Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

persistent rootkit infection


  • Please log in to reply
1 reply to this topic

#1 MAL123

MAL123

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:54 AM

Posted 25 November 2009 - 05:09 AM

You have a very persistent rootkit infection would recommend reformatting and reinstalling the operating system
If that is not an option, please follow these directions


Now that you were successful in creating Root Repeal and win32diag logs you need to post them in our HJT forum There they will help you with the removal through some custom scripts and programs that we cannot run here in this forum


Please help please see data below

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/18 19:53
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xEDB7B000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7CD7000 Size: 8192 File Visible: No Signed: -
Status: -

Name: tatertot.scr.sys
Image Path: C:\WINDOWS\system32\drivers\tatertot.scr.sys
Address: 0xED1A1000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: c:\documents and settings\menaka perera\application data\mozilla\firefox\profiles\wgxsuj9k.default\sessionstore.js
Status: Size mismatch (API: 2047, Raw: 1771)

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\12\12-{86~2.FRX:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\13\13-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v13-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\14\14-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v14-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\15\15-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v15-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\16\12-{863F5631-10A6-4C4C-A596-D6F90BF5F90E}-v16-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\16\16-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v16-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\16\30-{86~1.FRX:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\17\17-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v17-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\18\18-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v18-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\19\19-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v19-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Menaka Perera\Local Settings\Application Data\Microsoft\Messenger\s_menaka_p@hotmail.com\SharingMetadata\malik_m_83@hotmail.com\DFSR\Staging\CS{5C45F0E6-E703-3322-95E8-CA24338310A3}\20\20-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v20-{400CF507-E4F7-48E7-9BDD-B064221FA0FA}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
Status: Visible to the Windows API, but not on disk.

SSDT
-------------------
#: 019 Function Name: NtAssignProcessToJobObject
Status: Hooked by "<unknown>" at address 0x855528a0

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x85551cb0

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x855520d0

#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x855526d0

#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x855524f0

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x85551ee0

#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x85552310

Stealth Objects
-------------------
Object: Hidden Code [ETHREAD: 0x85e87da8]
Process: System Address: 0x85550930 Size: 1000

==EOF==


Running from: C:\Documents and Settings\Menaka Perera\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Menaka Perera\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll

[1] 2005-07-26 15:39:42 225792 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\catsrv.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:23 225792 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:42 225792 C:\WINDOWS\$NtServicePackUninstall$\catsrv.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 215040 C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll ()

[1] 2004-08-04 00:56:42 229888 C:\WINDOWS\$NtUninstallKB902400$\catsrv.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 225280 C:\WINDOWS\$NtUninstallKB902400_0$\catsrv.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 226304 C:\WINDOWS\ServicePackFiles\i386\catsrv.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 229888 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\catsrv.dll (Microsoft Corporation)

[3] 2004-03-06 13:16:10 225280 C:\WINDOWS\system32\catsrv(3).dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 226304 C:\WINDOWS\system32\catsrv.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll

[1] 2005-07-26 15:39:43 625152 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\catsrvut.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:23 625152 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:43 625152 C:\WINDOWS\$NtServicePackUninstall$\catsrvut.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 582656 C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll ()

[1] 2004-08-04 00:56:42 628224 C:\WINDOWS\$NtUninstallKB902400$\catsrvut.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 594944 C:\WINDOWS\$NtUninstallKB902400_0$\catsrvut.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 625664 C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 628224 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\catsrvut.dll (Microsoft Corporation)

[3] 2004-03-06 13:16:10 594944 C:\WINDOWS\system32\catsrvut(3).dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 625664 C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll

[1] 2005-07-26 15:39:43 110080 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\clbcatex.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:23 110080 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:43 110080 C:\WINDOWS\$NtServicePackUninstall$\clbcatex.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 100864 C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll ()

[1] 2004-08-04 00:56:42 110080 C:\WINDOWS\$NtUninstallKB902400$\clbcatex.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 110080 C:\WINDOWS\$NtUninstallKB902400_0$\clbcatex.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 110592 C:\WINDOWS\ServicePackFiles\i386\clbcatex.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 110080 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\clbcatex.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 110592 C:\WINDOWS\system32\clbcatex.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 110592 C:\WINDOWS\system32\dllcache\clbcatex.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll

[1] 2005-07-26 15:39:43 498688 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\clbcatq.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:24 498688 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:43 498688 C:\WINDOWS\$NtServicePackUninstall$\clbcatq.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 468480 C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll ()

[1] 2004-08-04 00:56:42 501248 C:\WINDOWS\$NtUninstallKB902400$\clbcatq.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:11 499712 C:\WINDOWS\$NtUninstallKB902400_0$\clbcatq.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 498688 C:\WINDOWS\ServicePackFiles\i386\clbcatq.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 501248 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\clbcatq.dll (Microsoft Corporation)

[3] 2004-03-06 13:16:11 499712 C:\WINDOWS\system32\clbcatq(3).dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 498688 C:\WINDOWS\system32\clbcatq.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\colbact.dll

[1] 2005-07-26 15:39:43 60416 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\colbact.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:24 60416 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:43 60416 C:\WINDOWS\$NtServicePackUninstall$\colbact.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 56832 C:\WINDOWS\$NtUninstallKB828741$\colbact.dll ()

[1] 2004-08-04 00:56:42 62464 C:\WINDOWS\$NtUninstallKB902400$\colbact.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 64512 C:\WINDOWS\$NtUninstallKB902400_0$\colbact.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 60416 C:\WINDOWS\ServicePackFiles\i386\colbact.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 62464 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\colbact.dll (Microsoft Corporation)

[3] 2004-03-06 13:16:10 64512 C:\WINDOWS\system32\colbact(3).dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 60416 C:\WINDOWS\system32\colbact.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll

[1] 2005-07-26 15:39:44 195072 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\comadmin.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:24 195072 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:44 195072 C:\WINDOWS\$NtServicePackUninstall$\comadmin.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 186880 C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll ()

[1] 2004-08-04 00:56:42 195584 C:\WINDOWS\$NtUninstallKB902400$\comadmin.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 187904 C:\WINDOWS\$NtUninstallKB902400_0$\comadmin.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 195072 C:\WINDOWS\ServicePackFiles\i386\comadmin.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 195584 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\comadmin.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 195072 C:\WINDOWS\system32\Com\comadmin.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 195072 C:\WINDOWS\system32\dllcache\comadmin.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe

[1] 2004-08-04 00:56:50 9728 C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe (Microsoft Corporation)

[1] 2003-03-31 13:00:00 8192 C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe ()

[1] 2008-04-14 11:12:15 9728 C:\WINDOWS\ServicePackFiles\i386\comrepl.exe (Microsoft Corporation)

[1] 2004-08-04 18:56:48 9728 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\comrepl.exe (Microsoft Corporation)

[1] 2008-04-14 11:12:15 9728 C:\WINDOWS\system32\Com\comrepl.exe (Microsoft Corporation)

[1] 2008-04-14 11:12:15 9728 C:\WINDOWS\system32\dllcache\comrepl.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll

[1] 2005-07-26 15:39:44 1267200 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\comsvcs.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:27 1267200 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:44 1267200 C:\WINDOWS\$NtServicePackUninstall$\comsvcs.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 1172992 C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll ()

[1] 2004-08-04 00:56:42 1251840 C:\WINDOWS\$NtUninstallKB902400$\comsvcs.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:11 1194496 C:\WINDOWS\$NtUninstallKB902400_0$\comsvcs.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 1267200 C:\WINDOWS\ServicePackFiles\i386\comsvcs.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 1251840 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\comsvcs.dll (Microsoft Corporation)

[3] 2004-03-06 13:16:11 1194496 C:\WINDOWS\system32\comsvcs(3).dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 1267200 C:\WINDOWS\system32\comsvcs.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\comuid.dll

[1] 2005-07-26 15:39:45 540160 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\comuid.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:28 540160 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:45 540160 C:\WINDOWS\$NtServicePackUninstall$\comuid.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 495616 C:\WINDOWS\$NtUninstallKB828741$\comuid.dll ()

[1] 2004-08-04 00:56:42 540160 C:\WINDOWS\$NtUninstallKB902400$\comuid.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 499200 C:\WINDOWS\$NtUninstallKB902400_0$\comuid.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 539648 C:\WINDOWS\ServicePackFiles\i386\comuid.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 540160 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\comuid.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 539648 C:\WINDOWS\system32\comuid.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:51 539648 C:\WINDOWS\system32\dllcache\comuid.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\es.dll

[1] 2005-07-26 15:39:45 243200 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\es.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:28 243200 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll (Microsoft Corporation)

[1] 2008-07-08 07:06:43 253952 C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll (Microsoft Corporation)

[1] 2008-07-08 07:26:58 253952 C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll (Microsoft Corporation)

[1] 2008-07-08 07:23:18 253952 C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll (Microsoft Corporation)

[1] 2008-07-08 07:32:22 253952 C:\WINDOWS\$NtServicePackUninstall$\es.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 225280 C:\WINDOWS\$NtUninstallKB828741$\es.dll ()

[1] 2004-08-04 00:56:44 243200 C:\WINDOWS\$NtUninstallKB902400$\es.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:11 226816 C:\WINDOWS\$NtUninstallKB902400_0$\es.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:53 246272 C:\WINDOWS\$NtUninstallKB950974$\es.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:45 243200 C:\WINDOWS\$NtUninstallKB950974_0$\es.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:53 246272 C:\WINDOWS\ServicePackFiles\i386\es.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 243200 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\es.dll (Microsoft Corporation)

[1] 2008-07-08 07:26:58 253952 C:\WINDOWS\system32\dllcache\es.dll (Microsoft Corporation)

[3] 2004-08-04 01:56:44 243200 C:\WINDOWS\system32\es(2).dll (Microsoft Corporation)

[1] 2008-07-08 07:26:58 253952 C:\WINDOWS\system32\es.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll

[1] 2005-07-26 15:39:46 425472 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\msdtcprx.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:29 425472 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll (Microsoft Corporation)

[1] 2006-03-02 06:34:20 426496 C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll (Microsoft Corporation)

[1] 2008-06-13 01:09:35 428032 C:\WINDOWS\$hf_mig$\KB952004\SP3QFE\msdtcprx.dll (Microsoft Corporation)

[1] 2006-03-02 06:42:42 426496 C:\WINDOWS\$NtServicePackUninstall$\msdtcprx.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 359936 C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll ()

[1] 2004-08-04 00:56:44 425472 C:\WINDOWS\$NtUninstallKB902400$\msdtcprx.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 367616 C:\WINDOWS\$NtUninstallKB902400_0$\msdtcprx.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:46 425472 C:\WINDOWS\$NtUninstallKB913580$\msdtcprx.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:59 427008 C:\WINDOWS\$NtUninstallKB952004$\msdtcprx.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:59 427008 C:\WINDOWS\ServicePackFiles\i386\msdtcprx.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 425472 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msdtcprx.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 428032 C:\WINDOWS\system32\dllcache\msdtcprx.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 428032 C:\WINDOWS\system32\msdtcprx.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll

[1] 2005-07-26 15:39:47 945152 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\msdtctm.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:31 945152 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll (Microsoft Corporation)

[1] 2006-03-02 06:34:20 956416 C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll (Microsoft Corporation)

[1] 2008-06-13 01:09:35 956928 C:\WINDOWS\$hf_mig$\KB952004\SP3QFE\msdtctm.dll (Microsoft Corporation)

[1] 2006-03-02 06:42:42 956416 C:\WINDOWS\$NtServicePackUninstall$\msdtctm.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 869376 C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll ()

[1] 2004-08-04 00:56:44 949248 C:\WINDOWS\$NtUninstallKB902400$\msdtctm.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:11 977920 C:\WINDOWS\$NtUninstallKB902400_0$\msdtctm.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:47 945152 C:\WINDOWS\$NtUninstallKB913580$\msdtctm.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:59 956928 C:\WINDOWS\$NtUninstallKB952004$\msdtctm.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:59 956928 C:\WINDOWS\ServicePackFiles\i386\msdtctm.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 949248 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msdtctm.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 956928 C:\WINDOWS\system32\dllcache\msdtctm.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 956928 C:\WINDOWS\system32\msdtctm.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll

[1] 2005-07-26 15:39:47 161280 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\msdtcuiu.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:31 161280 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll (Microsoft Corporation)

[1] 2006-03-02 06:34:20 161280 C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll (Microsoft Corporation)

[1] 2008-06-13 01:09:35 161792 C:\WINDOWS\$hf_mig$\KB952004\SP3QFE\msdtcuiu.dll (Microsoft Corporation)

[1] 2006-03-02 06:42:42 161280 C:\WINDOWS\$NtServicePackUninstall$\msdtcuiu.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 151040 C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll ()

[1] 2004-08-04 00:56:44 161280 C:\WINDOWS\$NtUninstallKB902400$\msdtcuiu.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 150528 C:\WINDOWS\$NtUninstallKB902400_0$\msdtcuiu.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:47 161280 C:\WINDOWS\$NtUninstallKB913580$\msdtcuiu.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:59 161792 C:\WINDOWS\$NtUninstallKB952004$\msdtcuiu.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:59 161792 C:\WINDOWS\ServicePackFiles\i386\msdtcuiu.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 161280 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msdtcuiu.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 161792 C:\WINDOWS\system32\dllcache\msdtcuiu.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 161792 C:\WINDOWS\system32\msdtcuiu.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll

[1] 2005-07-26 15:39:47 66560 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\mtxclu.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:39 66560 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll (Microsoft Corporation)

[1] 2006-03-02 06:34:20 66560 C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll (Microsoft Corporation)

[1] 2008-06-13 01:09:35 66560 C:\WINDOWS\$hf_mig$\KB952004\SP3QFE\mtxclu.dll (Microsoft Corporation)

[1] 2006-03-02 06:42:42 66560 C:\WINDOWS\$NtServicePackUninstall$\mtxclu.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 61440 C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll ()

[1] 2004-08-04 00:56:46 66560 C:\WINDOWS\$NtUninstallKB902400$\mtxclu.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 64512 C:\WINDOWS\$NtUninstallKB902400_0$\mtxclu.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:47 66560 C:\WINDOWS\$NtUninstallKB913580$\mtxclu.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:01 66560 C:\WINDOWS\$NtUninstallKB952004$\mtxclu.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:01 66560 C:\WINDOWS\ServicePackFiles\i386\mtxclu.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 66560 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mtxclu.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 66560 C:\WINDOWS\system32\dllcache\mtxclu.dll (Microsoft Corporation)

[3] 2004-03-06 13:16:10 64512 C:\WINDOWS\system32\mtxclu(3).dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 66560 C:\WINDOWS\system32\mtxclu.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll

[1] 2005-07-26 15:39:47 91136 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\mtxoci.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:40 91136 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll (Microsoft Corporation)

[1] 2006-03-02 06:34:20 91136 C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll (Microsoft Corporation)

[1] 2008-06-13 01:09:35 91648 C:\WINDOWS\$hf_mig$\KB952004\SP3QFE\mtxoci.dll (Microsoft Corporation)

[1] 2006-03-02 06:42:42 91136 C:\WINDOWS\$NtServicePackUninstall$\mtxoci.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 83968 C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll ()

[1] 2004-08-04 00:56:46 90112 C:\WINDOWS\$NtUninstallKB902400$\mtxoci.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 82432 C:\WINDOWS\$NtUninstallKB902400_0$\mtxoci.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:47 91136 C:\WINDOWS\$NtUninstallKB913580$\mtxoci.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:01 91648 C:\WINDOWS\$NtUninstallKB952004$\mtxoci.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:01 91648 C:\WINDOWS\ServicePackFiles\i386\mtxoci.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 90112 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mtxoci.dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 91648 C:\WINDOWS\system32\dllcache\mtxoci.dll (Microsoft Corporation)

[3] 2004-03-06 13:16:10 82432 C:\WINDOWS\system32\mtxoci(2).dll (Microsoft Corporation)

[1] 2008-06-13 01:23:32 91648 C:\WINDOWS\system32\mtxoci.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\ole32.dll

[1] 2005-07-26 15:39:48 1285120 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\ole32.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:40 1285632 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:48 1285120 C:\WINDOWS\$NtServicePackUninstall$\ole32.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 1169920 C:\WINDOWS\$NtUninstallKB824146$\ole32.dll (Microsoft Corporation)

[1] 2003-08-26 00:53:44 1172992 C:\WINDOWS\$NtUninstallKB826939$\ole32.dll (Microsoft Corporation)

[1] 2003-08-26 00:53:44 1172992 C:\WINDOWS\$NtUninstallKB828741$\ole32.dll ()

[1] 2004-08-04 00:56:46 1281536 C:\WINDOWS\$NtUninstallKB902400$\ole32.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:11 1183744 C:\WINDOWS\$NtUninstallKB902400_0$\ole32.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:02 1287168 C:\WINDOWS\ServicePackFiles\i386\ole32.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 1281536 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ole32.dll (Microsoft Corporation)

[2] 2004-03-06 13:16:11 1183744 C:\WINDOWS\system32\ole32(3).dll (Microsoft Corporation)

[1] 2008-04-14 11:12:02 1287168 C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll

[1] 2009-04-16 02:24:20 585216 C:\WINDOWS\$hf_mig$\KB970238\SP3QFE\rpcrt4.dll (Microsoft Corporation)

[1] 2007-07-10 00:16:16 582656 C:\WINDOWS\$NtServicePackUninstall$\rpcrt4.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 530432 C:\WINDOWS\$NtUninstallKB824146$\rpcrt4.dll (Microsoft Corporation)

[1] 2003-08-26 00:53:46 532480 C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll (Microsoft Corporation)

[1] 2003-08-26 00:53:46 532480 C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll ()

[1] 2004-08-04 00:56:46 581120 C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:04 584704 C:\WINDOWS\$NtUninstallKB970238$\rpcrt4.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:04 584704 C:\WINDOWS\ServicePackFiles\i386\rpcrt4.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 581120 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rpcrt4.dll (Microsoft Corporation)

[1] 2009-04-16 01:51:25 585216 C:\WINDOWS\system32\dllcache\rpcrt4.dll (Microsoft Corporation)

[2] 2004-03-06 13:16:11 535552 C:\WINDOWS\system32\rpcrt4(3).dll (Microsoft Corporation)

[1] 2009-04-16 01:51:25 585216 C:\WINDOWS\system32\rpcrt4.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll

[1] 2005-07-26 15:39:49 397824 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\rpcss.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:40 398336 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll (Microsoft Corporation)

[1] 2009-02-09 21:56:36 401408 C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:49 397824 C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 260608 C:\WINDOWS\$NtUninstallKB824146$\rpcss.dll (Microsoft Corporation)

[1] 2003-08-26 00:53:40 260608 C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll (Microsoft Corporation)

[1] 2003-08-26 00:53:40 260608 C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll ()

[1] 2004-08-04 00:56:46 395776 C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:11 263680 C:\WINDOWS\$NtUninstallKB902400_0$\rpcss.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:04 399360 C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:04 399360 C:\WINDOWS\ServicePackFiles\i386\rpcss.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 395776 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rpcss.dll (Microsoft Corporation)

[1] 2009-02-09 23:10:48 401408 C:\WINDOWS\system32\dllcache\rpcss.dll (Microsoft Corporation)

[2] 2004-03-06 13:16:11 263680 C:\WINDOWS\system32\rpcss(3).dll (Microsoft Corporation)

[1] 2009-02-09 23:10:48 401408 C:\WINDOWS\system32\rpcss.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\txflog.dll

[1] 2005-07-26 15:39:49 101376 C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\txflog.dll (Microsoft Corporation)

[1] 2005-07-26 15:20:40 101376 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\txflog.dll (Microsoft Corporation)

[1] 2005-07-26 15:39:49 101376 C:\WINDOWS\$NtServicePackUninstall$\txflog.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 90624 C:\WINDOWS\$NtUninstallKB828741$\txflog.dll ()

[1] 2004-08-04 00:56:48 101376 C:\WINDOWS\$NtUninstallKB902400$\txflog.dll (Microsoft Corporation)

[1] 2004-03-06 13:16:10 97280 C:\WINDOWS\$NtUninstallKB902400_0$\txflog.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:07 101376 C:\WINDOWS\ServicePackFiles\i386\txflog.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:46 101376 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\txflog.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:07 101376 C:\WINDOWS\system32\dllcache\txflog.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:07 101376 C:\WINDOWS\system32\txflog.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\callcont.dll

[1] 2004-08-04 00:56:42 385024 C:\WINDOWS\$NtServicePackUninstall$\callcont.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 360448 C:\WINDOWS\$NtUninstallKB835732$\callcont.dll ()

[1] 2008-04-14 11:11:50 385024 C:\WINDOWS\ServicePackFiles\i386\callcont.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:41 385024 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\callcont.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:50 385024 C:\WINDOWS\system32\dllcache\callcont.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll

[1] 2005-10-06 14:09:36 280064 C:\WINDOWS\$hf_mig$\KB896424\SP2GDR\gdi32.dll (Microsoft Corporation)

[1] 2005-10-06 14:18:28 280064 C:\WINDOWS\$hf_mig$\KB896424\SP2QFE\gdi32.dll (Microsoft Corporation)

[1] 2005-12-29 14:04:05 280064 C:\WINDOWS\$hf_mig$\KB912919\SP2QFE\gdi32.dll (Microsoft Corporation)

[1] 2007-03-09 02:48:36 282112 C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\gdi32.dll (Microsoft Corporation)

[1] 2007-06-20 00:37:21 282112 C:\WINDOWS\$hf_mig$\KB938829\SP2QFE\gdi32.dll (Microsoft Corporation)

[1] 2008-02-20 17:52:43 282624 C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll (Microsoft Corporation)

[1] 2008-10-23 23:51:04 284160 C:\WINDOWS\$hf_mig$\KB956802\SP2QFE\gdi32.dll (Microsoft Corporation)

[1] 2008-10-23 23:36:14 286720 C:\WINDOWS\$hf_mig$\KB956802\SP3GDR\gdi32.dll (Microsoft Corporation)

[1] 2008-10-23 23:43:42 286720 C:\WINDOWS\$hf_mig$\KB956802\SP3QFE\gdi32.dll (Microsoft Corporation)

[1] 2008-10-24 00:01:36 283648 C:\WINDOWS\$NtServicePackUninstall$\gdi32.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 250368 C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll ()

[1] 2004-08-04 00:56:44 278016 C:\WINDOWS\$NtUninstallKB896424$\gdi32.dll (Microsoft Corporation)

[1] 2004-03-30 12:48:36 257536 C:\WINDOWS\$NtUninstallKB896424_0$\gdi32.dll (Microsoft Corporation)

[1] 2005-10-06 14:09:36 280064 C:\WINDOWS\$NtUninstallKB912919$\gdi32.dll (Microsoft Corporation)

[1] 2005-12-29 13:54:35 280064 C:\WINDOWS\$NtUninstallKB925902$\gdi32.dll (Microsoft Corporation)

[1] 2007-03-09 02:36:28 281600 C:\WINDOWS\$NtUninstallKB938829$\gdi32.dll (Microsoft Corporation)

[1] 2007-06-20 00:31:19 282112 C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:54 285184 C:\WINDOWS\$NtUninstallKB956802$\gdi32.dll (Microsoft Corporation)

[1] 2008-02-20 17:51:05 282624 C:\WINDOWS\$NtUninstallKB956802_0$\gdi32.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:54 285184 C:\WINDOWS\ServicePackFiles\i386\gdi32.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 278016 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\gdi32.dll (Microsoft Corporation)

[1] 2008-10-23 23:36:14 286720 C:\WINDOWS\system32\dllcache\gdi32.dll (Microsoft Corporation)

[1] 2008-10-23 23:36:14 286720 C:\WINDOWS\system32\gdi32.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\h323.tsp

[1] 2004-08-04 00:56:58 265728 C:\WINDOWS\$NtServicePackUninstall$\h323.tsp ()

[1] 2003-03-31 13:00:00 252928 C:\WINDOWS\$NtUninstallKB835732$\h323.tsp ()

[1] 2008-04-14 11:12:45 265728 C:\WINDOWS\ServicePackFiles\i386\h323.tsp ()

[1] 2004-08-04 18:56:57 265728 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\h323.tsp ()

[1] 2008-04-14 11:12:45 265728 C:\WINDOWS\system32\h323.tsp ()



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll

[1] 2004-08-04 00:56:44 614912 C:\WINDOWS\$NtServicePackUninstall$\h323msp.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 592896 C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll ()

[1] 2008-04-14 11:11:54 614912 C:\WINDOWS\ServicePackFiles\i386\h323msp.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 614912 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\h323msp.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:54 614912 C:\WINDOWS\system32\dllcache\h323msp.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:54 614912 C:\WINDOWS\system32\h323msp.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe

[1] 2004-08-04 00:56:50 768512 C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe (Microsoft Corporation)

[1] 2003-03-31 13:00:00 742400 C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe ()

[1] 2008-04-14 11:12:21 769024 C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe (Microsoft Corporation)

[1] 2008-04-14 11:12:21 769024 C:\WINDOWS\ServicePackFiles\i386\helpctr.exe (Microsoft Corporation)

[1] 2004-08-04 18:56:49 768512 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\helpctr.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll

[1] 2004-08-04 00:56:44 331264 C:\WINDOWS\$NtServicePackUninstall$\ipnathlp.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 435200 C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll ()

[1] 2008-04-14 11:11:55 331264 C:\WINDOWS\ServicePackFiles\i386\ipnathlp.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 331264 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ipnathlp.dll (Microsoft Corporation)

[2] 2004-03-30 12:48:36 439808 C:\WINDOWS\system32\ipnathlp(3).dll (Microsoft Corporation)

[1] 2008-04-14 11:11:55 331264 C:\WINDOWS\system32\ipnathlp.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll

[1] 2004-10-28 12:21:01 721920 C:\WINDOWS\$hf_mig$\KB885835\SP2GDR\lsasrv.dll (Microsoft Corporation)

[1] 2004-10-28 12:28:18 721920 C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\lsasrv.dll (Microsoft Corporation)

[1] 2006-08-17 23:37:49 726528 C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\lsasrv.dll (Microsoft Corporation)

[1] 2007-11-07 20:50:47 727040 C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll (Microsoft Corporation)

[1] 2009-02-09 21:56:36 729088 C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\lsasrv.dll (Microsoft Corporation)

[1] 2009-06-26 20:41:12 730112 C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\lsasrv.dll (Microsoft Corporation)

[1] 2007-11-07 20:26:56 721920 C:\WINDOWS\$NtServicePackUninstall$\lsasrv.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 671744 C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll ()

[1] 2004-08-04 00:56:44 721920 C:\WINDOWS\$NtUninstallKB885835$\lsasrv.dll (Microsoft Corporation)

[1] 2004-03-30 12:48:36 667648 C:\WINDOWS\$NtUninstallKB885835_0$\lsasrv.dll (Microsoft Corporation)

[1] 2004-10-28 12:21:01 721920 C:\WINDOWS\$NtUninstallKB924270$\lsasrv.dll (Microsoft Corporation)

[1] 2006-08-17 23:28:27 721920 C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:56 728064 C:\WINDOWS\$NtUninstallKB956572$\lsasrv.dll (Microsoft Corporation)

[1] 2009-02-09 23:10:49 729088 C:\WINDOWS\$NtUninstallKB968389$\lsasrv.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:56 728064 C:\WINDOWS\ServicePackFiles\i386\lsasrv.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 721920 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lsasrv.dll (Microsoft Corporation)

[1] 2009-06-25 19:25:26 730112 C:\WINDOWS\system32\dllcache\lsasrv.dll (Microsoft Corporation)

[1] 2009-06-25 19:25:26 730112 C:\WINDOWS\system32\lsasrv.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll

[1] 2007-03-09 02:48:36 40960 C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\mf3216.dll (Microsoft Corporation)

[1] 2007-03-09 02:36:28 40960 C:\WINDOWS\$NtServicePackUninstall$\mf3216.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 35328 C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll ()

[1] 2004-08-04 00:56:44 39936 C:\WINDOWS\$NtUninstallKB925902$\mf3216.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:56 40960 C:\WINDOWS\ServicePackFiles\i386\mf3216.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 39936 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mf3216.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:56 40960 C:\WINDOWS\system32\dllcache\mf3216.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:56 40960 C:\WINDOWS\system32\mf3216.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll

[1] 2009-09-05 07:57:48 58880 C:\WINDOWS\$hf_mig$\KB974571\SP3QFE\msasn1.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 57344 C:\WINDOWS\$NtServicePackUninstall$\msasn1.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 51200 C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll (Microsoft Corporation)

[1] 2003-09-19 23:37:54 51712 C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll ()

[1] 2008-04-14 11:11:58 57344 C:\WINDOWS\$NtUninstallKB974571$\msasn1.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:58 57344 C:\WINDOWS\ServicePackFiles\i386\msasn1.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 57344 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msasn1.dll (Microsoft Corporation)

[1] 2009-09-05 08:03:36 58880 C:\WINDOWS\system32\dllcache\msasn1.dll (Microsoft Corporation)

[2] 2004-03-30 12:48:36 51712 C:\WINDOWS\system32\msasn1(3).dll (Microsoft Corporation)

[1] 2009-09-05 08:03:36 58880 C:\WINDOWS\system32\msasn1.dll (Microsoft Corporation)

[2] 2008-04-14 11:11:58 57344 C:\System Volume Information\_restore{4722BA04-B784-4C7D-8C34-06E379EFA6F0}\RP535\A0108600.dll (Microsoft Corporation)

[2] 2008-04-14 11:11:58 57344 C:\System Volume Information\_restore{4722BA04-B784-4C7D-8C34-06E379EFA6F0}\RP535\A0108702.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\msgina.dll

[1] 2004-08-04 00:56:44 994304 C:\WINDOWS\$NtServicePackUninstall$\msgina.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 968192 C:\WINDOWS\$NtUninstallKB835732$\msgina.dll ()

[1] 2008-04-14 11:11:59 997376 C:\WINDOWS\ServicePackFiles\i386\msgina.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 994304 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msgina.dll (Microsoft Corporation)

[1] 2008-04-14 11:11:59 997376 C:\WINDOWS\system32\msgina.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\mst120.dll

[1] 2004-08-04 00:56:44 274432 C:\WINDOWS\$NtServicePackUninstall$\mst120.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 249856 C:\WINDOWS\$NtUninstallKB835732$\mst120.dll ()

[1] 2008-04-14 11:12:00 274432 C:\WINDOWS\ServicePackFiles\i386\mst120.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 274432 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mst120.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:00 274432 C:\WINDOWS\system32\dllcache\mst120.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll

[1] 2006-07-15 02:41:56 336896 C:\WINDOWS\$hf_mig$\KB921883\SP2QFE\netapi32.dll (Microsoft Corporation)

[1] 2006-08-17 23:37:49 337408 C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\netapi32.dll (Microsoft Corporation)

[1] 2008-10-16 03:53:28 339456 C:\WINDOWS\$hf_mig$\KB958644\SP2QFE\netapi32.dll (Microsoft Corporation)

[1] 2008-10-16 03:34:24 337408 C:\WINDOWS\$hf_mig$\KB958644\SP3GDR\netapi32.dll (Microsoft Corporation)

[1] 2008-10-16 03:25:53 339456 C:\WINDOWS\$hf_mig$\KB958644\SP3QFE\netapi32.dll (Microsoft Corporation)

[1] 2008-10-16 03:57:55 332800 C:\WINDOWS\$NtServicePackUninstall$\netapi32.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 309248 C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll ()

[1] 2004-08-04 00:56:46 332288 C:\WINDOWS\$NtUninstallKB921883$\netapi32.dll (Microsoft Corporation)

[1] 2006-07-15 02:31:39 332288 C:\WINDOWS\$NtUninstallKB924270$\netapi32.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:01 337408 C:\WINDOWS\$NtUninstallKB958644$\netapi32.dll (Microsoft Corporation)

[1] 2006-08-17 23:28:27 332288 C:\WINDOWS\$NtUninstallKB958644_0$\netapi32.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:01 337408 C:\WINDOWS\ServicePackFiles\i386\netapi32.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 332288 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netapi32.dll (Microsoft Corporation)

[1] 2008-10-16 03:34:24 337408 C:\WINDOWS\system32\dllcache\netapi32.dll (Microsoft Corporation)

[2] 2004-03-30 12:48:36 306176 C:\WINDOWS\system32\netapi32(3).dll (Microsoft Corporation)

[1] 2008-10-16 03:34:24 337408 C:\WINDOWS\system32\netapi32.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll

[1] 2004-08-04 00:56:46 77824 C:\WINDOWS\$NtServicePackUninstall$\nmcom.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 69632 C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll ()

[1] 2008-04-14 11:12:02 77824 C:\WINDOWS\ServicePackFiles\i386\nmcom.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 77824 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\nmcom.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:02 77824 C:\WINDOWS\system32\dllcache\nmcom.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll

[1] 2003-03-31 13:00:00 548864 C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll ()

[1] 2004-08-04 18:56:59 991232 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asms\52\msft\windows\net\rtcdll\rtcdll.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:50 991232 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\schannel.dll

[1] 2007-04-26 07:32:22 144896 C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll (Microsoft Corporation)

[1] 2008-12-05 17:58:08 144896 C:\WINDOWS\$hf_mig$\KB960225\SP3QFE\schannel.dll (Microsoft Corporation)

[1] 2009-06-25 19:41:11 147456 C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\schannel.dll (Microsoft Corporation)

[1] 2007-04-26 01:21:15 144896 C:\WINDOWS\$NtServicePackUninstall$\schannel.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 136704 C:\WINDOWS\$NtUninstallKB835732$\schannel.dll ()

[1] 2004-08-04 00:56:46 144896 C:\WINDOWS\$NtUninstallKB935840$\schannel.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:05 144384 C:\WINDOWS\$NtUninstallKB960225$\schannel.dll (Microsoft Corporation)

[1] 2008-12-05 17:54:55 144896 C:\WINDOWS\$NtUninstallKB968389$\schannel.dll (Microsoft Corporation)

[1] 2008-04-14 11:12:05 144384 C:\WINDOWS\ServicePackFiles\i386\schannel.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 144896 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\schannel.dll (Microsoft Corporation)

[1] 2009-06-25 19:25:26 147456 C:\WINDOWS\system32\dllcache\schannel.dll (Microsoft Corporation)

[1] 2009-06-25 19:25:26 147456 C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll

[2] 2004-08-04 00:56:30 757248 C:\WINDOWS\$NtServicePackUninstall$\sprb041b.dll (Microsoft Corporation)

[2] 2004-08-04 00:56:32 732160 C:\WINDOWS\$NtServicePackUninstall$\sprb0424.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:38 2897920 C:\WINDOWS\$NtServicePackUninstall$\xpsp2res.dll (Microsoft Corporation)

[1] 2003-03-06 13:27:38 526848 C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll ()

[1] 2004-03-11 04:59:50 593408 C:\WINDOWS\$NtUninstallKB900725_0$\xpsp2res.dll (Microsoft Corporation)

[2] 2008-04-14 05:38:37 757248 C:\WINDOWS\ServicePackFiles\i386\sprb041b.dll (Microsoft Corporation)

[2] 2008-04-14 05:38:36 732160 C:\WINDOWS\ServicePackFiles\i386\sprb0424.dll (Microsoft Corporation)

[1] 2008-04-14 04:39:24 2897920 C:\WINDOWS\ServicePackFiles\i386\xpsp2res.dll (Microsoft Corporation)

[2] 2004-08-04 18:56:29 757248 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sprb041b.dll (Microsoft Corporation)

[2] 2004-08-04 18:56:30 732160 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sprb0424.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:36 2897920 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xpsp2res.dll (Microsoft Corporation)

[2] 2008-04-14 05:38:37 757248 C:\WINDOWS\system32\dllcache\sprb041b.dll (Microsoft Corporation)

[2] 2008-04-14 05:38:36 732160 C:\WINDOWS\system32\dllcache\sprb0424.dll (Microsoft Corporation)

[1] 2008-04-14 05:38:37 757248 C:\WINDOWS\system32\mui\041b\xpsp2res.dll (Microsoft Corporation)

[1] 2008-04-14 04:39:24 2897920 C:\WINDOWS\system32\mui\041e\xpsp2res.dll (Microsoft Corporation)

[1] 2008-04-14 05:38:36 732160 C:\WINDOWS\system32\mui\0424\xpsp2res.dll (Microsoft Corporation)

[1] 2008-04-14 04:39:24 2897920 C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\dao360.dll

[1] 2008-01-23 15:56:21 554008 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 561179 C:\WINDOWS\$NtServicePackUninstall$\dao360.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 557128 C:\WINDOWS\$NtUninstallKB282010$\dao360.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:16 561179 C:\WINDOWS\$NtUninstallKB837001$\dao360.dll ()

[1] 2004-08-04 00:56:44 561179 C:\WINDOWS\$NtUninstallKB950749$\dao360.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:25 554008 C:\WINDOWS\ServicePackFiles\i386\dao360.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:42 561179 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dao360.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:25 554008 C:\WINDOWS\system32\dllcache\dao360.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll

[1] 2007-12-10 23:41:11 326432 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 319517 C:\WINDOWS\$NtServicePackUninstall$\msexcl40.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 319519 C:\WINDOWS\$NtUninstallKB282010$\msexcl40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:18 319517 C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll ()

[1] 2004-08-04 00:56:44 319517 C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:30 326432 C:\WINDOWS\ServicePackFiles\i386\msexcl40.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 319517 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msexcl40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:30 326432 C:\WINDOWS\system32\dllcache\msexcl40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:30 326432 C:\WINDOWS\system32\msexcl40.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll

[1] 2007-12-10 23:41:11 1516568 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 1507356 C:\WINDOWS\$NtServicePackUninstall$\msjet40.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 1503262 C:\WINDOWS\$NtUninstallKB282010$\msjet40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:18 1507358 C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll ()

[1] 2004-08-04 00:56:44 1507356 C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:34 1516568 C:\WINDOWS\ServicePackFiles\i386\msjet40.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 1507356 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msjet40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:34 1516568 C:\WINDOWS\system32\dllcache\msjet40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:34 1516568 C:\WINDOWS\system32\msjet40.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll

[2] 2004-07-17 11:34:48 358976 C:\WINDOWS\$NtServicePackUninstall$\msjetol1.dll (Microsoft Corporation)

[2] 2003-03-31 13:00:00 348195 C:\WINDOWS\$NtUninstallKB282010$\msjetol1.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 348195 C:\WINDOWS\$NtUninstallKB282010$\msjetoledb40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:20 348193 C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll ()

[2] 2004-03-02 05:52:15 358976 C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll (Microsoft Corporation)

[1] 2004-03-02 05:52:15 358976 C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll (Microsoft Corporation)

[2] 2004-03-02 05:52:15 358976 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msjetol1.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:40 355112 C:\WINDOWS\system32\msjetoledb40.dll ()



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll

[1] 2007-12-10 23:41:12 248608 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 241693 C:\WINDOWS\$NtServicePackUninstall$\msjtes40.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 241695 C:\WINDOWS\$NtUninstallKB282010$\msjtes40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:22 241695 C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll ()

[1] 2004-08-04 00:56:44 241693 C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:42 248608 C:\WINDOWS\ServicePackFiles\i386\msjtes40.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 241693 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msjtes40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:42 248608 C:\WINDOWS\system32\dllcache\msjtes40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:42 248608 C:\WINDOWS\system32\msjtes40.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll

[1] 2007-12-10 23:41:12 355104 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 348189 C:\WINDOWS\$NtServicePackUninstall$\mspbde40.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 348191 C:\WINDOWS\$NtUninstallKB282010$\mspbde40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:22 348189 C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll ()

[1] 2004-08-04 00:56:44 348189 C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:45 355104 C:\WINDOWS\ServicePackFiles\i386\mspbde40.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 348189 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspbde40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:45 355104 C:\WINDOWS\system32\dllcache\mspbde40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:45 355104 C:\WINDOWS\system32\mspbde40.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll

[1] 2007-12-10 23:41:13 559904 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 552989 C:\WINDOWS\$NtServicePackUninstall$\msrepl40.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 552991 C:\WINDOWS\$NtUninstallKB282010$\msrepl40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:26 552989 C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll ()

[1] 2004-08-04 00:56:44 552989 C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:52 559904 C:\WINDOWS\ServicePackFiles\i386\msrepl40.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 552989 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msrepl40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:52 559904 C:\WINDOWS\system32\dllcache\msrepl40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:52 559904 C:\WINDOWS\system32\msrepl40.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll

[1] 2007-12-10 23:41:13 264992 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:44 258077 C:\WINDOWS\$NtServicePackUninstall$\mstext40.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 253983 C:\WINDOWS\$NtUninstallKB282010$\mstext40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:26 258079 C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll ()

[1] 2004-08-04 00:56:44 258077 C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:55 264992 C:\WINDOWS\ServicePackFiles\i386\mstext40.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:43 258077 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mstext40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:55 264992 C:\WINDOWS\system32\dllcache\mstext40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:55 264992 C:\WINDOWS\system32\mstext40.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll

[1] 2007-12-10 23:41:14 355104 C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll (Microsoft Corporation)

[1] 2004-08-04 00:56:46 348189 C:\WINDOWS\$NtServicePackUninstall$\msxbde40.dll (Microsoft Corporation)

[1] 2003-03-31 13:00:00 344095 C:\WINDOWS\$NtUninstallKB282010$\msxbde40.dll (Microsoft Corporation)

[1] 2003-05-12 09:35:28 348189 C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll ()

[1] 2004-08-04 00:56:46 348189 C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:58 355104 C:\WINDOWS\ServicePackFiles\i386\msxbde40.dll (Microsoft Corporation)

[1] 2004-08-04 18:56:44 348189 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msxbde40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:58 355104 C:\WINDOWS\system32\dllcache\msxbde40.dll (Microsoft Corporation)

[1] 2008-03-25 15:50:58 355104 C:\WINDOWS\system32\msxbde40.dll (Microsoft Corporation)





Finished!

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:54 PM

Posted 25 November 2009 - 09:16 AM

Hello MAL123

Welcome to BleepingComputer :(
==========================
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
===========
Download This file. Note its name and save it to your root folder, such as C:\.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "Yes" to begin the scan.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users