Jump to content

Malwarebytes

Malware and Hijack This stop after a few seconds: new person, same problem

- - - - -
Started by Rikafirst, Aug 20 2009 09:43 PM

9 replies to this topic

#1
Rikafirst
Posted 20 August 2009 - 09:43 PM

    New Member

  • Members
  • Pip
  • 5 posts
I have the same problem as Kevin T a few posts down: whenever I install and run Malwarebytes, Hijack This, or any other malware tool, the scans run for a few seconds and then close, and I can no longer open the program. As per your instructions to Kevin, I ran ComboFix and got the following log:

ComboFix Beta_09-08-18.01 - David 08/20/2009 14:28.4.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1556 [GMT -7:00]
Running from: c:\documents and settings\David\Desktop\sVchost.com
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

Infected copy of c:\windows\system32\mspmsnsv.dll was found and disinfected
Restored copy from - c:\windows\system32\dllcache\mspmsnsv.dll

Infected copy of c:\windows\system32\mspmsnsv.dll was found and disinfected
Restored copy from - c:\windows\system32\dllcache\mspmsnsv.dll

Infected copy of c:\windows\system32\eventlog.dll was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\eventlog.dll

Infected copy of c:\windows\system32\mspmsnsv.dll was found and disinfected
Restored copy from - c:\windows\system32\dllcache\mspmsnsv.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_kbiwkmdoykixma
-------\Legacy_kbiwkmdoykixma
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}


((((((((((((((((((((((((( Files Created from 2009-07-20 to 2009-08-20 )))))))))))))))))))))))))))))))
.

2009-08-20 20:52 . 2009-08-20 20:53 -------- d-----w- c:\program files\asjfdsk3
2009-08-20 19:24 . 2009-08-20 19:24 -------- d-----w- c:\program files\asjfdsk2
2009-08-20 18:48 . 2009-08-20 18:48 -------- d-----w- c:\program files\asjfdsk
2009-08-20 18:07 . 2008-12-11 15:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-08-20 18:07 . 2009-08-20 21:20 -------- d---a-w- c:\docume~1\ALLUSE~1\APPLIC~1\TEMP
2009-08-20 18:07 . 2009-04-03 17:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-08-20 18:07 . 2008-12-18 18:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-08-20 18:07 . 2009-08-20 18:07 -------- d-----w- c:\program files\Common Files\PC Tools
2009-08-20 18:07 . 2008-12-10 18:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-08-20 18:07 . 2009-08-20 20:19 -------- d-----w- c:\program files\Spyware Doctor
2009-08-20 18:07 . 2009-08-20 18:07 -------- d-----w- c:\documents and settings\David\Application Data\PC Tools
2009-08-20 18:07 . 2009-08-20 18:07 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\PC Tools
2009-08-20 17:54 . 2009-08-20 17:54 -------- d-----w- c:\documents and settings\David\Application Data\Malwarebytes
2009-08-20 17:54 . 2009-08-03 20:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-20 17:54 . 2009-08-20 17:54 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Malwarebytes
2009-08-20 17:54 . 2009-08-03 20:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-20 17:52 . 2009-08-20 18:39 -------- d-----w- c:\program files\Malwarebytes
2009-08-20 17:36 . 2009-08-20 17:41 -------- d-----w- c:\windows\system32\NtmsData
2009-08-20 05:14 . 2009-08-20 05:15 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2009-08-20 00:11 . 2009-08-20 00:11 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Blizzard Entertainment
2009-08-04 06:13 . 2009-08-04 06:13 -------- d-----w- c:\program files\iPod
2009-07-23 00:28 . 2008-10-16 21:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-07-21 22:50 . 2009-07-21 22:50 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-07-21 22:50 . 2005-10-18 02:50 245376 ----a-w- c:\windows\system32\rt2500usb.sys
2009-07-21 22:50 . 2005-10-18 02:50 245376 ----a-w- c:\windows\system32\drivers\rt2500usb.sys
2009-07-21 22:50 . 2004-04-24 05:43 374752 ----a-w- c:\windows\system32\WUSBGXP.sys
2009-07-21 22:50 . 2004-01-08 00:04 339488 ----a-w- c:\windows\system32\WUSB20XP.sys
2009-07-21 22:50 . 2003-10-13 22:30 94208 ----a-w- c:\windows\system32\GTW32N50.dll
2009-07-21 22:50 . 2003-09-26 05:15 15872 ----a-w- c:\windows\system32\GTNDIS5.sys
2009-07-21 22:50 . 2005-02-02 01:18 17992 ----a-w- c:\windows\system32\drivers\bcm42rly.sys
2009-07-21 22:50 . 2005-02-02 01:18 17992 ----a-w- c:\windows\system32\bcm42rly.sys
2009-07-21 22:50 . 2009-07-21 22:50 -------- d-----w- c:\program files\Linksys Wireless-G USB Wireless Network Monitor

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-20 20:52 . 2008-09-20 05:45 -------- d-----w- c:\program files\Firefox
2009-08-20 06:14 . 2008-09-24 02:26 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-20 06:14 . 2008-09-24 02:26 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-20 06:14 . 2008-09-24 02:26 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-20 05:24 . 2009-07-21 16:59 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2009-08-20 05:12 . 2009-07-21 16:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-20 00:11 . 2008-09-21 08:27 -------- d-----w- c:\program files\World of Warcraft
2009-08-18 00:58 . 2008-11-09 06:18 -------- d-----w- c:\program files\Steam
2009-08-15 06:04 . 2009-04-06 01:51 -------- d-----w- c:\documents and settings\David\Application Data\uTorrent
2009-08-12 19:13 . 2009-01-15 00:31 -------- d-----w- c:\program files\Logitech
2009-08-05 09:01 . 2007-07-27 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 06:13 . 2008-09-23 07:03 -------- d-----w- c:\program files\Common Files\Apple
2009-07-31 22:41 . 2009-02-04 22:13 -------- d-----w- c:\documents and settings\David\Application Data\dvdcss
2009-07-21 22:50 . 2008-09-19 21:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-21 20:37 . 2009-07-21 20:37 -------- d-----w- c:\program files\Trend Micro
2009-07-21 20:35 . 2008-10-02 00:11 -------- d-----w- c:\documents and settings\David\Application Data\OpenOffice.org2
2009-07-21 20:28 . 2009-07-21 20:28 -------- d-----w- c:\program files\CCleaner
2009-07-19 05:29 . 2009-07-19 05:29 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\nView_Profiles
2009-07-17 19:01 . 2007-07-27 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 06:43 . 2007-07-27 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-11 06:32 . 2009-07-11 06:32 -------- d-----w- c:\program files\Common Files\DirectX
2009-07-11 06:28 . 2009-07-11 06:28 -------- d-----w- c:\program files\Codemasters
2009-07-11 06:28 . 2009-07-11 06:28 -------- d-----w- c:\documents and settings\David\Application Data\InstallShield
2009-07-03 05:45 . 2008-10-21 05:42 -------- d-----w- c:\documents and settings\David\Application Data\mIRC
2009-06-29 16:12 . 2007-07-27 12:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2007-07-27 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2007-07-27 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-26 20:52 . 2009-06-26 20:43 157420 ----a-w- c:\windows\hpoins29.dat
2009-06-26 20:47 . 2009-02-12 01:01 -------- d-----w- c:\documents and settings\David\Application Data\HP
2009-06-26 20:44 . 2009-06-26 20:44 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\HP Product Assistant
2009-06-26 20:44 . 2009-02-12 00:55 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\HP
2009-06-26 20:44 . 2009-06-26 20:44 -------- d-----w- c:\program files\Hewlett-Packard
2009-06-26 20:44 . 2009-06-26 20:44 -------- d-----w- c:\program files\Common Files\HP
2009-06-25 08:25 . 2007-07-27 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2007-07-27 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2007-07-27 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2007-07-27 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2007-07-27 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2007-07-27 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2007-07-27 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:36 . 2007-07-27 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2007-07-27 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2007-07-27 12:00 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2007-07-27 12:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 16:19 . 2008-09-19 20:27 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2007-07-27 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2007-07-27 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2007-07-27 12:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2008-09-20 17:01 . 2008-09-20 17:01 1283912 -c--a-w- c:\program files\wowclient-downloader.exe
2008-09-20 16:07 . 2008-09-20 16:07 1038787 -c--a-w- c:\program files\WoW-BurningCrusade-Trial-enUS-Installer-downloader.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-07-21_16.49.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 02:41 . 2009-07-12 02:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
- 2008-09-19 22:12 . 2008-07-09 07:38 26488 c:\windows\system32\spupdsvc.exe
+ 2008-09-19 22:12 . 2007-07-27 17:41 26488 c:\windows\system32\spupdsvc.exe
- 2007-07-27 12:00 . 2009-04-29 04:56 44544 c:\windows\system32\pngfilt.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
+ 2007-07-27 12:00 . 2009-08-08 17:37 71592 c:\windows\system32\perfc009.dat
- 2007-07-27 12:00 . 2003-04-20 04:49 71592 c:\windows\system32\perfc009.dat
- 2007-08-14 01:54 . 2009-04-29 04:55 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-14 01:54 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-07-27 12:00 . 2008-04-14 00:11 56320 c:\windows\system32\logevent.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 27648 c:\windows\system32\jsproxy.dll
- 2007-08-14 01:39 . 2009-04-28 09:05 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-14 01:39 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
- 2007-07-27 12:00 . 2009-04-29 04:55 44544 c:\windows\system32\iernonce.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
+ 2007-07-27 12:00 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
- 2007-07-27 12:00 . 2009-04-28 09:05 70656 c:\windows\system32\ie4uinit.exe
+ 2007-08-14 01:36 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
- 2007-08-14 01:36 . 2009-04-29 04:55 63488 c:\windows\system32\icardie.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2007-07-27 12:00 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2007-07-27 12:00 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2008-09-19 23:56 . 2009-04-29 04:55 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-09-19 23:56 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-07-27 12:00 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
- 2007-07-27 12:00 . 2009-04-29 04:55 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-09-19 23:56 . 2009-04-28 09:05 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-09-19 23:56 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-07-27 12:00 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-07-27 12:00 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-07-27 12:00 . 2009-04-28 09:05 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-09-19 23:56 . 2009-04-29 04:55 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-09-19 23:56 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
- 2007-07-27 12:00 . 2008-04-14 00:11 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2007-07-27 12:00 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
+ 2008-09-19 20:34 . 2009-08-20 19:41 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-19 20:34 . 2008-09-19 23:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-08-20 16:41 . 2009-08-20 17:29 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009082020090821\index.dat
+ 2008-09-19 20:34 . 2009-08-20 19:41 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-09-19 20:34 . 2008-09-19 23:33 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-08-20 16:41 . 2009-08-20 16:41 16384 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- 2008-09-19 20:34 . 2008-09-19 23:33 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-09-19 20:34 . 2009-08-20 19:41 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-11-25 11:59 . 2008-11-25 11:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-07-30 00:23 . 2009-04-29 04:56 44544 c:\windows\ie7updates\KB972260-IE7\pngfilt.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 52224 c:\windows\ie7updates\KB972260-IE7\msfeedsbs.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 27648 c:\windows\ie7updates\KB972260-IE7\jsproxy.dll
+ 2009-07-30 00:23 . 2009-04-28 09:05 13824 c:\windows\ie7updates\KB972260-IE7\ieudinit.exe
+ 2009-07-30 00:23 . 2009-04-29 04:55 44544 c:\windows\ie7updates\KB972260-IE7\iernonce.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 78336 c:\windows\ie7updates\KB972260-IE7\ieencode.dll
+ 2009-07-30 00:23 . 2009-04-28 09:05 70656 c:\windows\ie7updates\KB972260-IE7\ie4uinit.exe
+ 2009-07-30 00:23 . 2009-04-29 04:55 63488 c:\windows\ie7updates\KB972260-IE7\icardie.dll
+ 2009-07-30 00:23 . 2008-04-14 00:11 35328 c:\windows\ie7updates\KB972260-IE7\corpol.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-08-08 17:33 . 2009-08-08 17:33 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-08-08 09:02 . 2009-08-08 09:02 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-08-08 19:49 . 2009-08-08 19:49 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-11-24 22:52 . 2009-08-12 08:24 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-02-27 00:07 . 2009-02-27 00:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-02-27 00:07 . 2009-02-27 00:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-09-06 06:29 . 2009-03-11 05:18 934792 c:\windows\system32\WgaTray.exe
+ 2008-09-06 06:30 . 2009-03-11 05:18 239496 c:\windows\system32\WgaLogon.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 233472 c:\windows\system32\webcheck.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 105984 c:\windows\system32\url.dll
- 2007-07-27 12:00 . 2003-04-20 04:49 443062 c:\windows\system32\perfh009.dat
+ 2007-07-27 12:00 . 2009-08-08 17:37 443062 c:\windows\system32\perfh009.dat
+ 2007-07-27 12:00 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 102912 c:\windows\system32\occache.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 671232 c:\windows\system32\mstime.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 193024 c:\windows\system32\msrating.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 477696 c:\windows\system32\mshtmled.dll
+ 2007-08-14 01:54 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll
- 2007-08-14 01:54 . 2009-04-29 04:55 459264 c:\windows\system32\msfeeds.dll
- 2007-08-14 01:34 . 2009-04-29 04:55 268288 c:\windows\system32\iertutil.dll
+ 2007-08-14 01:34 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 385024 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 19:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
+ 2007-07-27 12:00 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
- 2007-07-27 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\ieakui.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 230400 c:\windows\system32\ieaksie.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 153088 c:\windows\system32\ieakeng.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 133120 c:\windows\system32\extmgr.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 214528 c:\windows\system32\dxtrans.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 347136 c:\windows\system32\dxtmsft.dll
+ 2007-07-27 12:00 . 2009-07-14 06:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2008-06-23 15:09 . 2009-04-29 04:56 827392 c:\windows\system32\dllcache\wininet.dll
+ 2008-06-23 15:09 . 2009-06-29 16:12 827392 c:\windows\system32\dllcache\wininet.dll
+ 2008-09-06 06:29 . 2009-03-11 05:18 934792 c:\windows\system32\dllcache\WgaTray.exe
+ 2008-09-06 06:30 . 2009-03-11 05:18 239496 c:\windows\system32\dllcache\wgaLogon.dll
- 2007-08-14 01:54 . 2009-04-29 04:56 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-14 01:54 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-14 01:44 . 2009-04-29 04:56 105984 c:\windows\system32\dllcache\url.dll
+ 2007-08-14 01:44 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll
- 2007-08-14 01:44 . 2009-04-29 04:56 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-14 01:44 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-07-27 12:00 . 2009-08-05 09:01 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 671232 c:\windows\system32\dllcache\mstime.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 193024 c:\windows\system32\dllcache\msrating.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-09-19 23:56 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll
- 2008-09-19 23:56 . 2009-04-29 04:55 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-04-14 19:04 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-09-19 20:28 . 2009-06-29 08:35 634632 c:\windows\system32\dllcache\iexplore.exe
+ 2008-09-19 23:56 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-09-19 23:56 . 2009-04-29 04:55 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-09-19 23:56 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2007-07-27 12:00 . 2009-04-25 05:26 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2007-07-27 12:00 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2007-08-14 01:39 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-08-14 01:39 . 2009-04-29 04:55 124928 c:\windows\system32\dllcache\advpack.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
- 2007-07-27 12:00 . 2009-04-29 04:55 124928 c:\windows\system32\advpack.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2008-07-25 19:17 . 2008-07-25 19:17 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-12-13 16:58 . 2008-12-13 16:58 754688 c:\windows\Installer\3d9c012.msp
+ 2009-07-30 00:23 . 2009-07-30 00:23 248832 c:\windows\Installer\119f480.msi
+ 2009-08-04 06:14 . 2009-08-04 06:14 102400 c:\windows\Installer\{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}\iTunesIco.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-24 22:52 . 2009-07-15 08:38 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-11-24 22:52 . 2009-08-12 08:24 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2003-07-15 11:18 . 2003-07-15 11:18 141360 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ATP.DLL
+ 2009-01-18 23:05 . 2009-01-18 23:05 675840 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010\9.1.0\JP2KLib.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 827392 c:\windows\ie7updates\KB972260-IE7\wininet.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 233472 c:\windows\ie7updates\KB972260-IE7\webcheck.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 105984 c:\windows\ie7updates\KB972260-IE7\url.dll
+ 2009-07-30 00:23 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB972260-IE7\spuninst\updspapi.dll
+ 2009-07-30 00:23 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB972260-IE7\spuninst\spuninst.exe
+ 2009-07-30 00:23 . 2009-04-29 04:56 102912 c:\windows\ie7updates\KB972260-IE7\occache.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 671232 c:\windows\ie7updates\KB972260-IE7\mstime.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 193024 c:\windows\ie7updates\KB972260-IE7\msrating.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 477696 c:\windows\ie7updates\KB972260-IE7\mshtmled.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 459264 c:\windows\ie7updates\KB972260-IE7\msfeeds.dll
+ 2009-07-30 00:23 . 2009-04-25 05:27 636088 c:\windows\ie7updates\KB972260-IE7\iexplore.exe
+ 2009-07-30 00:23 . 2009-04-29 04:55 268288 c:\windows\ie7updates\KB972260-IE7\iertutil.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 385024 c:\windows\ie7updates\KB972260-IE7\iedkcs32.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 383488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dll
+ 2009-07-30 00:23 . 2009-04-25 05:26 161792 c:\windows\ie7updates\KB972260-IE7\ieakui.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 230400 c:\windows\ie7updates\KB972260-IE7\ieaksie.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 153088 c:\windows\ie7updates\KB972260-IE7\ieakeng.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 133120 c:\windows\ie7updates\KB972260-IE7\extmgr.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 214528 c:\windows\ie7updates\KB972260-IE7\dxtrans.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 347136 c:\windows\ie7updates\KB972260-IE7\dxtmsft.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 124928 c:\windows\ie7updates\KB972260-IE7\advpack.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-08-08 17:34 . 2009-08-08 17:34 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-08-08 19:51 . 2009-08-08 19:51 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-08-08 19:49 . 2009-08-08 19:49 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-08-08 17:33 . 2009-08-08 17:33 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-08-08 17:33 . 2009-08-08 17:33 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-08-08 17:33 . 2009-08-08 17:33 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-08-08 17:33 . 2009-08-08 17:33 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-08-08 19:49 . 2009-08-08 19:49 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-08-08 19:49 . 2009-08-08 19:49 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-02-27 00:09 . 2009-02-27 00:09 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-02-27 00:09 . 2009-02-27 00:09 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2009-02-27 00:09 . 2009-02-27 00:09 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-07-27 12:00 . 2009-04-29 04:56 1159680 c:\windows\system32\urlmon.dll
+ 2007-07-27 12:00 . 2009-06-29 16:12 1159680 c:\windows\system32\urlmon.dll
+ 2007-07-27 12:00 . 2009-07-19 13:33 3597824 c:\windows\system32\mshtml.dll
+ 2008-03-21 01:06 . 2009-03-11 05:18 1482112 c:\windows\system32\LegitCheckControl.dll
+ 2007-08-14 01:54 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll
+ 2007-02-12 23:10 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat
+ 2008-06-26 08:15 . 2009-06-29 16:12 1159680 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-26 08:15 . 2009-04-29 04:56 1159680 c:\windows\system32\dllcache\urlmon.dll
+ 2008-09-19 20:27 . 2009-06-10 16:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2008-09-19 20:28 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-06-23 15:09 . 2009-07-19 13:33 3597824 c:\windows\system32\dllcache\mshtml.dll
+ 2008-09-19 23:56 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2008-09-19 23:56 . 2009-06-29 08:33 2452872 c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-12-06 02:35 . 2008-12-06 02:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
- 2008-07-30 03:16 . 2008-07-30 03:16 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-12-06 03:12 . 2008-12-06 03:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-07-25 19:17 . 2008-07-25 19:17 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-07-25 19:17 . 2008-07-25 19:17 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2009-06-21 01:15 . 2009-06-21 01:15 6653952 c:\windows\Installer\6c51249.msp
+ 2009-08-04 07:06 . 2009-08-04 07:06 1697792 c:\windows\Installer\6c51248.msp
+ 2009-08-04 06:14 . 2009-08-04 06:14 4945408 c:\windows\Installer\6928801.msi
+ 2009-08-04 06:12 . 2009-08-04 06:12 3295232 c:\windows\Installer\69284b1.msi
+ 2008-12-13 16:57 . 2008-12-13 16:57 8397824 c:\windows\Installer\3d9bffb.msp
+ 2009-08-05 09:11 . 2009-08-05 09:11 5518848 c:\windows\Installer\381089f.msp
+ 2009-07-01 20:21 . 2009-07-01 20:21 8891904 c:\windows\Installer\3810888.msp
+ 2007-05-10 21:45 . 2007-05-10 21:45 8069464 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OWC11.DLL
+ 2007-03-14 21:10 . 2007-03-14 21:10 7255384 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OWC10.DLL
+ 2008-12-18 23:48 . 2008-12-18 23:48 3645440 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010\9.1.0\authplay.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 1159680 c:\windows\ie7updates\KB972260-IE7\urlmon.dll
+ 2009-07-30 00:23 . 2009-04-29 04:56 3596288 c:\windows\ie7updates\KB972260-IE7\mshtml.dll
+ 2009-07-30 00:23 . 2009-04-29 04:55 6066176 c:\windows\ie7updates\KB972260-IE7\ieframe.dll
+ 2009-07-30 00:23 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dat
+ 2009-08-08 09:02 . 2009-08-08 09:02 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-08-08 19:51 . 2009-08-08 19:51 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-08-08 19:51 . 2009-08-08 19:51 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-08-08 19:51 . 2009-08-08 19:51 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-02-27 00:09 . 2009-02-27 00:09 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2009-02-27 00:08 . 2009-02-27 00:08 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-02-27 00:08 . 2009-02-27 00:08 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-08-08 09:01 . 2009-08-08 09:01 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-02-27 00:07 . 2009-02-27 00:07 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2007-07-27 12:00 . 2009-07-14 06:43 10841088 c:\windows\system32\wmp.dll
+ 2008-09-19 23:43 . 2009-07-30 00:49 24281536 c:\windows\system32\MRT.exe
+ 2007-07-27 12:00 . 2009-07-14 06:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2008-12-13 17:21 . 2008-12-13 17:21 10473472 c:\windows\Installer\3d9c006.msp
+ 2009-07-01 20:19 . 2009-07-01 20:19 10607104 c:\windows\Installer\3810889.msp
+ 2009-02-27 23:37 . 2009-02-27 23:37 20403568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010\9.1.0\AcroRd32.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-08-08 19:50 . 2009-08-08 19:50 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-08-08 19:49 . 2009-08-08 19:49 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-08-08 17:34 . 2009-08-08 17:34 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-08-08 17:33 . 2009-08-08 17:33 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-08-08 17:33 . 2009-08-08 17:33 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-08-08 09:02 . 2009-08-08 09:02 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\program files\Daemon Tools\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy 2\TeaTimer.exe" [2009-03-05 2260480]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-20 2007832]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"RivaTuner"="e:\program files\Rivatuner\RivaTuner.exe" [2009-02-25 2781184]
"RivaTunerStartupDaemon"="e:\program files\Rivatuner\RivaTuner.exe" [2009-02-25 2781184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-03-27 1657376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-20 06:14 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\wowclient-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.3.0.7561-to-2.4.0.8089-enUS-downloader.exe"=
"e:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"e:\\mIRC\\mirc.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"e:\\Games\\Puzzlegeddon\\Puzzlegeddon Demo\\Puzzlegeddon.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\the last remnant\\Binaries\\TLR.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Codemasters\\Overlord II\\Overlord2.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"e:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Firefox\\firefox.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\the witcher enhanced edition\\System\\witcher.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\the witcher enhanced edition\\System\\djinni!.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6881:TCP"= 6881:TCP:Blizzard Downloader: 6881

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [8/20/2009 11:07 AM 130936]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9/23/2008 7:26 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9/23/2008 7:26 PM 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/23/2008 7:26 PM 297752]
R2 WUSB54Gv42SVC;WUSB54Gv42SVC;c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe [7/21/2009 3:50 PM 53307]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/23/2008 7:26 PM 908056]
S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\DRIVERS\rcvpn.sys --> c:\windows\system32\DRIVERS\rcvpn.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [8/20/2009 11:07 AM 348752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\docume~1\David\APPLIC~1\Mozilla\Firefox\Profiles\07hr8jzj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\07hr8jzj.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\program files\Firefox\plugins\NPAskSBr.dll
FF - plugin: e:\program files\Codecs\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: e:\program files\Codecs\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\iTunes\Mozilla Plugins\npitunes.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-20 14:35
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\ê0ê0¹0\þ[T›Í_¢0µ0®0ÿ^ÿëm*‹n0qg¬N­0ó0°0À0à0^ÿ]
"Order"=hex:08,00,00,00,02,00,00,00,1e,01,00,00,01,00,00,00,02,00,00,00,7c,00,
00,00,00,00,00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,32,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3456)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-08-20 14:37 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-20 21:37
ComboFix2.txt 2009-07-21 16:49

Pre-Run: 66,397,229,056 bytes free
Post-Run: 66,268,225,536 bytes free

720 --- E O F --- 2009-08-14 08:44




Thank you for your assistance.

#2
screen317
Posted 23 August 2009 - 11:41 PM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 16,430 posts
  • Gender:Male
  • Location:Los Angeles
Please delete your copy of ComboFix, download the latest version from here, and save it to your Desktop. Do not run it yet.


Next, please open Notepad - don't use any other text editor than notepad or the script will fail.
Copy/paste the text in the quotebox below into Notepad:

Quote

Regnull::
[HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\ê0ê0¹0\þ[T›Í_¢0µ0®0ÿ^ÿëm*‹n0qg¬N­0ó0°0À0à0^ÿ]
Dirlook::
c:\program files\asjfdsk3
c:\program files\asjfdsk2
c:\program files\asjfdsk

Save this as CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

Next, Please download Win32kDiag.exe by AD to the desktop. Double click on it. It will make a diagnostic and produce a report on the desktop. Post that report on your next reply:

-screen317
Chris Fistonich
Consumer Support Specialist

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3
Rikafirst
Posted 24 August 2009 - 04:25 AM

    New Member

  • Members
  • Pip
  • 5 posts
I did as instructed. Here is the combofix log. I notice it seems to be investigating the asjfdsk directories, and it might help you to know that those directories hold various installations of Malwarebytes that I renamed random strings in an attempt (sadly unsuccessful) at thwarting the spyware infestation on my computer.

Quote

ComboFix 09-08-22.06 - David 08/23/2009 21:00.5.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1634 [GMT -7:00]
Running from: c:\documents and settings\David\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\David\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Files Created from 2009-07-24 to 2009-08-24 )))))))))))))))))))))))))))))))
.

2009-08-20 20:52 . 2009-08-20 20:53 -------- d-----w- c:\program files\asjfdsk3
2009-08-20 19:24 . 2009-08-20 19:24 -------- d-----w- c:\program files\asjfdsk2
2009-08-20 18:48 . 2009-08-20 18:48 -------- d-----w- c:\program files\asjfdsk
2009-08-20 18:07 . 2008-12-11 15:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-08-20 18:07 . 2009-08-20 21:20 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-20 18:07 . 2009-04-03 17:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-08-20 18:07 . 2008-12-18 18:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-08-20 18:07 . 2009-08-20 18:07 -------- d-----w- c:\program files\Common Files\PC Tools
2009-08-20 18:07 . 2008-12-10 18:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-08-20 18:07 . 2009-08-20 20:19 -------- d-----w- c:\program files\Spyware Doctor
2009-08-20 18:07 . 2009-08-20 18:07 -------- d-----w- c:\documents and settings\David\Application Data\PC Tools
2009-08-20 18:07 . 2009-08-20 18:07 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-08-20 17:54 . 2009-08-20 17:54 -------- d-----w- c:\documents and settings\David\Application Data\Malwarebytes
2009-08-20 17:54 . 2009-08-03 20:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-20 17:54 . 2009-08-20 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-20 17:54 . 2009-08-03 20:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-20 17:52 . 2009-08-20 18:39 -------- d-----w- c:\program files\Malwarebytes
2009-08-20 17:36 . 2009-08-20 17:41 -------- d-----w- c:\windows\system32\NtmsData
2009-08-20 05:14 . 2009-08-20 05:15 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2009-08-20 00:11 . 2009-08-20 00:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-08-04 06:13 . 2009-08-04 06:13 -------- d-----w- c:\program files\iPod
2009-08-04 06:08 . 2009-08-04 06:08 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-23 00:53 . 2008-09-20 05:45 -------- d-----w- c:\program files\Firefox
2009-08-23 00:41 . 2009-04-06 01:51 -------- d-----w- c:\documents and settings\David\Application Data\uTorrent
2009-08-20 06:14 . 2008-09-24 02:26 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-20 06:14 . 2008-09-24 02:26 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-20 06:14 . 2008-09-24 02:26 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-20 05:24 . 2009-07-21 16:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-20 05:12 . 2009-07-21 16:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-20 00:11 . 2008-09-21 08:27 -------- d-----w- c:\program files\World of Warcraft
2009-08-18 00:58 . 2008-11-09 06:18 -------- d-----w- c:\program files\Steam
2009-08-12 19:13 . 2009-01-15 00:31 -------- d-----w- c:\program files\Logitech
2009-08-05 09:01 . 2007-07-27 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 06:13 . 2008-09-23 07:03 -------- d-----w- c:\program files\Common Files\Apple
2009-07-31 22:41 . 2009-02-04 22:13 -------- d-----w- c:\documents and settings\David\Application Data\dvdcss
2009-07-21 22:50 . 2009-07-21 22:50 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-07-21 22:50 . 2009-07-21 22:50 -------- d-----w- c:\program files\Linksys Wireless-G USB Wireless Network Monitor
2009-07-21 22:50 . 2008-09-19 21:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-21 20:37 . 2009-07-21 20:37 -------- d-----w- c:\program files\Trend Micro
2009-07-21 20:35 . 2008-10-02 00:11 -------- d-----w- c:\documents and settings\David\Application Data\OpenOffice.org2
2009-07-21 20:28 . 2009-07-21 20:28 -------- d-----w- c:\program files\CCleaner
2009-07-19 05:29 . 2009-07-19 05:29 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-07-17 19:01 . 2007-07-27 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 06:43 . 2007-07-27 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-11 06:32 . 2009-07-11 06:32 -------- d-----w- c:\program files\Common Files\DirectX
2009-07-11 06:28 . 2009-07-11 06:28 -------- d-----w- c:\program files\Codemasters
2009-07-11 06:28 . 2009-07-11 06:28 -------- d-----w- c:\documents and settings\David\Application Data\InstallShield
2009-07-03 05:45 . 2008-10-21 05:42 -------- d-----w- c:\documents and settings\David\Application Data\mIRC
2009-06-29 16:12 . 2007-07-27 12:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2007-07-27 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2007-07-27 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-26 20:52 . 2009-06-26 20:43 157420 ----a-w- c:\windows\hpoins29.dat
2009-06-26 20:47 . 2009-02-12 01:01 -------- d-----w- c:\documents and settings\David\Application Data\HP
2009-06-26 20:44 . 2009-06-26 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-06-26 20:44 . 2009-02-12 00:55 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-06-26 20:44 . 2009-06-26 20:44 -------- d-----w- c:\program files\Hewlett-Packard
2009-06-26 20:44 . 2009-06-26 20:44 -------- d-----w- c:\program files\Common Files\HP
2009-06-25 08:25 . 2007-07-27 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2007-07-27 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2007-07-27 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2007-07-27 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2007-07-27 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2007-07-27 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2007-07-27 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:36 . 2007-07-27 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2007-07-27 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2007-07-27 12:00 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2007-07-27 12:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 16:19 . 2008-09-19 20:27 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2007-07-27 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2007-07-27 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2007-07-27 12:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2008-09-20 17:01 . 2008-09-20 17:01 1283912 -c--a-w- c:\program files\wowclient-downloader.exe
2008-09-20 16:07 . 2008-09-20 16:07 1038787 -c--a-w- c:\program files\WoW-BurningCrusade-Trial-enUS-Installer-downloader.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\asjfdsk ----

2009-08-20 18:48 . 2009-08-20 18:48 10498 ----a-w- c:\program files\asjfdsk\unins000.msg
2009-08-20 18:48 . 2009-08-03 20:36 232720 ----a-w- c:\program files\asjfdsk\mbamservice.exe
2009-08-20 18:48 . 2009-08-03 20:36 419088 ----a-w- c:\program files\asjfdsk\mbamgui.exe
2009-08-20 18:48 . 2009-08-03 20:36 46352 ----a-w- c:\program files\asjfdsk\ssubtmr6.dll
2009-08-20 18:48 . 2009-08-03 20:36 496912 ----a-w- c:\program files\asjfdsk\vbalsgrid6.ocx
2009-08-20 18:48 . 2009-08-03 20:36 70928 ----a-w- c:\program files\asjfdsk\mbamext.dll
2009-08-20 18:48 . 2009-08-03 20:36 79632 ----a-w- c:\program files\asjfdsk\zlib.dll
2009-08-20 18:48 . 2009-08-03 20:36 1295632 ----a-w- c:\program files\asjfdsk\mbam.exe
2009-08-20 18:48 . 2008-11-10 00:19 12175 ----a-w- c:\program files\asjfdsk\Languages\swedish.lng
2009-08-20 18:48 . 2009-04-15 12:00 13808 ----a-w- c:\program files\asjfdsk\Languages\turkish.lng
2009-08-20 18:48 . 2008-11-01 00:54 13097 ----a-w- c:\program files\asjfdsk\Languages\ukrainian.lng
2009-08-20 18:48 . 2009-06-10 20:39 11593 ----a-w- c:\program files\asjfdsk\Languages\norwegian.lng
2009-08-20 18:48 . 2009-01-11 07:56 11623 ----a-w- c:\program files\asjfdsk\Languages\polish.lng
2009-08-20 18:48 . 2008-03-05 02:56 12245 ----a-w- c:\program files\asjfdsk\Languages\portugueseBR.lng
2009-08-20 18:48 . 2008-06-15 20:04 12345 ----a-w- c:\program files\asjfdsk\Languages\portuguesePT.lng
2009-08-20 18:48 . 2008-03-14 02:09 12672 ----a-w- c:\program files\asjfdsk\Languages\romanian.lng
2009-08-20 18:48 . 2008-07-04 07:58 11779 ----a-w- c:\program files\asjfdsk\Languages\russian.lng
2009-08-20 18:48 . 2008-03-03 13:03 12114 ----a-w- c:\program files\asjfdsk\Languages\serbian.lng
2009-08-20 18:48 . 2008-07-26 16:58 11599 ----a-w- c:\program files\asjfdsk\Languages\slovak.lng
2009-08-20 18:48 . 2008-03-04 06:28 11205 ----a-w- c:\program files\asjfdsk\Languages\slovenian.lng
2009-08-20 18:48 . 2008-07-11 21:26 12876 ----a-w- c:\program files\asjfdsk\Languages\spanish.lng
2009-08-20 18:48 . 2008-03-04 00:39 12048 ----a-w- c:\program files\asjfdsk\Languages\hungarian.lng
2009-08-20 18:48 . 2008-03-05 03:03 13019 ----a-w- c:\program files\asjfdsk\Languages\italian.lng
2009-08-20 18:48 . 2009-07-24 02:46 9269 ----a-w- c:\program files\asjfdsk\Languages\korean.lng
2009-08-20 18:48 . 2008-12-19 23:30 11457 ----a-w- c:\program files\asjfdsk\Languages\latvian.lng
2009-08-20 18:48 . 2008-09-11 05:29 13314 ----a-w- c:\program files\asjfdsk\Languages\macedonian.lng
2009-08-20 18:48 . 2009-02-18 03:27 11893 ----a-w- c:\program files\asjfdsk\Languages\danish.lng
2009-08-20 18:48 . 2008-03-05 02:56 12255 ----a-w- c:\program files\asjfdsk\Languages\dutch.lng
2009-08-20 18:48 . 2008-03-03 02:33 11232 ----a-w- c:\program files\asjfdsk\Languages\english.lng
2009-08-20 18:48 . 2009-07-31 16:20 11213 ----a-w- c:\program files\asjfdsk\Languages\estonian.lng
2009-08-20 18:48 . 2008-05-17 17:09 11624 ----a-w- c:\program files\asjfdsk\Languages\finnish.lng
2009-08-20 18:48 . 2008-03-05 02:57 13353 ----a-w- c:\program files\asjfdsk\Languages\french.lng
2009-08-20 18:48 . 2008-10-06 05:25 13557 ----a-w- c:\program files\asjfdsk\Languages\german.lng
2009-08-20 18:48 . 2008-10-07 22:15 13234 ----a-w- c:\program files\asjfdsk\Languages\greek.lng
2009-08-20 18:48 . 2009-01-17 03:08 12533 ----a-w- c:\program files\asjfdsk\Languages\bulgarian.lng
2009-08-20 18:48 . 2008-03-05 03:05 12595 ----a-w- c:\program files\asjfdsk\Languages\catalan.lng
2009-08-20 18:48 . 2008-08-01 16:03 8045 ----a-w- c:\program files\asjfdsk\Languages\chineseSI.lng
2009-08-20 18:48 . 2008-08-04 19:58 8141 ----a-w- c:\program files\asjfdsk\Languages\chineseTR.lng
2009-08-20 18:48 . 2008-12-27 23:41 11977 ----a-w- c:\program files\asjfdsk\Languages\croatian.lng
2009-08-20 18:48 . 2008-06-25 06:49 11551 ----a-w- c:\program files\asjfdsk\Languages\czech.lng
2009-08-20 18:48 . 2008-07-03 17:10 13924 ----a-w- c:\program files\asjfdsk\Languages\albanian.lng
2009-08-20 18:48 . 2009-04-10 07:53 10331 ----a-w- c:\program files\asjfdsk\Languages\arabic.lng
2009-08-20 18:48 . 2009-08-01 23:14 12636 ----a-w- c:\program files\asjfdsk\Languages\bosnian.lng
2009-08-20 18:48 . 2009-08-03 20:36 381712 ----a-w- c:\program files\asjfdsk\mbam-dor.exe
2009-08-20 18:48 . 2009-08-01 22:26 15942 ----a-w- c:\program files\asjfdsk\changes.rtf
2009-08-20 18:48 . 2009-01-05 02:31 4124 ----a-w- c:\program files\asjfdsk\license.txt
2009-08-20 18:48 . 2009-08-03 20:36 91408 ----a-w- c:\program files\asjfdsk\mbam.dll
2009-08-20 18:48 . 2009-07-30 22:27 59015 ----a-w- c:\program files\asjfdsk\mbam.chm
2009-08-20 18:48 . 2009-08-20 18:47 692496 ----a-w- c:\program files\asjfdsk\unins000.exe
2009-08-20 18:48 . 2009-08-20 18:48 8585 ----a-w- c:\program files\asjfdsk\unins000.dat

---- Directory of c:\program files\asjfdsk2 ----

2009-08-20 19:24 . 2009-08-20 19:24 10498 ----a-w- c:\program files\asjfdsk2\unins000.msg
2009-08-20 19:24 . 2009-08-03 20:36 232720 ----a-w- c:\program files\asjfdsk2\mbamservice.exe
2009-08-20 19:24 . 2009-08-03 20:36 419088 ----a-w- c:\program files\asjfdsk2\mbamgui.exe
2009-08-20 19:24 . 2009-08-03 20:36 46352 ----a-w- c:\program files\asjfdsk2\ssubtmr6.dll
2009-08-20 19:24 . 2009-08-03 20:36 496912 ----a-w- c:\program files\asjfdsk2\vbalsgrid6.ocx
2009-08-20 19:24 . 2009-08-03 20:36 70928 ----a-w- c:\program files\asjfdsk2\mbamext.dll
2009-08-20 19:24 . 2009-08-03 20:36 79632 ----a-w- c:\program files\asjfdsk2\zlib.dll
2009-08-20 19:24 . 2009-08-03 20:36 1295632 ----a-w- c:\program files\asjfdsk2\notanything.exe
2009-08-20 19:24 . 2008-07-11 21:26 12876 ----a-w- c:\program files\asjfdsk2\Languages\spanish.lng
2009-08-20 19:24 . 2008-11-10 00:19 12175 ----a-w- c:\program files\asjfdsk2\Languages\swedish.lng
2009-08-20 19:24 . 2009-04-15 12:00 13808 ----a-w- c:\program files\asjfdsk2\Languages\turkish.lng
2009-08-20 19:24 . 2008-11-01 00:54 13097 ----a-w- c:\program files\asjfdsk2\Languages\ukrainian.lng
2009-08-20 19:24 . 2008-09-11 05:29 13314 ----a-w- c:\program files\asjfdsk2\Languages\macedonian.lng
2009-08-20 19:24 . 2009-06-10 20:39 11593 ----a-w- c:\program files\asjfdsk2\Languages\norwegian.lng
2009-08-20 19:24 . 2009-01-11 07:56 11623 ----a-w- c:\program files\asjfdsk2\Languages\polish.lng
2009-08-20 19:24 . 2008-03-05 02:56 12245 ----a-w- c:\program files\asjfdsk2\Languages\portugueseBR.lng
2009-08-20 19:24 . 2008-06-15 20:04 12345 ----a-w- c:\program files\asjfdsk2\Languages\portuguesePT.lng
2009-08-20 19:24 . 2008-03-14 02:09 12672 ----a-w- c:\program files\asjfdsk2\Languages\romanian.lng
2009-08-20 19:24 . 2008-07-04 07:58 11779 ----a-w- c:\program files\asjfdsk2\Languages\russian.lng
2009-08-20 19:24 . 2008-03-03 13:03 12114 ----a-w- c:\program files\asjfdsk2\Languages\serbian.lng
2009-08-20 19:24 . 2008-07-26 16:58 11599 ----a-w- c:\program files\asjfdsk2\Languages\slovak.lng
2009-08-20 19:24 . 2008-03-04 06:28 11205 ----a-w- c:\program files\asjfdsk2\Languages\slovenian.lng
2009-08-20 19:24 . 2008-03-03 02:33 11232 ----a-w- c:\program files\asjfdsk2\Languages\english.lng
2009-08-20 19:24 . 2009-07-31 16:20 11213 ----a-w- c:\program files\asjfdsk2\Languages\estonian.lng
2009-08-20 19:24 . 2008-05-17 17:09 11624 ----a-w- c:\program files\asjfdsk2\Languages\finnish.lng
2009-08-20 19:24 . 2008-03-05 02:57 13353 ----a-w- c:\program files\asjfdsk2\Languages\french.lng
2009-08-20 19:24 . 2008-10-06 05:25 13557 ----a-w- c:\program files\asjfdsk2\Languages\german.lng
2009-08-20 19:24 . 2008-10-07 22:15 13234 ----a-w- c:\program files\asjfdsk2\Languages\greek.lng
2009-08-20 19:24 . 2008-03-04 00:39 12048 ----a-w- c:\program files\asjfdsk2\Languages\hungarian.lng
2009-08-20 19:24 . 2008-03-05 03:03 13019 ----a-w- c:\program files\asjfdsk2\Languages\italian.lng
2009-08-20 19:24 . 2009-07-24 02:46 9269 ----a-w- c:\program files\asjfdsk2\Languages\korean.lng
2009-08-20 19:24 . 2008-12-19 23:30 11457 ----a-w- c:\program files\asjfdsk2\Languages\latvian.lng
2009-08-20 19:24 . 2009-08-01 23:14 12636 ----a-w- c:\program files\asjfdsk2\Languages\bosnian.lng
2009-08-20 19:24 . 2009-01-17 03:08 12533 ----a-w- c:\program files\asjfdsk2\Languages\bulgarian.lng
2009-08-20 19:24 . 2008-03-05 03:05 12595 ----a-w- c:\program files\asjfdsk2\Languages\catalan.lng
2009-08-20 19:24 . 2008-08-01 16:03 8045 ----a-w- c:\program files\asjfdsk2\Languages\chineseSI.lng
2009-08-20 19:24 . 2008-08-04 19:58 8141 ----a-w- c:\program files\asjfdsk2\Languages\chineseTR.lng
2009-08-20 19:24 . 2008-12-27 23:41 11977 ----a-w- c:\program files\asjfdsk2\Languages\croatian.lng
2009-08-20 19:24 . 2008-06-25 06:49 11551 ----a-w- c:\program files\asjfdsk2\Languages\czech.lng
2009-08-20 19:24 . 2009-02-18 03:27 11893 ----a-w- c:\program files\asjfdsk2\Languages\danish.lng
2009-08-20 19:24 . 2008-03-05 02:56 12255 ----a-w- c:\program files\asjfdsk2\Languages\dutch.lng
2009-08-20 19:24 . 2008-07-03 17:10 13924 ----a-w- c:\program files\asjfdsk2\Languages\albanian.lng
2009-08-20 19:24 . 2009-04-10 07:53 10331 ----a-w- c:\program files\asjfdsk2\Languages\arabic.lng
2009-08-20 19:24 . 2009-08-03 20:36 381712 ----a-w- c:\program files\asjfdsk2\mbam-dor.exe
2009-08-20 19:24 . 2009-08-01 22:26 15942 ----a-w- c:\program files\asjfdsk2\changes.rtf
2009-08-20 19:24 . 2009-01-05 02:31 4124 ----a-w- c:\program files\asjfdsk2\license.txt
2009-08-20 19:24 . 2009-07-30 22:27 59015 ----a-w- c:\program files\asjfdsk2\mbam.chm
2009-08-20 19:24 . 2009-08-03 20:36 91408 ----a-w- c:\program files\asjfdsk2\mbam.dll
2009-08-20 19:24 . 2009-08-20 19:24 8652 ----a-w- c:\program files\asjfdsk2\unins000.dat
2009-08-20 19:24 . 2009-08-20 19:23 692496 ----a-w- c:\program files\asjfdsk2\unins000.exe

---- Directory of c:\program files\asjfdsk3 ----

2009-08-20 20:52 . 2009-08-20 20:52 10498 ----a-w- c:\program files\asjfdsk3\unins000.msg
2009-08-20 20:52 . 2009-08-03 20:36 232720 ----a-w- c:\program files\asjfdsk3\mbamservice.exe
2009-08-20 20:52 . 2009-08-03 20:36 419088 ----a-w- c:\program files\asjfdsk3\mbamgui.exe
2009-08-20 20:52 . 2009-08-03 20:36 46352 ----a-w- c:\program files\asjfdsk3\ssubtmr6.dll
2009-08-20 20:52 . 2009-08-03 20:36 496912 ----a-w- c:\program files\asjfdsk3\vbalsgrid6.ocx
2009-08-20 20:52 . 2009-08-03 20:36 70928 ----a-w- c:\program files\asjfdsk3\mbamext.dll
2009-08-20 20:52 . 2009-08-03 20:36 79632 ----a-w- c:\program files\asjfdsk3\zlib.dll
2009-08-20 20:52 . 2009-08-03 20:36 1295632 ----a-w- c:\program files\asjfdsk3\asdfsdfs.exe
2009-08-20 20:52 . 2008-03-04 06:28 11205 ----a-w- c:\program files\asjfdsk3\Languages\slovenian.lng
2009-08-20 20:52 . 2008-07-11 21:26 12876 ----a-w- c:\program files\asjfdsk3\Languages\spanish.lng
2009-08-20 20:52 . 2008-11-10 00:19 12175 ----a-w- c:\program files\asjfdsk3\Languages\swedish.lng
2009-08-20 20:52 . 2009-04-15 12:00 13808 ----a-w- c:\program files\asjfdsk3\Languages\turkish.lng
2009-08-20 20:52 . 2008-11-01 00:54 13097 ----a-w- c:\program files\asjfdsk3\Languages\ukrainian.lng
2009-08-20 20:52 . 2009-01-11 07:56 11623 ----a-w- c:\program files\asjfdsk3\Languages\polish.lng
2009-08-20 20:52 . 2008-03-05 02:56 12245 ----a-w- c:\program files\asjfdsk3\Languages\portugueseBR.lng
2009-08-20 20:52 . 2008-06-15 20:04 12345 ----a-w- c:\program files\asjfdsk3\Languages\portuguesePT.lng
2009-08-20 20:52 . 2008-03-14 02:09 12672 ----a-w- c:\program files\asjfdsk3\Languages\romanian.lng
2009-08-20 20:52 . 2008-07-04 07:58 11779 ----a-w- c:\program files\asjfdsk3\Languages\russian.lng
2009-08-20 20:52 . 2008-03-03 13:03 12114 ----a-w- c:\program files\asjfdsk3\Languages\serbian.lng
2009-08-20 20:52 . 2008-07-26 16:58 11599 ----a-w- c:\program files\asjfdsk3\Languages\slovak.lng
2009-08-20 20:52 . 2008-10-07 22:15 13234 ----a-w- c:\program files\asjfdsk3\Languages\greek.lng
2009-08-20 20:52 . 2008-03-04 00:39 12048 ----a-w- c:\program files\asjfdsk3\Languages\hungarian.lng
2009-08-20 20:52 . 2008-03-05 03:03 13019 ----a-w- c:\program files\asjfdsk3\Languages\italian.lng
2009-08-20 20:52 . 2009-07-24 02:46 9269 ----a-w- c:\program files\asjfdsk3\Languages\korean.lng
2009-08-20 20:52 . 2008-12-19 23:30 11457 ----a-w- c:\program files\asjfdsk3\Languages\latvian.lng
2009-08-20 20:52 . 2008-09-11 05:29 13314 ----a-w- c:\program files\asjfdsk3\Languages\macedonian.lng
2009-08-20 20:52 . 2009-06-10 20:39 11593 ----a-w- c:\program files\asjfdsk3\Languages\norwegian.lng
2009-08-20 20:52 . 2009-02-18 03:27 11893 ----a-w- c:\program files\asjfdsk3\Languages\danish.lng
2009-08-20 20:52 . 2008-03-05 02:56 12255 ----a-w- c:\program files\asjfdsk3\Languages\dutch.lng
2009-08-20 20:52 . 2008-03-03 02:33 11232 ----a-w- c:\program files\asjfdsk3\Languages\english.lng
2009-08-20 20:52 . 2009-07-31 16:20 11213 ----a-w- c:\program files\asjfdsk3\Languages\estonian.lng
2009-08-20 20:52 . 2008-05-17 17:09 11624 ----a-w- c:\program files\asjfdsk3\Languages\finnish.lng
2009-08-20 20:52 . 2008-03-05 02:57 13353 ----a-w- c:\program files\asjfdsk3\Languages\french.lng
2009-08-20 20:52 . 2008-10-06 05:25 13557 ----a-w- c:\program files\asjfdsk3\Languages\german.lng
2009-08-20 20:52 . 2009-08-01 23:14 12636 ----a-w- c:\program files\asjfdsk3\Languages\bosnian.lng
2009-08-20 20:52 . 2009-01-17 03:08 12533 ----a-w- c:\program files\asjfdsk3\Languages\bulgarian.lng
2009-08-20 20:52 . 2008-03-05 03:05 12595 ----a-w- c:\program files\asjfdsk3\Languages\catalan.lng
2009-08-20 20:52 . 2008-08-01 16:03 8045 ----a-w- c:\program files\asjfdsk3\Languages\chineseSI.lng
2009-08-20 20:52 . 2008-08-04 19:58 8141 ----a-w- c:\program files\asjfdsk3\Languages\chineseTR.lng
2009-08-20 20:52 . 2008-12-27 23:41 11977 ----a-w- c:\program files\asjfdsk3\Languages\croatian.lng
2009-08-20 20:52 . 2008-06-25 06:49 11551 ----a-w- c:\program files\asjfdsk3\Languages\czech.lng
2009-08-20 20:52 . 2008-07-03 17:10 13924 ----a-w- c:\program files\asjfdsk3\Languages\albanian.lng
2009-08-20 20:52 . 2009-04-10 07:53 10331 ----a-w- c:\program files\asjfdsk3\Languages\arabic.lng
2009-08-20 20:52 . 2009-08-03 20:36 381712 ----a-w- c:\program files\asjfdsk3\mbam-dor.exe
2009-08-20 20:52 . 2009-08-01 22:26 15942 ----a-w- c:\program files\asjfdsk3\changes.rtf
2009-08-20 20:52 . 2009-01-05 02:31 4124 ----a-w- c:\program files\asjfdsk3\license.txt
2009-08-20 20:52 . 2009-08-03 20:36 91408 ----a-w- c:\program files\asjfdsk3\mbam.dll
2009-08-20 20:52 . 2009-07-30 22:27 59015 ----a-w- c:\program files\asjfdsk3\mbam.chm
2009-08-20 20:52 . 2009-08-20 20:52 8652 ----a-w- c:\program files\asjfdsk3\unins000.dat
2009-08-20 20:52 . 2009-08-20 20:52 692496 ----a-w- c:\program files\asjfdsk3\unins000.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\program files\Daemon Tools\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy 2\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-20 2007832]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"RivaTuner"="e:\program files\Rivatuner\RivaTuner.exe" [2009-02-25 2781184]
"RivaTunerStartupDaemon"="e:\program files\Rivatuner\RivaTuner.exe" [2009-02-25 2781184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-03-27 1657376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-20 06:14 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\wowclient-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.3.0.7561-to-2.4.0.8089-enUS-downloader.exe"=
"e:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"e:\\mIRC\\mirc.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"e:\\Games\\Puzzlegeddon\\Puzzlegeddon Demo\\Puzzlegeddon.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\the last remnant\\Binaries\\TLR.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Codemasters\\Overlord II\\Overlord2.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"e:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Firefox\\firefox.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\the witcher enhanced edition\\System\\witcher.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\the witcher enhanced edition\\System\\djinni!.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6881:TCP"= 6881:TCP:Blizzard Downloader: 6881

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [8/20/2009 11:07 AM 130936]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9/23/2008 7:26 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9/23/2008 7:26 PM 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/23/2008 7:26 PM 297752]
R2 WUSB54Gv42SVC;WUSB54Gv42SVC;c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe [7/21/2009 3:50 PM 53307]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/23/2008 7:26 PM 908056]
S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\DRIVERS\rcvpn.sys --> c:\windows\system32\DRIVERS\rcvpn.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [8/20/2009 11:07 AM 348752]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - GTNDIS5

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\07hr8jzj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\07hr8jzj.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\program files\Firefox\plugins\NPAskSBr.dll
FF - plugin: e:\program files\Codecs\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: e:\program files\Codecs\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\iTunes\Mozilla Plugins\npitunes.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-23 21:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\ê0ê0¹0\þ[T›Í_¢0µ0®0ÿ^ÿëm*‹n0qg¬N­0ó0°0À0à0^ÿ]
"Order"=hex:08,00,00,00,02,00,00,00,1e,01,00,00,01,00,00,00,02,00,00,00,7c,00,
00,00,00,00,00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,32,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1748)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\IEFRAME.dll
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
c:\windows\system32\mshtml.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-24 21:05
ComboFix-quarantined-files.txt 2009-08-24 04:05
ComboFix2.txt 2009-08-20 21:37
ComboFix3.txt 2009-07-21 16:49

Pre-Run: 66,017,714,176 bytes free
Post-Run: 65,963,134,976 bytes free

374 --- E O F --- 2009-08-14 08:44

And here is the Win32Diag log:

Quote

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Found mount point : C:\WINDOWS\$hf_mig$\KB915865\KB915865

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\AppPatch\Custom\Custom

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FF.tmp\ZAP1FF.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A.tmp\ZAP3A.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP402.tmp\ZAP402.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF4.tmp\ZAPF4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d1\d1

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d2\d2

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d3\d3

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d4\d4

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d5\d5

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d6\d6

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d7\d7

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d8\d8

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\833B33D2B1AEAE43DBF7BB5D49780EA3\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\A1ADB58DE38916C3F8305E9F3C4970C5\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\classes\classes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Minidump\Minidump

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PIF\PIF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\security\logs\logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\07a96de176867bc25b7dc839d22b07e2\backup\backup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\0dd0244816ffb4b094c1caba4c3b1178\backup\backup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\backup\backup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\6913c676e5d33978934caa46c49fdc75\backup\backup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\b7f0b2892b21211a5630518d058f48d9\backup\backup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\d48a3b967ba5709df048e8f2a49cf8a6\backup\backup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1025\1025

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1028\1028

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1031\1031

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1037\1037

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1041\1041

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1042\1042

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1054\1054

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\2052\2052

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3076\3076

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3com_dmi\3com_dmi

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\appmgmt\MACHINE\MACHINE

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\appmgmt\S-1-5-21-1275210071-573735546-725345543-1003\S-1-5-21-1275210071-573735546-725345543-1003

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\RCCBakup\RCCBakup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Desktop\Desktop

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Favorites\Favorites

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\OFFICE

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\My Documents\My Documents

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Recent\Recent

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\dhcp\dhcp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\drivers\disdn\disdn

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\dumprep.exe

[1] 2007-07-27 05:00:00 10752 C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe (Microsoft Corporation)

[1] 2008-04-13 17:12:18 10752 C:\WINDOWS\ServicePackFiles\i386\dumprep.exe (Microsoft Corporation)

[1] 2008-04-13 17:12:18 10752 C:\WINDOWS\system32\dllcache\dumprep.exe (Microsoft Corporation)

[1] 2008-04-13 17:12:18 10752 C:\WINDOWS\system32\dumprep.exe ()



Found mount point : C:\WINDOWS\system32\export\export

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\LogFiles\WUDF\WUDF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\mui\dispspec\dispspec

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemcust\oemcust

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemhw\oemhw

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemreg\oemreg

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\sample\sample

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\ShellExt\ShellExt

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\spool\drivers\w32x86\3\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\spool\PRINTERS\PRINTERS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\bad\bad

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\good\good

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\snmp\snmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wins\wins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\xircom\xircom

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^



Finished!

Thank you again for the help. What should I do now?

#4
screen317
Posted 24 August 2009 - 06:02 AM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 16,430 posts
  • Gender:Male
  • Location:Los Angeles
Hi,

That was me telling ComboFix to poke into the folders you made. Just wanted to be sure. :lol:

Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with Notepad and post the contents here.
"%userprofile%\desktop\win32kdiag.exe" -f -r
Chris Fistonich
Consumer Support Specialist

Posted Image

Follow us: Twitter, Become a fan: Facebook

#5
Rikafirst
Posted 24 August 2009 - 06:39 AM

    New Member

  • Members
  • Pip
  • 5 posts
Um, sorry, I think I messed it up. I ran it once, then remembered I had forgotten to disable my AVG antivirus software again. When I disabled AVG and ran it again, it overwrote the long log file it created the first time and simply printed:

Quote

Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

Which is probably not much help. Any advice?

#6
screen317
Posted 24 August 2009 - 09:11 PM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 16,430 posts
  • Gender:Male
  • Location:Los Angeles
Don't worry. It was just a precaution.

Please use the Internet Explorer browser and click here to use the F-Secure Online Scanner.
  • Click Start Scanning.
  • You should get a notification bar (on top) to install the ActiveX control.
  • Click on it and select to install the ActiveX.
  • Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
  • In case you are having problems with installing the ActiveX/starting the scan, please read here.
  • Click the Full System Scan button.
  • It will start to download scanner components and databases. This can take a while.
  • The main scan will start.
  • Once the scan has finished scanning, click the Automatic cleaning (recommended) button
  • It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
  • The cleaning can take a while, so please be patient.
  • Then click the Show report button and Copy/Paste what is present under results in your next reply.

Next, download my Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know what issues remain.

-screen317
Chris Fistonich
Consumer Support Specialist

Posted Image

Follow us: Twitter, Become a fan: Facebook

#7
Rikafirst
Posted 24 August 2009 - 10:46 PM

    New Member

  • Members
  • Pip
  • 5 posts
Here's the F-secure log:

Quote

Scanning Report
Monday, August 24, 2009 15:21:05 - 15:44:20

Computer name: AMELIA
Scanning type: Scan system for malware, spyware and rootkits
Target: C:\ E:\
13 malware found
TrackingCookie.2o7 (spyware)

* System (Disinfected)

TrackingCookie.Advertising (spyware)

* System (Disinfected)

TrackingCookie.Atdmt (spyware)

* System (Disinfected)

TrackingCookie.Doubleclick (spyware)

* System (Disinfected)

TrackingCookie.Revsci (spyware)

* System (Disinfected)

TrackingCookie.Clickbank (spyware)

* System (Disinfected)

TrackingCookie.Zanox (spyware)

* System (Disinfected)

TrackingCookie.Adrevolver (spyware)

* System (Disinfected)

TrackingCookie.Adbrite (spyware)

* System (Disinfected)

TrackingCookie.Mediaplex (spyware)

* System (Disinfected)

TrackingCookie.Statcounter (spyware)

* System (Disinfected)

TrackingCookie.Atwola (spyware)

* System (Disinfected)

TrackingCookie.Yieldmanager (spyware)

* System (Disinfected)

Statistics
Scanned:

* Files: 45606
* System: 3459
* Not scanned: 17

Actions:

* Disinfected: 13
* Renamed: 0
* Deleted: 0
* Not cleaned: 0
* Submitted: 0

Files not scanned:

* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
* C:\WINDOWS\SYSTEM32\CONFIG\SAM
* C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
* C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
* C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY 2\SPYBOTSD.EXE
* C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE
* C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE3\MBAM.EXE
* C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE2\MBAM.EXE
* C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAM.EXE
* C:\PROGRAM FILES\AVG\AVG8\AVGCSRVX.EXE
* C:\PROGRAM FILES\ASJFDSK3\ASDFSDFS.EXE
* C:\PROGRAM FILES\ASJFDSK2\NOTANYTHING.EXE
* C:\PROGRAM FILES\ASJFDSK\MBAM.EXE
* C:\DOCUMENTS AND SETTINGS\DAVID\LOCAL SETTINGS\TEMP\ETILQS_QACZFJ2HMVCGVDMPNSUH

Options
Scanning engines:

Scanning options:

* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
* Use advanced heuristics

And here's the checkup.txt file:

Quote

Results of screen317's Security Check version 0.98.9
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
AVG Free 8.5


Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
Spyware Doctor 6.1
Spybot - Search & Destroy
Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner (remove only)
Java™ 6 Update 4
Java™ 6 Update 7
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 9.1.3
``````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe


``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

#8
Rikafirst
Posted 24 August 2009 - 10:56 PM

    New Member

  • Members
  • Pip
  • 5 posts
And for what's wrong... I installed Malwarebytes again and it's running, which is good, but I still have several folders with installations of Malwarebyes and other anti-spyware programs that I can't run and can't delete (access denied, make sure drive isn't full or write protected). I don't know if they're causing active harm, but I would like to get rid of them since they're non-functional. Any suggestions?

#9
screen317
Posted 24 August 2009 - 11:00 PM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 16,430 posts
  • Gender:Male
  • Location:Los Angeles

Quote

but I still have several folders with installations of Malwarebyes and other anti-spyware programs that I can't run and can't delete (access denied, make sure drive isn't full or write protected). I don't know if they're causing active harm, but I would like to get rid of them since they're non-functional. Any suggestions?
The infection set permissions to make it so they can't run.

You can either reset the permissions manually (I can show you how), or you can remove/uninstall all relevant software and reinstall it. Second method would be easier but it's up to you.

Let me know how it goes.

-screen317
Chris Fistonich
Consumer Support Specialist

Posted Image

Follow us: Twitter, Become a fan: Facebook

#10
screen317
Posted 03 September 2009 - 08:49 AM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 16,430 posts
  • Gender:Male
  • Location:Los Angeles
Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Chris Fistonich
Consumer Support Specialist

Posted Image

Follow us: Twitter, Become a fan: Facebook
Back to Resolved HijackThis Logs · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Computer Help
  3. Malware Removal - HijackThis Logs
  4. Resolved HijackThis Logs

Products

About

Partners

Follow Us