c19zp5war91928.bin
c:\windows\3cb8virz599.cpl
c:\windows\3d5bth9eaz3519.bin
c:\windows\3d975ddware29z6.ocx
c:\windows\3da99hreat29257z.bin
c:\windows\3e45zparse5796.bin
c:\windows\3f6zsteal1659.cpl
c:\windows\3z49st5al1886.cpl
c:\windows\3zbet9reat57088.exe
c:\windows\3ze3steal559.bin
c:\windows\40dzv9r5195.bin
c:\windows\41739h5zf1966.dll
c:\windows\419z9y6065.cpl
c:\windows\4395add5arz2737.dll
c:\windows\44729ir5z15.dll
c:\windows\4526s9y53z5.ocx
c:\windows\4533zp9ware912.dll
c:\windows\4579tr595b2z.cpl
c:\windows\4580s9515z.ocx
c:\windows\4590thief26z.cpl
c:\windows\4597h5ck9ool695z.ocx
c:\windows\4599spyware59z9.exe
c:\windows\465zownl9ader644.exe
c:\windows\46z0spyware15159.bin
c:\windows\4719spyw5rz2945.cpl
c:\windows\4809zpywa5e452.cpl
c:\windows\4842dow5l9zder2980.exe
c:\windows\4875za9kdoor3074.cpl
c:\windows\4890troz955.bin
c:\windows\4912sparze3185.bin
c:\windows\492dt5zeat19649.ocx
c:\windows\4983trz574.ocx
c:\windows\499bsteal99z5.dll
c:\windows\499zt5ief889.cpl
c:\windows\4c6aspywzr5997.bin
c:\windows\4d36addwa5e2z589.dll
c:\windows\4d91st5zl907.dll
c:\windows\4e35doznloa9er582.dll
c:\windows\4e75addw9re96z.bin
c:\windows\4ez5st9al1840.exe
c:\windows\4f95z9ief1805.dll
c:\windows\4z5cspyw5re393.dll
c:\windows\4z8not-a-vi9u56f4.dll
c:\windows\4zada9d5are47.exe
c:\windows\50539ackdoor204z.cpl
c:\windows\50591spamz9t65d.dll
c:\windows\5129hackzool75c.cpl
c:\windows\512spar9e3z91.exe
c:\windows\5130z9r657.dll
c:\windows\5182spzwar5690.dll
c:\windows\5195spy3a9z.bin
c:\windows\5245not5azvirus57e9.bin
c:\windows\5329spazse2582.ocx
c:\windows\533zsparse16359.cpl
c:\windows\53491t9zj291.cpl
c:\windows\5349wormd2z.exe
c:\windows\5387spar9z3163.dll
c:\windows\5395spambotzd3.exe
c:\windows\53e9baczdoor1464.cpl
c:\windows\5407szy159.dll
c:\windows\540z9s9ambot65b.exe
c:\windows\54196trzj99.exe
c:\windows\5464z5rea914749.dll
c:\windows\5483downloa5e92658z.dll
c:\windows\55930not-a-viz9s69d.bin
c:\windows\55dad9wnlzader81.exe
c:\windows\55f4sp5rze1993.cpl
c:\windows\565thiez9462.ocx
c:\windows\5690not-a-v59uz544.cpl
c:\windows\56bzs95al344.exe
c:\windows\56d3vi51z729.bin
c:\windows\57025v9ruz2c1.ocx
c:\windows\57399spazbot585.dll
c:\windows\579zsteal5199.ocx
c:\windows\581zvir2199.ocx
c:\windows\583z5py90a.dll
c:\windows\5895backdoor2380z.cpl
c:\windows\58cfszeal9055.cpl
c:\windows\59455ddwzre19039.dll
c:\windows\5959hazkto9l705.cpl
c:\windows\5992addwzre508.cpl
c:\windows\59d2bzckdo5r306.cpl
c:\windows\5a21add5aze4399.ocx
c:\windows\5aceth9eat2973z.ocx
c:\windows\5azbdownlo9der3154.dll
c:\windows\5b4csteal16z9.bin
c:\windows\5c55th9ef5978z.bin
c:\windows\5c629ir2495z.ocx
c:\windows\5d80stez92709.cpl
c:\windows\5d855dd9are19z1.dll
c:\windows\5dbfzp9rse5213.dll
c:\windows\5de59iz629.exe
c:\windows\5e89thi5z1868.ocx
c:\windows\5e89thre5t142z3.bin
c:\windows\5e9bspyzare1599.exe
c:\windows\5z55downloader9639.cpl
c:\windows\5z58not-a-vi9us747.exe
c:\windows\5zc7th9e5181.ocx
c:\windows\6191thzef157.ocx
c:\windows\61despars594z.dll
c:\windows\6271vi9z532c.dll
c:\windows\62z4thief596.dll
c:\windows\62z9vi51181.exe
c:\windows\630zhackt5ol5d9.cpl
c:\windows\6432adzwar59478.bin
c:\windows\6508downzoade91144.bin
c:\windows\6529spa5boz59.exe
c:\windows\655fbackdoor1659z.exe
c:\windows\6585hac9toolze5.cpl
c:\windows\65a1v9r55z5.ocx
c:\windows\65ddthr9zt25162.bin
c:\windows\67bs9e5l3z67.dll
c:\windows\68c9ad5waz91972.dll
c:\windows\6915back5zor2337.dll
c:\windows\6939not-a5viruz13d.bin
c:\windows\69f5s5ar9e249z.exe
c:\windows\6a94spyz5re1290.cpl
c:\windows\6aca9pazse1752.cpl
c:\windows\6c159parse1586z.dll
c:\windows\6d17sp9rse1056z.ocx
c:\windows\6d239ackd5or4z9.bin
c:\windows\6eb1a5dwzr9444.ocx
c:\windows\6f5c5pazse1946.exe
c:\windows\6z61spars91155.exe
c:\windows\6za0sp59are938.exe
c:\windows\716eb9ckdoorz657.exe
c:\windows\71a09zd5are255.exe
c:\windows\72c9bzckdoo51574.bin
c:\windows\72z4vir5965.ocx
c:\windows\74695o9zb7.dll
c:\windows\7487backdooz29459.ocx
c:\windows\75179i55z7.ocx
c:\windows\75809irus71cz.cpl
c:\windows\7595troz15a9.bin
c:\windows\7596virusz9f.dll
c:\windows\75a6tzrea915793.exe
c:\windows\75bzir2907.dll
c:\windows\7716dow5loader2739z.cpl
c:\windows\778a9hi5f1z26.bin
c:\windows\7951thr5zt29687.bin
c:\windows\795b9ackdoo52z11.ocx
c:\windows\797avir1252z.bin
c:\windows\79vir56z0.ocx
c:\windows\7a1dsp9wa5e15z8.ocx
c:\windows\7a26backd5or295z9.exe
c:\windows\7a9c9p5ware29z7.dll
c:\windows\7f50spywaze498.bin
c:\windows\7z93addwa5e1394.exe
c:\windows\7zc2vir5909.cpl
c:\windows\7zf8spar9e745.cpl
c:\windows\8055not9z-virus4ee.ocx
c:\windows\8062hac5tool2z9.dll
c:\windows\822haz5tool928.ocx
c:\windows\8394zack5ool4fb9.exe
c:\windows\8527not-a-virz957e.exe
c:\windows\85909pamboz2b8.dll
c:\windows\86175zrmd49.exe
c:\windows\8888not-z-vir5s569.dll
c:\windows\8905za9ktool.dll
c:\windows\8959wo5m4z49.ocx
c:\windows\8z93s9y582.bin
c:\windows\901z5spambot5df.cpl
c:\windows\90437zpambo560f.bin
c:\windows\9065not-a-9irusz8c.dll
c:\windows\90945viruszd6.exe
c:\windows\92204vzrus650.dll
c:\windows\932v9z6515.bin
c:\windows\9375adzwar51552.bin
c:\windows\9395z9rus25e.bin
c:\windows\94274wozm562.exe
c:\windows\94b9tzief255.bin
c:\windows\954695rzj729.exe
c:\windows\9569zhief3069.bin
c:\windows\95b2steal2450z.ocx
c:\windows\961zspambot2e75.exe
c:\windows\9635spambot98cz.dll
c:\windows\9862zv5rus5de.exe
c:\windows\98acdownlzader20955.bin
c:\windows\9929spzrse2589.bin
c:\windows\995etzief495.cpl
c:\windows\9a4zspars53227.dll
c:\windows\9cfzvir1955.bin
c:\windows\9f7th5eat27297z.exe
c:\windows\9z504spy54e.ocx
c:\windows\ac9s59ware26z1.ocx
c:\windows\c79addwa5e2317z.exe
c:\windows\cz59ddware2188.ocx
c:\windows\d0ez5e9l2944.ocx
c:\windows\d67sp95sz1870.ocx
c:\windows\e4aszea92257.ocx
c:\windows\ff5s9ea53z17.bin
c:\windows\run.log
c:\windows\system32\1019virz59a8.dll
c:\windows\system32\10565ot-a-virus329z.exe
c:\windows\system32\1057859y70z.ocx
c:\windows\system32\10952z9cktool3bd.bin
c:\windows\system32\11339w5rm5az.exe
c:\windows\system32\11545spz79.dll
c:\windows\system32\119855oz92bf.bin
c:\windows\system32\1199znot-5-vi9us20e.bin
c:\windows\system32\12907n9t5azvirus282.dll
c:\windows\system32\12918hack9o5z3bd.exe
c:\windows\system32\12947zorm250.bin
c:\windows\system32\12b1s59al2679z.ocx
c:\windows\system32\1309spaz9e375.ocx
c:\windows\system32\13530sp9zbot216.dll
c:\windows\system32\13591vizus5.exe
c:\windows\system32\13765tro59z5.ocx
c:\windows\system32\1419zparse1552.dll
c:\windows\system32\1459thzeat6955.exe
c:\windows\system32\1485zvi9us45c.cpl
c:\windows\system32\14e95hrzat3965.dll
c:\windows\system32\150175pzmbo920a.dll
c:\windows\system32\1519v5rz092.exe
c:\windows\system32\15305v9ruz6075.bin
c:\windows\system32\15461ha9ktooz358.dll
c:\windows\system32\1583threaz93263.ocx
c:\windows\system32\15847zor92b.dll
c:\windows\system32\15916tzo560b.dll
c:\windows\system32\1592zviru54cd.ocx
c:\windows\system32\1595zw9rm22a.cpl
c:\windows\system32\16415zro95f5.bin
c:\windows\system32\16519v5zus4bf.bin
c:\windows\system32\1658zspambot219.exe
c:\windows\system32\17892hzcktool1105.ocx
c:\windows\system32\17895spamzot6549.bin
c:\windows\system32\1848495cktooz27b.dll
c:\windows\system32\18673nzt-a9virus25c.exe
c:\windows\system32\189d9tza5700.cpl
c:\windows\system32\18aethi9562z.dll
c:\windows\system32\19235virus53z.cpl
c:\windows\system32\194bthrea59969z.exe
c:\windows\system32\197daddzare9755.bin
c:\windows\system32\19802sp549z.bin
c:\windows\system32\198895azkto9l530.dll
c:\windows\system32\19azthr5at29503.dll
c:\windows\system32\19badd5arz608.ocx
c:\windows\system32\19z2spar953171.cpl
c:\windows\system32\19z91not-5-vi9us292.bin
c:\windows\system32\1a675ddware94z.bin
c:\windows\system32\1af1sparsez3529.bin
c:\windows\system32\1b5bspy9arz1460.exe
c:\windows\system32\1d95spyzare9515.cpl
c:\windows\system32\1db9ad5warz1426.bin
c:\windows\system32\1dz4backd59r1987.cpl
c:\windows\system32\1f79vi95z1.cpl
c:\windows\system32\1fc5spyzare2969.cpl
c:\windows\system32\1z057virus982.cpl
c:\windows\system32\1z87v9r1504.dll
c:\windows\system32\20056spamboz17c9.dll
c:\windows\system32\20499spamzo530b.dll
c:\windows\system32\20522szy4995.ocx
c:\windows\system32\21evirz9545.bin
c:\windows\system32\222369p5607z.exe
c:\windows\system32\226z0not-a-v9rus5f4.exe
c:\windows\system32\22718vi5us3z9.cpl
c:\windows\system32\229zworm522.bin
c:\windows\system32\233595a9ktzol5d.ocx
c:\windows\system32\2339zn5t-a-v9rus282.cpl
c:\windows\system32\23509p52fz.ocx
c:\windows\system32\23604hazkt5ol16a9.cpl
c:\windows\system32\23c2spyzare1995.bin
c:\windows\system32\23zd9pyware5239.cpl
c:\windows\system32\24113not-a-vi95z210.exe
c:\windows\system32\24561not-a9vzrus574.cpl
c:\windows\system32\24758troz298.ocx
c:\windows\system32\2479thie519z2.ocx
c:\windows\system32\24896s5ambotz3.exe
c:\windows\system32\25349worz739.exe
c:\windows\system32\256579roz101.exe
c:\windows\system32\25857wzr53ba9.dll
c:\windows\system32\2596hacktool3zf9.ocx
c:\windows\system32\25999zroj506.dll
c:\windows\system32\259dzackdoor2295.exe
c:\windows\system32\259z3spy285.exe
c:\windows\system32\25c15hreaz2592.exe
c:\windows\system32\25z58virus1649.cpl
c:\windows\system32\25z64spam9ot2a0.exe
c:\windows\system32\260529roj2z5.ocx
c:\windows\system32\26554s9ambot554z.ocx
c:\windows\system32\2656worm35z9.dll
c:\windows\system32\26z35hief12849.bin
c:\windows\system32\2729wo5m97z.dll
c:\windows\system32\27520zp91d0.dll
c:\windows\system32\27963t5oj7fz.bin
c:\windows\system32\27z03not5a9virus267.ocx
c:\windows\system32\28057spzmb9t2f5.exe
c:\windows\system32\286zhackt5ol39e.cpl
c:\windows\system32\2895hief264z.exe
c:\windows\system32\29313worz59a5.dll
c:\windows\system32\29559vizus3a05.bin
c:\windows\system32\2958zpya6.ocx
c:\windows\system32\29593wo9m25z.dll
c:\windows\system32\2974zpar5e59.bin
c:\windows\system32\2981zwo9m759.exe
c:\windows\system32\29973tzo5a1.bin
c:\windows\system32\29fz9ywar5650.bin
c:\windows\system32\2a39spar5ez216.exe
c:\windows\system32\2a9zbackd5o91999.bin
c:\windows\system32\2c5zad5war91328.ocx
c:\windows\system32\2cc2ste9l504z.dll
c:\windows\system32\2cecaddware2594z.dll
c:\windows\system32\2e59steal1539z.ocx
c:\windows\system32\2fdzt9r5at24419.dll
c:\windows\system32\2z035ha5ktool99c.dll
c:\windows\system32\2z059hack9ool58b.dll
c:\windows\system32\2z262sp5mbot6069.exe
c:\windows\system32\2z361vi5us2199.bin
c:\windows\system32\2z459worm5b79.dll
c:\windows\system32\2z46download9r3250.ocx
c:\windows\system32\302edoznlo5der9122.dll
c:\windows\system32\30544nzt-a-virus9e4.ocx
c:\windows\system32\30595wo5mz7e9.dll
c:\windows\system32\30781s5ambot15z9.exe
c:\windows\system32\30z6sparse30905.ocx
c:\windows\system32\31573vi5us16z9.dll
c:\windows\system32\31z51spa9bot77e5.cpl
c:\windows\system32\3249zddw5re9541.ocx
c:\windows\system32\329bspzw5re1134.ocx
c:\windows\system32\329zthrea55091.exe
c:\windows\system32\3399s5y5c3z.dll
c:\windows\system32\33z2do5nload9r776.exe
c:\windows\system32\33z5v9r2895.cpl
c:\windows\system32\35182zorm7c9.ocx
c:\windows\system32\35655spy297z.dll
c:\windows\system32\35730spam9otzd0.dll
c:\windows\system32\35bzsparse9236.ocx
c:\windows\system32\36dzsparse1905.exe
c:\windows\system32\37e5s9ywarez855.cpl
c:\windows\system32\3928thzef24845.dll
c:\windows\system32\39527spzmbot82.cpl
c:\windows\system32\3953zpy5a9e168.bin
c:\windows\system32\3959doznloader3563.cpl
c:\windows\system32\396fspyware289z5.dll
c:\windows\system32\39e0thze9t28587.cpl
c:\windows\system32\39z495rus769.bin
c:\windows\system32\3az85parse99.exe
c:\windows\system32\3b255t9al1365z.bin
c:\windows\system32\3b7fthr9at142z15.ocx
c:\windows\system32\3b9dthie52z59.exe
c:\windows\system32\3c59down5oa9zr1931.bin
c:\windows\system32\3dzadd9ar51354.ocx
c:\windows\system32\3e7d59ief5z8.dll
c:\windows\system32\3z15downloader8965.cpl
c:\windows\system32\3z335worm3559.ocx
c:\windows\system32\3zc65hreat96209.dll
c:\windows\system32\3zeedownload5r906.ocx
c:\windows\system32\404c9pa5se2z78.ocx
c:\windows\system32\4067downlo95er55z.exe
c:\windows\system32\413ct9ie5z.cpl
c:\windows\system32\41f1spyw5re167z9.bin
c:\windows\system32\4221wo9m5z3.bin
c:\windows\system32\42925py629z.exe
c:\windows\system32\4299thze5t9550.ocx
c:\windows\system32\4332downl9zder1335.bin
c:\windows\system32\4395zhief2306.dll
c:\windows\system32\4459thie52898z.cpl
c:\windows\system32\44zathreat15952.dll
c:\windows\system32\4523not-9-viruz48b.dll
c:\windows\system32\45b6viz2926.dll
c:\windows\system32\45c1spyw9re15z5.bin
c:\windows\system32\45z8threa925660.ocx
c:\windows\system32\46e6th9e5t29z15.bin
c:\windows\system32\47f2z5yware2951.ocx
c:\windows\system32\47fzthi5f8559.ocx
c:\windows\system32\49475azk9ool556.exe
c:\windows\system32\4951down9oadzr16.ocx
c:\windows\system32\496095oj2fz.dll
c:\windows\system32\49z6t5oj5dc.exe
c:\windows\system32\4b19hreat14z57.bin
c:\windows\system32\4c05d9znloader667.exe
c:\windows\system32\4c65spzrse198.bin
c:\windows\system32\4fe8t95ef25z2.bin
c:\windows\system32\5023addwa9ez36.ocx
c:\windows\system32\50409p5warez817.ocx
c:\windows\system32\50759z2829.cpl
c:\windows\system32\508539ormzd0.dll
c:\windows\system32\509zst95l474.dll
c:\windows\system32\50z59ownloader2513.dll
c:\windows\system32\50z9add5are1554.exe
c:\windows\system32\51z94hacktool2e7.dll
c:\windows\system32\527z9ir2545.dll
c:\windows\system32\5339zp56d5.cpl
c:\windows\system32\534109acztool7a6.dll
c:\windows\system32\53673z9rus41c.cpl
c:\windows\system32\54ca9dwzre963.exe
c:\windows\system32\54ze9ackdoo51940.ocx
c:\windows\system32\552689py4d2z.bin
c:\windows\system32\5559threzt4348.bin
c:\windows\system32\557s9a5se221z.bin
c:\windows\system32\5585vi9uszef.exe
c:\windows\system32\55a1sparsz59559.ocx
c:\windows\system32\55a49teal1419z.ocx
c:\windows\system32\55a4doznloade91852.bin
c:\windows\system32\55z9worm227.bin
c:\windows\system32\5619hi5z143.exe
c:\windows\system32\5691zorm7a0.ocx
c:\windows\system32\56czdownl9ader2868.ocx
c:\windows\system32\56czdownload9r10625.exe
c:\windows\system32\56z6vi9758.cpl
c:\windows\system32\5796s5yz9d.cpl
c:\windows\system32\57z5steal22895.dll
c:\windows\system32\58341virus199z.cpl
c:\windows\system32\5863spy9aze2138.bin
c:\windows\system32\58780t9oj2c3z.bin
c:\windows\system32\58easpyw5re96z.cpl
c:\windows\system32\592zs9eal1954.exe
c:\windows\system32\596519pambot766z.cpl
c:\windows\system32\5979szeal2753.bin
c:\windows\system32\5982zackdoor551.bin
c:\windows\system32\598sp5rse165z.exe
c:\windows\system32\598z2spy597.ocx
c:\windows\system32\59a4szarse5910.ocx
c:\windows\system32\59a8thie57z8.ocx
c:\windows\system32\59z6s9y5are2793.bin
c:\windows\system32\5a01downloa9zr2501.cpl
c:\windows\system32\5a6zsteal25969.dll
c:\windows\system32\5a95sparze652.bin
c:\windows\system32\5az1download9r1967.exe
c:\windows\system32\5ba3thiez19059.cpl
c:\windows\system32\5c63spywar527z99.exe
c:\windows\system32\5c77sp5waz92953.dll
c:\windows\system32\5cz0addware799.cpl
c:\windows\system32\5dez5hreat25249.cpl
c:\windows\system32\5e21b9ckdoo51z15.ocx
c:\windows\system32\5e54ad9ware9z2.exe
c:\windows\system32\5f525h9efz08.bin
c:\windows\system32\5f55sparse899z.bin
c:\windows\system32\5fazthi9f522.dll
c:\windows\system32\5z45addwa9e215.ocx
c:\windows\system32\5z55viru9555.ocx
c:\windows\system32\5z7espyware9301.exe
c:\windows\system32\60a7dowzloade92594.ocx
c:\windows\system32\60dfbackdz5r27429.cpl
c:\windows\system32\6187tro5zb9.ocx
c:\windows\system32\6259not-a-zirus1eb.exe
c:\windows\system32\64105hief3z259.exe
c:\windows\system32\6453downlo5de9z54.dll
c:\windows\system32\6485vir1926z.cpl
c:\windows\system32\65a0threat2529z.cpl
c:\windows\system32\65d0thief5z9.bin
c:\windows\system32\6617v9r5s31z.exe
c:\windows\system32\6624threzt148195.bin
c:\windows\system32\66e8zhrea925269.cpl
c:\windows\system32\66z5thief9845.dll
c:\windows\system32\6757stezl1598.ocx
c:\windows\system32\6923zownloade51919.ocx
c:\windows\system32\695zth5ef2137.cpl
c:\windows\system32\6986ba9kdoor2z515.cpl
c:\windows\system32\69915ackzoo914c.cpl
c:\windows\system32\6993d5wnloadez1361.ocx
c:\windows\system32\69ds9yzare17005.bin
c:\windows\system32\6aa89ddw5re2675z.dll
c:\windows\system32\6ac3zi532569.dll
c:\windows\system32\6aezv5r2498.ocx
c:\windows\system32\6cd6spazse5519.bin
c:\windows\system32\6d9avi5135z.bin
c:\windows\system32\6fz9spyw5re9815.bin
c:\windows\system32\6z87downloade91651.bin
c:\windows\system32\709zthi5f567.cpl
c:\windows\system32\70bado9nloader2385z.ocx
c:\windows\system32\7170szamb95722.dll
c:\windows\system32\728hzcktoo955c.bin
c:\windows\system32\7479stza95435.cpl
c:\windows\system32\7599dowzloader854.exe
c:\windows\system32\75cfsparsz1189.exe
c:\windows\system32\75fbzpa5se2799.ocx
c:\windows\system32\7684vzr529.ocx
c:\windows\system32\769zthief1545.ocx
c:\windows\system32\7759st95z3187.exe
c:\windows\system32\778cspzr9e5095.dll
c:\windows\system32\7891ad5wzre298.ocx
c:\windows\system32\79c5vir1132z.ocx
c:\windows\system32\7c50a5dwaze9858.exe
c:\windows\system32\7db9threa5z057.exe
c:\windows\system32\7f51spy9are44z.ocx
c:\windows\system32\7z11addwar92535.exe
c:\windows\system32\7z875orm109.ocx
c:\windows\system32\7zcdth9ef1534.bin
c:\windows\system32\8659spambzt9385.dll
c:\windows\system32\8907no9-a-vizus15a.bin
c:\windows\system32\9092thief85z.ocx
c:\windows\system32\9097worm7z5.exe
c:\windows\system32\90z59reat11265.exe
c:\windows\system32\91aad5wnloaderz496.bin
c:\windows\system32\9222z5ambot19f.exe
c:\windows\system32\92597wzrm6c4.dll
c:\windows\system32\92z83spambot375.bin
c:\windows\system32\9375dow5loader143z.bin
c:\windows\system32\9424not-a-9irus572z.dll
c:\windows\system32\94z8spy65d5.exe
c:\windows\system32\9554not-a-vizus56.bin
c:\windows\system32\9590hacktzold35.cpl
c:\windows\system32\9595wor5z8a.ocx
c:\windows\system32\95cszeal968.exe
c:\windows\system32\9665steaz3269.dll
c:\windows\system32\97145spyz155.ocx
c:\windows\system32\97185hacktzol5c25.cpl
c:\windows\system32\98757trzj95.ocx
c:\windows\system32\9ca5hrzat10193.ocx
c:\windows\system32\9d95spywz5e292.ocx
c:\windows\system32\9z517trojcb.cpl
c:\windows\system32\9z539roj678.dll
c:\windows\system32\9z5worm299.bin
c:\windows\system32\b5steal259z.ocx
c:\windows\system32\b90azdwar52815.bin
c:\windows\system32\bnpmaqnh.ini
c:\windows\system32\bojhrjum.ini
c:\windows\system32\c25st9al3177z.ocx
c:\windows\system32\das5eal95z.exe
c:\windows\system32\denekilo.dll
c:\windows\system32\devajusi.dll
c:\windows\system32\dfo0kxhp.exe
c:\windows\system32\drivers\UACwmiualhcngysfoouh.sys
c:\windows\system32\dz5spyware9069.dll
c:\windows\system32\e89t9zea520992.ocx
c:\windows\system32\ef65pyz9re2861.ocx
c:\windows\system32\elpwkesj.ini
c:\windows\system32\fa35tzal1129.dll
c:\windows\system32\grldlokp.ini
c:\windows\system32\hrfydfop.ini
c:\windows\system32\hRYbLkkj.ini
c:\windows\system32\hRYbLkkj.ini2
c:\windows\system32\hxpahxyp.ini
c:\windows\system32\keradebu.dll
c:\windows\system32\kufefele.dll
c:\windows\system32\lbbvgmci.ini
c:\windows\system32\lbqnwugg.ini
c:\windows\system32\mcrglhjw.ini
c:\windows\system32\mivohilu.dll
c:\windows\system32\musesiwo.dll.tmp
c:\windows\system32\pujadoli.dll
c:\windows\system32\rsjvpakv.ini
c:\windows\system32\rYxaKkkj.ini
c:\windows\system32\rYxaKkkj.ini2
c:\windows\system32\UACbosoysutiutpjvyqk.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACmnurvnfjssrrwbcnr.dll
c:\windows\system32\UACntatsaxkoyrhvjmdp.dll
c:\windows\system32\UACnyuhewdalptbtaeds.dat
c:\windows\system32\UACpifutbulmeuwopyrn.dll
c:\windows\system32\uactmp.db
c:\windows\system32\UACxgrvdqnyelrodoplg.db
c:\windows\system32\UACxkodlgerntgtrniax.dll
c:\windows\system32\uuyoayev.ini
c:\windows\system32\xrasahef.ini
c:\windows\system32\z0309viru56d8.ocx
c:\windows\system32\z145t95eat5859.dll
c:\windows\system32\z17555ackt9ol265.cpl
c:\windows\system32\z19spamb5t275.bin
c:\windows\system32\z250sparse5989.cpl
c:\windows\system32\z2833w9r5705.ocx
c:\windows\system32\z2d9sp5rse2617.cpl
c:\windows\system32\z40625roj5f59.dll
c:\windows\system32\z552hackt9ole95.bin
c:\windows\system32\z5559v9ru544c.cpl
c:\windows\system32\z561wor539b.ocx
c:\windows\system32\z5719orm514.exe
c:\windows\system32\z5792tro926c.bin
c:\windows\system32\z5915hacktoolc6.bin
c:\windows\system32\z720895oj13c.exe
c:\windows\system32\z7e5spywar92640.cpl
c:\windows\system32\z859hack9ool458.ocx
c:\windows\system32\z89bsparse1501.ocx
c:\windows\system32\z956spyware2255.cpl
c:\windows\system32\za59thief1754.exe
c:\windows\system32\zc6bspywa9e1511.cpl
c:\windows\system32\zcd6t95eat6655.bin
c:\windows\system32\zd96vir2757.exe
c:\windows\system32\zd9sparse2557.exe
c:\windows\system32\zf59spyware2640.dll
c:\windows\Tasks\bnlkezuq.job
c:\windows\wiaserviv.log
c:\windows\z02095o9m9f.dll
c:\windows\z10aspyware9578.bin
c:\windows\z1592worm9315.dll
c:\windows\z1635vi9usa3.dll
c:\windows\z2059sp511e.bin
c:\windows\z2595spy1589.exe
c:\windows\z3175tr9j7ad.ocx
c:\windows\z367spywa5e2977.bin
c:\windows\z3710virus579.cpl
c:\windows\z4359s59b6.exe
c:\windows\z454spyware9535.exe
c:\windows\z4732vi5us59f.dll
c:\windows\z4a65hreat44069.ocx
c:\windows\z572vir19519.exe
c:\windows\z593spy4999.ocx
c:\windows\z5f49teal1657.dll
c:\windows\z6119hac5tool68.bin
c:\windows\z74599py5dc5.dll
c:\windows\z7952spy50a5.cpl
c:\windows\z875spamb5t97a.cpl
c:\windows\z914add9are30595.exe
c:\windows\z9535t9oj5bf.ocx
c:\windows\z9d3sparse3530.exe
c:\windows\zae9addwa5e1859.cpl
c:\windows\zb79threat20568.dll
c:\windows\zb83thief9915.bin
c:\windows\zc91sparse19095.exe
c:\windows\zd5ddow9loader910.bin
c:\windows\ze2ethie51190.cpl
c:\windows\ze5ath9ef29245.dll
D:\Autorun.inf

c:\windows\system32\proquota.exe . . . is missing!!

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys
-------\Legacy_UACd.sys


((((((((((((((((((((((((( Files Created from 2009-09-01 to 2009-10-01 )))))))))))))))))))))))))))))))
.

2009-10-01 00:51 . 2009-10-01 00:51 -------- d-----w- C:\found.000
2009-09-30 22:46 . 2009-09-30 23:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-09-30 22:46 . 2009-09-30 22:46 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
2009-09-30 20:43 . 2009-09-30 22:03 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\0506813997
2009-09-30 01:34 . 2009-09-30 01:34 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-20 10:16 . 2009-09-20 10:16 68608 ----a-w- c:\windows\system32\drivers\omtvxviskorcioxp.sys
2009-09-16 06:33 . 2009-10-01 00:53 983072 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-16 06:33 . 2009-10-01 00:53 2848 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-09-16 06:00 . 2009-09-25 10:36 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-09-16 06:00 . 2009-09-25 10:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-09-03 03:19 . 2009-09-03 03:21 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-01 00:54 . 2007-12-17 06:44 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-01 00:46 . 2009-09-16 06:33 1316 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-01 00:46 . 2009-09-16 06:33 12524 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-09-30 22:46 . 2008-05-29 01:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-30 01:34 . 2006-09-04 22:01 -------- d-----w- c:\program files\Java
2009-09-30 01:25 . 2008-02-25 20:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-09-25 19:11 . 2007-12-09 05:45 -------- d-----w- c:\program files\World of Warcraft
2009-09-17 04:57 . 2009-08-11 16:35 -------- d-----w- c:\program files\PopCap Games
2009-08-31 04:23 . 2009-08-31 04:23 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Octoshape
2009-08-19 23:49 . 2009-08-19 23:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-08-11 17:38 . 2009-08-11 16:37 25 ----a-w- c:\windows\popcinfot.dat
2009-08-11 16:35 . 2009-08-11 16:35 -------- d-----w- c:\documents and settings\All Users\Application Data\PopCap Games
2009-08-09 21:12 . 2009-05-09 21:12 84480 --sha-w- c:\windows\system32\tufemivu.dll
2009-08-09 09:11 . 2009-05-09 09:11 84480 --sha-w- c:\windows\system32\vosevodi.dll
2009-08-08 21:11 . 2009-05-08 21:11 84480 --sha-w- c:\windows\system32\fejogeku.dll
2009-08-08 09:11 . 2009-05-08 09:11 84480 --sha-w- c:\windows\system32\firahufu.dll
2009-08-07 21:11 . 2009-05-07 21:11 85504 --sha-w- c:\windows\system32\lolayelo.dll
2009-08-05 06:15 . 2006-09-04 22:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-05 06:05 . 2009-08-05 06:05 -------- d-----w- c:\program files\Common Files\xing shared
2009-08-05 06:05 . 2006-09-04 22:23 -------- d-----w- c:\program files\Common Files\Real
2009-08-05 04:57 . 2009-08-05 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-08-05 04:57 . 2007-10-15 06:33 -------- d-----w- c:\program files\Google
2009-07-09 12:49 . 2008-12-15 03:20 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-09 04:12 . 2009-07-09 04:12 1152 ----a-w- c:\windows\system32\windrv.sys
2009-07-08 06:47 . 2008-01-02 06:14 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2007-10-06 18:17 . 2007-10-04 05:08 88 --sha-r- c:\windows\system32\07DCECF924.sys
2009-05-03 05:07 . 2009-05-03 05:07 49664 --sha-w- c:\windows\system32\davotudo.dll.tmp
2009-05-03 05:07 . 2009-05-03 05:07 49664 --sha-w- c:\windows\system32\jajulaze.dll.tmp
2007-10-06 18:18 . 2007-10-04 04:54 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-05-03 05:07 . 2009-05-03 05:07 49664 --sha-w- c:\windows\system32\leheliyo.dll.tmp
2009-05-07 21:10 . 2009-05-07 21:10 49664 --sha-w- c:\windows\system32\mojokase.dll.tmp
2009-05-07 21:10 . 2009-05-07 21:10 49664 --sha-w- c:\windows\system32\segivuva.dll.tmp
2009-05-07 21:10 . 2009-05-07 21:10 49664 --sha-w- c:\windows\system32\tudoside.dll.tmp
.
c:\windows\system32\mswsock.dll ... is infected !!

c:\windows\system32\drivers\tcpip.sys ... is infected !!


------- Sigcheck -------

Cryptography Services Error !!

c:\windows\system32\drivers\beep.sys ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-05 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-11-10 157312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-07-16 1166216]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-25 1948440]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2005-09-27 169984]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-30 149280]
"0506813997"="c:\documents and settings\Compaq_Owner\Application Data\0506813997\0506813997.exe" [2009-09-30 1045539]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-06-14 16239616]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-03 1630208]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-25 12:56 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\avgrsstx.dll

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth ™ II\\game.dat"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth ™ II\\patchget.dat"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Documents and Settings\\Compaq_Owner\\Local Settings\\Temp\\Blizzard Launcher Temporary - 244e8dd8\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe"=
"c:\\Program Files\\Warcraft III Demo\\War3Demo.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/14/2008 11:20 PM 335752]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [12/14/2008 11:19 PM 298776]
S2 edbqhrp;edbqhrp;\??\c:\windows\system32\drivers\aiabybbupj.sys --> c:\windows\system32\drivers\aiabybbupj.sys [?]
S2 fhdofykvhayzqjz;fhdofykvhayzqjz;\??\c:\windows\system32\drivers\lcbjfiegedfht.sys --> c:\windows\system32\drivers\lcbjfiegedfht.sys [?]
S2 fvjs;fvjs;c:\windows\system32\drivers\kzxykxd.sys --> c:\windows\system32\drivers\kzxykxd.sys [?]
S2 gupdate1c9876f9547267c;Google Update Service (gupdate1c9876f9547267c);c:\program files\Google\Update\GoogleUpdate.exe [2/5/2009 4:56 AM 133104]
S2 rlyvhtln;rlyvhtln;c:\windows\system32\drivers\ddrusb.sys --> c:\windows\system32\drivers\ddrusb.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - Automatic LiveUpdate Scheduler
*Deregistered* - avg8wd
*Deregistered* - AvgLdx86
*Deregistered* - AvgMfx86
*Deregistered* - BITS
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - eeCtrl
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - Fastfat
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - gupdate1c9876f9547267c
*Deregistered* - gusvc
*Deregistered* - helpsvc
*Deregistered* - HTTP
*Deregistered* - IKFileSec
*Deregistered* - IKSysFlt
*Deregistered* - IKSysSec
*Deregistered* - IntelIde
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KLIF
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LiveUpdate Notice Service
*Deregistered* - LmHosts
*Deregistered* - mchInjDrv
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - NVSvc
*Deregistered* - PartMgr
*Deregistered* - PnkBstrA
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - ProtexisLicensing
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - sdAuxService
*Deregistered* - sdCoreService
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - Symantec Core LC
*Deregistered* - symlcbrd
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - Ventrilo
*Deregistered* - VgaSave
*Deregistered* - ViaIde
*Deregistered* - Viewpoint Manager Service
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - Wdf01000
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WudfPf
*Deregistered* - WudfSvc
*Deregistered* - WZCSVC
*Deregistered* - zumbus
*Deregistered* - ZuneBusEnum

NETSVCS REQUIRES REPAIRS - current entries shown
6to4
AppMgmt
AudioSrv
Browser
CryptSvc
DMServer
DHCP
ERSvc
EventSystem
FastUserSwitchingCompatibility
HidServ
Ias
Iprip
Irmon
LanmanServer
LanmanWorkstation
Messenger
Netman
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
Schedule
Seclogon
SENS
Sharedaccess
SRService
Tapisrv
Themes
TrkWks
W32Time
WZCSVC
Wmi
WmdmPmSp
winmgmt
wscsvc
xmlprov
BITS
wuauserv
ShellHWDetection
helpsvc
WmdmPmSN

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

.
Contents of the 'Scheduled Tasks' folder

2009-10-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-15 04:45]

2009-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 08:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm265YYUS&fl=0&ptb=Iyi25adOF66mXViAPAgkHw&url=http://www.ask.com/web&q={searchTerms}&l=zu&o=sb
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: louisvillmojo.com
FF - ProfilePath -
.
.
------- File Associations -------
.
.
- - - - ORPHANS REMOVED - - - -




**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-30 20:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: ~,10time:~,-3machine was rebootedCombobatch-by
ComboFix-quarantined-files.txt 2009-10-01 00:58

Post-Run: 41,648,525,312 bytes free

1145 --- E O F --- 2008-12-12 08:04

#8 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:42 PM

Posted 30 September 2009 - 09:30 PM

Hi Ch2is,

This computer is a real mess! We may not be able to save it. :(


We Need to Repair Safe Mode
  • Please download Safe Boot Key Repair and save it to your desktop.
  • Open Posted Image on your desktop.
  • Copy and paste the resultant log here in your next reply.
Please save this file to your desktop.
Click on Start->Run, and copy-paste the following command (the bolded text)

"%userprofile%\desktop\win32kdiag.exe" -f -r

into the "Open" box, and click OK.
When it's finished, there will be a log called Win32kDiag.txt on your desktop.

Please open it with notepad and post the contents here.






Download and Run SystemLook

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • A blank Windows shall open with the title "SystemLook v1.0-by Jpshortstuff".
  • Copy and Paste the content of the following codebox into the main textfield under "File":
    :filefind 
    *proquota*
    *beep*
    *mswsock*
    *tcpip*
  • Please Confirm everything is copied and Pasted as I have provided above
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan.
  • Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
2nd Note: The scan may take a while from several seconds to a minute or more depending on the number of files you have and how fast your computer can perform the task




Please show hidden files and folders
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the each of the following file paths into the "Suspicious files to scan"box on the top of the page:
    • c:\windows\system32\mswsock.dll
      c:\windows\system32\drivers\tcpip.sys
  • Click on the Upload button
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
  • If Copy to Clipbard does not work, then just copy and paste the output in your next reply.
If VirScan.org server is too busy, please submit the file to VirusTotal instead.

Edited by SifuMike, 30 September 2009 - 09:57 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 Ch2is

Ch2is
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 30 September 2009 - 10:19 PM

Yeah i've had some people not treat this computer as good as it should of been treated. Not expecting to make it as good as new just trying to get it managable till i can get one for only my hands. But the google misdirects and google installer errors are gone so you've already helped me alot already. As much as you can do to help me further is greatly appreachiated. :(


here are the logs in order of request.


Reg export of SafeBoot key after repair:
========================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]
"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PEVSystemStart]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\procexp90.Sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PEVSystemStart]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\procexp90.Sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sdauxservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sdcoreservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WZCSVC]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
@="Net"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
@="NetClient"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
@="NetService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
@="NetTrans"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

========================

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\PEVSystemStart
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\procexp90.Sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\Wdf01000.sys
























Running from: C:\Documents and Settings\Compaq_Owner\desktop\win32kdiag.exe

Log file at : C:\Documents and Settings\Compaq_Owner\Desktop\Win32kDiag.txt

Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!































SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 23:14 on 30/09/2009 by Compaq_Owner (Administrator - Elevation successful)

========== filefind ==========

Searching for "*proquota*"
C:\WINDOWS\I386\PROQUOTA.EX_ --a--- 26379 bytes [11:00 04/08/2004] [04:00 04/08/2004] 6F75204BC8CD4EEBF7EB70E967C1DFD3
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\proquota.exe --a--- 50176 bytes [10:29 04/09/2008] [00:12 14/04/2008] F6465A2EEF75468988A4FCF124148FA8

Searching for "*beep*"
C:\Combo-Fix\L_Beep00 --a--- 342 bytes [00:53 01/10/2009] [00:53 01/10/2009] 4E081AB3792E5099670A0BA305BAC90E
C:\Program Files\PC-Doctor 5 for Windows\PCBEEP.exe --a--- 22016 bytes [05:38 11/05/2006] [05:38 11/05/2006] E8FEEC43E542F9451D0DBA18E61699EA
C:\WINDOWS\I386\BEEP.SY_ --a--- 2123 bytes [11:00 04/08/2004] [04:00 04/08/2004] 36F50A68E5DF6B701187A94CD5DE200A

Searching for "*mswsock*"
C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll --a--- 245248 bytes [17:36 20/06/2008] [17:36 20/06/2008] 1DFCA7713EA5A70D5D93B436AEA0317A
C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll --a--- 245248 bytes [17:46 20/06/2008] [17:46 20/06/2008] 832E4DD8964AB7ACC880B2837CB1ED20
C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll --a--- 245248 bytes [17:43 20/06/2008] [17:43 20/06/2008] FCEE5FCB99F7C724593365C706D28388
C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll -----c 245248 bytes [07:02 09/07/2008] [11:00 04/08/2004] 4E74AF063C3271FBEA20DD940CFD1184
C:\WINDOWS\I386\MSWSOCK.DL_ --a--- 123850 bytes [11:00 04/08/2004] [04:00 04/08/2004] 2F06E56988827F2A66E4C0D67BCF7618
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mswsock.dll --a--- 245248 bytes [10:29 04/09/2008] [00:12 14/04/2008] B4138E99236F0F57D4CF49BAE98A0746
C:\WINDOWS\system32\dllcache\mswsock.dll --a--- 245248 bytes [11:00 04/08/2004] [17:41 20/06/2008] 097722F235A1FB698BF9234E01B52637
C:\WINDOWS\system32\mswsock.dll --a--- 245248 bytes [11:00 04/08/2004] [17:41 20/06/2008] 097722F235A1FB698BF9234E01B52637

Searching for "*tcpip*"
C:\Qoobox\Quarantine\Registry_backups\tcpip.reg --a--- 6692 bytes [00:36 01/10/2009] [00:36 01/10/2009] 390215FD2CD0B4BFCACCFD4C1A0055F7
C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys --a--- 359936 bytes [22:04 04/09/2006] [08:17 14/03/2005] 6129E70F3D2F1E60860C930EBEAF92C2
C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys --a--- 360576 bytes [12:18 20/04/2006] [12:18 20/04/2006] B2220C618B42A2212A59D91EBD6FC4B4
C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\tcpip6.sys --a--- 225664 bytes [10:13 16/08/2006] [10:13 16/08/2006] A026EA381B026D05A4A3D2388D80C3B8
C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys --a--- 360832 bytes [16:53 30/10/2007] [16:53 30/10/2007] 64798ECFA43D78C7178375FCDD16D8C8
C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys --a--- 360960 bytes [10:44 20/06/2008] [10:44 20/06/2008] 744E57C99232201AE98C49168B918F48
C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys --a--- 225920 bytes [09:32 20/06/2008] [09:32 20/06/2008] 7195E0CE397545E657A81ECE9DFBC1C9
C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys --a--- 361600 bytes [11:51 20/06/2008] [11:51 20/06/2008] 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys --a--- 225856 bytes [11:08 20/06/2008] [11:08 20/06/2008] FB9F32ACC1D3AD523F7EC900B66FC1BB
C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys --a--- 361600 bytes [11:59 20/06/2008] [11:59 20/06/2008] AD978A1B783B5719720CFF204B666C8E
C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys --a--- 225856 bytes [11:16 20/06/2008] [11:16 20/06/2008] 026A94E4EB2960FDC96A447B5391D56A
C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys -----c 359040 bytes [22:04 04/09/2006] [11:00 04/08/2004] 9F4B36614A0FC234525BA224957DE55C
C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys -----c 359808 bytes [07:05 05/09/2007] [07:55 14/03/2005] 0E66B538096A6529D1AC66E78EB0D5C8
C:\WINDOWS\$NtUninstallKB922819$\tcpip6.sys -----c 223616 bytes [07:13 05/09/2007] [11:00 04/08/2004] 4D58BB1AE8841AAFD8790AD7E1E3B8EA
C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys -----c 359808 bytes [08:01 09/01/2008] [11:51 20/04/2006] 1DBF125862891817F374F407626967F4
C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys -----c 360064 bytes [07:02 09/07/2008] [17:20 30/10/2007] 90CAFF4B094573449A0872A0F919B178
C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys -----c 225664 bytes [07:02 09/07/2008] [09:37 16/08/2006] DCCACDD2747ADA221AECE5C9ADA5D551
C:\WINDOWS\Help\tcpip.chm --a--- 38234 bytes [11:00 04/08/2004] [11:00 04/08/2004] 11F1003A66472DBCBD02A54E9CB4163C
C:\WINDOWS\I386\NETTCPIP.IN_ --a--- 5047 bytes [11:00 04/08/2004] [04:00 04/08/2004] 0E8D85007EA9EE63D441F11990856472
C:\WINDOWS\I386\TCPIP.SY_ --a--- 175712 bytes [11:00 04/08/2004] [04:00 04/08/2004] 71669FDFAB7BCB8C9182E07BF6464927
C:\WINDOWS\I386\TCPIP6.SY_ --a--- 103335 bytes [11:00 04/08/2004] [04:00 04/08/2004] B8D961F4804B50E7B83A5A24F796B06D
C:\WINDOWS\I386\TCPIPP.CH_ --a--- 30831 bytes [11:00 04/08/2004] [04:00 04/08/2004] 96842CA8C9815B4B6099079522639B65
C:\WINDOWS\I386\WSHTCPIP.DL_ --a--- 9339 bytes [11:00 04/08/2004] [04:00 04/08/2004] F23F62C237FB2C121B6806D9F3539630
C:\WINDOWS\inf\nettcpip.inf --a--- 24187 bytes [11:00 04/08/2004] [11:00 04/08/2004] 40CC676A4DD65D8A170CD35018937569
C:\WINDOWS\inf\nettcpip.PNF --a--- 38304 bytes [22:44 04/12/2005] [01:29 25/07/2007] 73A14469959B691F55491048270AC2F0
C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\ART\tcpip3.gif --a--- 1123 bytes [22:44 04/09/2006] [22:44 04/09/2006] 1C8ADEEBBFD27D6EC0817A11D1855434
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ic\nettcpip.inf --a--- 24362 bytes [10:28 04/09/2008] [16:30 13/04/2008] 063AB8BAD83E9238108FE25E04F8632F
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys --a--- 361344 bytes [10:30 04/09/2008] [19:20 13/04/2008] 93EA8D04EC73A85DB02EB8805988F733
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip6.sys --a--- 225664 bytes [10:30 04/09/2008] [19:00 13/04/2008] AA7A55536096D646DC7AB0AC5641E9E8
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wshtcpip.dll --a--- 19456 bytes [10:30 04/09/2008] [00:12 14/04/2008] 4E3D06D6E68EEDB52565080F55B460D3
C:\WINDOWS\system32\dllcache\tcpip.sys --a--- 360320 bytes [11:00 04/08/2004] [10:45 20/06/2008] 2A5554FC5B1E04E131230E3CE035C3F9
C:\WINDOWS\system32\dllcache\tcpip6.sys --a--- 225920 bytes [11:00 04/08/2004] [09:52 20/06/2008] 00586ED87AB564B03870A2A3DCC84B55
C:\WINDOWS\system32\dllcache\wshtcpip.dll --a--- 19968 bytes [11:00 04/08/2004] [11:00 04/08/2004] A7F95A53EE055115DF03588997A47D4D
C:\WINDOWS\system32\drivers\tcpip.sys --a--- 360320 bytes [11:00 04/08/2004] [10:45 20/06/2008] 2A5554FC5B1E04E131230E3CE035C3F9
C:\WINDOWS\system32\drivers\tcpip6.sys --a--- 225920 bytes [11:00 04/08/2004] [09:52 20/06/2008] 00586ED87AB564B03870A2A3DCC84B55
C:\WINDOWS\system32\wshtcpip.dll --a--- 19968 bytes [11:00 04/08/2004] [11:00 04/08/2004] A7F95A53EE055115DF03588997A47D4D

-=End Of File=-

Edited by SifuMike, 01 October 2009 - 12:43 AM.
removed duplicate systemlook


#10 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:42 PM

Posted 30 September 2009 - 11:40 PM

Please show hidden files and folders
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the each of the following file paths into the "Suspicious files to scan"box on the top of the page:
    • c:\windows\system32\mswsock.dll
      c:\windows\system32\drivers\tcpip.sys
  • Click on the Upload button
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
  • If Copy to Clipbard does not work, then just copy and paste the output in your next reply.
If VirScan.org server is too busy, please submit the file to VirusTotal instead.



Download SDFix and save it to your Desktop.

Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
  • Finally copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log

-- If this error message is displayed when running SDFix: "The command prompt has been disabled by your administrator. Press any key to continue..."
Please go to Start Menu > Run > and copy/paste the following line:
%systemdrive%\SDFix\apps\swreg IMPORT %systemdrive%\SDFix\apps\Enable_Command_Prompt.reg
Press Ok and then run SDFix again.

-- If the Command Prompt window flashes on then off again on XP or Win 2000, please go to Start Menu > Run > and copy/paste the following line:
%systemdrive%\SDFix\apps\FixPath.exe /Q
Reboot and then run SDFix again.

-- If SDFix still does not run, check the %comspec% variable. Right-click My Computer > click Properties > Advanced > Environment Variables and check that the ComSpec variable points to cmd.exe.
%SystemRoot%\system32\cmd.exe

Edited by SifuMike, 30 September 2009 - 11:44 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#11 Ch2is

Ch2is
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 01 October 2009 - 03:13 PM

didn't know if c:\windows\system32\mswsock.dll and c:\windows\system32\drivers\tcpip.sys could be uploaded at the same time so i scanned them individually





c:\windows\system32\mswsock.dll results


VirSCAN.org Scanned Report :
Scanned time : 2009/07/23 08:37:06 (EDT)
Scanner results: All Scanners reported not find malware!
File Name : mswsock.dll
File Size : 245248 byte
File Type : PE32 executable for MS Windows (DLL) (console) Intel 80386 3
MD5 : 097722f235a1fb698bf9234e01b52637
SHA1 : 380ec131fee9efa58104e4887635349fa1cd060b
Online report : http://virscan.org/report/0c2b1358cc39a2a3...8fdf90c6a6.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.3 20090723202354 2009-07-23 0.40 -
AhnLab V3 2009.07.23.04 2009.07.23 2009-07-23 0.92 -
AntiVir 8.2.0.228 7.1.5.21 2009-07-23 0.22 -
Antiy 2.0.18 20090722.2632680 2009-07-22 0.12 -
Arcavir 2009 200907230811 2009-07-23 0.05 -
Authentium 5.1.1 200907230048 2009-07-23 1.58 -
AVAST! 4.7.4 090722-0 2009-07-22 0.02 -
AVG 8.5.288 270.13.25/2256 2009-07-23 0.33 -
BitDefender 7.81008.3836419 7.26761 2009-07-23 3.36 -
CA (VET) 9.0.0.143 31.6.6632 2009-07-22 8.05 -
ClamAV 0.95.2 9607 2009-07-23 0.05 -
Comodo 3.10 1743 2009-07-23 0.79 -
CP Secure 1.1.0.715 2009.07.23 2009-07-23 11.27 -
Dr.Web 4.44.0.9170 2009.07.23 2009-07-23 4.93 -
F-Prot 4.4.4.56 20090723 2009-07-23 1.57 -
F-Secure 5.51.6100 2009.07.23.03 2009-07-23 6.17 -
Fortinet 2.81-3.120 10.636 2009-07-23 0.20 -
GData 19.6644/19.408 20090723 2009-07-23 3.52 -
ViRobot 20090721 2009.07.21 2009-07-21 0.41 -
Ikarus T3.1.01.64 2009.07.23.73086 2009-07-23 3.69 -
JiangMin 11.0.800 2009.07.23 2009-07-23 3.38 -
Kaspersky 5.5.10 2009.07.23 2009-07-23 0.05 -
KingSoft 2009.2.5.15 2009.7.23.15 2009-07-23 0.47 -
McAfee 5.3.00 5685 2009-07-22 2.95 -
Microsoft 1.4903 2009.07.23 2009-07-23 4.80 -
mks_vir 2.01 2009.07.15 2009-07-15 3.19 -
Norman 6.01.09 6.01.00 2009-07-22 4.00 -
Panda 9.05.01 2009.07.22 2009-07-22 1.92 -
Trend Micro 8.700-1004 6.307.00 2009-07-23 0.03 -
Quick Heal 10.00 2009.07.22 2009-07-22 1.26 -
Rising 20.0 21.39.33.00 2009-07-23 0.93 -
Sophos 2.88.0 4.43 2009-07-23 2.98 -
Sunbelt 5277 5277 2009-07-22 1.31 -
Symantec 1.3.0.24 20090722.003 2009-07-22 0.05 -
nProtect 20090721.02 4887961 2009-07-21 6.85 -
The Hacker 6.3.4.3 v00372 2009-07-22 0.71 -
VBA32 3.12.10.9 20090722.1357 2009-07-22 1.89 -
VirusBuster 4.5.11.10 10.109.7/1824465 2009-07-22 2.28 -
















c:\windows\system32\drivers\tcpip.sys results





VirSCAN.org Scanned Report :
Scanned time : 2009/07/16 16:51:27 (EDT)
Scanner results: All Scanners reported not find malware!
File Name : TCPIP.SYS.ORIGINAL
File Size : 360320 byte
File Type : PE32 executable for MS Windows (native) Intel 80386 32-bit
MD5 : 2a5554fc5b1e04e131230e3ce035c3f9
SHA1 : 3e8b95f95e458625a8d7f08acbb7bb11677c653c
Online report : http://virscan.org/report/1d265ccc655f148b...d2c7b26398.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.3 20090716213250 2009-07-16 0.34 -
AhnLab V3 2009.07.16.05 2009.07.16 2009-07-16 0.77 -
AntiVir 8.2.0.220 7.1.4.246 2009-07-16 0.08 -
Antiy 2.0.18 20090716.2619098 2009-07-16 0.02 -
Arcavir 2009 200907161217 2009-07-16 0.36 -
Authentium 5.1.1 200907161850 2009-07-16 2.10 -
AVAST! 4.7.4 090716-1 2009-07-16 0.02 -
AVG 8.5.288 270.13.16/2241 2009-07-16 0.32 -
BitDefender 7.81008.3733160 7.26631 2009-07-17 3.28 -
CA (VET) 9.0.0.143 31.6.6616 2009-07-15 7.49 -
ClamAV 0.95.2 9573 2009-07-16 0.07 -
Comodo 3.10 1674 2009-07-16 0.70 -
CP Secure 1.1.0.715 2009.07.16 2009-07-16 11.14 -
Dr.Web 4.44.0.9170 2009.07.16 2009-07-16 5.09 -
F-Prot 4.4.4.56 20090715 2009-07-15 2.06 -
F-Secure 5.51.6100 2009.07.16.09 2009-07-16 6.09 -
Fortinet 2.81-3.120 10.613 2009-07-16 0.22 -
GData 19.6500/19.399 20090716 2009-07-16 4.40 -
ViRobot 20090716 2009.07.16 2009-07-16 0.41 -
Ikarus T3.1.01.64 2009.07.16.73047 2009-07-16 3.24 -
JiangMin 11.0.800 2009.07.16 2009-07-16 3.39 -
Kaspersky 5.5.10 2009.07.16 2009-07-16 0.05 -
KingSoft 2009.2.5.15 2009.7.16.15 2009-07-16 0.48 -
McAfee 5.3.00 5678 2009-07-16 2.94 -
Microsoft 1.4803 2009.07.16 2009-07-16 5.22 -
mks_vir 2.01 2009.07.15 2009-07-15 3.42 -
Norman 6.01.09 6.01.00 2009-07-09 4.01 -
Panda 9.05.01 2009.07.16 2009-07-16 2.41 -
Trend Micro 8.700-1004 6.281.00 2009-07-16 0.03 -
Quick Heal 10.00 2009.07.16 2009-07-16 1.12 -
Rising 20.0 21.38.34.00 2009-07-16 0.79 -
Sophos 2.88.0 4.43 2009-07-17 2.92 -
Sunbelt 5258 5258 2009-07-16 1.05 -
Symantec 1.3.0.24 20090715.016 2009-07-15 0.05 -
nProtect 20090716.01 4760023 2009-07-16 5.90 -
The Hacker 6.3.4.3 v00368 2009-07-15 0.76 -
VBA32 3.12.10.8 20090715.0746 2009-07-15 1.85 -
VirusBuster 4.5.11.10 10.108.9/1837986 2009-07-16 2.30 -

#12 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:42 PM

Posted 01 October 2009 - 04:15 PM

Hi Ch2is,

didn't know if c:\windows\system32\mswsock.dll and c:\windows\system32\drivers\tcpip.sys could be uploaded at the same time so i scanned them individually



You have to load them one at a time, so you did it the correct way. Looks like both of those files are not infected.


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

If you are unsure how to do this, see this topic: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Click Start, then Run and type Notepad and click OK.
Open notepad - don't use any other text editor than notepad or the script will fail.
Copy/paste the text in the code box below into notepad:

file::
c:\windows\system32\tufemivu.dll
c:\windows\system32\vosevodi.dll
c:\windows\system32\fejogeku.dll
c:\windows\system32\firahufu.dll
c:\windows\system32\lolayelo.dll
c:\windows\system32\davotudo.dll.tmp
c:\windows\system32\jajulaze.dll.tmp
c:\windows\system32\leheliyo.dll.tmp
c:\windows\system32\mojokase.dll.tmp
c:\windows\system32\segivuva.dll.tmp
c:\windows\system32\tudoside.dll.tmp

FCopy::
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\proquota.exe | c:\windows\system32\proquota.exe


Name the Notepad file CFScript.txt and Save it to your desktop.

IMPORTANT: The above script was written specifically for this infection on this person's computer. It is NOT to be used on another computer, as it may cause damage that could result in a format!

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image


This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply

Edited by SifuMike, 01 October 2009 - 04:16 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#13 Ch2is

Ch2is
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 02 October 2009 - 12:23 PM

ComboFix 09-10-01.05 - Compaq_Owner 10/02/2009 13:02.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1214.770 [GMT -4:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Compaq_Owner\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

FILE ::
"c:\windows\system32\davotudo.dll.tmp"
"c:\windows\system32\fejogeku.dll"
"c:\windows\system32\firahufu.dll"
"c:\windows\system32\jajulaze.dll.tmp"
"c:\windows\system32\leheliyo.dll.tmp"
"c:\windows\system32\lolayelo.dll"
"c:\windows\system32\mojokase.dll.tmp"
"c:\windows\system32\segivuva.dll.tmp"
"c:\windows\system32\tudoside.dll.tmp"
"c:\windows\system32\tufemivu.dll"
"c:\windows\system32\vosevodi.dll"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\davotudo.dll.tmp
c:\windows\system32\fejogeku.dll
c:\windows\system32\firahufu.dll
c:\windows\system32\jajulaze.dll.tmp
c:\windows\system32\leheliyo.dll.tmp
c:\windows\system32\lolayelo.dll
c:\windows\system32\mojokase.dll.tmp
c:\windows\system32\segivuva.dll.tmp
c:\windows\system32\tudoside.dll.tmp
c:\windows\system32\tufemivu.dll
c:\windows\system32\vosevodi.dll

.
--------------- FCopy ---------------

c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\proquota.exe --> c:\windows\system32\proquota.exe
.
((((((((((((((((((((((((( Files Created from 2009-09-02 to 2009-10-02 )))))))))))))))))))))))))))))))
.

2009-10-02 17:02 . 2004-08-04 04:00 50176 ----a-w- c:\windows\system32\proquota.exe
2009-10-02 17:02 . 2004-08-04 04:00 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe
2009-10-01 20:34 . 2009-10-02 17:03 -------- d-----w- c:\windows\LastGood
2009-10-01 19:43 . 2009-10-01 19:43 -------- d-----w- c:\windows\ERUNT
2009-10-01 19:33 . 2009-10-01 20:07 -------- d-----w- C:\SDFix
2009-10-01 10:42 . 2009-10-01 10:43 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Installer2876
2009-10-01 07:15 . 2009-10-01 07:15 -------- d-----w- c:\windows\system32\XPSViewer
2009-10-01 07:15 . 2009-10-01 07:15 -------- d-----w- c:\program files\MSBuild
2009-10-01 07:14 . 2009-10-01 07:14 -------- d-----w- c:\program files\Reference Assemblies
2009-10-01 07:14 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-01 07:14 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-01 07:14 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-01 07:14 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-01 07:14 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-01 07:14 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-01 07:14 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-01 07:14 . 2009-10-01 07:14 -------- d-----w- C:\9049190b5928d52f72
2009-10-01 07:13 . 2009-10-01 07:32 -------- d-----w- c:\windows\SxsCaPendDel
2009-10-01 07:07 . 2009-10-01 07:07 -------- d-----w- c:\program files\MSXML 6.0
2009-10-01 07:02 . 2009-10-01 07:02 -------- d-----w- c:\windows\ServicePackFiles
2009-10-01 02:44 . 2009-10-01 03:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-01 02:44 . 2009-10-01 02:44 -------- d-----w- c:\program files\NOS
2009-10-01 00:51 . 2009-10-01 00:51 -------- d-----w- C:\found.000
2009-09-30 22:46 . 2009-10-01 21:54 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-09-30 20:43 . 2009-09-30 22:03 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\0506813997
2009-09-30 01:34 . 2009-09-30 01:34 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-20 10:16 . 2009-09-20 10:16 68608 ----a-w- c:\windows\system32\drivers\omtvxviskorcioxp.sys
2009-09-16 06:33 . 2009-10-02 17:11 63264 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-09-16 06:33 . 2009-10-02 17:11 4950048 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-16 06:00 . 2009-09-25 10:36 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-09-16 06:00 . 2009-09-25 10:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-09-03 03:19 . 2009-09-03 03:21 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-01 21:54 . 2008-05-29 01:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-01 20:08 . 2007-12-17 06:44 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-01 19:35 . 2009-09-16 06:33 5780 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-01 19:35 . 2009-09-16 06:33 52628 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-09-30 01:34 . 2006-09-04 22:01 -------- d-----w- c:\program files\Java
2009-09-30 01:25 . 2008-02-25 20:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-09-25 19:11 . 2007-12-09 05:45 -------- d-----w- c:\program files\World of Warcraft
2009-09-17 04:57 . 2009-08-11 16:35 -------- d-----w- c:\program files\PopCap Games
2009-08-31 04:23 . 2009-08-31 04:23 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Octoshape
2009-08-19 23:49 . 2009-08-19 23:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-08-11 17:38 . 2009-08-11 16:37 25 ----a-w- c:\windows\popcinfot.dat
2009-08-11 16:35 . 2009-08-11 16:35 -------- d-----w- c:\documents and settings\All Users\Application Data\PopCap Games
2009-08-06 23:24 . 2004-08-04 11:00 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 23:24 . 2004-08-04 11:00 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 23:24 . 2004-08-04 11:00 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 23:24 . 2004-08-04 11:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 23:23 . 2004-08-04 11:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 23:23 . 2004-08-04 11:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:11 . 2004-08-04 11:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 06:15 . 2006-09-04 22:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-05 06:05 . 2009-08-05 06:05 -------- d-----w- c:\program files\Common Files\xing shared
2009-08-05 06:05 . 2006-09-04 22:23 -------- d-----w- c:\program files\Common Files\Real
2009-08-05 04:57 . 2009-08-05 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-08-05 04:57 . 2007-10-15 06:33 -------- d-----w- c:\program files\Google
2009-07-29 04:53 . 2004-08-04 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:53 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-17 18:55 . 2004-08-04 11:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 14:08 . 2004-08-04 11:00 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-09 12:49 . 2008-12-15 03:20 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-09 04:12 . 2009-07-09 04:12 1152 ----a-w- c:\windows\system32\windrv.sys
2009-07-08 06:47 . 2008-01-02 06:14 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2007-10-06 18:17 . 2007-10-04 05:08 88 --sha-r- c:\windows\system32\07DCECF924.sys
2007-10-06 18:18 . 2007-10-04 04:54 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( SnapShot@ )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 11:00 . 2004-08-04 11:00 50176 c:\windows\system32\utilman.exe
+ 2004-08-04 11:00 . 2006-10-04 08:48 50176 c:\windows\system32\utilman.exe
+ 2004-08-04 11:00 . 2006-10-04 13:33 35840 c:\windows\system32\umandlg.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 35840 c:\windows\system32\umandlg.dll
+ 2007-07-18 12:42 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2004-08-04 11:00 . 2009-06-12 11:50 76288 c:\windows\system32\telnet.exe
+ 2006-09-04 22:06 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
+ 2009-10-01 07:14 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2007-12-06 03:24 . 2007-11-30 11:18 17272 c:\windows\system32\spmsg.dll
+ 2009-10-01 20:34 . 2009-08-06 23:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-01 20:34 . 2009-08-06 23:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 55808 c:\windows\system32\secur32.dll
+ 2004-08-04 11:00 . 2009-02-03 20:08 55808 c:\windows\system32\secur32.dll
+ 2004-08-04 11:00 . 2009-02-06 16:54 35328 c:\windows\system32\sc.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\system32\PresentationHostProxy.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
+ 2005-12-05 06:55 . 2009-10-01 10:43 72780 c:\windows\system32\perfc009.dat
- 2004-08-04 11:00 . 2004-08-04 11:00 53760 c:\windows\system32\narrator.exe
+ 2004-08-04 11:00 . 2006-10-04 08:48 53760 c:\windows\system32\narrator.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 91648 c:\windows\system32\mtxoci.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 66560 c:\windows\system32\mtxclu.dll
- 2004-08-04 11:00 . 2006-03-01 19:42 66560 c:\windows\system32\mtxclu.dll
+ 2007-05-08 21:08 . 2007-05-08 21:08 86728 c:\windows\system32\msxml6r.dll
+ 2007-08-13 22:54 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 22:54 . 2008-10-16 20:38 52224 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 58880 c:\windows\system32\msdtclog.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 58880 c:\windows\system32\msdtclog.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\system32\mscories.dll
+ 2004-08-04 11:00 . 2006-10-04 08:48 72704 c:\windows\system32\magnify.exe
- 2004-08-04 11:00 . 2004-08-04 11:00 72704 c:\windows\system32\magnify.exe
- 2008-09-25 22:20 . 2009-04-26 00:02 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-10-01 03:45 . 2009-10-01 03:45 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2004-08-04 11:00 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 27648 c:\windows\system32\jsproxy.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\system32\infocardapi.dll
- 2007-08-13 22:39 . 2008-10-16 13:11 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 22:39 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
- 2004-08-04 11:00 . 2008-10-16 20:38 44544 c:\windows\system32\iernonce.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
- 2004-08-04 11:00 . 2007-08-13 22:45 78336 c:\windows\system32\ieencode.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 78336 c:\windows\system32\ieencode.dll
- 2004-08-04 11:00 . 2008-10-16 13:11 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 11:00 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
+ 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\system32\icardres.dll
- 2007-08-13 22:36 . 2008-10-16 20:38 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 22:36 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\system32\dxva2.dll
+ 2004-08-04 11:00 . 2009-08-06 23:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2004-08-04 11:00 . 2006-10-04 08:48 50176 c:\windows\system32\dllcache\utilman.exe
- 2004-08-04 11:00 . 2004-08-04 11:00 50176 c:\windows\system32\dllcache\utilman.exe
+ 2004-08-04 11:00 . 2006-10-04 13:33 35840 c:\windows\system32\dllcache\umandlg.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 35840 c:\windows\system32\dllcache\umandlg.dll
+ 2004-08-04 11:00 . 2009-06-12 11:50 76288 c:\windows\system32\dllcache\telnet.exe
- 2004-08-04 11:00 . 2004-08-04 11:00 55808 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 11:00 . 2009-02-03 20:08 55808 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 11:00 . 2009-02-06 16:54 35328 c:\windows\system32\dllcache\sc.exe
- 2004-08-04 11:00 . 2008-10-16 20:38 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-04 11:00 . 2006-10-04 08:48 53760 c:\windows\system32\dllcache\narrator.exe
- 2004-08-04 11:00 . 2004-08-04 11:00 53760 c:\windows\system32\dllcache\narrator.exe
+ 2004-08-04 11:00 . 2008-06-12 14:16 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 66560 c:\windows\system32\dllcache\mtxclu.dll
- 2004-08-04 11:00 . 2006-03-01 19:42 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-06-19 07:24 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-06-19 07:24 . 2008-10-16 20:38 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2004-08-04 11:00 . 2006-10-04 08:48 72704 c:\windows\system32\dllcache\magnify.exe
- 2004-08-04 11:00 . 2004-08-04 11:00 72704 c:\windows\system32\dllcache\magnify.exe
+ 2004-08-04 11:00 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-06-19 07:23 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2008-06-19 07:23 . 2008-10-16 13:11 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-04 11:00 . 2008-10-16 20:38 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-04 11:00 . 2007-08-13 22:45 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-04 11:00 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-04 11:00 . 2008-10-16 13:11 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-06-19 07:23 . 2008-10-16 20:38 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-06-19 07:23 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2004-08-04 11:00 . 2009-07-29 04:53 82432 c:\windows\system32\dllcache\fontsub.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-04 11:00 . 2009-08-06 23:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2004-08-04 11:00 . 2009-06-10 14:21 84992 c:\windows\system32\dllcache\avifil32.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 84992 c:\windows\system32\dllcache\avifil32.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 58880 c:\windows\system32\dllcache\atl.dll
+ 2004-08-04 11:00 . 2009-07-17 18:55 58880 c:\windows\system32\dllcache\atl.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 96760 c:\windows\system32\dfshim.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\system32\dfshim.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 17408 c:\windows\system32\corpol.dll
+ 2004-08-04 11:00 . 2009-06-10 14:21 84992 c:\windows\system32\avifil32.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 84992 c:\windows\system32\avifil32.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-10-24 05:47 . 2007-10-24 05:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2009-10-01 20:34 . 2008-10-16 19:09 43544 c:\windows\LastGood\system32\wups2.dll
+ 2009-10-01 20:34 . 2008-10-16 19:08 34328 c:\windows\LastGood\system32\wups.dll
+ 2009-10-01 20:34 . 2008-10-16 19:09 51224 c:\windows\LastGood\system32\wuauclt.exe
+ 2009-10-02 17:03 . 2008-04-14 00:12 50176 c:\windows\LastGood\system32\proquota.exe
+ 2009-10-01 20:34 . 2008-10-16 19:09 92696 c:\windows\LastGood\system32\cdm.dll
+ 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\1531220.msp
+ 2009-10-01 07:11 . 2009-10-01 07:11 88576 c:\windows\Installer\14c438d.msi
+ 2009-10-01 07:03 . 2008-10-16 20:38 44544 c:\windows\ie7updates\KB972260-IE7\pngfilt.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 52224 c:\windows\ie7updates\KB972260-IE7\msfeedsbs.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 27648 c:\windows\ie7updates\KB972260-IE7\jsproxy.dll
+ 2009-10-01 07:03 . 2008-10-16 13:11 13824 c:\windows\ie7updates\KB972260-IE7\ieudinit.exe
+ 2009-10-01 07:03 . 2008-10-16 20:38 44544 c:\windows\ie7updates\KB972260-IE7\iernonce.dll
+ 2009-10-01 07:03 . 2007-08-13 22:45 78336 c:\windows\ie7updates\KB972260-IE7\ieencode.dll
+ 2009-10-01 07:03 . 2008-10-16 13:11 70656 c:\windows\ie7updates\KB972260-IE7\ie4uinit.exe
+ 2009-10-01 07:03 . 2008-10-16 20:38 63488 c:\windows\ie7updates\KB972260-IE7\icardie.dll
+ 2009-10-01 07:03 . 2004-08-04 11:00 35328 c:\windows\ie7updates\KB972260-IE7\corpol.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\UIXControls\db902f086b114b45e7a666d31fde89fb\UIXControls.ni.dll
+ 2009-10-01 07:27 . 2009-10-01 07:27 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-10-01 07:24 . 2009-10-01 07:24 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-10-01 07:22 . 2009-10-01 07:22 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ec83ec80653eb20ccc6ed42075c90aee\Microsoft.VisualC.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-10-01 07:29 . 2009-10-01 07:29 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-10-01 07:15 . 2009-10-01 07:15 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 05:47 . 2007-10-24 05:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-10-01 07:16 . 2009-10-01 07:16 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-04-12 07:12 . 2008-04-12 07:12 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-12 07:13 . 2008-04-12 07:13 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
- 2006-09-04 22:04 . 2008-04-17 10:37 351744 c:\windows\system32\xpsp3res.dll
+ 2006-09-04 22:04 . 2009-04-15 09:24 351744 c:\windows\system32\xpsp3res.dll
+ 2006-10-24 16:30 . 2006-10-24 16:30 276992 c:\windows\system32\WMPhoto.dll
+ 2004-08-04 11:00 . 2009-06-10 06:32 132096 c:\windows\system32\wkssvc.dll
- 2004-08-04 11:00 . 2006-08-17 12:28 132096 c:\windows\system32\wkssvc.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 827392 c:\windows\system32\wininet.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 351232 c:\windows\system32\winhttp.dll
+ 2004-08-04 11:00 . 2008-12-16 12:47 351232 c:\windows\system32\winhttp.dll
+ 2006-10-24 16:29 . 2006-10-24 16:29 352256 c:\windows\system32\WindowsCodecsExt.dll
+ 2006-10-24 16:30 . 2006-10-24 16:30 716288 c:\windows\system32\WindowsCodecs.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 233472 c:\windows\system32\webcheck.dll
+ 2004-08-04 11:00 . 2009-02-06 16:39 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2004-08-04 11:00 . 2009-02-09 10:20 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 473088 c:\windows\system32\wbem\fastprox.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 105984 c:\windows\system32\url.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2009-10-01 07:14 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2009-10-01 07:14 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2004-08-04 11:00 . 2009-02-06 17:14 110592 c:\windows\system32\services.exe
+ 2004-08-04 11:00 . 2008-12-05 07:12 144896 c:\windows\system32\schannel.dll
- 2004-08-04 11:00 . 2007-04-25 14:21 144896 c:\windows\system32\schannel.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 399360 c:\windows\system32\rpcss.dll
- 2004-08-04 11:00 . 2007-07-09 13:09 584192 c:\windows\system32\rpcrt4.dll
+ 2004-08-04 11:00 . 2009-04-15 15:11 584192 c:\windows\system32\rpcrt4.dll
+ 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-10-24 16:30 . 2006-10-24 16:30 412160 c:\windows\system32\photometadatahandler.dll
+ 2005-12-05 06:55 . 2009-10-01 10:43 445700 c:\windows\system32\perfh009.dat
+ 2004-08-04 11:00 . 2009-03-06 14:44 283648 c:\windows\system32\pdh.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 283648 c:\windows\system32\pdh.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 215552 c:\windows\system32\osk.exe
+ 2004-08-04 11:00 . 2006-10-04 08:48 215552 c:\windows\system32\osk.exe
+ 2004-08-04 11:00 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 102912 c:\windows\system32\occache.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 714752 c:\windows\system32\ntdll.dll
+ 2004-08-04 11:00 . 2009-06-05 07:42 655872 c:\windows\system32\mstscax.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 671232 c:\windows\system32\mstime.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 193024 c:\windows\system32\msrating.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 477696 c:\windows\system32\mshtmled.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll
- 2007-08-13 22:54 . 2008-10-16 20:38 459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 22:54 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 161792 c:\windows\system32\msdtcuiu.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 956928 c:\windows\system32\msdtctm.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 428032 c:\windows\system32\msdtcprx.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\system32\mscorier.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 282112 c:\windows\system32\mscoree.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 282112 c:\windows\system32\mscoree.dll
+ 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2004-08-04 11:00 . 2009-02-09 10:20 723456 c:\windows\system32\lsasrv.dll
+ 2004-08-04 11:00 . 2009-05-07 15:44 344064 c:\windows\system32\localspl.dll
+ 2004-08-04 11:00 . 2009-03-21 14:18 986112 c:\windows\system32\kernel32.dll
+ 2004-08-04 11:00 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
+ 2007-08-13 22:34 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 16:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-04 11:00 . 2008-10-15 07:04 161792 c:\windows\system32\ieakui.dll
+ 2004-08-04 11:00 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 153088 c:\windows\system32\ieakeng.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\system32\icardagt.exe
+ 2004-08-04 11:00 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 133120 c:\windows\system32\extmgr.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\system32\evr.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 214528 c:\windows\system32\dxtrans.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-04 11:00 . 2008-12-11 11:57 333184 c:\windows\system32\drivers\srv.sys
+ 2004-08-04 11:00 . 2009-08-06 23:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2004-08-04 11:00 . 2009-08-06 23:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2004-08-04 11:00 . 2009-08-06 23:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2004-08-04 11:00 . 2008-04-21 10:02 215552 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-04 11:00 . 2009-07-13 14:08 286720 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-04 11:00 . 2009-02-06 16:39 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2004-08-04 11:00 . 2009-02-09 10:20 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2004-08-04 11:00 . 2009-06-10 06:32 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2004-08-04 11:00 . 2006-08-17 12:28 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 827392 c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 351232 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 11:00 . 2008-12-16 12:47 351232 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 233472 c:\windows\system32\dllcache\webcheck.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 153088 c:\windows\system32\dllcache\triedit.dll
+ 2004-08-04 11:00 . 2009-06-21 22:04 153088 c:\windows\system32\dllcache\triedit.dll
+ 2004-08-04 11:00 . 2009-07-29 04:53 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2004-08-04 11:00 . 2008-12-11 11:57 333184 c:\windows\system32\dllcache\srv.sys
+ 2004-08-04 11:00 . 2009-02-06 17:14 110592 c:\windows\system32\dllcache\services.exe
- 2004-08-04 11:00 . 2007-04-25 14:21 144896 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 11:00 . 2008-12-05 07:12 144896 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 399360 c:\windows\system32\dllcache\rpcss.dll
- 2004-08-04 11:00 . 2007-07-09 13:09 584192 c:\windows\system32\dllcache\rpcrt4.dll
+ 2004-08-04 11:00 . 2009-04-15 15:11 584192 c:\windows\system32\dllcache\rpcrt4.dll
+ 2004-08-04 11:00 . 2009-03-06 14:44 283648 c:\windows\system32\dllcache\pdh.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 283648 c:\windows\system32\dllcache\pdh.dll
+ 2004-08-04 11:00 . 2006-10-04 08:48 215552 c:\windows\system32\dllcache\osk.exe
- 2004-08-04 11:00 . 2004-08-04 11:00 215552 c:\windows\system32\dllcache\osk.exe
+ 2004-08-04 11:00 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 714752 c:\windows\system32\dllcache\ntdll.dll
+ 2004-08-04 11:00 . 2009-08-05 09:11 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2004-08-04 11:00 . 2009-06-05 07:42 655872 c:\windows\system32\dllcache\mstscax.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2008-06-19 07:24 . 2008-10-16 20:38 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-06-19 07:24 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2004-08-04 11:00 . 2008-06-12 14:16 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 723456 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 11:00 . 2009-05-07 15:44 344064 c:\windows\system32\dllcache\localspl.dll
+ 2004-08-04 11:00 . 2009-03-21 14:18 986112 c:\windows\system32\dllcache\kernel32.dll
+ 2004-08-04 11:00 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
+ 2004-08-04 11:00 . 2009-06-29 08:35 634632 c:\windows\system32\dllcache\iexplore.exe
+ 2008-06-19 07:24 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-06-19 07:23 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2004-08-04 11:00 . 2008-10-15 07:04 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 11:00 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 473088 c:\windows\system32\dllcache\fastprox.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 616960 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 616960 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-04 11:00 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 124928 c:\windows\system32\advpack.dll
- 2004-08-04 11:00 . 2004-08-04 11:00 616960 c:\windows\system32\advapi32.dll
+ 2004-08-04 11:00 . 2009-02-09 10:20 616960 c:\windows\system32\advapi32.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 08:59 . 2008-11-25 08:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-24 05:47 . 2007-10-24 05:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-10-01 20:34 . 2008-10-16 19:13 202776 c:\windows\LastGood\system32\wuweb.dll
+ 2009-10-01 20:34 . 2008-10-16 19:12 323608 c:\windows\LastGood\system32\wucltui.dll
+ 2009-10-01 20:34 . 2008-10-16 19:12 561688 c:\windows\LastGood\system32\wuapi.dll
+ 2009-10-02 07:03 . 2009-10-02 07:03 972800 c:\windows\Installer\2641496.msi
+ 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\1547313.msp
+ 2009-10-01 07:16 . 2009-10-01 07:16 648192 c:\windows\Installer\15472ed.msi
+ 2008-07-30 01:23 . 2008-07-30 01:23 250880 c:\windows\Installer\1531229.msp
+ 2008-07-30 01:28 . 2008-07-30 01:28 278016 c:\windows\Installer\1531227.msp
+ 2008-07-29 23:40 . 2008-07-29 23:40 291840 c:\windows\Installer\1531225.msp
+ 2009-10-01 07:15 . 2009-10-01 07:15 137728 c:\windows\Installer\153121f.msi
+ 2008-07-29 21:35 . 2008-07-29 21:35 553472 c:\windows\Installer\14c4392.msp
+ 2008-07-29 21:33 . 2008-07-29 21:33 506368 c:\windows\Installer\14c4390.msp
+ 2008-07-29 21:37 . 2008-07-29 21:37 911360 c:\windows\Installer\14c438f.msp
+ 2009-10-01 07:03 . 2008-10-16 20:38 826368 c:\windows\ie7updates\KB972260-IE7\wininet.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 233472 c:\windows\ie7updates\KB972260-IE7\webcheck.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 105984 c:\windows\ie7updates\KB972260-IE7\url.dll
+ 2009-10-01 07:03 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB972260-IE7\spuninst\updspapi.dll
+ 2009-10-01 07:03 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB972260-IE7\spuninst\spuninst.exe
+ 2009-10-01 07:03 . 2008-10-16 20:38 102912 c:\windows\ie7updates\KB972260-IE7\occache.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 671232 c:\windows\ie7updates\KB972260-IE7\mstime.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 193024 c:\windows\ie7updates\KB972260-IE7\msrating.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 477696 c:\windows\ie7updates\KB972260-IE7\mshtmled.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 459264 c:\windows\ie7updates\KB972260-IE7\msfeeds.dll
+ 2009-10-01 07:03 . 2008-10-15 07:06 633632 c:\windows\ie7updates\KB972260-IE7\iexplore.exe
+ 2009-10-01 07:03 . 2008-10-16 20:38 267776 c:\windows\ie7updates\KB972260-IE7\iertutil.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 384512 c:\windows\ie7updates\KB972260-IE7\iedkcs32.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 383488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dll
+ 2009-10-01 07:03 . 2008-10-15 07:04 161792 c:\windows\ie7updates\KB972260-IE7\ieakui.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 230400 c:\windows\ie7updates\KB972260-IE7\ieaksie.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 153088 c:\windows\ie7updates\KB972260-IE7\ieakeng.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 133120 c:\windows\ie7updates\KB972260-IE7\extmgr.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 214528 c:\windows\ie7updates\KB972260-IE7\dxtrans.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 347136 c:\windows\ie7updates\KB972260-IE7\dxtmsft.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 124928 c:\windows\ie7updates\KB972260-IE7\advpack.dll
+ 2009-10-01 19:43 . 2009-10-01 19:43 258048 c:\windows\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
+ 2009-10-01 19:43 . 2008-08-07 19:27 163328 c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2009-10-01 19:43 . 2009-10-01 19:43 258048 c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2009-10-01 19:43 . 2008-08-07 19:27 163328 c:\windows\ERUNT\SDFIX\ERDNT.EXE
+ 2009-10-01 07:14 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-10-01 07:27 . 2009-10-01 07:27 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-10-01 07:27 . 2009-10-01 07:27 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-10-01 07:27 . 2009-10-01 07:27 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-10-01 07:28 . 2009-10-01 07:28 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-10-01 07:28 . 2009-10-01 07:28 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-10-01 07:29 . 2009-10-01 07:29 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-10-01 07:25 . 2009-10-01 07:25 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-10-01 07:25 . 2009-10-01 07:25 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-10-01 07:25 . 2009-10-01 07:25 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-10-01 07:25 . 2009-10-01 07:25 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-10-01 07:29 . 2009-10-01 07:29 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-10-01 07:29 . 2009-10-01 07:29 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-10-01 07:23 . 2009-10-01 07:23 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-10-01 07:23 . 2009-10-01 07:23 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2008-04-12 07:12 . 2008-04-12 07:12 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-04-12 07:12 . 2008-04-12 07:12 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-01 07:14 . 2009-10-01 07:15 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-10-01 07:14 . 2009-10-01 07:14 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-10-01 07:14 . 2009-10-01 07:14 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-01 07:23 . 2009-10-01 07:23 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-10-01 07:23 . 2009-10-01 07:23 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2008-04-12 07:12 . 2008-04-12 07:12 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-10-01 07:14 . 2009-10-01 07:14 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-01 07:14 . 2009-10-01 07:14 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-04-12 07:12 . 2008-04-12 07:12 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-04-12 07:13 . 2008-04-12 07:13 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-01 07:14 . 2009-10-01 07:14 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2004-08-04 11:00 . 2009-05-20 08:56 2458112 c:\windows\system32\WMVCore.dll
- 2004-08-04 11:00 . 2008-06-18 10:03 2458112 c:\windows\system32\wmvcore.dll
- 2004-08-04 11:00 . 2007-04-30 12:20 5537792 c:\windows\system32\wmp.dll
+ 2004-08-04 11:00 . 2009-07-13 14:08 5537792 c:\windows\system32\wmp.dll
+ 2004-08-04 11:00 . 2009-04-17 09:58 1846656 c:\windows\system32\win32k.sys
+ 2004-08-04 11:00 . 2009-06-29 16:12 1159680 c:\windows\system32\urlmon.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-10-01 07:14 . 2008-07-06 21:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-10-01 07:14 . 2008-07-06 21:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-10-01 07:14 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2004-08-04 11:00 . 2008-07-03 13:03 8460800 c:\windows\system32\shell32.dll
+ 2004-08-04 11:00 . 2009-06-03 19:27 1290752 c:\windows\system32\quartz.dll
+ 2004-08-04 11:00 . 2009-02-06 17:24 2180480 c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 11:00 . 2009-02-06 16:49 2057728 c:\windows\system32\ntkrnlpa.exe
- 2004-08-04 11:00 . 2008-08-14 09:22 2057728 c:\windows\system32\ntkrnlpa.exe
+ 2008-08-30 00:06 . 2008-08-30 00:06 1350664 c:\windows\system32\msxml6.dll
+ 2004-08-04 11:00 . 2009-07-19 13:33 3597824 c:\windows\system32\mshtml.dll
+ 2007-08-13 22:54 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll
+ 2007-02-12 20:10 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat
+ 2005-12-05 06:53 . 2009-10-01 07:32 1498328 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-04 11:00 . 2009-08-06 23:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
- 2004-08-04 11:00 . 2008-06-18 10:03 2458112 c:\windows\system32\dllcache\wmvcore.dll
+ 2004-08-04 11:00 . 2009-05-20 08:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
- 2004-08-04 11:00 . 2007-04-30 12:20 5537792 c:\windows\system32\dllcache\wmp.dll
+ 2004-08-04 11:00 . 2009-07-13 14:08 5537792 c:\windows\system32\dllcache\wmp.dll
+ 2004-08-04 11:00 . 2009-04-17 09:58 1846656 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 11:00 . 2009-06-29 16:12 1159680 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 11:00 . 2008-07-03 13:03 8460800 c:\windows\system32\dllcache\shell32.dll
+ 2004-08-04 11:00 . 2009-06-03 19:27 1290752 c:\windows\system32\dllcache\quartz.dll
+ 2007-02-28 09:10 . 2009-02-06 17:24 2180480 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2007-02-28 08:38 . 2009-02-06 16:49 2015744 c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 08:38 . 2008-08-14 09:22 2015744 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2007-02-28 08:38 . 2009-02-06 16:49 2057728 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 08:38 . 2008-08-14 09:22 2057728 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 09:08 . 2008-08-14 09:58 2136064 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2007-02-28 09:08 . 2009-02-06 17:22 2136064 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-04 11:00 . 2009-07-10 13:42 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2004-08-04 11:00 . 2009-07-19 13:33 3597824 c:\windows\system32\dllcache\mshtml.dll
+ 2008-06-19 07:23 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2008-06-19 07:23 . 2009-06-29 08:33 2452872 c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 23:35 . 2008-12-05 23:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-06 00:12 . 2008-12-06 00:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 08:59 . 2008-11-25 08:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2009-10-01 20:34 . 2008-10-16 19:13 1809944 c:\windows\LastGood\system32\wuaueng.dll
+ 2009-10-01 10:44 . 2009-10-01 10:44 1769984 c:\windows\Installer\4a769.msi
+ 2009-10-01 10:43 . 2009-10-01 10:43 1767424 c:\windows\Installer\4a75d.msi
+ 2008-12-13 13:57 . 2008-12-13 13:57 8397824 c:\windows\Installer\15472fc.msp
+ 2008-07-29 23:26 . 2008-07-29 23:26 1043456 c:\windows\Installer\1531228.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37 2679808 c:\windows\Installer\1531226.msp
+ 2008-07-30 01:15 . 2008-07-30 01:15 3697664 c:\windows\Installer\1531224.msp
+ 2008-07-29 23:34 . 2008-07-29 23:34 1448448 c:\windows\Installer\1531223.msp
+ 2008-07-30 00:22 . 2008-07-30 00:22 4137984 c:\windows\Installer\1531222.msp
+ 2008-07-29 23:18 . 2008-07-29 23:18 3376640 c:\windows\Installer\1531221.msp
+ 2008-07-29 21:45 . 2008-07-29 21:45 2543616 c:\windows\Installer\14c4396.msp
+ 2008-07-29 21:29 . 2008-07-29 21:29 2926080 c:\windows\Installer\14c4395.msp
+ 2008-07-29 21:41 . 2008-07-29 21:41 6487040 c:\windows\Installer\14c4394.msp
+ 2008-07-29 21:39 . 2008-07-29 21:39 3403264 c:\windows\Installer\14c4393.msp
+ 2008-07-29 21:43 . 2008-07-29 21:43 1013248 c:\windows\Installer\14c4391.msp
+ 2008-07-29 21:31 . 2008-07-29 21:31 6083072 c:\windows\Installer\14c438e.msp
+ 2009-10-01 07:03 . 2008-10-16 20:38 1160192 c:\windows\ie7updates\KB972260-IE7\urlmon.dll
+ 2009-10-01 07:03 . 2008-10-17 07:08 3593216 c:\windows\ie7updates\KB972260-IE7\mshtml.dll
+ 2009-10-01 07:03 . 2008-10-16 20:38 6066176 c:\windows\ie7updates\KB972260-IE7\ieframe.dll
+ 2009-10-01 07:03 . 2007-04-17 09:32 2455488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dat
+ 2009-10-01 19:43 . 2009-10-01 19:43 5554176 c:\windows\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2009-10-01 19:43 . 2009-10-01 19:43 5554176 c:\windows\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2005-03-02 00:59 . 2009-02-06 17:24 2180480 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2005-03-02 00:34 . 2009-02-06 16:49 2015744 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2005-03-02 00:34 . 2008-08-14 09:22 2015744 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2005-03-02 00:34 . 2009-02-06 16:49 2057728 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2005-03-02 00:34 . 2008-08-14 09:22 2057728 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2005-03-02 00:57 . 2009-02-06 17:22 2136064 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2005-03-02 00:57 . 2008-08-14 09:58 2136064 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-01 07:40 . 2009-10-01 07:40 2710016 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneShell\f39389802176c8514f7a29d2ed0b39dc\ZuneShell.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 1465856 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneDBApi\1bcd22fddfab444a3c0dcedae4c00fef\ZuneDBApi.ni.dll
+ 2009-10-01 07:23 . 2009-10-01 07:23 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 5114368 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX\5c49aafc613861bc26b89d46518fc887\UIX.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 2041856 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX.RenderApi\c99e794233af9c0ea1ba1efd60cd5757\UIX.RenderApi.ni.dll
+ 2009-10-01 07:27 . 2009-10-01 07:27 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-10-01 07:22 . 2009-10-01 07:22 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-10-01 07:27 . 2009-10-01 07:27 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-10-01 07:27 . 2009-10-01 07:27 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-10-01 07:28 . 2009-10-01 07:28 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-10-01 07:28 . 2009-10-01 07:28 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-10-01 07:40 . 2009-10-01 07:40 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fab76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-10-01 07:38 . 2009-10-01 07:38 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-10-01 07:25 . 2009-10-01 07:25 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-10-01 07:22 . 2009-10-01 07:22 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-10-01 07:30 . 2009-10-01 07:30 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-10-01 07:23 . 2009-10-01 07:23 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-10-01 07:22 . 2009-10-01 07:22 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-10-01 07:16 . 2009-10-01 07:16 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-10-01 07:22 . 2009-10-01 07:22 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-10-01 07:15 . 2009-10-01 07:15 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-10-01 07:20 . 2009-10-01 07:20 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-12-13 14:21 . 2008-12-13 14:21 10473472 c:\windows\Installer\1547307.msp
+ 2009-10-01 07:27 . 2009-10-01 07:27 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-10-01 07:39 . 2009-10-01 07:39 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-10-01 07:29 . 2009-10-01 07:29 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-10-01 07:26 . 2009-10-01 07:26 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-10-01 07:25 . 2009-10-01 07:25 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-10-01 07:24 . 2009-10-01 07:24 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-10-01 07:21 . 2009-10-01 07:22 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-05 39408]
"Octoshape Streaming Services"="c:\documents and settings\Compaq_Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-05 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-11-10 157312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-07-16 1166216]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-25 1948440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-30 149280]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-06-14 16239616]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-03 1630208]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-9-4 27136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-25 12:56 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/14/2008 11:20 PM 335752]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [12/14/2008 11:19 PM 298776]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [7/31/2008 12:26 AM 356920]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [8/4/2008 4:31 PM 24652]
S2 edbqhrp;edbqhrp;\??\c:\windows\system32\drivers\aiabybbupj.sys --> c:\windows\system32\drivers\aiabybbupj.sys [?]
S2 fhdofykvhayzqjz;fhdofykvhayzqjz;\??\c:\windows\system32\drivers\lcbjfiegedfht.sys --> c:\windows\system32\drivers\lcbjfiegedfht.sys [?]
S2 fvjs;fvjs;c:\windows\system32\drivers\kzxykxd.sys --> c:\windows\system32\drivers\kzxykxd.sys [?]
S2 gupdate1c9876f9547267c;Google Update Service (gupdate1c9876f9547267c);c:\program files\Google\Update\GoogleUpdate.exe [2/5/2009 4:56 AM 133104]
S2 rlyvhtln;rlyvhtln;c:\windows\system32\drivers\ddrusb.sys --> c:\windows\system32\drivers\ddrusb.sys [?]
S2 SheellHWD;Shell Hardware Detecetion;c:\program files\Common Files\Microsoft Shared\MSINFO\upsetup.exe --> c:\program files\Common Files\Microsoft Shared\MSINFO\upsetup.exe [?]
S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [8/4/2004 7:00 AM 14336]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2009-10-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-15 04:45]

2009-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 08:55]

2009-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 08:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm265YYUS&fl=0&ptb=Iyi25adOF66mXViAPAgkHw&url=http://www.ask.com/web&q={searchTerms}&l=zu&o=sb
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: louisvillmojo.com
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\e7jauau7.default\
FF - prefs.js: browser.startup.homepage - myspace.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\e7jauau7.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\plugins\npoctoshape.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint_.dll
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
HKCU-Run-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe
AddRemove-Excel Advanced Sort By Characters - c:\program files\Excel Advanced Sort By Characters



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-02 13:12
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\TEMP\3cce3461-b361-489e-bb4d-49eb310af296.tmp 0 bytes


**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2009-10-02 13:16
ComboFix-quarantined-files.txt 2009-10-02 17:15
ComboFix2.txt 2009-10-01 00:58

Pre-Run: 39,997,071,360 bytes free
Post-Run: 39,974,580,224 bytes free

1222 --- E O F --- 2009-10-02 07:06

#14 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:11:42 PM

Posted 02 October 2009 - 12:31 PM

Hi Ch2is,

Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
Finally copy and paste the contents of the results file Report.txt back onto the forum




You forgot the SDFix report. You should have it saved on your computer from the previous run of SDFix. Copy and paste the contents of the results file Report.txt

Edited by SifuMike, 02 October 2009 - 12:52 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#15 Ch2is

Ch2is
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 02 October 2009 - 03:49 PM

Do you want me to post that in a reply to this thread or as a brand new forum post




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users