Mivercon Security Forum
  • Zoeken
  • Ledenlijst
  • Kalender
Het is nu 15-12-2019, 12:37 Welkom, gast! (Aanmelden — Registreren)
Mivercon Security Forum › HijackThis Forum › Submit your HijackThislog here v
1 2 Volgende »

Worst Infestation In 16 Years

Reactie plaatsen 
 
Waardering:
  • 0 stem(men) - gemiddelde waardering is 0
  • 1
  • 2
  • 3
  • 4
  • 5
Geneste weergave | Lineaire weergave
Worst Infestation In 16 Years
15-04-2011, 00:59
Bericht: #1
Hiskid1950 Offline
Newbie
*
Berichten: 5
Lid sinds: Apr 2011
Worst Infestation In 16 Years
Hi..Found this site searching for redirect and update problem...I am a 60 yr old who
knows just enough about computer to get into trouble...Anyway I had AVG free but3deleted it because of running in the background that I couldn't stop..So I deleted it and search for a replacement..In that short time I got some nasty viruses.
One with yahoo redirect and 404/forbidden plus some goggle redirects..The other issue is I can no longer update XP. I update it to download and choose but the shield stays red..If I go to Microsoft for help it can't open the web site..It also broke the links to the programs..I used a host of malware and rooted out a mess of nasties plus the TSS killer thing..It just has some things I am missing...I have combi fix downloaded ready to go and a MBR checker...Thanks for any help..God Bless you...K

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:33:55 PM, on 4/14/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\I8kfanGUI\I8kfanGUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\user\My Documents\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Bitdefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...8054891171
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...8055004046
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
15-04-2011, 08:05 (Dit bericht is het laatst bewerkt op 15-04-2011 om 08:07 door miekiemoes.)
Bericht: #2
miekiemoes Offline
Administrator
*
Berichten: 2.623
Lid sinds: Nov 2007
RE: Worst Infestation In 16 Years
Hi,

I see you are running Teatimer.
I suggest you to disable it because it can interfere with the changes you'll make on your system.
When everything is done and your log is clean again, you can enable it again.
If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.
How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.
Then run ResetTeaTimer.exe.
This will only take a few seconds.

Then, start HijackThis and check and fix the following entry in HijackThis

O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup

This startup is not required anyway.

Then, * Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • In case you already used MBAM previously, please update it before proceeding with the scan. To do this, click the "Update" tab and click the "Check For updates" button.
  • Once the program has loaded and updates were downloaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Once we're done with above basics, then we can look deeper and start with Combofix afterwards. But it's important that above needs to be done first.


Director of Research @ Malwarebytes[Afbeelding: mbammini.png]
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Preventie---Help! Mijn computer is traag!---Mijn Blog---Volg me op Twitter.

[Afbeelding: MiekiemoesBlog.2.gif]
De website van deze gebruiker bezoeken Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
15-04-2011, 08:51
Bericht: #3
Hiskid1950 Offline
Newbie
*
Berichten: 5
Lid sinds: Apr 2011
RE: Worst Infestation In 16 Years
Thanks for getting back..Couldn't get to sleep so I came back out..Tea timer off. Didn't see a confirm box so I just hit enter..Rebooted and icon was gone from systray and when I opened it they were not checked..Line removed with hijack
and mbam run showed up clean...I'm going to try for some sleep and check in later today..Much thanks..
Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
15-04-2011, 09:05
Bericht: #4
miekiemoes Offline
Administrator
*
Berichten: 2.623
Lid sinds: Nov 2007
RE: Worst Infestation In 16 Years
Ok, if Malwarebytes didn'"t find anything, then proceed with the instructions to run Combofix.

* Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix...e-combofix

Post the log from ComboFix in your next reply.

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.

But, you should get some sleep first Icon_smile
I'll read you later. Icon_smile


Director of Research @ Malwarebytes[Afbeelding: mbammini.png]
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Preventie---Help! Mijn computer is traag!---Mijn Blog---Volg me op Twitter.

[Afbeelding: MiekiemoesBlog.2.gif]
De website van deze gebruiker bezoeken Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
16-04-2011, 00:03
Bericht: #5
Hiskid1950 Offline
Newbie
*
Berichten: 5
Lid sinds: Apr 2011
RE: Worst Infestation In 16 Years
Hi I did all the disabling I could . I started combifix and it ran and upgraded then did the recovery console.
The malware scan started, ran a bit and disappeared..
Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
16-04-2011, 03:27
Bericht: #6
Hiskid1950 Offline
Newbie
*
Berichten: 5
Lid sinds: Apr 2011
RE: Worst Infestation In 16 Years
We'll I couldn't fully turn Bit defender off so I ran it and allowed a few exe's through and it finally finished up.

ComboFix 11-04-14.03 - user 04/15/2011 20:11:12.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1488 [GMT -4:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: BitDefender Firewall *Disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\user\Application Data\intel64.exe
c:\documents and settings\user\Application Data\oembios.exe
c:\documents and settings\user\Application Data\sdra64.exe
c:\documents and settings\user\Application Data\twex.exe
c:\documents and settings\user\Application Data\twext.exe
c:\documents and settings\user\Templates\js6cy226kpp3fu006bryc5cx757a25077l2
c:\documents and settings\user\Templates\o0117nc2nv5tpb633d15bq765wo1
.
.
((((((((((((((((((((((((( Files Created from 2011-03-16 to 2011-04-16 )))))))))))))))))))))))))))))))
.
.
2011-04-16 00:06 . 2011-04-16 00:06 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E5CB46B4-9D77-4737-B7DE-F01D84005AC1}\MpKsl18be532c.sys
2011-04-16 00:06 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E5CB46B4-9D77-4737-B7DE-F01D84005AC1}\mpengine.dll
2011-04-15 22:48 . 2011-04-15 22:48 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\HP
2011-04-15 05:50 . 2003-06-25 20:05 266360 ----a-w- c:\windows\system32\TweakUI.exe
2011-04-14 17:32 . 2007-04-10 22:02 1601536 ----a-w- c:\windows\system32\stlang.dll
2011-04-14 17:32 . 2007-05-10 15:23 4952064 ----a-w- c:\windows\system32\stacgui.cpl
2011-04-14 17:32 . 2007-05-10 15:22 405504 ----a-w- c:\windows\stsystra.exe
2011-04-14 15:27 . 2011-04-14 15:27 -------- d--h--w- c:\documents and settings\user\Local Settings\Application Data\Opera
2011-04-14 15:27 . 2011-04-14 21:30 -------- d-----w- c:\program files\Opera
2011-04-12 04:03 . 2011-04-12 04:03 -------- d--h--w- c:\documents and settings\user\Application Data\FRISK Software
2011-04-12 02:48 . 2011-04-12 02:48 -------- d-----w- c:\documents and settings\All Users\Application Data\FRISK Software
2011-04-12 01:32 . 2011-04-12 01:32 26624 ----a-w- c:\windows\system32\ssmenu.dll
2011-04-12 01:32 . 2011-04-12 01:32 66048 ----a-w- c:\windows\system32\VCLSMP50.bpl
2011-04-12 01:32 . 2011-04-14 21:35 -------- d-s---w- c:\program files\Common Files\Teknum Systems
2011-04-12 01:32 . 2011-04-12 01:32 2020864 ----a-w- c:\windows\system32\VCL50.bpl
2011-04-12 01:32 . 2011-04-12 01:32 248832 ----a-w- c:\windows\system32\VCLX50.bpl
2011-04-12 01:31 . 2011-04-12 01:32 -------- d-----w- c:\program files\HandyBits
2011-04-11 22:10 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-11 22:10 . 2010-12-20 22:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-11 22:10 . 2011-04-11 22:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-11 13:07 . 2011-04-11 13:07 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan
2011-04-11 00:17 . 2011-04-11 00:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-04-11 00:17 . 2011-04-11 00:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-10 00:42 . 2011-04-10 00:42 -------- d--h--w- c:\documents and settings\user\Application Data\BitDefender
2011-04-10 00:41 . 2011-04-10 00:41 -------- d-----w- c:\program files\BitDefender
2011-04-10 00:11 . 2011-04-10 00:11 -------- d--h--w- c:\documents and settings\user\Application Data\QuickScan
2011-04-10 00:10 . 2011-04-10 02:22 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2011-04-10 00:10 . 2011-04-10 00:41 -------- d-----w- c:\program files\Common Files\BitDefender
2011-04-10 00:07 . 2011-04-12 13:04 307784 ----a-w- c:\windows\system32\drivers\trufos.sys
2011-04-10 00:07 . 2011-03-24 19:36 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-04-10 00:07 . 2010-05-13 21:02 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
2011-04-10 00:07 . 2011-04-10 00:47 1000974 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin
2011-04-09 17:17 . 2011-04-09 17:17 -------- d--h--w- c:\windows\PIF
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\user\Local Settings\Application Data\usk.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\user\Local Settings\Application Data\npc.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\user\Local Settings\Application Data\fmw.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\user\Local Settings\Application Data\cyo.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\All Users\Application Data\unf.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\All Users\Application Data\sma.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\All Users\Application Data\hna.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\All Users\Application Data\eme.exe
2011-04-08 03:34 . 2011-04-08 03:34 0 --sha-w- c:\documents and settings\All Users\Application Data\avu.exe
2011-04-07 22:34 . 2011-04-07 22:34 -------- d--h--w- c:\documents and settings\user\Application Data\AVG10
2011-04-07 15:53 . 2011-04-07 15:53 -------- d--h--w- c:\documents and settings\user\Local Settings\Application Data\AVG Security Toolbar
2011-04-07 15:44 . 2011-04-07 15:44 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2011-04-07 15:42 . 2011-04-10 12:19 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2011-04-07 15:41 . 2011-04-07 15:41 -------- d-----w- c:\program files\AVG
2011-04-07 13:52 . 2011-04-10 02:43 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2011-03-28 03:09 . 2011-04-09 23:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2011-03-27 17:47 . 2011-04-09 02:12 -------- d-----w- c:\documents and settings\Administrator
2011-03-27 16:55 . 2011-03-27 16:55 -------- d--h--w- c:\documents and settings\user\Application Data\Malwarebytes
2011-03-27 16:55 . 2011-03-27 16:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-27 15:44 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-03-27 15:44 . 2011-03-27 15:45 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-27 06:06 . 2011-03-27 06:06 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 19:42 . 2008-04-14 04:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-03-27 17:59 . 2011-03-27 17:59 64896 ----a-w- c:\windows\system32\drivers\tosrfcom.sys1C03ABF3
2011-03-15 04:05 . 2010-10-18 15:42 6792528 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-28 00:41 . 2011-02-28 00:41 398760 ----a-r- c:\windows\system32\cpnprt2.cid
2011-02-02 22:11 . 2010-10-15 15:40 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-07-08 14:37 . 2010-07-08 14:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"POP Peeper"="c:\program files\POP Peeper\POPPeeper.exe" [2010-09-09 1511424]
"i8kfangui"="c:\program files\I8kfanGUI\I8kfanGUI.exe" [2007-02-16 856064]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-04-14 107000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-17 8495104]
"nwiz"="nwiz.exe" [2007-11-17 1626112]
"NVHotkey"="nvHotkey.dll" [2007-11-17 86016]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-09-17 124200]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2011-01-11 71216]
"BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2011-03-31 1443712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\user\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-11-18 1724416]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtProc1.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
.
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [4/9/2011 8:07 PM 12960]
R1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2/22/2011 2:08 AM 14464]
R1 MpKsl18be532c;MpKsl18be532c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E5CB46B4-9D77-4737-B7DE-F01D84005AC1}\MpKsl18be532c.sys [4/15/2011 8:06 PM 28752]
R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [3/24/2011 7:46 PM 43936]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [4/22/2010 1:19 PM 149520]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [8/20/2010 3:41 PM 111696]
S1 MpKsl001eb6e2;MpKsl001eb6e2; [x]
S1 MpKsl0d60ed12;MpKsl0d60ed12;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{78EB9B4C-38E8-42E1-AE25-BD95206BF2D6}\MpKsl0d60ed12.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{78EB9B4C-38E8-42E1-AE25-BD95206BF2D6}\MpKsl0d60ed12.sys [?]
S1 MpKsle83cf3b5;MpKsle83cf3b5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{458BA1CF-65C7-40C5-B19E-772684CA60EB}\MpKsle83cf3b5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{458BA1CF-65C7-40C5-B19E-772684CA60EB}\MpKsle83cf3b5.sys [?]
S1 MpKsle8db783c;MpKsle8db783c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1EDEDFD0-8E79-4FE8-A6F0-FEDE087ED508}\MpKsle8db783c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1EDEDFD0-8E79-4FE8-A6F0-FEDE087ED508}\MpKsle8db783c.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [12/9/2010 3:43 PM 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [12/9/2010 3:43 PM 8456]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [12/9/2010 11:25 AM 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [12/9/2010 11:25 AM 11104]
S3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [11/30/2010 7:19 AM 307544]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [11/29/2010 2:12 PM 535824]
S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [11/29/2010 2:12 PM 1066232]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL18BE532C
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
mStart Page = about:blank
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\bhs7nvm5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://us.mc840.mail.yahoo.com/mc/welcome?.gx=1&.tm=1291520586&.rand=9ri2a78d4abk9
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4d9e405f&v=6.103.018.001&i=23&tp=ab&iy=b&ychte=us&lng=en-US&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 49758
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: NoRedirect: {c1970c0d-dbe6-4d91-804f-c9c0de643a57} - %profile%\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Adblock Plus Pop-up Addon: adblockpopups@jessehakanen.net - %profile%\extensions\adblockpopups@jessehakanen.net
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: BitDefender Antiphishing Toolbar: FFToolbar@bitdefender.com - c:\program files\BitDefender\BitDefender 2011\bdaphffext
FF - Ext: Roboform Toolbar for Firefox: {22119944-ED35-4ab1-910B-E619EA06A115} - c:\program files\Siber Systems\AI RoboForm\Firefox
FF - user.js: yahoo.homepage.dontask - true
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-SigmatelSysTrayApp - %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-15 20:26
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-04-15 20:47:13
ComboFix-quarantined-files.txt 2011-04-16 00:46
.
Pre-Run: 84,877,410,304 bytes free
Post-Run: 85,492,928,512 bytes free
.
- - End Of File - - C148CD006C5AC9822F08045B34BFB8DC
Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
16-04-2011, 08:44 (Dit bericht is het laatst bewerkt op 16-04-2011 om 08:45 door miekiemoes.)
Bericht: #7
miekiemoes Offline
Administrator
*
Berichten: 2.623
Lid sinds: Nov 2007
RE: Worst Infestation In 16 Years
Hi,

It looks that this computer was already infected for a while, because I see some older Malware variants in your log as well.

Anyway, let's deal with the rest now..

First of all, we need to delete the malicious proxy set in firefox. So open Firefox >
Under "Tools" in the browser tool bar select "Options".
In the "Options" window that pops up, click the "Advanced" tab at the top.
Click the "Network" subtab, and then click the "Settings" button in the "Connections" area.
In there, you'll see the proxy 49758 will be set. Empty out everything under the Manual proxy configuration part and then check the "No proxy" on top.
So, it has to look as in the image below:
http://www.library.kent.edu/page/14299#winff

Then...

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

Citaat:File::
c:\documents and settings\user\Local Settings\Application Data\usk.exe
c:\documents and settings\user\Local Settings\Application Data\npc.exe
c:\documents and settings\user\Local Settings\Application Data\fmw.exe
c:\documents and settings\user\Local Settings\Application Data\cyo.exe
c:\documents and settings\All Users\Application Data\unf.exe
c:\documents and settings\All Users\Application Data\sma.exe
c:\documents and settings\All Users\Application Data\hna.exe
c:\documents and settings\All Users\Application Data\eme.exe
c:\documents and settings\All Users\Application Data\avu.exe

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

[Afbeelding: CFScript.gif]

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.


Director of Research @ Malwarebytes[Afbeelding: mbammini.png]
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Preventie---Help! Mijn computer is traag!---Mijn Blog---Volg me op Twitter.

[Afbeelding: MiekiemoesBlog.2.gif]
De website van deze gebruiker bezoeken Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
17-04-2011, 01:31
Bericht: #8
Hiskid1950 Offline
Newbie
*
Berichten: 5
Lid sinds: Apr 2011
RE: Worst Infestation In 16 Years
Here you go..I had already changed the proxy in Firefox but I deleted the numbers...Here's the CF report...I am amazed someone understands all of it..When I was young and savvy we had what was called a TI-99 to play with..Thanks for any help..Right now I and trying to fix unresponsive script errors in firefox..Thanks again...One thing I am learning through this is not to rely on using one program to fix everything..BTW, should I turn off MS
security essentials and just use Bit Defender ?

ComboFix 11-04-15.06 - user 04/16/2011 15:24:50.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1407 [GMT -4:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\user\Desktop\CFScript.txt
AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: BitDefender Firewall *Disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.
FILE ::
"c:\documents and settings\All Users\Application Data\avu.exe"
"c:\documents and settings\All Users\Application Data\eme.exe"
"c:\documents and settings\All Users\Application Data\hna.exe"
"c:\documents and settings\All Users\Application Data\sma.exe"
"c:\documents and settings\All Users\Application Data\unf.exe"
"c:\documents and settings\user\Local Settings\Application Data\cyo.exe"
"c:\documents and settings\user\Local Settings\Application Data\fmw.exe"
"c:\documents and settings\user\Local Settings\Application Data\npc.exe"
"c:\documents and settings\user\Local Settings\Application Data\usk.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\avu.exe
c:\documents and settings\All Users\Application Data\eme.exe
c:\documents and settings\All Users\Application Data\hna.exe
c:\documents and settings\All Users\Application Data\sma.exe
c:\documents and settings\All Users\Application Data\unf.exe
c:\documents and settings\user\Local Settings\Application Data\cyo.exe
c:\documents and settings\user\Local Settings\Application Data\fmw.exe
c:\documents and settings\user\Local Settings\Application Data\npc.exe
c:\documents and settings\user\Local Settings\Application Data\usk.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-16 to 2011-04-16 )))))))))))))))))))))))))))))))
.
.
2011-04-16 19:16 . 2011-04-16 19:16 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F7CDCD4-4FB8-4532-904C-8996C03AC6CC}\MpKsl5d0544c2.sys
2011-04-16 19:16 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F7CDCD4-4FB8-4532-904C-8996C03AC6CC}\mpengine.dll
2011-04-15 22:48 . 2011-04-15 22:48 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\HP
2011-04-15 05:50 . 2003-06-25 20:05 266360 ----a-w- c:\windows\system32\TweakUI.exe
2011-04-14 17:32 . 2007-04-10 22:02 1601536 ----a-w- c:\windows\system32\stlang.dll
2011-04-14 17:32 . 2007-05-10 15:23 4952064 ----a-w- c:\windows\system32\stacgui.cpl
2011-04-14 17:32 . 2007-05-10 15:22 405504 ----a-w- c:\windows\stsystra.exe
2011-04-14 15:27 . 2011-04-14 15:27 -------- d--h--w- c:\documents and settings\user\Local Settings\Application Data\Opera
2011-04-14 15:27 . 2011-04-14 21:30 -------- d-----w- c:\program files\Opera
2011-04-12 04:03 . 2011-04-12 04:03 -------- d--h--w- c:\documents and settings\user\Application Data\FRISK Software
2011-04-12 02:48 . 2011-04-12 02:48 -------- d-----w- c:\documents and settings\All Users\Application Data\FRISK Software
2011-04-12 01:32 . 2011-04-12 01:32 26624 ----a-w- c:\windows\system32\ssmenu.dll
2011-04-12 01:32 . 2011-04-12 01:32 66048 ----a-w- c:\windows\system32\VCLSMP50.bpl
2011-04-12 01:32 . 2011-04-14 21:35 -------- d-s---w- c:\program files\Common Files\Teknum Systems
2011-04-12 01:32 . 2011-04-12 01:32 2020864 ----a-w- c:\windows\system32\VCL50.bpl
2011-04-12 01:32 . 2011-04-12 01:32 248832 ----a-w- c:\windows\system32\VCLX50.bpl
2011-04-12 01:31 . 2011-04-12 01:32 -------- d-----w- c:\program files\HandyBits
2011-04-11 22:10 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-11 22:10 . 2010-12-20 22:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-11 22:10 . 2011-04-11 22:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-11 13:07 . 2011-04-11 13:07 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan
2011-04-11 00:17 . 2011-04-11 00:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-04-11 00:17 . 2011-04-11 00:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-10 00:42 . 2011-04-10 00:42 -------- d--h--w- c:\documents and settings\user\Application Data\BitDefender
2011-04-10 00:41 . 2011-04-10 00:41 -------- d-----w- c:\program files\BitDefender
2011-04-10 00:11 . 2011-04-10 00:11 -------- d--h--w- c:\documents and settings\user\Application Data\QuickScan
2011-04-10 00:10 . 2011-04-10 02:22 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2011-04-10 00:10 . 2011-04-10 00:41 -------- d-----w- c:\program files\Common Files\BitDefender
2011-04-10 00:07 . 2011-04-12 13:04 307784 ----a-w- c:\windows\system32\drivers\trufos.sys
2011-04-10 00:07 . 2011-03-24 19:36 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-04-10 00:07 . 2010-05-13 21:02 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
2011-04-10 00:07 . 2011-04-10 00:47 1000974 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin
2011-04-09 17:17 . 2011-04-09 17:17 -------- d--h--w- c:\windows\PIF
2011-04-07 22:34 . 2011-04-07 22:34 -------- d--h--w- c:\documents and settings\user\Application Data\AVG10
2011-04-07 15:53 . 2011-04-07 15:53 -------- d--h--w- c:\documents and settings\user\Local Settings\Application Data\AVG Security Toolbar
2011-04-07 15:44 . 2011-04-07 15:44 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2011-04-07 15:42 . 2011-04-10 12:19 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2011-04-07 15:41 . 2011-04-07 15:41 -------- d-----w- c:\program files\AVG
2011-04-07 13:52 . 2011-04-10 02:43 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2011-03-28 03:09 . 2011-04-09 23:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2011-03-27 17:47 . 2011-04-09 02:12 -------- d-----w- c:\documents and settings\Administrator
2011-03-27 16:55 . 2011-03-27 16:55 -------- d--h--w- c:\documents and settings\user\Application Data\Malwarebytes
2011-03-27 16:55 . 2011-03-27 16:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-27 15:44 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-03-27 15:44 . 2011-03-27 15:45 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-27 06:06 . 2011-03-27 06:06 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-27 17:59 . 2011-03-27 17:59 64896 ----a-w- c:\windows\system32\drivers\tosrfcom.sys1C03ABF3
2011-03-15 04:05 . 2010-10-18 15:42 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-07 05:33 . 2009-11-12 19:08 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2008-04-14 09:42 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2008-04-14 05:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 00:41 . 2011-02-28 00:41 398760 ----a-r- c:\windows\system32\cpnprt2.cid
2011-02-22 23:06 . 2008-04-14 09:42 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 23:06 . 2008-04-14 09:42 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2008-04-14 09:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 11:41 . 2008-04-14 04:07 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2008-04-14 04:47 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2008-04-14 04:45 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-11-12 19:48 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2008-04-14 09:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-08 13:33 . 2008-04-14 09:41 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2007-04-03 12:44 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 22:11 . 2010-10-15 15:40 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-07-08 14:37 . 2010-07-08 14:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-16_00.26.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-16 13:04 . 2011-04-16 13:04 16384 c:\windows\Temp\Perflib_Perfdata_3d8.dat
+ 2004-08-04 12:00 . 2011-04-16 13:08 88602 c:\windows\system32\perfc009.dat
- 2008-04-14 09:42 . 2010-11-06 00:26 66560 c:\windows\system32\mshtmled.dll
+ 2008-04-14 09:42 . 2011-02-22 23:06 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 09:31 . 2010-11-06 00:26 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 09:31 . 2011-02-22 23:06 55296 c:\windows\system32\msfeedsbs.dll
- 2008-04-14 09:41 . 2010-11-06 00:26 25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 09:41 . 2011-02-22 23:06 25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 09:41 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 45568 c:\windows\system32\dnsrslvr.dll
+ 2009-11-12 20:11 . 2011-02-22 23:06 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-11-12 20:11 . 2010-11-06 00:26 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2008-04-14 09:42 . 2011-02-22 23:06 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2008-04-14 09:42 . 2010-11-06 00:26 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-11-12 20:11 . 2011-02-22 23:06 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-11-12 20:11 . 2010-11-06 00:26 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-14 09:41 . 2010-11-06 00:26 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-04-14 09:41 . 2011-02-22 23:06 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 09:41 . 2010-11-06 00:26 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 09:41 . 2011-02-22 23:06 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 09:41 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2011-02-10 08:10 . 2011-02-10 08:10 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\Wi​ndowsFormsIntegration.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\Wi​ndowsFormsIntegration.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutoma​tionTypes.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutoma​tionTypes.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAut​omationProvider.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAut​omationProvider.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e08​9\System.Windows.Presentation.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e08​9\System.Windows.Presentation.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c56​1934e089\System.Windows.Input.Manipulations.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c56​1934e089\System.Windows.Input.Manipulations.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad36​4e35\System.Web.ApplicationServices.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad36​4e35\System.Web.ApplicationServices.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e​35\System.ServiceModel.Channels.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e​35\System.ServiceModel.Channels.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Num​erics.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Num​erics.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Devic​e.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Devic​e.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e​089\System.Data.DataSetExtensions.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e​089\System.Data.DataSetExtensions.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a​3a\System.Configuration.Install.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a​3a\System.Configuration.Install.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3​856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3​856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\Syst​em.AddIn.Contract.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\Syst​em.AddIn.Contract.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostic​s.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostic​s.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microso​ft.VisualC.Dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microso​ft.VisualC.Dll
- 2010-10-18 15:15 . 2010-10-18 15:15 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b​03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b​03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibilit​y.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibilit​y.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarsh​alers.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarsh​alers.dll
+ 2011-02-22 01:44 . 2011-04-16 04:42 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
- 2011-02-22 01:44 . 2011-02-22 01:45 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2011-04-16 04:41 . 2010-11-06 00:26 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-04-16 13:48 . 2011-04-16 13:48 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9824b202ffe88c945577effdc7fc8fc3​\UIAutomationProvider.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 54784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\8e97109a6278b73bf4fd77b61ce6c154\​System.Xaml.Hosting.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\6474ae2cebac637025eab3cbcdc9ffe6​\System.Windows.Presentation.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\1070fda1dc17a4b0f121195f9c1ebcfe\S​ystem.Web.Routing.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\5a41a2282d6b6ac525073db4f0604677​\System.Web.DynamicData.Design.ni.dll
+ 2011-04-16 13:47 . 2011-04-16 13:47 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\50cbf014f60fa88f67a763dfbead1fee​\System.Web.ApplicationServices.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\8aa6f2e7225a8c20edda9ee3a260692a​\System.Web.Abstractions.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f472171edc898ea876f14b97b4f332b8​\System.ServiceModel.Channels.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\2f4398558c8128f92887fde8660f1ca8​\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2011-04-16 13:48 . 2011-04-16 13:48 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\473102f936b4a823e5e2b2e6282c5104​\System.AddIn.Contract.ni.dll
+ 2011-04-16 13:46 . 2011-04-16 13:46 37376 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\c4eae41feecde838e71941f5b7359b48​\Microsoft.Workflow.Compiler.ni.exe
+ 2011-04-16 13:46 . 2011-04-16 13:46 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\1a21a54acf18fabfddb0b94d40e509a1\Mi​crosoft.VisualC.ni.dll
+ 2011-04-16 13:44 . 2011-04-16 13:44 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\7600f9d2a3bc01ba15674667283c2e53\Access​ibility.ni.dll
+ 2011-04-16 13:08 . 2011-04-16 13:08 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c​\UIAutomationProvider.ni.dll
+ 2011-04-16 13:44 . 2011-04-16 13:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d​\System.Windows.Presentation.ni.dll
+ 2011-04-16 13:44 . 2011-04-16 13:44 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852​\System.Web.DynamicData.Design.ni.dll
+ 2011-04-16 13:11 . 2011-04-16 13:11 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa​\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-16 13:11 . 2011-04-16 13:11 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d​\System.AddIn.Contract.ni.dll
+ 2011-04-16 04:41 . 2011-04-16 04:41 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c​\PresentationFontCache.ni.exe
+ 2011-04-16 04:41 . 2011-04-16 04:41 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650​\PresentationCFFRasterizer.ni.dll
+ 2011-04-16 13:43 . 2011-04-16 13:43 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Micros​oft.Vsa.ni.dll
+ 2011-04-16 13:11 . 2011-04-16 13:11 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24​\Microsoft.Build.Framework.ni.dll
+ 2011-04-16 13:11 . 2011-04-16 13:11 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc​\Microsoft.Build.Framework.ni.dll
+ 2011-04-16 13:10 . 2011-04-16 13:10 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-04-16 13:10 . 2011-04-16 13:10 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Access​ibility.ni.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu​larExpressions.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu​larExpressions.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d​ll
- 2010-10-18 14:36 . 2010-10-18 14:36 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d​ll
+ 2011-04-16 04:39 . 2011-04-16 04:39 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura​tion.Install.dll
- 2010-10-18 14:37 . 2010-10-18 14:37 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura​tion.Install.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V​sa.Vb.CodeDOMProcessor.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V​sa.Vb.CodeDOMProcessor.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas​ic.Vsa.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas​ic.Vsa.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti​lities.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti​lities.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra​mework.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra​mework.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-04-16 13:45 . 2011-04-16 13:45 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\1a4701c5a061d081b78353bd04349c3e\dfsvc.ni.exe
+ 2011-04-16 04:39 . 2011-04-16 04:39 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-10-18 14:36 . 2010-10-18 14:36 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-10-18 14:36 . 2010-10-18 14:36 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-10-18 14:36 . 2010-10-18 14:36 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-16 04:39 . 2011-04-16 04:39 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-04 12:00 . 2011-04-16 13:08 503576 c:\windows\system32\perfh009.dat
- 2008-04-14 09:42 . 2010-11-06 00:26 206848 c:\windows\system32\occache.dll
+ 2008-04-14 09:42 . 2011-02-22 23:06 206848 c:\windows\system32\occache.dll
+ 2008-04-14 09:42 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2008-04-14 09:42 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
- 2008-04-14 09:42 . 2010-11-06 00:26 611840 c:\windows\system32\mstime.dll
+ 2008-04-14 09:42 . 2011-02-22 23:06 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 09:32 . 2011-02-22 23:06 602112 c:\windows\system32\msfeeds.dll
- 2009-03-08 09:32 . 2010-11-06 00:26 602112 c:\windows\system32\msfeeds.dll
- 2008-04-14 09:41 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
+ 2008-04-14 09:41 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
- 2008-04-14 09:41 . 2010-11-06 00:26 184320 c:\windows\system32\iepeers.dll
+ 2008-04-14 09:41 . 2011-02-22 23:06 184320 c:\windows\system32\iepeers.dll
- 2008-04-14 09:41 . 2010-11-06 00:26 387584 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 09:41 . 2011-02-22 23:06 387584 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 09:42 . 2011-02-18 11:49 173568 c:\windows\system32\ie4uinit.exe
- 2008-04-14 09:42 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe
- 2009-11-12 13:59 . 2011-03-27 17:08 117360 c:\windows\system32\FNTCACHE.DAT
+ 2009-11-12 13:59 . 2011-04-16 13:04 117360 c:\windows\system32\FNTCACHE.DAT
- 2008-04-14 04:49 . 2011-04-06 19:42 138496 c:\windows\system32\drivers\afd.sys
+ 2008-04-14 04:49 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
+ 2008-04-14 09:41 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2008-04-14 09:42 . 2011-02-22 23:06 916480 c:\windows\system32\dllcache\wininet.dll
- 2008-04-14 09:42 . 2010-11-06 00:26 916480 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 09:42 . 2011-03-04 06:37 420864 c:\windows\system32\dllcache\vbscript.dll
+ 2008-04-14 04:45 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
- 2008-04-14 09:42 . 2010-11-06 00:26 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 09:42 . 2011-02-22 23:06 206848 c:\windows\system32\dllcache\occache.dll
- 2008-04-14 09:42 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-04-14 09:42 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-04-14 09:42 . 2011-02-22 23:06 611840 c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 09:42 . 2010-11-06 00:26 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-11-12 20:11 . 2010-11-06 00:26 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-11-12 20:11 . 2011-02-22 23:06 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-11-12 19:47 . 2011-02-17 13:18 455936 c:\windows\system32\dllcache\mrxsmb.sys
- 2007-04-03 12:44 . 2010-09-18 16:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2007-04-03 12:44 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2008-04-14 09:41 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
- 2008-04-14 09:41 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-04-14 09:41 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
- 2009-11-12 19:08 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-11-12 19:08 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-11-12 20:11 . 2011-02-22 23:06 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-11-12 20:11 . 2010-11-06 00:26 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2008-04-14 09:41 . 2011-02-22 23:06 184320 c:\windows\system32\dllcache\iepeers.dll
- 2008-04-14 09:41 . 2010-11-06 00:26 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-10-15 15:59 . 2011-02-22 23:06 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-10-15 15:59 . 2010-11-06 00:26 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2008-04-14 09:41 . 2010-11-06 00:26 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 09:41 . 2011-02-22 23:06 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 09:42 . 2011-02-18 11:49 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 09:42 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-04-14 09:41 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2008-04-14 09:39 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
- 2008-04-14 04:49 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-04-14 04:49 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
- 2010-03-18 17:16 . 2010-03-18 17:16 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-02-10 08:10 . 2011-02-10 08:10 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-02-10 08:10 . 2011-02-10 08:10 955728 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 955728 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2011-02-10 08:10 . 2011-02-10 08:10 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 08:39 . 2011-01-18 08:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 08:39 . 2011-01-18 08:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-01-18 08:39 . 2011-01-18 08:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad3​64e35\UIAutomationClientsideProviders.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad3​64e35\UIAutomationClientsideProviders.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutom​ationClient.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutom​ationClient.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml​.Linq.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml​.Linq.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dl​l
- 2010-10-18 15:15 . 2010-10-18 15:15 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dl​l
- 2010-10-18 15:15 . 2010-10-18 15:15 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System​.Web.Services.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System​.Web.Services.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speec​h.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speec​h.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\Syst​em.ServiceProcess.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\Syst​em.ServiceProcess.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e3​5\System.ServiceModel.Routing.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e3​5\System.ServiceModel.Routing.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364​e35\System.ServiceModel.Discovery.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364​e35\System.ServiceModel.Discovery.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad36​4e35\System.ServiceModel.Activities.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad36​4e35\System.ServiceModel.Activities.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Sec​urity.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Sec​urity.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0​__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0​__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\Sy​stem.Runtime.Remoting.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\Sy​stem.Runtime.Remoting.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad​364e35\System.Runtime.DurableInstancing.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad​364e35\System.Runtime.DurableInstancing.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Me​ssaging.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Me​ssaging.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.M​anagement.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.M​anagement.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561​934e089\System.Management.Instrumentation.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561​934e089\System.Management.Instrumentation.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Lo​g.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Lo​g.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\Syste​m.IdentityModel.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\Syste​m.IdentityModel.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934​e089\System.IdentityModel.Selectors.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934​e089\System.IdentityModel.Selectors.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dyna​mic.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dyna​mic.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Draw​ing.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Draw​ing.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\S​ystem.DirectoryServices.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\S​ystem.DirectoryServices.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f​11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f​11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__​b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__​b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.D​eployment.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.D​eployment.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.​Data.SqlXml.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.​Data.SqlXml.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e08​9\System.Data.Services.Client.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e08​9\System.Data.Services.Client.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Da​ta.Linq.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Da​ta.Linq.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\Syste​m.configuration.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\Syste​m.configuration.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561​934e089\System.ComponentModel.Composition.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561​934e089\System.ComponentModel.Composition.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.​dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.​dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf385​6ad364e35\System.Activities.DurableInstancing.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf385​6ad364e35\System.Activities.DurableInstancing.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf385​6ad364e35\System.Activities.Core.Presentation.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf385​6ad364e35\System.Activities.Core.Presentation.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramew​ork.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramew​ork.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\Presentatio​nUI.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\Presentatio​nUI.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e​35\PresentationFramework.Royale.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e​35\PresentationFramework.Royale.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35​\PresentationFramework.Luna.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35​\PresentationFramework.Luna.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364​e35\PresentationFramework.Classic.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364​e35\PresentationFramework.Classic.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35​\PresentationFramework.Aero.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35​\PresentationFramework.Aero.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Mic​rosoft.VisualBasic.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Mic​rosoft.VisualBasic.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f​7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f​7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50​a3a\Microsoft.Transactions.Bridge.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50​a3a\Microsoft.Transactions.Bridge.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microso​ft.JScript.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microso​ft.JScript.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft​.CSharp.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft​.CSharp.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.T​ransactions.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.T​ransactions.dll
- 2010-10-18 15:16 . 2010-10-18 15:16 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Print​ing.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Print​ing.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\Sy​stem.EnterpriseServices.Wrapper.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\Sy​stem.EnterpriseServices.Wrapper.dll
- 2010-10-18 15:14 . 2010-10-18 15:14 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\Sy​stem.EnterpriseServices.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\Sy​stem.EnterpriseServices.dll
+ 2011-04-16 04:29 . 2011-04-16 04:29 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d​50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2010-10-18 15:15 . 2010-10-18 15:15 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d​50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-02-22 01:44 . 2011-04-16 04:42 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2011-02-22 01:44 . 2011-02-22 01:45 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2011-04-16 04:25 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-04-16 04:25 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-04-16 04:25 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-04-16 04:25 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-04-16 04:41 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-04-16 04:41 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-04-16 04:40 . 2010-11-06 00:26 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-04-16 04:41 . 2010-11-06 00:26 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-04-16 04:41 . 2010-11-06 00:26 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-04-16 04:40 . 2010-11-06 00:26 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-04-16 04:41 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2009-11-12 19:47 . 2011-02-17 13:18 455936 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-04-16 13:53 . 2011-04-16 13:53 399360 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\071230a3e7b1d19779210ed709761da4\XamlBu​ildTask.ni.dll
+ 2011-04-16 13:45 . 2011-04-16 13:45 353792 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\308200c3a43e5cd40f7ca07328be5d56\WsatConfi​g.ni.exe
+ 2011-04-16 13:53 . 2011-04-16 13:53 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c854ff737035c79fdf1b56b95e28fdbc​\WindowsFormsIntegration.ni.dll
+ 2011-04-16 13:48 . 2011-04-16 13:48 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c085fc0d222fb39afe14cc8e5eb32eee\UI​AutomationTypes.ni.dll
+ 2011-04-16 13:53 . 2011-04-16 13:53 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\974f99cb0c5b67484ce5a3fd1fc5e7dd\U​IAutomationClient.ni.dll
+ 2011-04-16 13:46 . 2011-04-16 13:46 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6d7c87b19bf40f2bc57ec4429b628c9a\Syst​em.Xml.Linq.ni.dll
+ 2011-04-16 13:48 . 2011-04-16 13:48 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\21eb4743be4fdd8df5f0a9cd0dd52f5d​\System.Windows.Input.Manipulations.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 192512 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\506e5c072114a604751e589a03818287​\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2011-04-16 13:47 . 2011-04-16 13:48 218624 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\4f6ed094f67cf65019b24b7ae4950047​\System.Web.RegularExpressions.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 858112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\e48ad421c99a1dff1680d775abf7fdec​\System.Web.Extensions.Design.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 332288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\25f74ac76ed1a5762f05984a8e8f675c\Sy​stem.Web.Entity.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 296448 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\022f7f8e65394aab269df0a14f3f8757​\System.Web.Entity.Design.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 705536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\c1a917d7d45e2e5731ab1a2c69bc3c79​\System.Web.DynamicData.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 256512 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\79696f4c00767d1db7c4a93b9e417359​\System.Web.DataVisualization.Design.ni.dll
+ 2011-04-16 13:47 . 2011-04-16 13:47 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\1fac5b5769af4e4dd0aa3f09d9834734\​System.Transactions.ni.dll
+ 2011-04-16 13:48 . 2011-04-16 13:48 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\4e5c6a1e261c43961b19f4712359234f​\System.ServiceProcess.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 421888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d1f5920c45a89d29bfcaaf3e913f5b43​\System.ServiceModel.Activation.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9fc58e83505ef6bf05a4529665c7737d​\System.ServiceModel.Routing.ni.dll
+ 2011-04-16 04:33 . 2011-04-16 04:33 721920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\df00a90a0ca189eb49b071dfd9530347\Syst​em.Security.ni.dll
+ 2011-04-16 13:45 . 2011-04-16 13:45 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7de8fccb064fff0d219e8594a014b600​\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-16 13:47 . 2011-04-16 13:47 767488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\585f1cfab91fc0c2c3e2a9f483a2a4a2​\System.Runtime.Remoting.ni.dll
+ 2011-04-16 13:47 . 2011-04-16 13:47 239616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\46ecc1e6de3fba31062fe27e5bc2ef9c​\System.Runtime.Caching.ni.dll
+ 2011-04-16 04:30 . 2011-04-16 04:30 144896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\f2304201110addb8170997ff442e87fc\Syst​em.Numerics.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\56158e581a3dfce8f930fe7388cfe156\System.Ne​t.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\8b3e59239912537657fc7f9c6b88dd8a\Sys​tem.Messaging.ni.dll
+ 2011-04-16 13:52 . 2011-04-16 13:52 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\117067671949b80852b0a7c112888b7b​\System.Management.Instrumentation.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\a483116d4df8444911c9d47fd99b8b95\System​.IO.Log.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\3891b868ee83ca630686d547c328da31​\System.IdentityModel.Selectors.ni.dll
+ 2011-04-16 13:47 . 2011-04-16 13:47 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\547669d593c2ac7c94391e153ea6068f​\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 13:47 . 2011-04-16 13:47 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\547669d593c2ac7c94391e153ea6068f​\System.EnterpriseServices.ni.dll
+ 2011-04-16 04:34 . 2011-04-16 04:34 373248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\f9b335b9f86afcae5a54949288010a0f\Syste​m.Dynamic.ni.dll
+ 2011-04-16 04:35 . 2011-04-16 04:35 223744 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\bbb1323c2a613d3f4e9cfce17e03ee70​\System.Drawing.Design.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8a7ceaec74327e2be758e7291b8a5849​\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-16 13:48 . 2011-04-16 13:48 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\698dd101afeceb8ffc4a435b9be82038​\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\65b4592d5d04a0c5b6f102f8d1e065e8\System​.Device.ni.dll
+ 2011-04-16 13:51 . 2011-04-16 13:51 499712
Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
17-04-2011, 07:48
Bericht: #9
miekiemoes Offline
Administrator
*
Berichten: 2.623
Lid sinds: Nov 2007
RE: Worst Infestation In 16 Years
Hi,

Your log got cut off at the end because it's too lenghty. This may be because you were probably in the middle of some Windows updates.
Anyway, no need to repost it since the most important part (removal part) is listed and that looks OK.

Citaat:BTW, should I turn off MS
security essentials and just use Bit Defender ?

As long as you are using Bitdefender, I would disable MS Security Essentials. Even though they can work together, both running in the background may cause extra slowdowns.
I don't know if you have purchased Bitdefender, or if this is a trial you are using. Keep in mind that, once the trial has expired, it won't be able to update anymore, thus won't protect you either for future threats. So, in that case, you can enable MS again afterwards (or purchase bitdefender in case you haven't done so).

* Go to start > run and copy and paste next command in the field:

ComboFix /Uninstall

Make sure there's a space between Combofix and /
Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Let me know in your next reply how things are now.


Director of Research @ Malwarebytes[Afbeelding: mbammini.png]
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Preventie---Help! Mijn computer is traag!---Mijn Blog---Volg me op Twitter.

[Afbeelding: MiekiemoesBlog.2.gif]
De website van deze gebruiker bezoeken Alle berichten van deze gebruiker zoeken
Reageren op dit bericht
« Oudere discussie | Nieuwere discussie »
Reactie plaatsen 


  • Afdrukversie weergeven
  • Discussie aan vriend laten zien
  • Op discussie abonneren
Ga naar locatie:


Gebruikers die deze discussie lezen: 1 gast(en)
  • Contact opnemen
  • Mivercon Site
  • Naar boven
  • Archiefmodus
  • RSS-syndicatie
  • Help
Het is nu 15-12-2019, 12:37 Aangedreven door MyBB, © 2002-2019 MyBB Group. Theme created by Justin S.