Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware and trojan virus


  • This topic is locked This topic is locked
14 replies to this topic

#1 inter1979

inter1979

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:43 AM

Posted 08 November 2010 - 03:06 PM

I have two big issues. Firstly avg keeps on detecting that winlogon.exe has a virus. Secondly I have the dreaded google redirct problem. Let me say i've run Malware bytes deleted all infections still doesnt help either issue. I've run combo fix its stated that its restored the winlogon,exe problem but avg keeps on detecting a virus. I'd appreciate anyones help here. I'll attach my hijack this log to this post.

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 08 November 2010 - 03:51 PM

Good evening. :)

Please follow the instructions here and post accordingly.

So long, and thanks for all the fish.

 

 


#3 inter1979

inter1979
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:43 AM

Posted 08 November 2010 - 08:12 PM

Sorry for not following the rules correctly, here is a detailed look.


DDS (Ver_10-11-08.01) - NTFSx86
Run by Dan at 5:27:49.24 on Tue 11/09/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1024.416 [GMT -5:00]

AV: AVG Anti-Virus Free Edition 2011 *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Logitech\Z Cinema\Z Cinema.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\Dan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [Google Update] "c:\documents and settings\dan\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [nwiz] nwiz.exe /install
mRun: [NVRTCLK] c:\windows\system32\nvrtclk\NVRTClk.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
StartupFolder: c:\docume~1\dan\startm~1\programs\startup\zcinem~1.lnk - c:\docume~1\dan\applic~1\microsoft\installer\{ee885042-228a-446f-a30d-64ecbdc93859}\StartupShortcut_EE885042228A446FA30D64ECBDC93859.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc2~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
IE: Extract Flash Video with Bytescout... - c:\program files\bytescout swf to video scout\flashextract_ie.html
IE: {15678698-8D62-4EA9-B976-B13C10B13C53} - c:\program files\bytescout swf to video scout\flashextract_ie.html
IE: {CB44ABBB-2C8D-4C78-8BCA-0FD078E8269C} - c:\program files\bytescout swf to video scout\flashextract_ie.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1266847827127
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277389406454
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dan\applic~1\mozilla\firefox\profiles\edsk527u.default\
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 249424]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 298448]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-9-10 265400]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-1 54752]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-4-30 10384]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-7-15 35088]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]
R3 ZCinema_TSHD;ZCinema TruSurround HD driver;c:\windows\system32\drivers\ZCinema_SRS_i386.sys [2010-11-8 21392]
S3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [2010-9-23 23608]
S3 DrmRVideo;DrmRVideo;c:\windows\system32\drivers\DrmRVideo.sys [2010-9-23 5688]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2009-8-21 30510960]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-8-21 4639136]
S3 WiselinkPro;SAMSUNG WiselinkPro Service;c:\program files\samsung\samsung pc share manager\wiselinkpro.exe --> c:\program files\samsung\samsung pc share manager\WiselinkPro.exe [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-10-12 133104]

=============== Created Last 30 ================

2010-11-09 07:29:30 98816 ----a-w- c:\windows\sed.exe
2010-11-09 07:29:30 89088 ----a-w- c:\windows\MBR.exe
2010-11-09 07:29:30 256512 ----a-w- c:\windows\PEV.exe
2010-11-09 07:29:30 161792 ----a-w- c:\windows\SWREG.exe
2010-11-09 07:17:24 -------- d-----w- c:\program files\SpywareBlaster
2010-11-09 06:45:58 -------- d-----w- C:\VundoFix Backups
2010-11-09 04:19:22 -------- d-----w- C:\temp
2010-11-08 14:01:30 388096 ----a-r- c:\docume~1\dan\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-11-08 14:01:30 -------- d-----w- c:\program files\Trend Micro
2010-11-08 13:57:00 65536 ----a-r- c:\docume~1\dan\applic~1\microsoft\installer\{ee885042-228a-446f-a30d-64ecbdc93859}\NewShortcut3_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:57:00 172032 ----a-r- c:\docume~1\dan\applic~1\microsoft\installer\{ee885042-228a-446f-a30d-64ecbdc93859}\StartupShortcut_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:57:00 172032 ----a-r- c:\docume~1\dan\applic~1\microsoft\installer\{ee885042-228a-446f-a30d-64ecbdc93859}\ProgramMenuShortcu_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:57:00 172032 ----a-r- c:\docume~1\dan\applic~1\microsoft\installer\{ee885042-228a-446f-a30d-64ecbdc93859}\DesktopShortcut_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:56:17 75024 ----a-w- c:\windows\system32\ZCinemaCoinst_i386.dll
2010-11-08 13:56:17 52624 ----a-w- c:\windows\system32\drivers\tshd4_kern_i386.sys
2010-11-08 13:56:17 21392 ----a-w- c:\windows\system32\drivers\ZCinema_SRS_i386.sys
2010-11-05 19:12:45 -------- d-----w- C:\$AVG
2010-11-05 19:11:58 -------- d-----w- c:\docume~1\dan\applic~1\AVG10
2010-11-05 19:09:05 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2010-11-05 19:05:09 -------- d-----w- c:\windows\system32\drivers\AVG
2010-11-05 19:05:09 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2010-11-05 18:52:23 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2010-11-01 21:49:37 -------- d-----w- c:\docume~1\dan\applic~1\Ozzaug
2010-11-01 21:49:37 -------- d-----w- c:\docume~1\dan\applic~1\Otmua
2010-11-01 15:32:58 -------- d-----w- C:\6d60c440dace507cdf1104a033d7
2010-11-01 15:32:55 -------- d-----w- C:\52fb8ea56ffb8e1ff36f24
2010-10-27 21:13:58 -------- d-----w- c:\docume~1\dan\applic~1\Ucba
2010-10-25 16:44:06 -------- d-----w- c:\program files\tmp

==================== Find3M ====================

2010-09-08 16:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 16:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts

============= FINISH: 5:28:28.81 ===============

Attached Files



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 09 November 2010 - 02:27 PM

Good evening. :)

It's no so much not that you didn't follow "the rules", it's the lack of usable info that it results in.

We'll start with an online scan and see if we can isolate the nasty that you have.

Pay a visit to the ESET Online Scanner.
  • Click the ESET Online Scanner button, read the info in the new window, check the appropriate box and click Start.
  • Accept the ActiveX download, and allow it to install.
  • Once this has been completed, you will see the Computer Scan settings page - ensure that you uncheck the "Remove found threats" box and then click Start.
  • The virus signature database will now need to be downloaded, so don't forget to instruct your firewall to permit it if it asks.
  • The above will take a little time, so now is a good time to fire up the kettle and open the biccies.
  • Once the scan has completed you will be shown the results - assuming that the scanner has found anything.
  • Click List of found threats and then Export to text file... and save the log somewhere convenient.
  • You can then close out the scanner - don't bother uninstalling it as you may need to use it again.
  • Please post the contents of this file in your next reply, or let me know that nothing was identified.

It may also help if you can tell me exactly what AVG is finding - the full filename(s) and filepath(s) if you would be so kind.

So long, and thanks for all the fish.

 

 


#5 inter1979

inter1979
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:43 AM

Posted 09 November 2010 - 06:43 PM

Ok attached are the findings. Also avg is detecting a threat with c:windows\system32\winlogon.exe virus identified win32/patched.fr


C:\Documents and Settings\All Users\Documents\Server\hlp.dat Win32/Bamital.EQ trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Application Data\Xioli\reusq.exe.vir Win32/Spy.Zbot.ZR trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Start Menu\Programs\Startup\logtec32.exe.vir a variant of Win32/Kryptik.HVT trojan
C:\Qoobox\Quarantine\C\WINDOWS\explorer.exe.vir Win32/Bamital.EQ trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\qtplugin.exe.vir Win32/Spammy.AA trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\winlogon.exe.vir Win32/Bamital.EQ trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\config\systemprofile\Application Data\Fywynu\paek.exe.vir a variant of Win32/Kryptik.HWP trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\MSIVXltpkctvppfaiydvrdqpucjyevvmrufkq.sys.vir a variant of Win32/Kryptik.TV trojan
C:\System Volume Information\_restore{D19FE2B7-3C11-43FA-80A2-5504C2E15745}\RP8\A0021473.exe Win32/Bamital.EQ trojan
C:\WINDOWS\explorer.exe Win32/Bamital.EQ trojan
C:\WINDOWS\system32\winlogon.exe Win32/Bamital.EQ trojan
Operating memory Win32/Bamital.EQ trojan

Attached Files


Edited by Noviciate, 10 November 2010 - 02:34 PM.


#6 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 10 November 2010 - 02:35 PM

Good evening. :)

Please download SystemLook by jpshortstuff from one of the links below and save it to your Desktop:

  • Linky #1
  • Linky #2

  • Double-click SystemLook.exe to run it.
  • Copy the contents of the following codebox into the main textfield:


    :filefind
    explorer.*
    winlogon.*
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan - the log can also be found on your Desktop entitled SystemLook.txt
  • Please post the contents of this log in your next reply.

So long, and thanks for all the fish.

 

 


#7 inter1979

inter1979
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:43 AM

Posted 10 November 2010 - 04:48 PM

SystemLook 04.09.10 by jpshortstuff
Log created at 04:45 on 11/11/2010 by Dan
Administrator - Elevation successful

========== filefind ==========

Searching for "explorer.* "
C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip --a---- 20394 bytes [01:15 04/06/2009] [01:15 04/06/2009] B469409C2B2A33C542190B720E11BD79
C:\Program Files\Styler\TB\skins\Styler's\SevenVG RTM\explorer.png --a--c- 5412 bytes [13:51 29/08/2009] [20:43 10/08/2009] FCF4215ECF640E464365DA549CD71FFE
C:\Qoobox\Quarantine\C\WINDOWS\explorer.exe.vir --a---- 1033728 bytes [12:00 31/03/2003] [00:12 14/04/2008] D2512363C9FAE368962169EECB9B1559
C:\WINDOWS\explorer.exe --a---- 1033728 bytes [12:00 31/03/2003] [00:12 14/04/2008] 78C81C0596C3BEA41B1032FA9860201D
C:\WINDOWS\explorer.scf --a--c- 80 bytes [12:00 31/03/2003] [12:00 31/03/2003] A3975A7D2C98B30A2AE010754FFB9392
C:\WINDOWS\$NtServicePackUninstall$\explorer.exe -----c- 1032192 bytes [16:28 24/06/2010] [07:56 04/08/2004] A0732187050030AE399B241436565E64
C:\WINDOWS\ERDNT\cache\explorer.exe --a---- 1033728 bytes [14:25 18/01/2010] [00:12 14/04/2008] 12896823FB95BFB3DC9B46BCAEDC9923
C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf --a---- 116148 bytes [01:10 15/10/2010] [03:35 30/10/2010] C9DC242B61F8319A6D09DB0F8E6BC17D
C:\WINDOWS\ServicePackFiles\i386\explorer.exe ------- 1033728 bytes [07:56 04/08/2004] [00:12 14/04/2008] 12896823FB95BFB3DC9B46BCAEDC9923
C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\explorer.exe --a---- 1033728 bytes [14:34 01/05/2009] [00:12 14/04/2008] 12896823FB95BFB3DC9B46BCAEDC9923

Searching for "winlogon.*"
C:\Qoobox\Quarantine\C\WINDOWS\system32\winlogon.exe.vir --a---- 507904 bytes [12:00 31/03/2003] [00:12 14/04/2008] B14174F6A00A3F4E26271526AE28CA14
C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe -----c- 502272 bytes [16:27 24/06/2010] [07:56 04/08/2004] 01C3346C241652F43AED8E2149881BFE
C:\WINDOWS\ERDNT\cache\winlogon.exe --a--c- 507904 bytes [14:25 18/01/2010] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\ServicePackFiles\i386\winlogon.exe ------- 507904 bytes [07:56 04/08/2004] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\winlogon.exe --a---- 507904 bytes [14:36 01/05/2009] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\system32\winlogon.exe --a---- 507904 bytes [12:00 31/03/2003] [00:12 14/04/2008] B72755BA4E19923730E3F2E981507991

-= EOF =-

#8 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 11 November 2010 - 02:56 PM

Good evening. :)

For this next tool to run effectively you need to uninstall your anti-virus temporarily. Unfortunately AVG doesn't play nicely with ComboFix and it may cause the tool to fail due to incorrect detections.
Once the tool has completed you can reinstall AVG. If you don't have the installation file handy I suggest you download a fresh copy before you begin.


Take a trip to this webpage for download links and instructions for running Combofix by sUBs.*
  • Please be aware that this tool may require the PC to be rebooted so close any programs you have open before you start.
  • When CF has finished, it will produce a log - C:\ComboFix.txt - copy and paste it into your next reply.
  • Let me know how the PC is behaving.
* There are two points to note from the instructions page:

1) The Recovery Console.

It is recommended that you install this as, in certain circumstances, it may be the difference between a successful repair and a reformat. If you are uncertain as to whether or not you already have the Recovery Console installed, simply run CF and it will prompt you if it does not detect it.
CF will complete some, but not all, of it's removal tasks without the installation of the Console so, should you choose not to allow the installation, you may not get the results you hoped for.

2) Disabling your Anti-Virus.

CF has been the victim of false-positive detections on occasion and a resident AV may incorrectly identify and delete part of the tool which won't do it much good. If you don't disable your AV, you may not get the results you hoped for either.

So long, and thanks for all the fish.

 

 


#9 inter1979

inter1979
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:43 AM

Posted 11 November 2010 - 06:40 PM

After running combofix google doesnt seem to be redirtecting anymore. I erased AVG so obvioulsy i dont know if winlogon.exe is restored although during combofix it did state winlogon was restored. Anyways here is the log from combofix


ComboFix 10-11-11.01 - Dan 11/12/2010 6:18.8.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1024.647 [GMT -5:00]
Running from: c:\documents and settings\Dan\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

Infected copy of c:\windows\system32\winlogon.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\winlogon.exe

Infected copy of c:\windows\explorer.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\explorer.exe

.
((((((((((((((((((((((((( Files Created from 2010-10-12 to 2010-11-12 )))))))))))))))))))))))))))))))
.

2010-11-11 12:26 . 2010-11-11 12:26 -------- d-----w- c:\documents and settings\Dan\Local Settings\Application Data\Ahead
2010-11-11 12:22 . 2010-11-11 12:22 -------- d-----w- c:\documents and settings\Dan\Application Data\Ahead
2010-11-11 12:18 . 2010-11-11 12:20 -------- d-----w- c:\program files\Common Files\Ahead
2010-11-11 12:18 . 2010-11-11 12:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-11-11 12:18 . 2010-11-11 12:18 -------- d-----w- c:\program files\Nero
2010-11-10 13:47 . 2010-11-10 13:47 -------- d-----w- c:\program files\DVD Decrypter
2010-11-10 13:45 . 2010-11-10 13:45 -------- d-----w- c:\program files\DVD Shrink
2010-11-10 13:24 . 2010-11-10 13:24 -------- d-----w- c:\documents and settings\Dan\Application Data\NeroVision
2010-11-10 13:03 . 2010-11-10 13:03 -------- d-----w- c:\program files\BurnAware Free
2010-11-10 10:27 . 2010-11-10 10:27 -------- d-----w- c:\program files\ESET
2010-11-09 10:52 . 2010-11-09 10:52 3584 ----a-r- c:\documents and settings\Dan\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2010-11-09 07:17 . 2010-11-09 07:17 -------- d-----w- c:\program files\SpywareBlaster
2010-11-09 06:45 . 2010-11-09 06:45 -------- d-----w- C:\VundoFix Backups
2010-11-09 04:19 . 2010-11-09 04:19 -------- d-----w- C:\temp
2010-11-08 14:01 . 2010-11-08 14:01 -------- d-----w- c:\program files\Trend Micro
2010-11-08 13:57 . 2010-11-08 13:57 -------- d-----w- c:\documents and settings\Dan\Application Data\Leadertech
2010-11-08 13:57 . 2010-11-08 13:57 65536 ----a-r- c:\documents and settings\Dan\Application Data\Microsoft\Installer\{EE885042-228A-446F-A30D-64ECBDC93859}\NewShortcut3_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:57 . 2010-11-08 13:57 172032 ----a-r- c:\documents and settings\Dan\Application Data\Microsoft\Installer\{EE885042-228A-446F-A30D-64ECBDC93859}\StartupShortcut_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:57 . 2010-11-08 13:57 172032 ----a-r- c:\documents and settings\Dan\Application Data\Microsoft\Installer\{EE885042-228A-446F-A30D-64ECBDC93859}\ProgramMenuShortcu_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:57 . 2010-11-08 13:57 172032 ----a-r- c:\documents and settings\Dan\Application Data\Microsoft\Installer\{EE885042-228A-446F-A30D-64ECBDC93859}\DesktopShortcut_EE885042228A446FA30D64ECBDC93859.exe
2010-11-08 13:56 . 2007-08-14 00:23 21392 ----a-w- c:\windows\system32\drivers\ZCinema_SRS_i386.sys
2010-11-08 13:56 . 2007-08-14 00:22 75024 ----a-w- c:\windows\system32\ZCinemaCoinst_i386.dll
2010-11-08 13:56 . 2007-08-14 00:22 52624 ----a-w- c:\windows\system32\drivers\tshd4_kern_i386.sys
2010-11-05 19:11 . 2010-11-05 19:11 -------- d-----w- c:\documents and settings\Dan\Application Data\AVG10
2010-11-05 19:09 . 2010-11-05 19:09 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2010-11-05 19:05 . 2010-11-12 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2010-11-05 18:52 . 2010-11-05 19:04 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2010-11-01 21:49 . 2010-11-05 19:45 -------- d-----w- c:\documents and settings\Dan\Application Data\Ozzaug
2010-11-01 21:49 . 2010-11-05 18:59 -------- d-----w- c:\documents and settings\Dan\Application Data\Otmua
2010-11-01 15:32 . 2010-11-01 15:33 -------- d-----w- C:\6d60c440dace507cdf1104a033d7
2010-11-01 15:32 . 2010-11-01 16:41 -------- d-----w- C:\52fb8ea56ffb8e1ff36f24
2010-10-30 15:30 . 2010-10-30 15:31 -------- d-----w- c:\documents and settings\Administrator
2010-10-27 21:13 . 2010-10-29 22:22 -------- d-----w- c:\documents and settings\Dan\Application Data\Ucba
2010-10-25 16:44 . 2010-11-04 15:00 -------- d-----w- c:\program files\tmp
2010-10-25 16:43 . 2010-10-25 17:09 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Etylu

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-08 08:14 . 2009-04-30 22:05 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2010-09-11 13:14 . 2010-09-24 02:53 5688 ----a-w- c:\windows\system32\drivers\DrmRVideo.sys
2010-09-11 13:14 . 2010-09-24 02:53 23608 ----a-w- c:\windows\system32\drivers\DrmRAudio.sys
2010-09-08 16:42 . 2010-09-08 16:42 37920 ----a-w- c:\windows\system32\drivers\tbhsd.sys
2010-09-08 16:17 . 2010-09-08 16:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 16:17 . 2010-09-08 16:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
.

((((((((((((((((((((((((((((( SnapShot_2010-10-04_23.15.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-19 01:47 . 2009-01-31 01:35 38400 c:\windows\system32\wpdshextres.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 38400 c:\windows\system32\wpdshextres.dll
- 2006-10-19 00:00 . 2006-10-19 00:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-19 00:00 . 2009-01-30 22:21 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-19 01:47 . 2009-01-31 01:35 63488 c:\windows\system32\wpdmtpus.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 35840 c:\windows\system32\wpdconns.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 35840 c:\windows\system32\wpdconns.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 99840 c:\windows\system32\wmpshell.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 99840 c:\windows\system32\wmpshell.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 37376 c:\windows\system32\wmdmps.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 37376 c:\windows\system32\wmdmps.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 33792 c:\windows\system32\wmdmlog.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 33792 c:\windows\system32\wmdmlog.dll
+ 2010-11-09 07:26 . 2006-09-25 22:58 14640 c:\windows\system32\spmsg.dll
+ 2010-11-08 13:56 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\wdmaud.drv
+ 2010-11-08 13:56 . 2008-04-13 18:45 60032 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\USBAUDIO.sys
+ 2010-11-08 13:56 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\stream.sys
+ 2010-11-08 13:56 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\drmk.sys
+ 2003-03-31 12:00 . 2010-11-01 16:13 60724 c:\windows\system32\perfc009.dat
+ 2007-05-16 14:18 . 2007-05-16 14:18 95864 c:\windows\system32\NeroCo.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2004-08-04 07:56 . 2009-01-31 01:33 27136 c:\windows\system32\mspmsnsv.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 11264 c:\windows\system32\LAPRXY.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 11264 c:\windows\system32\LAPRXY.dll
+ 2010-11-08 13:56 . 2007-08-14 00:22 75024 c:\windows\system32\DRVSTORE\ZCinema_XP_8764BAC9F7221050D28829591F1173F49FC750A4\ZCinemaCoinst_i386.dll
+ 2010-11-08 13:56 . 2007-08-14 00:23 21392 c:\windows\system32\DRVSTORE\ZCinema_XP_8764BAC9F7221050D28829591F1173F49FC750A4\ZCinema_SRS_i386.sys
+ 2010-11-08 13:56 . 2007-08-14 00:22 52624 c:\windows\system32\DRVSTORE\ZCinema_XP_8764BAC9F7221050D28829591F1173F49FC750A4\tshd4_kern_i386.sys
- 2006-10-19 00:00 . 2006-10-19 00:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2006-10-19 00:00 . 2009-01-30 22:20 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2010-02-04 21:36 . 2010-04-29 20:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2010-02-04 21:36 . 2010-01-07 21:07 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2010-02-04 21:36 . 2010-04-29 20:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2007-06-25 13:47 . 2007-06-25 13:47 38440 c:\windows\system32\drivers\InCDRm.sys
+ 2007-06-25 13:47 . 2007-06-25 13:47 16040 c:\windows\system32\drivers\InCDrec.sys
+ 2007-06-25 13:47 . 2007-06-25 13:47 36776 c:\windows\system32\drivers\InCDPass.sys
+ 2007-07-04 00:10 . 2007-07-04 00:10 11304 c:\windows\system32\drivers\imagedrv.sys
+ 2009-04-29 23:14 . 2009-01-31 01:30 64512 c:\windows\system32\dllcache\wmplayer.exe
+ 2004-08-04 07:56 . 2009-01-31 01:34 96256 c:\windows\system32\dllcache\wmpband.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 96256 c:\windows\system32\dllcache\wmpband.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 41472 c:\windows\system32\dllcache\wmipsess.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 62464 c:\windows\system32\dllcache\wmipjobj.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 61952 c:\windows\system32\dllcache\wmipiprt.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 60928 c:\windows\system32\dllcache\wmicookr.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\wmiaprpl.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 43008 c:\windows\system32\dllcache\wbemperf.dll
+ 2010-02-24 18:59 . 2008-04-13 18:45 60032 c:\windows\system32\dllcache\usbaudio.sys
+ 2009-04-29 23:13 . 2008-04-14 00:12 86528 c:\windows\system32\dllcache\stdprov.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\startoc.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\sstub.dll
+ 2003-03-31 12:00 . 2008-04-13 16:43 62976 c:\windows\system32\dllcache\spgrmr.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\sniffpol.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\ocmsn.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ocgen.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 62976 c:\windows\system32\dllcache\ntoc.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 77312 c:\windows\system32\dllcache\netoc.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\ndisnpp.dll
+ 2009-04-29 23:15 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\msobweb.dll
+ 2009-04-29 23:15 . 2008-04-14 00:12 30720 c:\windows\system32\dllcache\msobshel.dll
+ 2009-04-29 23:15 . 2008-04-14 00:12 16384 c:\windows\system32\dllcache\msobdl.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 39936 c:\windows\system32\dllcache\mslwvtts.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 15360 c:\windows\system32\dllcache\msgrocm.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 90112 c:\windows\system32\dllcache\msdtcstp.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 19968 c:\windows\system32\dllcache\log.dll
+ 2009-04-29 23:13 . 2008-04-14 00:11 24576 c:\windows\system32\dllcache\krnlprov.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 32828 c:\windows\system32\dllcache\fp40ext.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 21504 c:\windows\system32\dllcache\evntrprv.dll
+ 2010-06-24 15:47 . 2008-04-13 16:44 17920 c:\windows\system32\dllcache\cobramsg.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 25471 c:\windows\system32\dllcache\atv04nt5.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 24064 c:\windows\system32\dllcache\agtintl.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 20480 c:\windows\system32\dllcache\agt0c0a.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0816.dll
+ 2009-04-29 20:07 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt041f.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt041d.dll
+ 2009-04-29 20:07 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0419.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 20480 c:\windows\system32\dllcache\agt0416.dll
+ 2009-04-29 20:07 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0415.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt0414.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0413.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 20992 c:\windows\system32\dllcache\agt0410.dll
+ 2009-04-29 20:07 . 2007-04-02 18:26 19968 c:\windows\system32\dllcache\agt040e.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 21504 c:\windows\system32\dllcache\agt040c.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt040b.dll
+ 2003-03-31 12:00 . 2008-04-13 17:32 19968 c:\windows\system32\dllcache\agt0409.dll
+ 2009-04-29 20:07 . 2007-04-02 18:26 22016 c:\windows\system32\dllcache\agt0408.dll
+ 2003-03-31 12:00 . 2007-04-02 18:26 21504 c:\windows\system32\dllcache\agt0407.dll
+ 2003-03-31 12:00 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0406.dll
+ 2009-04-29 20:07 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0405.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 44032 c:\windows\system32\dllcache\agentsr.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 24064 c:\windows\system32\dllcache\agentpsh.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 49152 c:\windows\system32\dllcache\agentmpx.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 57344 c:\windows\system32\dllcache\agentdpv.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 24064 c:\windows\system32\dllcache\agentanm.dll
- 2009-04-29 23:18 . 2010-06-27 15:12 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-29 23:18 . 2010-10-25 16:44 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2010-10-18 21:55 . 2010-10-18 21:55 21504 c:\windows\Installer\2a271e.msi
+ 2008-07-29 22:27 . 2008-07-29 22:27 93184 c:\windows\Installer\29ee97.msi
+ 2010-11-11 12:20 . 2010-11-11 12:20 25214 c:\windows\Installer\{CF097717-F174-4144-954A-FBC4BF301033}\ARPPRODUCTICON.exe
+ 2009-05-06 02:02 . 2010-11-09 04:52 25214 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A71000000002}\SC_Reader.exe
- 2009-05-06 02:02 . 2009-05-06 02:02 25214 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A71000000002}\SC_Reader.exe
+ 2010-11-05 20:02 . 2010-11-05 20:02 49152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\df12a812e3df2743aecf4ae8ac8ae347\WindowsLiveWriter.ni.exe
+ 2010-11-05 20:02 . 2010-11-05 20:02 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\91e3883e30639b4cbddb02edb5b2de18\WiaProxy32.ni.exe
+ 2010-11-05 20:00 . 2010-11-05 20:00 22528 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.StylusR#\c28f582f1b2dfa4e8062f6781642339d\PaintDotNet.StylusReader.ni.dll
+ 2010-11-05 20:27 . 2010-11-05 20:27 48128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\adfd27410039fa44a027464f72abcc81\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2010-11-05 19:47 . 2010-11-05 19:47 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\9669adff8b608148ae83935d8895ccb7\Microsoft.VisualC.ni.dll
+ 2010-11-05 20:25 . 2010-11-05 20:25 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\75b9a80209614849b5f271db51d63d2b\Microsoft.Office.InfoPath.Permission.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 81920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\1707b2f980b6de4b865e7b5df018f74d\Microsoft.Build.Framework.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 38400 c:\windows\assembly\NativeImages_v2.0.50727_32\ipdmctrl\579c800093f67245bde272fae1305615\ipdmctrl.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 15360 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6e76d7263025424ea1b4085837b76a87\dfsvc.ni.exe
+ 2010-11-05 19:36 . 2010-11-05 19:36 26624 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\6688deb0aaa5984aa6d13f31c4997369\Accessibility.ni.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 86016 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 86016 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 86016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 65536 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 36864 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 77824 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 86016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 53248 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 36864 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 49152 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 65536 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 81920 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 77824 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 40960 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 22016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.v9.0.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Outlook.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Outlook.v9.0.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 73728 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 73728 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 36864 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 36864 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 68608 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 68608 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-11-01 16:11 . 2010-11-01 16:11 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2004-08-04 07:56 . 2009-01-31 01:35 4096 c:\windows\system32\wmvdmoe2.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 4096 c:\windows\system32\wmvdmoe2.dll
+ 2003-03-31 12:00 . 2009-01-31 01:35 4096 c:\windows\system32\wmvdmod.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 4096 c:\windows\system32\wmvdmod.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-19 01:47 . 2009-01-31 01:34 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-19 01:47 . 2009-01-31 01:34 4096 c:\windows\system32\WMVADVD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\WMVADVD.dll
+ 2004-08-04 07:56 . 2009-01-31 01:34 4096 c:\windows\system32\wmsdmoe2.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 4096 c:\windows\system32\wmsdmoe2.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 4096 c:\windows\system32\wmsdmod.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 4096 c:\windows\system32\wmsdmod.dll
+ 2006-10-19 01:58 . 2009-02-03 01:01 8704 c:\windows\system32\wdfmgr.exe
- 2006-10-19 01:58 . 2006-10-19 01:58 8704 c:\windows\system32\wdfmgr.exe
- 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\wdfapi.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 4096 c:\windows\system32\wdfapi.dll
- 2006-10-19 01:58 . 2006-10-19 01:58 8704 c:\windows\system32\uwdf.exe
+ 2006-10-19 01:58 . 2009-02-03 01:01 8704 c:\windows\system32\uwdf.exe
+ 2010-11-08 13:56 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\ksuser.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 4096 c:\windows\system32\MPG4DMOD.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-04 07:56 . 2009-01-31 01:33 4096 c:\windows\system32\MP4SDMOD.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-04 07:56 . 2009-01-31 01:33 4096 c:\windows\system32\MP43DMOD.dll
+ 2009-04-29 23:13 . 2008-04-13 17:10 6656 c:\windows\system32\dllcache\wmiapres.dll
+ 2004-08-04 06:07 . 2008-04-13 18:36 5888 c:\windows\system32\dllcache\smbali.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 3901 c:\windows\system32\dllcache\siint5.dll
+ 2003-03-31 12:00 . 2003-03-31 12:00 3456 c:\windows\system32\dllcache\oprghdlr.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 3775 c:\windows\system32\dllcache\adv11nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3711 c:\windows\system32\dllcache\adv09nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3135 c:\windows\system32\dllcache\adv08nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3647 c:\windows\system32\dllcache\adv07nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3615 c:\windows\system32\dllcache\adv05nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3967 c:\windows\system32\dllcache\adv02nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 4255 c:\windows\system32\dllcache\adv01nt5.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 7168 c:\windows\system32\asferror.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 7168 c:\windows\system32\asferror.dll
+ 2009-04-30 22:05 . 2010-11-08 08:14 4150 c:\windows\Installer\{B376402D-58EA-45EA-BD50-DD924EB67A70}\hpmd.exe
- 2009-04-30 22:05 . 2009-04-30 22:05 4150 c:\windows\Installer\{B376402D-58EA-45EA-BD50-DD924EB67A70}\hpmd.exe
- 2009-04-30 01:47 . 2009-04-30 01:47 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-04-30 01:47 . 2009-04-30 01:47 5632 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 5632 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 114176 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 114176 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2007-04-23 21:42 . 2007-04-23 21:42 972336 c:\windows\UNRecode.exe
+ 2007-06-26 19:12 . 2007-06-26 19:12 972072 c:\windows\UNNeroVision.exe
+ 2007-02-28 21:41 . 2007-02-28 21:41 972336 c:\windows\UNNeroShowTime.exe
+ 2007-06-28 00:05 . 2007-06-28 00:05 972072 c:\windows\UNNeroMediaHome.exe
+ 2007-03-21 02:22 . 2007-03-21 02:22 972336 c:\windows\UNNeroBackItUp.exe
- 2006-10-19 01:47 . 2006-10-19 01:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 133632 c:\windows\system32\WPDShServiceObj.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 154624 c:\windows\system32\wpdmtp.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 154624 c:\windows\system32\wpdmtp.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 629760 c:\windows\system32\wpd_ci.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 767488 c:\windows\system32\WMVSENCD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 204288 c:\windows\system32\wmpsrcwp.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 130048 c:\windows\system32\wmpps.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 130048 c:\windows\system32\wmpps.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 613376 c:\windows\system32\wmpmde.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 295936 c:\windows\system32\wmpeffects.dll
- 2006-10-19 01:47 . 2008-06-24 22:12 295936 c:\windows\system32\wmpeffects.dll
+ 2004-08-04 07:56 . 2009-01-31 01:34 211456 c:\windows\system32\wmpasf.dll
- 2003-03-31 12:00 . 2008-06-18 10:03 938496 c:\windows\system32\WMNetmgr.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 938496 c:\windows\system32\WMNetMgr.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 157184 c:\windows\system32\wmidx.dll
+ 2004-08-04 07:56 . 2009-01-31 01:34 157184 c:\windows\system32\wmidx.dll
+ 2004-08-04 07:56 . 2009-01-31 01:34 227328 c:\windows\system32\wmerror.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 227328 c:\windows\system32\wmerror.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 535040 c:\windows\system32\wmdrmsdk.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 348672 c:\windows\system32\wmdrmnet.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 348672 c:\windows\system32\wmdrmnet.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 429056 c:\windows\system32\wmdrmdev.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 222208 c:\windows\system32\WMASF.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 757248 c:\windows\system32\wmadmod.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 757248 c:\windows\system32\WMADMOD.dll
- 2009-04-30 02:18 . 2004-07-09 13:43 364544 c:\windows\system32\TwnLib4.dll
+ 2004-07-09 14:43 . 2004-07-09 14:43 364544 c:\windows\system32\TwnLib4.dll
+ 2006-08-24 21:15 . 2006-08-24 21:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2010-11-08 13:56 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\portcls.sys
+ 2010-11-08 13:56 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\ks.sys
- 2003-03-31 12:00 . 2006-10-19 01:47 211456 c:\windows\system32\qasf.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 211456 c:\windows\system32\qasf.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 199168 c:\windows\system32\PortableDeviceWMDRM.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 166912 c:\windows\system32\PortableDeviceTypes.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 254976 c:\windows\system32\PortableDeviceApi.dll
+ 2003-03-31 12:00 . 2010-11-01 16:13 400296 c:\windows\system32\perfh009.dat
+ 2003-03-31 12:00 . 2009-01-31 01:33 321536 c:\windows\system32\mswmdm.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 321536 c:\windows\system32\mswmdm.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 414720 c:\windows\system32\msscp.dll
- 2003-03-31 12:00 . 2006-12-04 20:21 414720 c:\windows\system32\msscp.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 175616 c:\windows\system32\mspmsp.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 175616 c:\windows\system32\mspmsp.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 179712 c:\windows\system32\msnetobj.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 179712 c:\windows\system32\msnetobj.dll
+ 2006-10-19 01:47 . 2009-01-31 01:33 259072 c:\windows\system32\MPG4DECD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 259072 c:\windows\system32\MPG4DECD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-19 01:47 . 2009-01-31 01:33 317440 c:\windows\system32\MP4SDECD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-10-19 01:47 . 2009-01-31 01:33 259072 c:\windows\system32\MP43DECD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 212992 c:\windows\system32\MFPLAT.dll
+ 2006-10-19 01:47 . 2009-01-31 01:33 212992 c:\windows\system32\MFPLAT.dll
+ 2010-11-11 09:43 . 2010-11-11 09:43 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
+ 2010-11-11 09:43 . 2010-11-11 09:43 311248 c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.dll
- 2003-03-31 12:00 . 2008-06-18 06:09 100864 c:\windows\system32\logagent.exe
+ 2003-03-31 12:00 . 2009-01-30 22:37 100864 c:\windows\system32\logagent.exe
- 2009-04-30 02:18 . 2004-07-26 21:16 471040 c:\windows\system32\ImagXRA7.dll
+ 2004-07-26 22:16 . 2004-07-26 22:16 471040 c:\windows\system32\imagXRA7.dll
- 2009-04-30 02:18 . 2004-07-26 21:16 262144 c:\windows\system32\ImagXR7.dll
+ 2004-07-26 22:16 . 2004-07-26 22:16 262144 c:\windows\system32\imagXR7.dll
- 2009-04-30 02:18 . 2004-07-26 21:16 476320 c:\windows\system32\ImagXpr7.dll
+ 2004-07-26 22:16 . 2004-07-26 22:16 476320 c:\windows\system32\imagXpr7.dll
- 2003-02-28 14:10 . 2003-03-09 20:31 274432 c:\windows\system32\hpgwiamd.dll
+ 2003-02-28 15:10 . 2003-02-28 15:10 274432 c:\windows\system32\hpgwiamd.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 991744 c:\windows\system32\drmv2clt.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 991744 c:\windows\system32\drmv2clt.dll
- 2006-10-19 00:00 . 2006-10-19 00:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-10-19 00:00 . 2009-01-30 22:23 249856 c:\windows\system32\drmupgds.exe
- 2006-10-19 01:47 . 2006-10-19 01:47 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2007-06-25 13:47 . 2007-06-25 13:47 119080 c:\windows\system32\drivers\InCDfs.sys
+ 2007-07-04 00:10 . 2007-07-04 00:10 132904 c:\windows\system32\drivers\imagesrv.sys
- 2008-06-18 10:03 . 2008-06-18 10:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2008-06-18 10:03 . 2009-01-31 01:34 938496 c:\windows\system32\dllcache\WMNetMgr.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 132096 c:\windows\system32\dllcache\wmipdskq.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 140800 c:\windows\system32\dllcache\wmidcprv.dll
+ 2010-06-24 14:29 . 2009-01-31 01:34 222208 c:\windows\system32\dllcache\WMASF.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 197120 c:\windows\system32\dllcache\wbemupgd.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 196608 c:\windows\system32\dllcache\wbemcntl.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 131584 c:\windows\system32\dllcache\viewprov.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 130048 c:\windows\system32\dllcache\tsoc.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 279040 c:\windows\system32\dllcache\tshoot.dll
+ 2010-06-24 15:46 . 2008-04-14 00:12 173568 c:\windows\system32\dllcache\sysmoda.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 193024 c:\windows\system32\dllcache\sysmod.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 110592 c:\windows\system32\dllcache\sqlse20.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 462848 c:\windows\system32\dllcache\sqlqp20.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 151552 c:\windows\system32\dllcache\sqldb20.dll
+ 2010-06-24 15:46 . 2008-04-13 18:40 576512 c:\windows\system32\dllcache\sprc0424.dll
+ 2010-06-24 15:46 . 2008-04-13 18:40 577536 c:\windows\system32\dllcache\sprc041b.dll
+ 2004-08-04 07:56 . 2008-04-13 18:38 732160 c:\windows\system32\dllcache\sprb0424.dll
+ 2004-08-04 07:56 . 2008-04-13 18:38 757248 c:\windows\system32\dllcache\sprb041b.dll
+ 2004-08-04 07:56 . 2008-04-13 18:35 192512 c:\windows\system32\dllcache\spra0424.dll
+ 2004-08-04 07:56 . 2008-04-13 18:35 192512 c:\windows\system32\dllcache\spra041b.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 130048 c:\windows\system32\dllcache\softkbd.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 101376 c:\windows\system32\dllcache\setupqry.dll
+ 2010-06-24 15:46 . 2008-04-14 00:12 199680 c:\windows\system32\dllcache\scripta.dll
+ 2003-03-31 12:00 . 2008-04-14 00:12 215552 c:\windows\system32\dllcache\script.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 237056 c:\windows\system32\dllcache\provthrd.dll
+ 2009-04-29 23:14 . 2008-04-14 00:12 102912 c:\windows\system32\dllcache\pchshell.dll
+ 2004-08-04 07:56 . 2008-04-13 18:40 408576 c:\windows\system32\dllcache\obrb0424.dll
+ 2004-08-04 07:56 . 2008-04-13 18:40 405504 c:\windows\system32\dllcache\obrb041b.dll
+ 2009-04-29 23:13 . 2008-04-14 00:12 212992 c:\windows\system32\dllcache\ntevt.dll
+ 2009-04-29 23:14 . 2008-04-14 00:12 565248 c:\windows\system32\dllcache\msobmain.dll
+ 2009-04-29 23:14 . 2008-04-14 00:12 122368 c:\windows\system32\dllcache\msobcomm.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 220160 c:\windows\system32\dllcache\mscandui.dll
+ 2004-08-04 07:56 . 2009-01-31 01:33 243712 c:\windows\system32\dllcache\mpvis.dll
+ 2010-06-24 15:46 . 2008-04-14 00:11 261120 c:\windows\system32\dllcache\migisma.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 274432 c:\windows\system32\dllcache\migism.dll
+ 2008-06-18 06:09 . 2009-01-30 22:37 100864 c:\windows\system32\dllcache\logagent.exe
- 2008-06-18 06:09 . 2008-06-18 06:09 100864 c:\windows\system32\dllcache\logagent.exe
+ 2003-03-31 12:00 . 2008-04-14 00:11 123392 c:\windows\system32\dllcache\imsinsnt.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 505344 c:\windows\system32\dllcache\iis.dll
+ 2010-06-24 15:47 . 2008-04-14 00:11 115200 c:\windows\system32\dllcache\guitrna.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 133120 c:\windows\system32\dllcache\guitrn.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 274944 c:\windows\system32\dllcache\comsetup.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 214016 c:\windows\system32\dllcache\agentctl.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 116224 c:\windows\system32\dllcache\acxtrnal.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 245248 c:\windows\system32\dllcache\acspecfc.dll
+ 2003-03-31 12:00 . 2008-04-14 00:11 141312 c:\windows\system32\dllcache\aclua.dll
- 2009-04-29 23:18 . 2010-06-27 15:12 245760 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-29 23:18 . 2010-10-25 16:44 245760 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2003-03-31 12:00 . 2009-01-31 01:33 229376 c:\windows\system32\cewmdm.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 229376 c:\windows\system32\cewmdm.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 542720 c:\windows\system32\blackbox.dll
+ 2003-03-31 12:00 . 2009-01-31 01:33 542720 c:\windows\system32\blackbox.dll
+ 2006-10-19 01:47 . 2009-01-31 01:33 276992 c:\windows\system32\audiodev.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 276992 c:\windows\system32\audiodev.dll
+ 2007-06-25 13:47 . 2007-06-25 13:47 238888 c:\windows\NuNInst.exe
+ 2010-11-10 13:09 . 2010-11-10 13:09 100352 c:\windows\Installer\9e8249.msi
+ 2008-07-29 22:37 . 2008-07-29 22:37 911360 c:\windows\Installer\29ee9f.msp
+ 2008-07-29 22:33 . 2008-07-29 22:33 506368 c:\windows\Installer\29ee9e.msp
+ 2008-07-29 22:35 . 2008-07-29 22:35 553472 c:\windows\Installer\29ee9c.msp
- 2010-10-01 16:53 . 2010-10-01 16:53 380928 c:\windows\Installer\{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}\iTunesIco.exe
+ 2010-10-01 16:53 . 2010-11-08 13:55 380928 c:\windows\Installer\{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}\iTunesIco.exe
- 2003-03-31 12:00 . 2007-06-27 02:10 317440 c:\windows\inf\unregmp2.exe
+ 2003-03-31 12:00 . 2009-01-30 22:40 317440 c:\windows\inf\unregmp2.exe
+ 2007-10-18 15:04 . 2007-10-18 15:04 341296 c:\windows\Downloaded Program Files\HPDEXAXO.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 643072 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\551d70fb4eb1734c8db7081ebd6ebac9\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2010-11-05 20:05 . 2010-11-05 20:05 143360 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fa14c156a414144d880f48ccd6a591b5\WindowsLive.Writer.Extensibility.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 376832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\eba6b60548b785459bf950f9daab023c\WindowsLive.Writer.SpellChecker.ni.dll
+ 2010-11-05 20:05 . 2010-11-05 20:05 286720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dedf4397078f5d4c9c8f30d149a8a07b\WindowsLive.Writer.Mshtml.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 163840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d5ff272f7e92fd47a9585104b23904ea\WindowsLive.Writer.Instrumentation.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 204800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b5ee164c3da51047a28fd44e95b49278\WindowsLive.Writer.BrowserControl.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 335872 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\984bf4aebac0634a808f66b36baa5f79\WindowsLive.Writer.Interop.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 352256 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8604bd50b7f0f143a9a3ee1dcaa3cbb4\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 176128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7431122e41683349870cae7e5bd5fff9\WindowsLive.Writer.HtmlParser.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 643072 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\68eb9a70f765b94987f649c1fa9922af\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 139264 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\67a28a3808cbe947bd4958bd0198e2ab\WindowsLive.Writer.FileDestinations.ni.dll
+ 2010-11-05 20:03 . 2010-11-05 20:03 876544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5c93a94a5634b8419253805fa70be372\WindowsLive.Writer.Controls.ni.dll
+ 2010-11-05 20:05 . 2010-11-05 20:05 929792 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\57397738f48bf448b140b7981e32b079\WindowsLive.Writer.BlogClient.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 475136 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5366111ac38df14ba852c36733f9a081\WindowsLive.Writer.Localization.ni.dll
+ 2010-11-05 20:05 . 2010-11-05 20:05 114688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1f16d1b17ab63140b50766f9d974f2d1\WindowsLive.Writer.Api.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 335872 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\064d9f757bfd9345a4f46846affa1887\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 135168 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\00e965e078d461428b381c623061035f\WindowsLive.Writer.Passport.ni.dll
+ 2010-11-05 20:05 . 2010-11-05 20:05 163840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\1bf55be09e765f4cbf445cf15642eefc\WindowsLive.Client.ni.dll
+ 2010-11-05 19:58 . 2010-11-05 19:58 237568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\0e194c5f05131f42b0569e15784200f2\System.Web.RegularExpressions.ni.dll
+ 2010-11-05 19:47 . 2010-11-05 19:47 684032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\1b643af646255e43b989f7af2b0214cd\System.Transactions.ni.dll
+ 2010-11-05 19:57 . 2010-11-05 19:57 233472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\4b4d3fb0b27f064db03ca564ebc38b05\System.ServiceProcess.ni.dll
+ 2010-11-05 19:37 . 2010-11-05 19:37 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\407ccad0a8b5bd4d8cf534a3fbd2ae5d\System.Security.ni.dll
+ 2010-11-05 19:57 . 2010-11-05 19:57 339968 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\01e6f1f8396dd747883f6cc48fb86e80\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-11-05 19:48 . 2010-11-05 19:48 815104 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f320c5de9250ee4e994b97c7ba3b0938\System.Runtime.Remoting.ni.dll
+ 2010-11-05 19:47 . 2010-11-05 19:47 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\39cb4e8e21598f44b85dd7599fdec4af\System.EnterpriseServices.Wrapper.dll
+ 2010-11-05 19:47 . 2010-11-05 19:47 659456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\39cb4e8e21598f44b85dd7599fdec4af\System.EnterpriseServices.ni.dll
+ 2010-11-05 19:58 . 2010-11-05 19:58 229376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\8cf498417522194aba8286dadd4b18d4\System.Drawing.Design.ni.dll
+ 2010-11-05 19:57 . 2010-11-05 19:57 512000 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\5722e7c1a2ca7641bc1ac3d8f3ebbcdc\System.DirectoryServices.Protocols.ni.dll
+ 2010-11-05 19:37 . 2010-11-05 19:37 962560 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\a30012fef100c84d83df559f963976a7\System.Configuration.ni.dll
+ 2010-11-05 19:57 . 2010-11-05 19:57 167936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\a8db5154a8293f47ab0ab43b165a1e09\System.Configuration.Install.ni.dll
+ 2010-11-05 20:00 . 2010-11-05 20:00 643072 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\cbda49de76e81040b21d6e962b81ecf5\PaintDotNet.SystemLayer.ni.dll
+ 2010-11-05 20:01 . 2010-11-05 20:01 348160 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\9db586a7c8c92d429af74e166e58ad12\PaintDotNet.Resources.ni.dll
+ 2010-11-05 20:01 . 2010-11-05 20:01 757760 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\3c2e3416675d6040a953ab24b7cf4986\PaintDotNet.Effects.ni.dll
+ 2010-11-05 20:01 . 2010-11-05 20:01 774144 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\578a358f9c0bdf4e97a97b58e1a4d443\PaintDotNet.Data.ni.dll
+ 2010-11-05 20:00 . 2010-11-05 20:00 249856 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\0c34851b2c18cd47972e8d0539b88e16\PaintDotNet.Base.ni.dll
+ 2010-11-05 19:36 . 2010-11-05 19:36 983040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Web.Autho#\ed20cab5053ca143ae3b5d55ad44ef95\Microsoft.Web.Authoring.ni.dll
+ 2010-11-05 20:25 . 2010-11-05 20:25 229376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\83b954e1e463f94ca43b4ba4c328b938\Microsoft.Office.InfoPath.Client.Internal.Host.Interop.ni.dll
+ 2010-11-05 20:25 . 2010-11-05 20:25 131072 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\52867b85885ea0448c2d2c1a1828acf2\Microsoft.Office.InfoPath.ni.dll
+ 2010-11-05 20:25 . 2010-11-05 20:25 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\46f532dab6e9ea49bf60aa0c14132e97\Microsoft.Office.Interop.InfoPath.ni.dll
+ 2010-11-05 20:00 . 2010-11-05 20:00 163840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\7142a82c3f9e774398471b415d4ae956\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll
+ 2010-11-05 19:59 . 2010-11-05 19:59 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\93794376aa94c447a77eb2b0de9216f4\Microsoft.BusinessData.ni.dll
+ 2010-11-05 20:07 . 2010-11-05 20:07 163840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\396efbc2cdc4e444acafb3c312b35bf4\Microsoft.Build.Utilities.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 880640 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e54cb53598923e4c97087e43d882cefb\Microsoft.Build.Engine.ni.dll
+ 2010-11-05 20:00 . 2010-11-05 20:00 114688 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\ce35fd199851d444a2a17424ecfbcbfa\Interop.WIA.ni.dll
+ 2010-11-05 20:01 . 2010-11-05 20:01 548864 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\6fd790447230c84a8d0c26eca2aa80c5\ICSharpCode.SharpZipLib.ni.dll
+ 2010-11-05 20:01 . 2010-11-05 20:01 102400 c:\windows\assembly\NativeImages_v2.0.50727_32\DdsFileType\63da9ca5fa659442a0a779a5df5a0772\DdsFileType.ni.dll
+ 2010-11-05 20:06 . 2010-11-05 20:06 237568 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\aee2b27e18d73a4dba6e9662a65d1d81\CustomMarshalers.ni.dll
+ 2010-11-05 19:36 . 2010-11-05 19:36 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\28edabcd03d9f745956ab941c97d8b66\AspNetMMCExt.ni.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 823296 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 823296 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 299008 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 299008 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 368640 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 368640 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 700416 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 700416 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 397312 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 397312 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 884736 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 884736 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 716800 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 716800 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 389120 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 389120 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-11-05 20:15 . 2010-11-05 20:16 385024 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 131072 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 212992 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 143360 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 176128 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 286720 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 667648 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 667648 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-11-05 20:15 . 2010-11-05 20:15 299008 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Word.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Word.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 438272 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Excel.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Excel.v9.0.dll
+ 2010-11-05 20:16 . 2010-11-05 20:16 356352 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Common.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Common.v9.0.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 745472 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 745472 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 647168 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 647168 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 413696 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 413696 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 503808 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 503808 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 260096 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 260096 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 114176 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 114176 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 482304 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 482304 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 1382912 c:\windows\system32\WMVSDECD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 1575424 c:\windows\system32\WMVENCOD.dll
+ 2006-10-19 01:47 . 2009-01-31 01:35 1543680 c:\windows\system32\WMVDECOD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2004-08-04 07:56 . 2009-01-31 01:34 1329152 c:\windows\system32\WMSPDMOE.dll
- 2004-08-04 07:56 . 2006-10-19 01:47 1329152 c:\windows\system32\WMSPDMOE.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 8231936 c:\windows\system32\wmploc.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 8231936 c:\windows\system32\wmploc.dll
+ 2006-10-19 01:47 . 2009-01-31 01:34 1661952 c:\windows\system32\wmpencen.dll
- 2003-03-31 12:00 . 2006-10-19 01:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2003-03-31 12:00 . 2009-01-31 01:34 1117696 c:\windows\system32\WMADMOE.dll
+ 2008-03-20 22:06 . 2009-06-25 18:20 1485176 c:\windows\system32\LegitCheckControl.DLL
+ 2004-07-26 22:16 . 2004-07-26 22:16 1568768 c:\windows\system32\imagX7.dll
- 2009-04-30 02:18 . 2004-07-26 21:16 1568768 c:\windows\system32\ImagX7.dll
+ 2009-04-29 23:15 . 2008-04-14 00:11 3166208 c:\windows\system32\dllcache\msgr3en.dll
+ 2010-11-11 12:17 . 2006-03-31 17:40 2388176 c:\windows\system32\d3dx9_30.dll
+ 2010-11-11 12:17 . 2005-12-05 23:09 2323664 c:\windows\system32\d3dx9_28.dll
+ 2010-11-11 12:20 . 2010-11-11 12:20 6425600 c:\windows\Installer\89f243.msi
+ 2010-11-05 19:08 . 2010-11-05 19:08 3019264 c:\windows\Installer\46d392.msi
+ 2010-11-05 19:04 . 2010-11-05 19:04 1543680 c:\windows\Installer\46d38e.msi
+ 2008-07-29 22:31 . 2008-07-29 22:31 6083072 c:\windows\Installer\29eea0.msp
+ 2008-07-29 22:43 . 2008-07-29 22:43 1013248 c:\windows\Installer\29ee9d.msp
+ 2008-07-29 22:39 . 2008-07-29 22:39 3403264 c:\windows\Installer\29ee9b.msp
+ 2008-07-29 22:41 . 2008-07-29 22:41 6487040 c:\windows\Installer\29ee9a.msp
+ 2008-07-29 22:29 . 2008-07-29 22:29 2926080 c:\windows\Installer\29ee99.msp
+ 2008-07-29 22:45 . 2008-07-29 22:45 2543616 c:\windows\Installer\29ee98.msp
+ 2010-11-09 05:54 . 2010-11-09 05:54 1195008 c:\windows\Installer\1bf9c.msi
+ 2010-11-08 13:56 . 2010-11-08 13:56 1633280 c:\windows\Installer\13a9171.msi
+ 2010-11-05 20:05 . 2010-11-05 20:05 1163264 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b763c71e4a15b244a6e6c56ef96728cb\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2010-11-05 20:03 . 2010-11-05 20:03 6516736 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8f9b8d8110dd324483d8a155bce82c95\WindowsLive.Writer.PostEditor.ni.dll
+ 2010-11-05 20:04 . 2010-11-05 20:04 2093056 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5958867dcaf83f41afb2f8d70e9698d0\WindowsLive.Writer.CoreServices.ni.dll
+ 2010-11-05 19:36 . 2010-11-05 19:36 8093696 c:\windows\assembly\NativeImages_v2.0.50727_32\System\8cd1bc526499264abb6bd8bc3fd57e42\System.ni.dll
+ 2010-11-05 19:37 . 2010-11-05 19:37 5640192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c3531c3f3bade947aa406dac4effad9a\System.Xml.ni.dll
+ 2010-11-05 19:57 . 2010-11-05 19:57 1945600 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8e39e6d909ada04b9041f45a243a2285\System.Web.Services.ni.dll
+ 2010-11-05 19:59 . 2010-11-05 19:59 2310144 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3b4c8382d51a5140841bb9e3d0a40735\System.Web.Mobile.ni.dll
+ 2010-11-05 19:56 . 2010-11-05 19:56 1626112 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c7319d9d0343374da274058207fe66a6\System.Drawing.ni.dll
+ 2010-11-05 19:47 . 2010-11-05 19:47 1220608 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\fa4a737294b34e4bb9dcbe826ac45bd9\System.DirectoryServices.ni.dll
+ 2010-11-05 19:58 . 2010-11-05 19:58 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\4f5ded4c8d7a594889f21e18ede30064\System.Deployment.ni.dll
+ 2010-11-05 19:47 . 2010-11-05 19:47 6688768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\9147f956de56ab46a23b05bb347b4e9e\System.Data.ni.dll
+ 2010-11-05 19:37 . 2010-11-05 19:37 2703360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\a485fa1e4e38294ebb71ee52a63d2446\System.Data.SqlXml.ni.dll
+ 2010-11-05 19:58 . 2010-11-05 19:58 1179648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\3c156b80b9b7c94c884d2237483d6a44\System.Data.OracleClient.ni.dll
+ 2010-11-05 20:02 . 2010-11-05 20:02 2199552 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet\2f41c456946b0143bc596915a9367e09\PaintDotNet.ni.exe
+ 2010-11-05 20:01 . 2010-11-05 20:01 1912832 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\a3bbddf1eff06c4588ce46478ac915bb\PaintDotNet.Core.ni.dll
+ 2010-11-05 19:59 . 2010-11-05 19:59 1351680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Web.Desig#\8f10b12cab416d45bd570225ffdf12a7\Microsoft.Web.Design.Client.ni.dll
+ 2010-11-05 20:26 . 2010-11-05 20:26 1724416 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9be45db1c602f941ad45f6f9e9e8aaac\Microsoft.VisualBasic.ni.dll
+ 2010-11-05 20:00 . 2010-11-05 20:00 1081344 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SharePoin#\dd534f0f64ec0c4594b99a94df40c7f4\Microsoft.SharePoint.BusinessData.Administration.Client.ni.dll
+ 2010-11-05 20:25 . 2010-11-05 20:25 2109440 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\c0407c35c557744cac86cd07fb75efcf\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll
+ 2010-11-05 20:26 . 2010-11-05 20:26 1470464 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\61546fe5b301864390a0f4b0117addc4\Microsoft.Office.Interop.InfoPath.SemiTrust.ni.dll
+ 2010-11-05 20:24 . 2010-11-05 20:24 1544192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\a25885c0143e574aa87e5a75e3a9eea9\Microsoft.Office.BusinessApplications.Runtime.ni.dll
+ 2010-11-05 20:07 . 2010-11-05 20:07 1691648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7a58ac7399bf6b46b1c7a60b38d04ad6\Microsoft.Build.Tasks.ni.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 3018752 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 3018752 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 2035712 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 2035712 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 5316608 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 5316608 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 5050368 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 5050368 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 5025792 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-11-05 18:59 . 2010-11-05 18:59 5025792 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 2878976 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 2878976 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-04-30 01:47 . 2009-04-30 01:47 4308992 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-11-05 18:58 . 2010-11-05 18:58 4308992 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-11-05 19:58 . 2010-11-05 19:58 13107200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e1b7b2c7dd0840bf947688a6d328f0\System.Windows.Forms.ni.dll
+ 2010-11-05 19:56 . 2010-11-05 19:56 11808768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\81a05ee603942e4bb9c1826880dd6961\System.Web.ni.dll
+ 2010-11-05 19:37 . 2010-11-05 19:37 10723328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\da770cb45422a643988d2e43388b37de\System.Design.ni.dll
+ 2010-11-05 19:35 . 2010-11-05 19:35 11415552 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\df0037e9a9a22c4caa9dc5e7f23648fd\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
"Google Update"="c:\documents and settings\Dan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-11 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NVRTCLK"="c:\windows\System32\NVRTCLK\NVRTClk.exe" [2003-12-30 24576]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2008-04-17 169256]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-08-17 85888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-17 47392]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064]

#10 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 12 November 2010 - 03:13 PM

Good evening. :)

If you haven't already, will you reinstall AVG and run a full system scan and let me know what,if anything, it finds.

So long, and thanks for all the fish.

 

 


#11 inter1979

inter1979
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:43 AM

Posted 13 November 2010 - 11:51 AM

Installed avg and it found the following


"";"C:\System Volume Information\_restore{D19FE2B7-3C11-43FA-80A2-5504C2E15745}\RP8\A0021473.exe";"Virus identified Win32/Patched.FR";"Moved to Virus Vault"
"";"C:\System Volume Information\_restore{D19FE2B7-3C11-43FA-80A2-5504C2E15745}\RP13\A0023273.exe";"Virus identified Win32/Patched.FS";"Moved to Virus Vault"
"";"C:\System Volume Information\_restore{D19FE2B7-3C11-43FA-80A2-5504C2E15745}\RP13\A0023271.exe";"Virus identified Win32/Patched.FR";"Moved to Virus Vault"

#12 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 14 November 2010 - 02:56 PM

Good evening. :)

These are detections of item held within System Restore points and as such can be ignored - they pose no risk to your PC as is an we'll address this issue at the end.
I'd like one last scan and log and assuming all is well, and I think it will be, we'll tidy up and close things.

Download Malwarebytes' Anti-Malware from here and save it to your Desktop - unless you already have it, in which case skip to the "updating" bit below.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • Ensure a checkmark is placed next to both Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware and then click Finish.
  • If an update is found, it will download and install the latest version - you'll need to clear it with your firewall.
  • Once the program has loaded, select Perform full scan and then Scan.
  • When the scan has finished, click OK and then Show Results to view the results - no surprise there!
  • If MBAM finds anything, check the box(es) and click Remove Selected.
  • Please note - Leave unchecked any boxes that have \System Volume Information\ in the filepath. These pose no immediate risk to your PC unless you use System Restore and will be dealt with later.
  • When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Let me have the MBAM log, a fresh DDS log AND a description of how your PC is behaving.

So long, and thanks for all the fish.

 

 


#13 inter1979

inter1979
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:43 AM

Posted 16 November 2010 - 03:12 PM

The computer is running fine, no redirects or malware.


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5075

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/17/2010 3:06:51 AM
mbam-log-2010-11-17 (03-06-51).txt

Scan type: Full scan (C:\|)
Objects scanned: 260430
Time elapsed: 1 hour(s), 46 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Dan\Desktop\redsn0w_win_0.9.5b5-5\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\qtplugin.exe.vir (Trojan.Spambot) -> Quarantined and deleted successfully.




uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
mRun: [nwiz] nwiz.exe /install
mRun: [NVRTCLK] c:\windows\system32\nvrtclk\NVRTClk.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\dan\startm~1\programs\startup\zcinem~1.lnk - c:\docume~1\dan\applic~1\microsoft\installer\{ee885042-228a-446f-a30d-64ecbdc93859}\StartupShortcut_EE885042228A446FA30D64ECBDC93859.exe
IE: Extract Flash Video with Bytescout... - c:\program files\bytescout swf to video scout\flashextract_ie.html
IE: {15678698-8D62-4EA9-B976-B13C10B13C53} - c:\program files\bytescout swf to video scout\flashextract_ie.html
IE: {CB44ABBB-2C8D-4C78-8BCA-0FD078E8269C} - c:\program files\bytescout swf to video scout\flashextract_ie.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1266847827127
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277389406454
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL

================= FIREFOX ===================

#14 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 17 November 2010 - 02:41 PM

Good evening. :)

The DDS log has lost bits from both the top and the bottom. Would you post it again, ta.

So long, and thanks for all the fish.

 

 


#15 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:06:43 AM

Posted 22 November 2010 - 03:14 PM

As there has been no response for five days this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users