brendancarlin

Members

View Profile See their activity

Posts
9
Joined
September 22, 2009
Last visited
September 24, 2009

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by brendancarlin

Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

Wow, hahaha...it found 36 threats. I think it only cleaned 35. Here's the log: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=6 # iexplore.exe=7.00.6000.16876 (vista_gdr.090625-2339) # OnlineScanner.ocx=1.0.0.6050 # api_version=3.0.2 # EOSSerial=6e4adb2448a1f140adce813f7a3467cf # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2009-09-23 01:27:12 # local_time=2009-09-23 09:27:12 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # scanned=69120 # found=36 # cleaned=35 # scan_time=2799 C:\Documents and Settings\Joe Doering\Local Settings\Application Data\Identities\{445BA929-0754-421E-B2F9-D5F440A69141}\Microsoft\Outlook Express\Hotmail - Inbox.dbx multiple threats (unable to clean) 00000000000000000000000000000000 I C:\QooBox\Quarantine\C\Program Files\driver\driver.dll.vir Win32/Tinxy.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\Program Files\driver\driver.sys.vir Win32/TrojanProxy.Small.NDY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\kri746.dat.vir Win32/Small.EJX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\msa.exe.vir Win32/TrojanDownloader.FakeAlert.AGL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\msb.exe.vir a variant of Win32/Kryptik.ADD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\kri746.dat.vir Win32/Small.EJX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\mcenspc.dll.vir a variant of Win32/Kryptik.OY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\SKYNETgmuoluvw.dll.vir Win32/Olmarik.KW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\SKYNETovmeyeee.dll.vir Win32/Olmarik.KW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\UACjixuxdjyql.dll.vir Win32/Olmarik.KI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\UACympjdabiqp.dll.vir Win32/Olmarik.KI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\wisdstr.exe.vir Win32/Adware.Antivirus2010 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\UACdrwtsnmvrj.sys.vir a variant of Win32/Olmarik.HI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\UACpduhersmbt.sys.vir a variant of Win32/Olmarik.HI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\QooBox\Quarantine\C\WINDOWS\system32\wbem\proquota.exe.vir Win32/TrojanDownloader.Bredolab.AA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP660\A0076167.dll Win32/Tinxy.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP660\A0076168.sys Win32/TrojanProxy.Small.NDY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP660\A0076171.dll a variant of Win32/Kryptik.OY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP660\A0076172.exe Win32/TrojanDownloader.Bredolab.AA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP733\A0085973.exe probably a variant of Win32/Adware.WinFixer.AB application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP733\A0085975.exe a variant of Win32/Adware.VirusRemover application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP733\A0085980.sys Win32/Olmarik.KW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP757\A0088381.sys a variant of Win32/UltimateDefender.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP757\A0088388.exe Win32/Adware.Antivirus2010 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP757\A0088411.dll Win32/TrojanDownloader.FakeAlert.AGF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092656.dll a variant of Win32/Kryptik.YQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092686.exe Win32/TrojanDownloader.FakeAlert.AGL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092687.exe a variant of Win32/Kryptik.ADD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092689.sys a variant of Win32/Olmarik.HI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092690.sys a variant of Win32/Olmarik.HI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092693.dll Win32/Olmarik.KW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092694.dll Win32/Olmarik.KW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092696.dll Win32/Olmarik.KI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092701.dll Win32/Olmarik.KI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP768\A0092702.exe Win32/Adware.Antivirus2010 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
- September 23, 2009
- 13 replies
Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

MBAM LOG: Malwarebytes' Anti-Malware 1.41 Database version: 2845 Windows 5.1.2600 Service Pack 2 9/22/2009 11:37:55 PM mbam-log-2009-09-22 (23-37-55).txt Scan type: Quick Scan Objects scanned: 100784 Time elapsed: 5 minute(s), 43 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\oqvnjkzp.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\win32k.sys (Trojan.Dropper) -> Quarantined and deleted successfully.
- September 23, 2009
- 13 replies
Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

Negster, again, I appreciate all you and this forum are doing for me. Here are the logs you requested. Also, I couldn't load my MBAM so I redownloaded it, updated, then ran quick scan... C:\ComboFix.txt: ComboFix 09-09-22.02 - Joe Doering 09/22/2009 23:05.3.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.382.143 [GMT -4:00] Running from: c:\documents and settings\Joe Doering\Desktop\pepper.exe Command switches used :: c:\documents and settings\Joe Doering\Desktop\CFScript.txt FILE :: "c:\windows\system32\afybepyre.dat" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\afybepyre.dat . ((((((((((((((((((((((((( Files Created from 2009-08-23 to 2009-09-23 ))))))))))))))))))))))))))))))) . 2009-09-23 00:33 . 2009-09-23 00:33 -------- d-----w- C:\ARP 2009-09-22 23:30 . 2009-09-22 23:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-09-22 23:21 . 2009-09-22 23:22 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Canon 2009-09-22 23:17 . 2009-09-22 23:25 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM 2009-09-22 23:15 . 2004-08-04 03:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-09-22 23:15 . 2004-08-04 03:01 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2009-09-22 23:14 . 2009-09-22 23:14 -------- d-----w- c:\program files\Common Files\CANON 2009-09-22 23:12 . 2009-09-22 23:12 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ 2009-09-22 23:11 . 2008-02-26 05:00 230912 ----a-w- c:\windows\system32\CNMLM9I.DLL 2009-09-22 23:11 . 2009-09-22 23:11 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2009-09-22 23:11 . 2008-02-08 15:38 200704 ----a-w- c:\windows\system32\CNC190L.DLL 2009-09-22 23:11 . 2007-03-15 14:12 188416 ----a-w- c:\windows\system32\CNC190O.DLL 2009-09-22 23:11 . 2007-11-09 11:59 1323008 ----a-w- c:\windows\system32\CNC190C.DLL 2009-09-22 23:11 . 2007-11-09 11:58 98304 ----a-w- c:\windows\system32\CNC190I.DLL 2009-09-22 23:11 . 2009-09-22 23:11 -------- d--h--w- c:\program files\CanonBJ 2009-09-22 23:10 . 2009-09-22 23:16 -------- d-----w- c:\program files\Canon 2009-09-22 17:26 . 2009-09-23 00:22 0 ----a-w- c:\windows\win32k.sys 2009-09-14 20:27 . 2004-08-04 13:00 4224 ----a-w- c:\windows\system32\dllcache\beep.sys 2009-09-14 20:27 . 2004-08-04 13:00 4224 ------w- c:\windows\system32\drivers\beep.sys 2009-09-08 20:27 . 2009-09-08 20:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Search Engine Commando . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-23 02:53 . 2006-02-10 14:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint 2009-09-22 23:38 . 2007-02-06 20:29 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\AdobeUM 2009-09-22 18:19 . 2008-04-05 05:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-22 14:48 . 2007-02-11 15:40 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Azureus 2009-09-19 14:14 . 2006-10-02 00:53 -------- d-----w- c:\program files\AIM 2009-09-18 12:21 . 2007-12-07 01:16 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Camfrog 2009-09-14 20:31 . 2009-03-26 20:29 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2009-08-17 15:28 . 2009-08-17 15:28 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Logs 2009-08-17 15:20 . 2009-08-17 14:59 94208 ----a-w- c:\windows\DUMP6cb5.tmp 2009-08-17 15:19 . 2009-08-17 14:59 94208 ----a-w- c:\windows\DUMP6f44.tmp 2009-08-17 15:17 . 2009-08-17 14:59 94208 ----a-w- c:\windows\DUMP6939.tmp 2009-08-17 14:57 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6cf2.tmp 2009-08-17 14:56 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6ac0.tmp 2009-08-17 14:54 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6b6c.tmp 2009-08-17 14:53 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6baa.tmp 2009-08-17 14:52 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6bda.tmp 2009-08-17 14:50 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6b1e.tmp 2009-08-17 14:49 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6bd9.tmp 2009-08-17 14:48 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6b1d.tmp 2009-08-17 14:47 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6c56.tmp 2009-08-17 14:45 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP659f.tmp 2009-08-17 14:43 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6afe.tmp 2009-08-17 14:42 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6aa0.tmp 2009-08-17 14:40 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6cb4.tmp 2009-08-14 18:05 . 2007-07-24 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2009-08-14 17:51 . 2009-08-14 17:50 -------- d-----w- c:\program files\iTunes 2009-08-14 17:51 . 2009-08-14 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-08-14 17:50 . 2009-08-14 17:50 -------- d-----w- c:\program files\iPod 2009-08-14 17:50 . 2009-04-05 05:41 -------- d-----w- c:\program files\Common Files\Apple 2009-08-14 17:47 . 2009-08-14 17:46 -------- d-----w- c:\program files\QuickTime 2009-08-13 15:17 . 2007-02-12 13:36 -------- d-----w- c:\program files\DivX 2009-08-12 20:38 . 2006-10-04 16:48 96960 ----a-w- c:\documents and settings\Joe Doering\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-11 13:45 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP614a.tmp 2009-08-11 13:44 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP610b.tmp 2009-08-11 13:43 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6735.tmp 2009-08-11 13:41 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP60cd.tmp 2009-08-11 07:29 . 2009-08-11 07:29 -------- d-----w- c:\program files\MSBuild 2009-08-11 07:28 . 2009-08-11 07:28 -------- d-----w- c:\program files\Reference Assemblies 2009-08-11 07:21 . 2009-08-11 07:21 -------- d-----w- c:\program files\MSXML 6.0 2009-08-03 21:07 . 2008-08-31 17:52 -------- d-----w- c:\program files\Microsoft Silverlight 2009-08-03 04:32 . 2009-08-03 04:30 -------- d-----w- c:\program files\StoryLines 2009-08-03 02:26 . 2006-02-09 13:31 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Apple Computer 2009-07-09 16:16 . 2009-04-05 05:42 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2009-07-09 16:16 . 2009-04-05 05:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-06-29 16:12 . 2004-08-04 08:00 827392 ------w- c:\windows\system32\wininet.dll 2009-06-29 16:12 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-06-29 16:12 . 2004-08-04 08:00 17408 ------w- c:\windows\system32\corpol.dll 2009-04-07 15:43 . 2006-10-01 21:53 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2009-04-07 15:43 . 2006-10-01 21:53 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2009-04-07 15:43 . 2009-03-27 15:06 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2009-04-07 15:43 . 2009-03-27 15:06 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2009-04-07 15:43 . 2006-10-01 21:53 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((( SnapShot_2009-09-23_00.54.45 ))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-12-16 3528440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-06-01 185896] "VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-14 1603152] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP] @="" [HKLM\~\startupfolder\C:^Documents and Settings^Joe Doering^Start Menu^Programs^Startup^Skyscape smARTupdate.lnk] path=c:\documents and settings\Joe Doering\Start Menu\Programs\Startup\Skyscape smARTupdate.lnk backup=c:\windows\pss\Skyscape smARTupdate.lnkStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [12/15/2004 11:18 AM 200192] S3 PAC207;CIF USB Camera;c:\windows\system32\DRIVERS\PFC027.SYS --> c:\windows\system32\DRIVERS\PFC027.SYS [?] S3 PAC7302;PAC7302 VGA USB Camera;c:\windows\system32\drivers\PAC7302.SYS [9/11/2008 9:43 PM 457856] . Contents of the 'Scheduled Tasks' folder 2009-09-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html IE: &Google Search - c:\program files\google\GoogleToolbar2.dll/cmsearch.html IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll/cmcache.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm TCP: {B96E07F0-AA41-457E-BF8C-03529849D1FB} = 207.69.188.185,207.69.188.186 DPF: {3C648A72-C49A-48EF-9F90-68EF13293F97} - hxxp://www.toledo.noris.xmlsweb.com/XMLSearch/XMLCache.CAB FF - ProfilePath - c:\documents and settings\Joe Doering\Application Data\Mozilla\Firefox\Profiles\4h45epds.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.camfrog.com/search.php?q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://search.camfrog.com/search.php?q= FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-22 23:16 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(796) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(4052) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Canon\IJPLM\ijplmsvc.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2009-09-23 23:28 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-23 03:26 ComboFix2.txt 2009-09-23 01:09 ComboFix3.txt 2009-06-18 22:19 Pre-Run: 9,174,306,816 bytes free Post-Run: 9,162,276,864 bytes free Current=6 Default=6 Failed=5 LastKnownGood=3 Sets=1,2,3,5,6 196 --- E O F --- 2009-08-12 01:13
- September 23, 2009
- 13 replies
Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

+ 2009-03-30 15:34 . 2009-03-30 15:34 152576 c:\windows\Installer\f5aaeb7.msi + 2007-05-09 07:05 . 2007-05-09 07:05 470528 c:\windows\Installer\c643a38.msi + 2006-02-09 20:03 . 2006-02-09 20:03 916480 c:\windows\Installer\c2535.msi + 2007-02-05 03:09 . 2007-02-05 03:09 390656 c:\windows\Installer\ad015.msi + 2007-10-15 03:44 . 2007-10-15 03:44 324608 c:\windows\Installer\8d37f32.msp + 2007-10-15 03:46 . 2007-10-15 03:46 324608 c:\windows\Installer\8d37f2c.msp + 2007-02-07 08:01 . 2007-02-07 08:01 428544 c:\windows\Installer\7e18fc7.msi + 2007-02-07 08:01 . 2007-02-07 08:01 428544 c:\windows\Installer\7e18fc0.msi + 2009-07-01 13:51 . 2009-07-01 13:51 331264 c:\windows\Installer\7227060.msi + 2007-02-05 02:45 . 2007-02-05 02:45 501248 c:\windows\Installer\6359c.msi + 2007-02-05 02:44 . 2007-02-05 02:44 501248 c:\windows\Installer\63588.msi + 2007-02-05 02:44 . 2007-02-05 02:44 506880 c:\windows\Installer\63583.msi + 2007-02-05 02:44 . 2007-02-05 02:44 516608 c:\windows\Installer\6357c.msi + 2007-02-05 02:44 . 2007-02-05 02:44 513024 c:\windows\Installer\63576.msi + 2007-02-05 02:43 . 2007-02-05 02:43 501248 c:\windows\Installer\63559.msi + 2009-08-20 15:03 . 2009-08-20 15:03 289792 c:\windows\Installer\4f72539.msi + 2008-11-14 18:17 . 2008-11-14 18:17 432640 c:\windows\Installer\4673285.msi + 2006-02-10 01:22 . 2006-02-10 01:22 430080 c:\windows\Installer\3debef.msi + 2009-08-11 07:31 . 2009-08-11 07:31 648192 c:\windows\Installer\385ce13.msi + 2008-07-30 01:23 . 2008-07-30 01:23 250880 c:\windows\Installer\38385cd.msp + 2008-07-30 01:28 . 2008-07-30 01:28 278016 c:\windows\Installer\38385cb.msp + 2008-07-29 23:40 . 2008-07-29 23:40 291840 c:\windows\Installer\38385c9.msp + 2009-08-11 07:29 . 2009-08-11 07:29 137728 c:\windows\Installer\38385c3.msi + 2008-07-29 21:35 . 2008-07-29 21:35 553472 c:\windows\Installer\37c7d10.msp + 2008-07-29 21:33 . 2008-07-29 21:33 506368 c:\windows\Installer\37c7d0e.msp + 2008-07-29 21:37 . 2008-07-29 21:37 911360 c:\windows\Installer\37c7d0d.msp + 2005-04-30 05:54 . 2005-04-30 05:54 340480 c:\windows\Installer\37761.msi + 2005-04-30 05:34 . 2005-04-30 05:34 589312 c:\windows\Installer\376d7.msi + 2005-04-30 05:29 . 2005-04-30 05:29 226304 c:\windows\Installer\37697.msi + 2005-04-30 05:29 . 2005-04-30 05:29 227328 c:\windows\Installer\37691.msi + 2007-04-11 05:46 . 2007-04-11 05:46 678912 c:\windows\Installer\2a8e8c1.msi + 2009-06-05 16:04 . 2009-06-05 16:04 122880 c:\windows\Installer\2a7d435.msi + 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\272478c.msp + 2009-08-12 01:10 . 2009-08-12 01:10 972800 c:\windows\Installer\2724779.msi + 2007-08-15 04:04 . 2007-08-15 04:04 431104 c:\windows\Installer\24039a5.msi + 2009-06-07 16:48 . 2009-06-07 16:48 301056 c:\windows\Installer\20ed332.msi + 2005-04-30 05:08 . 2005-04-30 05:08 227840 c:\windows\Installer\18586.msi + 2009-07-29 07:00 . 2009-07-29 07:00 248832 c:\windows\Installer\177ac641.msi + 2009-05-26 22:53 . 2009-05-26 22:53 579072 c:\windows\Installer\15e1d2d.msp + 2004-08-07 13:04 . 2004-08-07 13:04 264704 c:\windows\Installer\11a3e.msi + 2009-08-14 17:51 . 2009-08-14 17:51 102400 c:\windows\Installer\{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}\iTunesIco.exe - 2007-02-05 02:52 . 2009-06-17 07:17 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe + 2007-02-05 02:52 . 2009-07-15 07:05 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe - 2007-02-05 02:52 . 2009-06-17 07:17 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe + 2007-02-05 02:52 . 2009-07-15 07:05 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe - 2007-02-05 02:52 . 2009-06-17 07:17 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe + 2007-02-05 02:52 . 2009-07-15 07:05 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe + 2007-02-05 02:52 . 2009-07-15 07:05 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe - 2007-02-05 02:52 . 2009-06-17 07:17 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe + 2007-02-05 02:52 . 2009-07-15 07:05 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe - 2007-02-05 02:52 . 2009-06-17 07:17 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe + 2009-07-29 07:02 . 2009-04-29 04:56 827392 c:\windows\ie7updates\KB972260-IE7\wininet.dll + 2009-07-29 07:02 . 2009-04-29 04:56 233472 c:\windows\ie7updates\KB972260-IE7\webcheck.dll + 2009-07-29 07:02 . 2009-04-29 04:56 105984 c:\windows\ie7updates\KB972260-IE7\url.dll + 2009-07-29 07:02 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB972260-IE7\spuninst\updspapi.dll + 2009-07-29 07:02 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB972260-IE7\spuninst\spuninst.exe + 2009-07-29 07:02 . 2009-04-29 04:56 102912 c:\windows\ie7updates\KB972260-IE7\occache.dll + 2009-07-29 07:02 . 2009-04-29 04:56 671232 c:\windows\ie7updates\KB972260-IE7\mstime.dll + 2009-07-29 07:02 . 2009-04-29 04:56 193024 c:\windows\ie7updates\KB972260-IE7\msrating.dll + 2009-07-29 07:02 . 2009-04-29 04:56 477696 c:\windows\ie7updates\KB972260-IE7\mshtmled.dll + 2009-07-29 07:02 . 2009-04-29 04:55 459264 c:\windows\ie7updates\KB972260-IE7\msfeeds.dll + 2009-07-29 07:02 . 2009-04-25 05:27 636088 c:\windows\ie7updates\KB972260-IE7\iexplore.exe + 2009-07-29 07:02 . 2009-04-29 04:55 268288 c:\windows\ie7updates\KB972260-IE7\iertutil.dll + 2009-07-29 07:02 . 2009-04-29 04:55 385024 c:\windows\ie7updates\KB972260-IE7\iedkcs32.dll + 2009-07-29 07:02 . 2009-04-29 04:55 383488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dll + 2009-07-29 07:02 . 2009-04-25 05:26 161792 c:\windows\ie7updates\KB972260-IE7\ieakui.dll + 2009-07-29 07:02 . 2009-04-29 04:55 230400 c:\windows\ie7updates\KB972260-IE7\ieaksie.dll + 2009-07-29 07:02 . 2009-04-29 04:55 153088 c:\windows\ie7updates\KB972260-IE7\ieakeng.dll + 2009-07-29 07:02 . 2009-04-29 04:55 133120 c:\windows\ie7updates\KB972260-IE7\extmgr.dll + 2009-07-29 07:02 . 2009-04-29 04:55 214528 c:\windows\ie7updates\KB972260-IE7\dxtrans.dll + 2009-07-29 07:02 . 2009-04-29 04:55 347136 c:\windows\ie7updates\KB972260-IE7\dxtmsft.dll + 2009-07-29 07:02 . 2009-04-29 04:55 124928 c:\windows\ie7updates\KB972260-IE7\advpack.dll + 2009-08-11 07:28 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll + 2009-08-11 07:28 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll + 2009-08-11 07:28 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll + 2009-08-11 07:28 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll + 2009-08-11 07:28 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll + 2009-08-12 17:21 . 2009-08-12 17:21 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe + 2009-08-12 14:02 . 2009-08-12 14:02 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll + 2009-08-12 14:02 . 2009-08-12 14:02 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll + 2009-08-12 14:01 . 2009-08-12 14:01 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll + 2009-08-12 18:50 . 2009-08-12 18:50 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll + 2009-08-12 18:38 . 2009-08-12 18:38 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll + 2009-08-12 18:48 . 2009-08-12 18:48 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll + 2009-08-12 18:47 . 2009-08-12 18:47 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll + 2009-08-12 18:39 . 2009-08-12 18:39 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll + 2009-08-12 18:39 . 2009-08-12 18:40 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll + 2009-08-12 18:39 . 2009-08-12 18:39 548864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\faadb3ddad52414f74aa0f62b23efd18\System.Web.DynamicData.ni.dll + 2009-08-12 18:37 . 2009-08-12 18:37 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll + 2009-08-12 17:17 . 2009-08-12 17:17 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll + 2009-08-12 17:17 . 2009-08-12 17:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll + 2009-08-12 18:35 . 2009-08-12 18:35 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll + 2009-08-12 13:57 . 2009-08-12 13:57 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll + 2009-08-12 18:34 . 2009-08-12 18:34 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll + 2009-08-12 17:21 . 2009-08-12 17:21 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe + 2009-08-12 17:21 . 2009-08-12 17:21 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll + 2009-08-12 17:21 . 2009-08-12 17:21 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe + 2009-08-12 13:52 . 2009-08-12 13:52 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll + 2009-08-12 13:52 . 2009-08-12 13:52 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll + 2009-08-12 13:52 . 2009-08-12 13:52 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll + 2009-08-12 13:53 . 2009-08-12 13:53 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe + 2009-08-12 17:21 . 2009-08-12 17:21 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll + 2009-08-12 17:21 . 2009-08-12 17:21 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe + 2009-08-12 17:23 . 2009-08-12 17:23 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll + 2009-08-11 07:29 . 2009-08-11 07:29 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2009-08-11 07:29 . 2009-08-11 07:29 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll + 2009-08-11 07:31 . 2009-08-11 07:31 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2009-08-11 07:31 . 2009-08-11 07:31 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll + 2009-08-11 07:29 . 2009-08-11 07:29 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll - 2008-01-24 03:31 . 2008-01-24 03:31 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2009-08-11 07:36 . 2009-08-11 07:36 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2009-08-11 07:36 . 2009-08-11 07:36 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2009-08-11 07:31 . 2009-08-11 07:31 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll + 2009-08-12 01:12 . 2009-08-12 01:12 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll + 2009-08-11 07:31 . 2009-08-11 07:31 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll + 2009-08-12 01:12 . 2009-08-12 01:12 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll + 2009-08-11 07:29 . 2009-08-11 07:29 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll + 2009-08-11 07:36 . 2009-08-11 07:36 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2008-01-24 03:30 . 2008-01-24 03:30 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2009-08-11 07:31 . 2009-08-11 07:31 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll - 2008-01-24 03:30 . 2008-01-24 03:30 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2009-08-11 07:36 . 2009-08-11 07:36 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2009-08-11 07:29 . 2009-08-11 07:29 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2009-08-11 07:36 . 2009-08-11 07:36 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2008-01-24 03:31 . 2008-01-24 03:31 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2009-08-11 07:36 . 2009-08-11 07:36 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2009-08-11 07:31 . 2009-08-11 07:31 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll - 2008-01-24 03:31 . 2008-01-24 03:31 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2009-08-11 07:36 . 2009-08-11 07:36 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2009-08-11 07:36 . 2009-08-11 07:36 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2008-01-24 03:32 . 2008-01-24 03:32 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2009-08-11 07:31 . 2009-08-11 07:31 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll + 2009-08-11 07:29 . 2009-08-11 07:29 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll + 2009-08-11 07:28 . 2009-08-11 07:28 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2009-08-11 07:29 . 2009-08-11 07:29 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2009-08-11 07:36 . 2009-08-11 07:36 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2009-08-11 07:36 . 2009-08-11 07:36 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2008-01-24 03:31 . 2008-01-24 03:31 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2008-01-24 03:32 . 2008-01-24 03:32 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2009-08-11 07:36 . 2009-08-11 07:36 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2009-08-11 07:31 . 2009-08-11 07:31 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2009-08-11 07:37 . 2009-08-11 07:37 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2009-08-11 07:37 . 2009-08-11 07:37 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2009-08-12 01:12 . 2009-08-12 01:12 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll + 2009-08-11 07:31 . 2009-08-11 07:31 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll + 2009-08-12 01:12 . 2009-08-12 01:12 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll + 2009-08-11 07:31 . 2009-08-11 07:31 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll + 2009-08-11 07:31 . 2009-08-11 07:31 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll + 2009-08-11 07:31 . 2009-08-11 07:31 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll + 2009-08-11 07:36 . 2009-08-11 07:36 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2008-01-24 03:31 . 2008-01-24 03:31 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2009-08-11 07:31 . 2009-08-11 07:31 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2009-08-11 07:36 . 2009-08-11 07:36 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2008-01-24 03:31 . 2008-01-24 03:31 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2009-08-11 07:28 . 2009-08-11 07:28 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll + 2009-08-11 07:29 . 2009-08-11 07:29 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2009-08-11 07:29 . 2009-08-11 07:29 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2009-08-11 07:29 . 2009-08-11 07:29 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2009-08-11 07:29 . 2009-08-11 07:29 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll + 2009-08-11 07:29 . 2009-08-11 07:29 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2009-08-11 07:29 . 2009-08-11 07:29 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2009-08-11 07:29 . 2009-08-11 07:29 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll + 2009-08-11 07:36 . 2009-08-11 07:36 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2008-01-24 03:31 . 2008-01-24 03:31 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2009-08-11 07:36 . 2009-08-11 07:36 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2009-08-11 07:36 . 2009-08-11 07:36 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2008-01-24 03:31 . 2008-01-24 03:31 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2009-08-11 07:28 . 2009-08-11 07:28 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll - 2008-01-24 03:31 . 2008-01-24 03:31 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2009-08-11 07:36 . 2009-08-11 07:36 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2008-01-24 03:32 . 2008-01-24 03:32 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2009-08-11 07:36 . 2009-08-11 07:36 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2009-08-11 07:31 . 2009-08-11 07:31 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll + 2009-08-11 07:31 . 2009-08-11 07:31 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2008-01-24 03:32 . 2008-01-24 03:32 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2009-08-11 07:36 . 2009-08-11 07:36 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2009-08-11 07:31 . 2009-08-11 07:31 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll - 2008-01-24 03:31 . 2008-01-24 03:31 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2009-08-11 07:36 . 2009-08-11 07:36 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2009-08-11 07:36 . 2009-08-11 07:36 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2009-08-11 07:29 . 2009-08-11 07:29 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2009-08-11 07:36 . 2009-08-11 07:36 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2008-01-24 03:32 . 2008-01-24 03:32 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2008-01-24 03:32 . 2008-01-24 03:32 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2009-08-11 07:36 . 2009-08-11 07:36 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2009-08-11 07:36 . 2009-08-11 07:36 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2009-08-11 07:28 . 2009-08-11 07:28 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2009-08-11 07:21 . 2006-10-16 20:10 379184 c:\windows\$NtUninstallWIC$\spuninst\updspapi.dll + 2009-08-11 07:21 . 2006-10-16 20:10 221488 c:\windows\$NtUninstallWIC$\spuninst\spuninst.exe + 2009-07-15 07:04 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB973346$\spuninst\updspapi.dll + 2009-07-15 07:04 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973346$\spuninst\spuninst.exe + 2009-07-15 07:04 . 2008-07-09 07:38 382840 c:\windows\$NtUninstallKB971633$\spuninst\updspapi.dll + 2009-07-15 07:04 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe + 2009-07-15 07:02 . 2005-10-17 21:14 118272 c:\windows\$NtUninstallKB961371$\t2embed.dll + 2009-07-15 07:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB961371$\spuninst\updspapi.dll + 2009-07-15 07:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB961371$\spuninst\spuninst.exe + 2009-08-12 01:12 . 2007-11-30 11:18 382840 c:\windows\$NtUninstallKB961118$\spuninst\updspapi.dll + 2009-08-12 01:12 . 2007-11-30 11:18 231288 c:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe + 2009-08-12 01:10 . 2005-10-12 23:16 371424 c:\windows\$NtUninstallKB925720$\spuninst\updspapi.dll + 2009-08-12 01:10 . 2005-10-12 23:16 213216 c:\windows\$NtUninstallKB925720$\spuninst\spuninst.exe + 2009-08-12 01:10 . 2004-08-04 08:00 215552 c:\windows\$NtUninstallKB925720$\osk.exe + 2009-07-15 07:04 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973346\update\updspapi.dll + 2009-07-15 07:04 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973346\update\update.exe + 2009-07-15 07:04 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973346\spuninst.exe + 2009-07-29 07:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB972260-IE7\update\updspapi.dll + 2009-07-29 07:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB972260-IE7\update\update.exe + 2009-07-29 07:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB972260-IE7\spuninst.exe + 2009-06-29 16:23 . 2009-06-29 16:23 828928 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll + 2009-06-29 16:23 . 2009-06-29 16:23 233472 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\webcheck.dll + 2009-06-29 16:23 . 2009-06-29 16:23 105984 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\url.dll + 2009-06-29 16:23 . 2009-06-29 16:23 102912 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\occache.dll + 2009-06-29 16:23 . 2009-06-29 16:23 671232 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mstime.dll + 2009-06-29 16:23 . 2009-06-29 16:23 193024 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\msrating.dll + 2009-06-29 16:23 . 2009-06-29 16:23 477696 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mshtmled.dll + 2009-06-29 16:23 . 2009-06-29 16:23 459264 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\msfeeds.dll + 2009-06-29 07:25 . 2009-06-29 07:25 634632 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe + 2009-06-29 16:23 . 2009-06-29 16:23 268288 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\iertutil.dll + 2009-06-29 16:23 . 2009-06-29 16:23 388608 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\iedkcs32.dll + 2009-06-29 16:23 . 2009-06-29 16:23 380928 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieapfltr.dll + 2009-06-29 07:23 . 2009-06-29 07:23 161792 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieakui.dll + 2009-06-29 16:23 . 2009-06-29 16:23 230400 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieaksie.dll + 2009-06-29 16:23 . 2009-06-29 16:23 153088 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieakeng.dll + 2009-06-29 16:23 . 2009-06-29 16:23 132608 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\extmgr.dll + 2009-06-29 16:23 . 2009-06-29 16:23 214528 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\dxtrans.dll + 2009-06-29 16:23 . 2009-06-29 16:23 347136 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\dxtmsft.dll + 2009-06-29 16:23 . 2009-06-29 16:23 124928 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\advpack.dll + 2009-07-15 07:04 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB971633\update\updspapi.dll + 2009-07-15 07:04 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB971633\update\update.exe + 2009-07-15 07:04 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971633\spuninst.exe + 2009-07-15 07:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB961371\update\updspapi.dll + 2009-07-15 07:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB961371\update\update.exe + 2009-07-15 07:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB961371\spuninst.exe + 2009-06-16 14:43 . 2009-06-16 14:43 119808 c:\windows\$hf_mig$\KB961371\SP3QFE\t2embed.dll + 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\$hf_mig$\KB961371\SP3GDR\t2embed.dll + 2009-06-16 14:45 . 2009-06-16 14:45 119808 c:\windows\$hf_mig$\KB961371\SP2QFE\t2embed.dll + 2009-08-12 01:13 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB961118\update\updspapi.dll + 2009-08-12 01:13 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB961118\update\update.exe + 2009-08-12 01:13 . 2007-11-30 11:18 231288 c:\windows\$hf_mig$\KB961118\spuninst.exe + 2009-08-12 01:10 . 2005-10-12 23:16 371424 c:\windows\$hf_mig$\KB925720\update\updspapi.dll + 2009-08-12 01:10 . 2005-10-12 23:16 716000 c:\windows\$hf_mig$\KB925720\update\update.exe + 2009-08-12 01:10 . 2005-10-12 23:16 213216 c:\windows\$hf_mig$\KB925720\spuninst.exe + 2006-10-04 10:40 . 2006-10-04 10:40 215552 c:\windows\$hf_mig$\KB925720\SP2QFE\osk.exe + 2009-09-22 23:11 . 2007-11-07 10:29 1175552 c:\windows\twain_32\MP190 series\SGUI.DLL + 2009-09-22 23:11 . 2007-11-07 10:27 1040384 c:\windows\twain_32\MP190 series\SGRES_US.DLL + 2009-09-22 23:11 . 2007-11-07 10:27 1011712 c:\windows\twain_32\MP190 series\SGRES_JP.DLL + 2009-09-22 23:11 . 2006-12-01 09:24 1159168 c:\windows\twain_32\MP190 series\SGCFLTR.DLL + 2009-09-22 23:11 . 2008-02-21 11:29 3724256 c:\windows\twain_32\MP190 series\CNC190.DAT + 2009-08-11 07:28 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll + 2004-08-04 08:00 . 2004-08-04 08:00 1326080 c:\windows\system32\webfldrs.msi - 2004-08-04 08:00 . 2009-04-29 04:56 1159680 c:\windows\system32\urlmon.dll + 2004-08-04 08:00 . 2009-06-29 16:12 1159680 c:\windows\system32\urlmon.dll + 2009-08-11 07:28 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll + 2009-08-11 07:28 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll + 2009-08-11 07:28 . 2008-07-06 21:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll + 2009-08-11 07:28 . 2008-07-06 21:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll + 2009-09-22 23:11 . 2008-02-26 05:00 2627072 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMUI9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 1599488 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMCB9I.DLL + 2009-08-11 07:28 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll + 2009-09-22 23:11 . 2008-02-26 05:00 2627072 c:\windows\system32\spool\drivers\w32x86\3\CNMUI9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 1599488 c:\windows\system32\spool\drivers\w32x86\3\CNMCB9I.DLL + 2004-08-04 08:00 . 2009-06-03 19:27 1290752 c:\windows\system32\quartz.dll + 2008-08-30 00:06 . 2008-08-30 00:06 1350664 c:\windows\system32\msxml6.dll + 2004-08-04 08:00 . 2009-07-19 13:33 3597824 c:\windows\system32\mshtml.dll + 2007-08-13 22:54 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll + 2007-02-12 20:10 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat + 2009-08-14 17:43 . 2009-07-09 16:16 2060288 c:\windows\system32\DRVSTORE\usbaapl_872A2434B7205D4BD84BBE53811BDCE15F347D5B\usbaaplrc.dll + 2009-08-14 17:44 . 2009-07-09 16:16 1419232 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\wdfcoinstaller01005.dll + 2009-08-11 07:28 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll - 2006-07-25 20:42 . 2009-04-29 04:56 1159680 c:\windows\system32\dllcache\urlmon.dll + 2006-07-25 20:42 . 2009-06-29 16:12 1159680 c:\windows\system32\dllcache\urlmon.dll + 2007-10-29 22:43 . 2009-06-03 19:27 1290752 c:\windows\system32\dllcache\quartz.dll + 2006-07-28 11:30 . 2009-07-19 13:33 3597824 c:\windows\system32\dllcache\mshtml.dll + 2008-04-05 03:24 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll + 2008-04-05 03:24 . 2009-06-29 08:33 2452872 c:\windows\system32\dllcache\ieapfltr.dat + 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe + 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll + 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe + 2008-12-05 23:35 . 2008-12-05 23:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll + 2008-07-30 01:10 . 2008-07-30 01:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll + 2008-07-30 01:10 . 2008-07-30 01:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll + 2008-12-06 00:12 . 2008-12-06 00:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll - 2007-10-24 06:47 . 2007-10-24 06:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2008-07-25 15:16 . 2008-07-25 15:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll - 2007-10-24 06:47 . 2007-10-24 06:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2008-11-25 08:59 . 2008-11-25 08:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2008-07-25 15:17 . 2008-07-25 15:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2008-07-25 15:17 . 2008-07-25 15:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2008-11-25 08:59 . 2008-11-25 08:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2008-11-25 08:59 . 2008-11-25 08:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2008-07-25 15:16 . 2008-07-25 15:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2007-05-25 16:08 . 2007-05-25 16:08 9609728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp + 2006-10-01 21:53 . 2006-10-01 21:53 3485184 c:\windows\Installer\f41aca.msi + 2009-01-08 01:25 . 2009-01-08 01:25 5046784 c:\windows\Installer\e7dbf32.msp + 2009-02-25 23:08 . 2009-02-25 23:08 8311808 c:\windows\Installer\d7e4d58.msp + 2009-03-28 13:50 . 2009-03-28 13:50 5025792 c:\windows\Installer\d7e4d46.msp + 2008-11-13 07:57 . 2008-11-13 07:57 5099520 c:\windows\Installer\cd0fb1c.msp + 2008-10-20 15:18 . 2008-10-20 15:18 6474240 c:\windows\Installer\cd0fb09.msp + 2007-11-22 23:23 . 2007-11-22 23:23 5051904 c:\windows\Installer\c84441.msp + 2008-02-25 19:08 . 2008-02-25 19:08 5050368 c:\windows\Installer\c7971.msp + 2007-04-09 02:32 . 2007-04-09 02:32 5131264 c:\windows\Installer\c643a5d.msp + 2007-03-31 02:21 . 2007-03-31 02:21 3886080 c:\windows\Installer\c643a0c.msp + 2007-03-31 02:17 . 2007-03-31 02:17 9589248 c:\windows\Installer\c6439f8.msp + 2008-02-15 12:54 . 2008-02-15 12:54 9736192 c:\windows\Installer\9ba647.msp + 2008-03-17 21:55 . 2008-03-17 21:55 5049344 c:\windows\Installer\9ba622.msp + 2007-06-17 05:18 . 2007-06-17 05:18 5050368 c:\windows\Installer\8e4f0b7.msp + 2007-05-29 02:01 . 2007-05-29 02:01 4597760 c:\windows\Installer\8e4f0a4.msp + 2007-06-01 19:54 . 2007-06-01 19:54 9626624 c:\windows\Installer\8e4f01f.msp + 2007-10-15 03:43 . 2007-10-15 03:43 5749760 c:\windows\Installer\8d37f0c.msp + 2007-01-29 23:23 . 2007-01-29 23:23 3361280 c:\windows\Installer\8a1493.msp + 2009-08-14 17:51 . 2009-08-14 17:51 4945408 c:\windows\Installer\876578b.msi + 2009-08-14 17:47 . 2009-08-14 17:47 8992256 c:\windows\Installer\8765458.msi + 2009-08-14 17:44 . 2009-08-14 17:44 3295232 c:\windows\Installer\87651c7.msi + 2008-01-28 23:09 . 2008-01-28 23:09 5055488 c:\windows\Installer\7e8fa9.msp + 2008-08-20 18:37 . 2008-08-20 18:37 5107712 c:\windows\Installer\7cf00a.msp + 2008-11-20 19:48 . 2008-11-20 19:48 5097472 c:\windows\Installer\7c0ce.msp + 2007-02-20 04:23 . 2007-02-20 04:23 9278464 c:\windows\Installer\7bd056e.msi + 2009-04-24 16:28 . 2009-04-24 16:28 4450816 c:\windows\Installer\69825e8.msp + 2008-04-11 22:08 . 2008-04-11 22:08 6302720 c:\windows\Installer\64e7c7.msp + 2008-04-26 00:14 . 2008-04-26 00:14 5052928 c:\windows\Installer\64e7b0.msp + 2008-04-18 18:56 . 2008-04-18 18:56 6215680 c:\windows\Installer\64e79d.msp + 2007-02-05 02:45 . 2007-02-05 02:45 1652736 c:\windows\Installer\63597.msi + 2007-02-05 02:45 . 2007-02-05 02:45 1652736 c:\windows\Installer\63592.msi + 2007-02-05 02:45 . 2007-02-05 02:45 1652736 c:\windows\Installer\6358d.msi + 2007-02-05 02:44 . 2007-02-05 02:44 1640960 c:\windows\Installer\63568.msi + 2007-02-05 02:43 . 2007-02-05 02:43 2022912 c:\windows\Installer\63563.msi + 2007-02-05 02:43 . 2007-02-05 02:43 1713152 c:\windows\Installer\6355e.msi + 2007-02-05 02:43 . 2007-02-05 02:43 2397184 c:\windows\Installer\63554.msi + 2009-02-07 03:31 . 2009-02-07 03:31 5047808 c:\windows\Installer\6031c94.msp + 2007-10-25 03:23 . 2007-10-25 03:23 1563136 c:\windows\Installer\5ca309.msi + 2009-08-20 17:27 . 2009-08-20 17:27 1665024 c:\windows\Installer\57ab6eb.msi + 2007-02-27 21:13 . 2007-02-27 21:13 3358720 c:\windows\Installer\5216f91.msp + 2008-10-20 15:19 . 2008-10-20 15:19 5100032 c:\windows\Installer\46732aa.msp + 2007-03-31 02:20 . 2007-03-31 02:20 5800960 c:\windows\Installer\41041323.msp + 2007-03-27 20:15 . 2007-03-27 20:15 8395776 c:\windows\Installer\41041310.msp + 2008-09-02 15:42 . 2008-09-02 15:42 5104640 c:\windows\Installer\3f8e6a.msp + 2008-12-13 13:57 . 2008-12-13 13:57 8397824 c:\windows\Installer\385ce21.msp + 2008-07-29 23:26 . 2008-07-29 23:26 1043456 c:\windows\Installer\38385cc.msp + 2008-07-30 00:37 . 2008-07-30 00:37 2679808 c:\windows\Installer\38385ca.msp + 2008-07-30 01:15 . 2008-07-30 01:15 3697664 c:\windows\Installer\38385c8.msp + 2008-07-29 23:34 . 2008-07-29 23:34 1448448 c:\windows\Installer\38385c7.msp + 2008-07-30 00:22 . 2008-07-30 00:22 4137984 c:\windows\Installer\38385c6.msp + 2008-07-29 23:18 . 2008-07-29 23:18 3376640 c:\windows\Installer\38385c5.msp + 2008-07-29 21:45 . 2008-07-29 21:45 2543616 c:\windows\Installer\37c7d14.msp + 2008-07-29 21:29 . 2008-07-29 21:29 2926080 c:\windows\Installer\37c7d13.msp + 2008-07-29 21:41 . 2008-07-29 21:41 6487040 c:\windows\Installer\37c7d12.msp + 2008-07-29 21:39 . 2008-07-29 21:39 3403264 c:\windows\Installer\37c7d11.msp + 2008-07-29 21:43 . 2008-07-29 21:43 1013248 c:\windows\Installer\37c7d0f.msp + 2008-07-29 21:31 . 2008-07-29 21:31 6083072 c:\windows\Installer\37c7d0c.msp + 2005-04-30 05:42 . 2005-04-30 05:42 5864960 c:\windows\Installer\376e6.msp + 2005-04-30 05:32 . 2005-04-30 05:32 1346048 c:\windows\Installer\376c7.msi + 2005-04-30 05:29 . 2005-04-30 05:29 4866560 c:\windows\Installer\3768a.msi + 2005-04-30 05:27 . 2005-04-30 05:27 1096192 c:\windows\Installer\37670.msi + 2005-04-30 05:27 . 2005-04-30 05:27 1102848 c:\windows\Installer\375ed.msi + 2005-04-30 05:26 . 2005-04-30 05:26 1094656 c:\windows\Installer\37569.msi + 2005-04-30 05:16 . 2005-04-30 05:16 2247680 c:\windows\Installer\37547.msi + 2007-02-13 01:43 . 2007-02-13 01:43 1880576 c:\windows\Installer\36f15a.msi + 2007-02-13 01:40 . 2007-02-13 01:40 1646080 c:\windows\Installer\36f155.msi + 2007-02-13 01:39 . 2007-02-13 01:39 5938688 c:\windows\Installer\36f151.msi + 2007-03-24 19:57 . 2007-03-24 19:57 5135360 c:\windows\Installer\2ef063a.msp + 2007-03-27 20:14 . 2007-03-27 20:14 5566464 c:\windows\Installer\2ef0627.msp + 2005-04-30 04:55 . 2005-04-30 04:55 3975680 c:\windows\Installer\2ed8d.msi + 2009-04-05 05:47 . 2009-04-05 05:47 1659392 c:\windows\Installer\2c2240de.msi + 2009-04-05 05:43 . 2009-04-05 05:43 1549312 c:\windows\Installer\2c223e79.msi + 2008-10-05 08:12 . 2008-10-05 08:12 4784128 c:\windows\Installer\2991f33.msp + 2007-10-01 01:12 . 2007-10-01 01:12 5052416 c:\windows\Installer\27a5e04.msp + 2007-07-26 15:27 . 2007-07-26 15:27 5053440 c:\windows\Installer\24039b7.msp + 2007-07-21 17:26 . 2007-07-21 17:26 7574016 c:\windows\Installer\240399d.msp + 2008-06-05 17:56 . 2008-06-05 17:56 5111808 c:\windows\Installer\1ffb765.msp + 2004-08-07 13:05 . 2004-08-07 13:05 3443712 c:\windows\Installer\1c9f6.msi + 2008-07-16 03:12 . 2008-07-16 03:12 1298432 c:\windows\Installer\1a3db0.msp + 2009-05-26 22:54 . 2009-05-26 22:54 4192768 c:\windows\Installer\165e6976.msp + 2009-07-02 20:23 . 2009-07-02 20:23 5027328 c:\windows\Installer\165e695e.msp + 2009-01-15 08:35 . 2009-01-15 08:35 4830720 c:\windows\Installer\1643e8.msp + 2009-05-04 11:46 . 2009-05-04 11:46 8299008 c:\windows\Installer\15e1d7d.msp + 2009-05-04 11:47 . 2009-05-04 11:47 9124864 c:\windows\Installer\15e1d69.msp + 2009-04-24 16:30 . 2009-04-24 16:30 2583552 c:\windows\Installer\15e1d55.msp + 2009-05-07 13:17 . 2009-05-07 13:17 5026816 c:\windows\Installer\15e1d40.msp + 2009-04-24 16:29 . 2009-04-24 16:29 9013760 c:\windows\Installer\15e1d1a.msp + 2008-04-11 22:48 . 2008-04-11 22:48 6774272 c:\windows\Installer\14680719.msp + 2008-07-16 23:01 . 2008-07-16 23:01 5110272 c:\windows\Installer\14680704.msp + 2007-10-28 15:53 . 2007-10-28 15:53 5047808 c:\windows\Installer\11e80d.msp + 2007-09-01 01:58 . 2007-09-01 01:58 5054976 c:\windows\Installer\110bf9d.msp + 2007-02-05 02:52 . 2009-07-15 07:05 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe - 2007-02-05 02:52 . 2009-06-17 07:17 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe - 2007-02-05 02:52 . 2009-06-17 07:17 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe + 2007-02-05 02:52 . 2009-07-15 07:05 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe + 2009-07-29 07:02 . 2009-04-29 04:56 1159680 c:\windows\ie7updates\KB972260-IE7\urlmon.dll + 2009-07-29 07:02 . 2009-04-29 04:56 3596288 c:\windows\ie7updates\KB972260-IE7\mshtml.dll + 2009-07-29 07:02 . 2009-04-29 04:55 6066176 c:\windows\ie7updates\KB972260-IE7\ieframe.dll + 2009-07-29 07:02 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dat + 2005-04-30 05:34 . 2005-04-30 05:34 2220544 c:\windows\Hewlett-Packard\Setup Files\HP Software Update\{77C7D65D-7F07-4F6B-95DE-3D893B08E7FF}\HP Software Update.msi + 2006-02-09 22:06 . 2006-02-09 22:06 6525952 c:\windows\Downloaded Installations\Odyssey Client.msi + 2006-02-09 20:03 . 2006-02-09 20:03 1863168 c:\windows\Downloaded Installations\{6D2F1926-BD77-486A-A418-91BE87F9993B}\HMTCDWizard.msi + 2009-08-12 01:12 . 2009-08-12 01:12 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll + 2009-08-12 14:01 . 2009-08-12 14:01 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll + 2009-08-11 07:39 . 2009-08-11 07:39 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP275.tmp\System.dll + 2009-08-11 07:34 . 2009-08-11 07:34 7867392 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP192.tmp\System.dll + 2009-08-12 01:12 . 2009-08-12 01:12 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll + 2009-08-12 14:01 . 2009-08-12 14:01 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll + 2009-08-12 18:50 . 2009-08-12 18:50 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll + 2009-08-12 18:50 . 2009-08-12 18:50 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll + 2009-08-12 18:49 . 2009-08-12 18:49 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll + 2009-08-12 18:49 . 2009-08-12 18:49 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll + 2009-08-12 18:48 . 2009-08-12 18:48 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll + 2009-08-12 18:48 . 2009-08-12 18:48 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll + 2009-08-12 18:40 . 2009-08-12 18:40 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll + 2009-08-12 13:58 . 2009-08-12 13:58 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll + 2009-08-12 17:17 . 2009-08-12 17:17 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll + 2009-08-12 13:58 . 2009-08-12 13:58 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll + 2009-08-12 17:17 . 2009-08-12 17:17 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll + 2009-08-12 13:57 . 2009-08-12 13:57 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll + 2009-08-12 13:55 . 2009-08-12 13:55 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll + 2009-08-12 18:35 . 2009-08-12 18:35 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll + 2009-08-12 13:55 . 2009-08-12 13:55 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll + 2009-08-12 18:34 . 2009-08-12 18:34 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll + 2009-08-12 13:55 . 2009-08-12 13:55 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll + 2009-08-12 13:54 . 2009-08-12 13:54 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll + 2009-08-12 13:54 . 2009-08-12 13:54 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll + 2009-08-12 01:12 . 2009-08-12 01:12 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll + 2009-08-12 17:21 . 2009-08-12 17:21 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll + 2009-08-11 07:29 . 2009-08-11 07:29 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2009-08-11 07:37 . 2009-08-11 07:37 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2009-08-11 07:37 . 2009-08-11 07:37 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2009-08-11 07:29 . 2009-08-11 07:29 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll + 2009-08-11 07:29 . 2009-08-11 07:29 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll + 2009-08-11 07:36 . 2009-08-11 07:36 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2009-08-12 01:12 . 2009-08-12 01:12 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2009-08-11 07:39 . 2009-08-11 07:39 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2009-08-11 07:36 . 2009-08-11 07:36 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2009-08-11 07:31 . 2009-08-11 07:31 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll + 2009-08-11 07:39 . 2009-08-11 07:39 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2009-08-11 07:36 . 2009-08-11 07:36 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2009-08-11 07:37 . 2009-08-11 07:37 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2009-08-11 07:29 . 2009-08-11 07:29 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2009-08-11 07:36 . 2009-08-11 07:36 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2009-07-15 07:04 . 2008-12-20 22:43 1287680 c:\windows\$NtUninstallKB971633$\quartz.dll + 2009-06-29 16:23 . 2009-06-29 16:23 1163264 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\urlmon.dll + 2009-07-19 13:31 . 2009-07-19 13:31 3600384 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mshtml.dll + 2009-07-19 13:31 . 2009-07-19 13:31 6070784 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieframe.dll + 2009-06-29 08:33 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieapfltr.dat + 2009-06-03 19:12 . 2009-06-03 19:12 1291264 c:\windows\$hf_mig$\KB971633\SP3QFE\quartz.dll + 2009-06-03 19:09 . 2009-06-03 19:09 1291264 c:\windows\$hf_mig$\KB971633\SP3GDR\quartz.dll + 2009-06-03 19:24 . 2009-06-03 19:24 1291264 c:\windows\$hf_mig$\KB971633\SP2QFE\quartz.dll + 2006-02-09 13:30 . 2005-04-30 05:08 11333632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}\J2SE Runtime Environment 5.0 Update 2.msi + 2008-10-20 15:22 . 2008-10-20 15:22 11758592 c:\windows\Installer\cd0fb56.msp + 2008-10-20 15:21 . 2008-10-20 15:21 11937280 c:\windows\Installer\cd0fb43.msp + 2008-10-20 15:16 . 2008-10-20 15:16 13211648 c:\windows\Installer\cd0fb30.msp + 2008-02-25 19:07 . 2008-02-25 19:07 11772416 c:\windows\Installer\c79bb.msp + 2008-01-28 22:09 . 2008-01-28 22:09 11896320 c:\windows\Installer\c79a8.msp + 2008-01-28 22:10 . 2008-01-28 22:10 14201344 c:\windows\Installer\c7994.msp + 2007-04-22 00:16 . 2007-04-22 00:16 12490752 c:\windows\Installer\c643a4a.msp + 2007-03-31 02:22 . 2007-03-31 02:22 10125824 c:\windows\Installer\c643a32.msp + 2007-03-31 02:19 . 2007-03-31 02:19 10893312 c:\windows\Installer\c643a1f.msp + 2008-01-28 22:07 . 2008-01-28 22:07 19034624 c:\windows\Installer\9ba635.msp + 2007-06-01 19:55 . 2007-06-01 19:55 10824704 c:\windows\Installer\8e4f0d0.msp + 2007-07-11 07:09 . 2007-07-11 07:09 15256576 c:\windows\Installer\8e4f091.msp + 2007-06-01 19:53 . 2007-06-01 19:53 10255360 c:\windows\Installer\8e4f032.msp + 2007-10-15 03:43 . 2007-10-15 03:43 12743168 c:\windows\Installer\8d37f1d.msp + 2007-10-15 03:43 . 2007-10-15 03:43 21981184 c:\windows\Installer\8d37ee7.msp + 2008-08-11 15:51 . 2008-08-11 15:51 15916544 c:\windows\Installer\7ceff7.msp + 2008-08-11 15:49 . 2008-08-11 15:49 22457344 c:\windows\Installer\7cefe4.msp + 2008-04-11 22:07 . 2008-04-11 22:07 13257728 c:\windows\Installer\64e7dc.msp + 2007-02-05 02:52 . 2007-02-05 02:52 12836352 c:\windows\Installer\6395a.msi + 2008-09-24 17:05 . 2008-09-24 17:05 16381440 c:\windows\Installer\4673297.msp + 2008-07-30 03:20 . 2008-07-30 03:20 11767296 c:\windows\Installer\3f8e57.msp + 2008-07-30 03:18 . 2008-07-30 03:18 11933184 c:\windows\Installer\3f8e44.msp + 2008-05-21 05:30 . 2008-05-21 05:30 14308864 c:\windows\Installer\27ebb686.msp + 2008-12-13 14:21 . 2008-12-13 14:21 10473472 c:\windows\Installer\2724781.msp + 2009-08-03 16:22 . 2009-08-03 16:22 15705600 c:\windows\Installer\1bba3cc3.msp + 2005-04-30 05:07 . 2005-04-30 05:07 19204096 c:\windows\Installer\18580.msp + 2009-05-04 11:49 . 2009-05-04 11:49 10955776 c:\windows\Installer\15e1db5.msp + 2008-07-03 15:36 . 2008-07-03 15:36 11937792 c:\windows\Installer\1468073f.msp + 2008-07-03 15:37 . 2008-07-03 15:37 11759104 c:\windows\Installer\1468072c.msp + 2007-02-07 13:54 . 2007-02-07 13:54 11771904 c:\windows\Installer\13d0a9c.msi + 2009-02-25 23:05 . 2009-02-25 23:05 11840000 c:\windows\Installer\121fea51.msp + 2009-02-25 23:07 . 2009-02-25 23:07 11646464 c:\windows\Installer\121fea3e.msp + 2005-04-30 05:39 . 2005-04-30 05:39 20034560 c:\windows\Downloaded Installations\{EA6652A6-343E-4645-AF84-0BACF426C950}\iTunes.msi + 2009-08-12 14:00 . 2009-08-12 14:00 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll + 2009-08-12 18:37 . 2009-08-12 18:37 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll + 2009-08-12 17:22 . 2009-08-12 17:22 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll + 2009-08-12 13:56 . 2009-08-12 13:56 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll + 2009-08-12 13:51 . 2009-08-12 13:51 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll + 2009-08-12 01:13 . 2009-08-12 01:13 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll + 2009-08-11 07:39 . 2009-08-11 07:39 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll + 2007-10-15 03:43 . 2007-10-15 03:43 229852160 c:\windows\Installer\8d37ee0.msp . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-12-16 3528440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-06-01 185896] "VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-14 1603152] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP] @="" [HKLM\~\startupfolder\C:^Documents and Settings^Joe Doering^Start Menu^Programs^Startup^Skyscape smARTupdate.lnk] path=c:\documents and settings\Joe Doering\Start Menu\Programs\Startup\Skyscape smARTupdate.lnk backup=c:\windows\pss\Skyscape smARTupdate.lnkStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/5/2009 12:05 PM 24652] R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [12/15/2004 11:18 AM 200192] S3 PAC207;CIF USB Camera;c:\windows\system32\DRIVERS\PFC027.SYS --> c:\windows\system32\DRIVERS\PFC027.SYS [?] S3 PAC7302;PAC7302 VGA USB Camera;c:\windows\system32\drivers\PAC7302.SYS [9/11/2008 9:43 PM 457856] . Contents of the 'Scheduled Tasks' folder 2009-09-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html IE: &Google Search - c:\program files\google\GoogleToolbar2.dll/cmsearch.html IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll/cmcache.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm TCP: {B96E07F0-AA41-457E-BF8C-03529849D1FB} = 207.69.188.185,207.69.188.186 DPF: {3C648A72-C49A-48EF-9F90-68EF13293F97} - hxxp://www.toledo.noris.xmlsweb.com/XMLSearch/XMLCache.CAB FF - ProfilePath - c:\documents and settings\Joe Doering\Application Data\Mozilla\Firefox\Profiles\4h45epds.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.camfrog.com/search.php?q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://search.camfrog.com/search.php?q= FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll . - - - - ORPHANS REMOVED - - - - BHO-{558AFF9C-2C35-424F-B7EB-C9CA0DDDC06E} - (no file) HKLM-Run-OneCareUI - c:\program files\Microsoft Windows OneCare Live\winssnotify.exe HKLM-Run-LogitechCommunicationsManager - c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe HKLM-Run-LogitechQuickCamRibbon - c:\program files\Logitech\QuickCam10\QuickCam10.exe HKLM-Run-BM0ade429f - c:\windows\system32\heukrgni.dll Notify-jkkigge - (no file) AddRemove-AV Care - c:\program files\AV Care\Uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-22 20:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(792) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2792) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Canon\IJPLM\ijplmsvc.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2009-09-23 21:09 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-23 01:08 ComboFix2.txt 2009-06-18 22:19 Pre-Run: 9,147,338,752 bytes free Post-Run: 9,252,614,144 bytes free Current=6 Default=6 Failed=5 LastKnownGood=3 Sets=1,2,3,5,6 1478 --- E O F --- 2009-08-12 01:13
- September 23, 2009
- 13 replies
Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

ComboFix 09-09-22.02 - Joe Doering 09/22/2009 20:40.2.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.382.114 [GMT -4:00] Running from: c:\documents and settings\Joe Doering\Desktop\pepper.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\usad.vbs c:\documents and settings\All Users\Documents\doxybynaq.exe c:\documents and settings\Joe Doering\Application Data\eqywi.bin c:\documents and settings\Joe Doering\Application Data\fodyqov.dl c:\documents and settings\Joe Doering\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusPro_2010.lnk c:\documents and settings\Joe Doering\Cookies\azugebu.scr c:\documents and settings\Joe Doering\Cookies\ewawygyve.ban c:\documents and settings\Joe Doering\Cookies\ijyzuwiby.inf c:\documents and settings\Joe Doering\Cookies\ycirybyjos.db c:\documents and settings\Joe Doering\Local Settings\Application Data\tuqam.exe c:\documents and settings\Joe Doering\Local Settings\Temporary Internet Files\emyf.db c:\documents and settings\Joe Doering\Local Settings\Temporary Internet Files\pukolati.dl c:\documents and settings\Joe Doering\Start Menu\Programs\AntivirusPro_2010 c:\documents and settings\Joe Doering\Start Menu\Programs\AntivirusPro_2010\AntivirusPro_2010.lnk c:\documents and settings\Joe Doering\Start Menu\Programs\AntivirusPro_2010\Uninstall.lnk c:\program files\Common Files\evij.vbs c:\program files\Common Files\gakoz.dll c:\program files\Common Files\omosyfij.bin c:\windows\010112010146118114.lso c:\windows\dukis.bin c:\windows\gopikity.scr c:\windows\Installer\385ce2b.msp c:\windows\Installer\385ce2d.msp c:\windows\Installer\6e4998.msi c:\windows\Installer\6e49b7.msi c:\windows\Installer\6e49b8.msi c:\windows\kri746.dat c:\windows\msa.exe c:\windows\msb.exe c:\windows\system32\drivers\Sonyhcp.dll c:\windows\system32\drivers\UACdrwtsnmvrj.sys c:\windows\system32\drivers\UACpduhersmbt.sys c:\windows\system32\hesaluwema.exe c:\windows\system32\hokuhuniv.scr c:\windows\system32\iniasd.txt c:\windows\system32\kri746.dat c:\windows\system32\net.net c:\windows\system32\SKYNETehgonvkl.dat c:\windows\system32\SKYNETgmuoluvw.dll c:\windows\system32\SKYNETkakyptvk.dat c:\windows\system32\SKYNETovmeyeee.dll c:\windows\system32\UACboexmuybwu.dll c:\windows\system32\UAChdhlnanpyx.db c:\windows\system32\UAChgopndemdm.db c:\windows\system32\UACjixuxdjyql.dll c:\windows\system32\UACmjxwlotnba.dll c:\windows\system32\UACmrpnyomlrq.dll c:\windows\system32\UACnrcxpyipjb.dat c:\windows\system32\UACrdjjwrqttk.dll c:\windows\system32\UACviturwugle.dll c:\windows\system32\UACwhsojkctlt.dat c:\windows\system32\UACympjdabiqp.dll c:\windows\system32\wisdstr.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED} -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE} ((((((((((((((((((((((((( Files Created from 2009-08-23 to 2009-09-23 ))))))))))))))))))))))))))))))) . 2009-09-23 00:33 . 2009-09-23 00:33 -------- d-----w- C:\ARP 2009-09-22 23:30 . 2009-09-22 23:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-09-22 23:21 . 2009-09-22 23:22 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Canon 2009-09-22 23:17 . 2009-09-22 23:25 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM 2009-09-22 23:15 . 2004-08-04 03:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-09-22 23:15 . 2004-08-04 03:01 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2009-09-22 23:14 . 2009-09-22 23:14 -------- d-----w- c:\program files\Common Files\CANON 2009-09-22 23:12 . 2009-09-22 23:12 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ 2009-09-22 23:11 . 2008-02-26 05:00 230912 ----a-w- c:\windows\system32\CNMLM9I.DLL 2009-09-22 23:11 . 2009-09-22 23:11 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2009-09-22 23:11 . 2008-02-08 15:38 200704 ----a-w- c:\windows\system32\CNC190L.DLL 2009-09-22 23:11 . 2007-03-15 14:12 188416 ----a-w- c:\windows\system32\CNC190O.DLL 2009-09-22 23:11 . 2007-11-09 11:59 1323008 ----a-w- c:\windows\system32\CNC190C.DLL 2009-09-22 23:11 . 2007-11-09 11:58 98304 ----a-w- c:\windows\system32\CNC190I.DLL 2009-09-22 23:11 . 2009-09-22 23:11 -------- d--h--w- c:\program files\CanonBJ 2009-09-22 23:10 . 2009-09-22 23:16 -------- d-----w- c:\program files\Canon 2009-09-22 17:26 . 2009-09-23 00:22 0 ----a-w- c:\windows\win32k.sys 2009-09-14 20:27 . 2004-08-04 13:00 4224 ----a-w- c:\windows\system32\drivers\beep.sys 2009-09-14 20:27 . 2004-08-04 13:00 4224 ----a-w- c:\windows\system32\dllcache\beep.sys 2009-09-14 18:46 . 2009-09-14 18:46 16235 ----a-w- c:\windows\system32\afybepyre.dat 2009-09-08 20:27 . 2009-09-08 20:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Search Engine Commando . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-22 23:38 . 2007-02-06 20:29 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\AdobeUM 2009-09-22 18:19 . 2008-04-05 05:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-22 14:48 . 2007-02-11 15:40 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Azureus 2009-09-19 14:14 . 2006-10-02 00:53 -------- d-----w- c:\program files\AIM 2009-09-18 12:21 . 2007-12-07 01:16 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Camfrog 2009-09-14 20:31 . 2009-03-26 20:29 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2009-08-17 15:28 . 2009-08-17 15:28 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Logs 2009-08-17 15:20 . 2009-08-17 14:59 94208 ----a-w- c:\windows\DUMP6cb5.tmp 2009-08-17 15:19 . 2009-08-17 14:59 94208 ----a-w- c:\windows\DUMP6f44.tmp 2009-08-17 15:17 . 2009-08-17 14:59 94208 ----a-w- c:\windows\DUMP6939.tmp 2009-08-17 14:57 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6cf2.tmp 2009-08-17 14:56 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6ac0.tmp 2009-08-17 14:54 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6b6c.tmp 2009-08-17 14:53 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6baa.tmp 2009-08-17 14:52 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6bda.tmp 2009-08-17 14:50 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6b1e.tmp 2009-08-17 14:49 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6bd9.tmp 2009-08-17 14:48 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6b1d.tmp 2009-08-17 14:47 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6c56.tmp 2009-08-17 14:45 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP659f.tmp 2009-08-17 14:43 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6afe.tmp 2009-08-17 14:42 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6aa0.tmp 2009-08-17 14:40 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6cb4.tmp 2009-08-14 18:05 . 2007-07-24 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2009-08-14 17:51 . 2009-08-14 17:50 -------- d-----w- c:\program files\iTunes 2009-08-14 17:51 . 2009-08-14 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-08-14 17:50 . 2009-08-14 17:50 -------- d-----w- c:\program files\iPod 2009-08-14 17:50 . 2009-04-05 05:41 -------- d-----w- c:\program files\Common Files\Apple 2009-08-14 17:47 . 2009-08-14 17:46 -------- d-----w- c:\program files\QuickTime 2009-08-13 15:17 . 2007-02-12 13:36 -------- d-----w- c:\program files\DivX 2009-08-12 20:38 . 2006-10-04 16:48 96960 ----a-w- c:\documents and settings\Joe Doering\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-11 13:45 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP614a.tmp 2009-08-11 13:44 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP610b.tmp 2009-08-11 13:43 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP6735.tmp 2009-08-11 13:41 . 2006-02-09 13:22 94208 ----a-w- c:\windows\DUMP60cd.tmp 2009-08-11 07:29 . 2009-08-11 07:29 -------- d-----w- c:\program files\MSBuild 2009-08-11 07:28 . 2009-08-11 07:28 -------- d-----w- c:\program files\Reference Assemblies 2009-08-11 07:21 . 2009-08-11 07:21 -------- d-----w- c:\program files\MSXML 6.0 2009-08-03 21:07 . 2008-08-31 17:52 -------- d-----w- c:\program files\Microsoft Silverlight 2009-08-03 04:32 . 2009-08-03 04:30 -------- d-----w- c:\program files\StoryLines 2009-08-03 02:26 . 2006-02-09 13:31 -------- d-----w- c:\documents and settings\Joe Doering\Application Data\Apple Computer 2009-07-09 16:16 . 2009-04-05 05:42 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2009-07-09 16:16 . 2009-04-05 05:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-06-29 16:12 . 2004-08-04 08:00 827392 ----a-w- c:\windows\system32\wininet.dll 2009-06-29 16:12 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-06-29 16:12 . 2004-08-04 08:00 17408 ------w- c:\windows\system32\corpol.dll 2009-04-07 15:43 . 2006-10-01 21:53 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2009-04-07 15:43 . 2006-10-01 21:53 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2009-04-07 15:43 . 2009-03-27 15:06 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2009-04-07 15:43 . 2009-03-27 15:06 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2009-04-07 15:43 . 2006-10-01 21:53 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ------- Sigcheck ------- [-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\qmgr.dll [-] 2007-03-29 . CC431E6DEAAD867A583EE5E804EE4CF2 . 409600 . . [6.7.2600.3109] . . c:\windows\system32\qmgr.dll [-] 2007-03-29 . CC431E6DEAAD867A583EE5E804EE4CF2 . 409600 . . [6.7.2600.3109] . . c:\windows\system32\bits\qmgr.dll [-] 2007-03-29 . CC431E6DEAAD867A583EE5E804EE4CF2 . 409600 . . [6.7.2600.3109] . . c:\windows\system32\dllcache\qmgr.dll [-] 2007-03-29 . 65E23953D337574E549B1EF34FE0B1DA . 409600 . . [6.7.2600.3109] . . c:\windows\$hf_mig$\KB923845\SP2QFE\qmgr.dll [7] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtUninstallKB923845$\qmgr.dll . ((((((((((((((((((((((((((((( SnapShot@2009-06-18_22.13.56 ))))))))))))))))))))))))))))))))))))))))) . + 2006-12-02 04:46 . 2006-12-02 04:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2009-07-11 23:41 . 2009-07-11 23:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll + 2009-09-22 23:11 . 2006-11-06 16:13 98304 c:\windows\twain_32\MP190 series\softfare.dll + 2009-09-22 23:11 . 2006-01-12 14:22 73728 c:\windows\twain_32\MP190 series\RSTCOL.DLL + 2009-09-22 23:11 . 2007-11-07 12:02 38646 c:\windows\twain_32\MP190 series\IPM.DAT + 2009-09-22 23:11 . 2007-05-15 20:26 77824 c:\windows\twain_32\MP190 series\IJFSHLIB.DLL + 2009-09-22 23:11 . 2006-04-13 15:43 53248 c:\windows\twain_32\MP190 series\HSL.DLL + 2009-09-22 23:11 . 2008-02-13 14:07 49224 c:\windows\twain_32\MP190 series\CNC190P.DAT + 2009-09-22 23:11 . 2007-06-05 17:15 86016 c:\windows\twain_32\MP190 series\CAPS.DLL + 2009-09-22 23:11 . 2005-04-15 15:34 57344 c:\windows\twain_32\MP190 series\BaLCo.dll + 2009-09-22 23:11 . 2006-11-29 14:39 73728 c:\windows\twain_32\MP190 series\AG.DLL - 2004-08-04 08:00 . 2004-08-04 08:00 50176 c:\windows\system32\utilman.exe + 2004-08-04 08:00 . 2006-10-04 08:48 50176 c:\windows\system32\utilman.exe - 2004-08-04 08:00 . 2004-08-04 08:00 35840 c:\windows\system32\umandlg.dll + 2004-08-04 08:00 . 2006-10-04 13:33 35840 c:\windows\system32\umandlg.dll + 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\system32\TsWpfWrp.exe - 2006-02-09 19:21 . 2008-07-09 07:38 26488 c:\windows\system32\spupdsvc.exe + 2006-02-09 19:21 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe + 2009-08-11 07:28 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll + 2009-09-22 23:11 . 2008-02-26 05:00 69632 c:\windows\system32\spool\prtprocs\w32x86\CNMPP9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 27136 c:\windows\system32\spool\prtprocs\w32x86\CNMPD9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 11264 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMW39I.DLL + 2009-09-22 23:11 . 2008-02-25 08:48 51024 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMVS9I.EXE + 2009-09-22 23:11 . 2008-02-26 05:00 13824 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMVS9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 77312 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMSR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 44032 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMSQ9I.DLL + 2009-09-22 23:11 . 2008-02-25 08:47 18768 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMSE9I.EXE + 2009-09-22 23:11 . 2008-02-26 05:00 47616 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMSD9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 12288 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMPI9I.DLL + 2009-09-22 23:11 . 2008-02-26 00:00 30320 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMP29I.DAT + 2009-09-22 23:11 . 2008-02-26 00:00 27140 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMP19I.DAT + 2009-09-22 23:11 . 2008-02-26 00:00 23280 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMP09I.DAT + 2009-09-22 23:11 . 2008-02-26 05:00 27136 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMOP9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 59904 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMLH9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 10240 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMFU9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 29184 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMEI9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 98816 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMCP9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 11264 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMBU9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 33280 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMBS9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 11264 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMBM9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 11264 c:\windows\system32\spool\drivers\w32x86\3\CNMW39I.DLL + 2009-09-22 23:11 . 2008-02-25 08:48 51024 c:\windows\system32\spool\drivers\w32x86\3\CNMVS9I.EXE + 2009-09-22 23:11 . 2008-02-26 05:00 13824 c:\windows\system32\spool\drivers\w32x86\3\CNMVS9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 77312 c:\windows\system32\spool\drivers\w32x86\3\CNMSR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 44032 c:\windows\system32\spool\drivers\w32x86\3\CNMSQ9I.DLL + 2009-09-22 23:11 . 2008-02-25 08:47 18768 c:\windows\system32\spool\drivers\w32x86\3\CNMSE9I.EXE + 2009-09-22 23:11 . 2008-02-26 05:00 47616 c:\windows\system32\spool\drivers\w32x86\3\CNMSD9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 12288 c:\windows\system32\spool\drivers\w32x86\3\CNMPI9I.DLL + 2009-09-22 23:11 . 2008-02-26 00:00 30320 c:\windows\system32\spool\drivers\w32x86\3\CNMP29I.DAT + 2009-09-22 23:11 . 2008-02-26 00:00 27140 c:\windows\system32\spool\drivers\w32x86\3\CNMP19I.DAT + 2009-09-22 23:11 . 2008-02-26 00:00 23280 c:\windows\system32\spool\drivers\w32x86\3\CNMP09I.DAT + 2009-09-22 23:11 . 2008-02-26 05:00 27136 c:\windows\system32\spool\drivers\w32x86\3\CNMOP9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 59904 c:\windows\system32\spool\drivers\w32x86\3\CNMLH9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 10240 c:\windows\system32\spool\drivers\w32x86\3\CNMFU9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 29184 c:\windows\system32\spool\drivers\w32x86\3\CNMEI9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 98816 c:\windows\system32\spool\drivers\w32x86\3\CNMCP9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 11264 c:\windows\system32\spool\drivers\w32x86\3\CNMBU9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 33280 c:\windows\system32\spool\drivers\w32x86\3\CNMBS9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 11264 c:\windows\system32\spool\drivers\w32x86\3\CNMBM9I.DLL - 2008-07-09 07:02 . 2008-07-09 07:38 17272 c:\windows\system32\spmsg.dll + 2008-07-09 07:02 . 2007-11-30 11:18 17272 c:\windows\system32\spmsg.dll + 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\system32\PresentationHostProxy.dll - 2004-08-04 08:00 . 2009-04-29 04:56 44544 c:\windows\system32\pngfilt.dll + 2004-08-04 08:00 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll + 2004-08-07 13:10 . 2009-08-12 01:11 82118 c:\windows\system32\perfc009.dat + 2004-08-04 08:00 . 2006-10-04 08:48 53760 c:\windows\system32\narrator.exe - 2004-08-04 08:00 . 2004-08-04 08:00 53760 c:\windows\system32\narrator.exe - 2007-10-24 06:47 . 2007-10-24 06:47 15360 c:\windows\system32\mui\0409\mscorees.dll + 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\system32\mui\0409\mscorees.dll + 2007-05-08 21:08 . 2007-05-08 21:08 86728 c:\windows\system32\msxml6r.dll + 2007-08-13 22:54 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll - 2007-08-13 22:54 . 2009-04-29 04:55 52224 c:\windows\system32\msfeedsbs.dll + 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\system32\mscories.dll - 2004-08-04 08:00 . 2004-08-04 08:00 72704 c:\windows\system32\magnify.exe + 2004-08-04 08:00 . 2006-10-04 08:48 72704 c:\windows\system32\magnify.exe + 2004-08-04 08:00 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll - 2004-08-04 08:00 . 2009-04-29 04:55 27648 c:\windows\system32\jsproxy.dll + 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\system32\infocardapi.dll - 2007-08-13 22:39 . 2009-04-28 09:05 13824 c:\windows\system32\ieudinit.exe + 2007-08-13 22:39 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe - 2004-08-04 08:00 . 2009-04-29 04:55 44544 c:\windows\system32\iernonce.dll + 2004-08-04 08:00 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll - 2004-08-04 08:00 . 2009-04-28 09:05 70656 c:\windows\system32\ie4uinit.exe + 2004-08-04 08:00 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe + 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\system32\icardres.dll + 2007-08-13 22:36 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll - 2007-08-13 22:36 . 2009-04-29 04:55 63488 c:\windows\system32\icardie.dll + 2004-08-04 08:00 . 2009-06-16 14:55 82432 c:\windows\system32\fontsub.dll + 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\system32\dxva2.dll + 2009-08-14 17:43 . 2009-07-09 16:16 39424 c:\windows\system32\DRVSTORE\usbaapl_872A2434B7205D4BD84BBE53811BDCE15F347D5B\usbaapl.sys + 2009-08-14 17:44 . 2009-07-09 16:16 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys + 2009-08-14 17:51 . 2009-03-19 20:32 23400 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspiWDM.sys + 2009-04-05 05:48 . 2009-03-19 20:32 23400 c:\windows\system32\drivers\GEARAspiWDM.sys + 2006-10-04 08:48 . 2006-10-04 08:48 50176 c:\windows\system32\dllcache\utilman.exe + 2006-10-04 13:33 . 2006-10-04 13:33 35840 c:\windows\system32\dllcache\umandlg.dll - 2006-06-23 11:25 . 2009-04-29 04:56 44544 c:\windows\system32\dllcache\pngfilt.dll + 2006-06-23 11:25 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll + 2006-10-04 08:48 . 2006-10-04 08:48 53760 c:\windows\system32\dllcache\narrator.exe - 2008-04-05 03:25 . 2009-04-29 04:55 52224 c:\windows\system32\dllcache\msfeedsbs.dll + 2008-04-05 03:25 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll + 2006-10-04 08:48 . 2006-10-04 08:48 72704 c:\windows\system32\dllcache\magnify.exe - 2006-06-23 11:25 . 2009-04-29 04:55 27648 c:\windows\system32\dllcache\jsproxy.dll + 2006-06-23 11:25 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll - 2008-04-05 03:24 . 2009-04-28 09:05 13824 c:\windows\system32\dllcache\ieudinit.exe + 2008-04-05 03:24 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe - 2007-08-13 22:39 . 2009-04-29 04:55 44544 c:\windows\system32\dllcache\iernonce.dll + 2007-08-13 22:39 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll - 2007-08-13 22:45 . 2009-04-29 04:55 78336 c:\windows\system32\dllcache\ieencode.dll + 2007-08-13 22:45 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll - 2007-08-13 22:39 . 2009-04-28 09:05 70656 c:\windows\system32\dllcache\ie4uinit.exe + 2007-08-13 22:39 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe + 2008-04-05 03:24 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll - 2008-04-05 03:24 . 2009-04-29 04:55 63488 c:\windows\system32\dllcache\icardie.dll + 2009-06-16 14:55 . 2009-06-16 14:55 82432 c:\windows\system32\dllcache\fontsub.dll + 2009-08-11 07:28 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll - 2007-08-13 22:42 . 2007-08-13 22:42 17408 c:\windows\system32\dllcache\corpol.dll + 2007-08-13 22:42 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll + 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\system32\dfshim.dll - 2007-10-24 06:47 . 2007-10-24 06:47 96760 c:\windows\system32\dfshim.dll - 2006-02-09 13:24 . 2006-02-09 13:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2006-02-09 13:24 . 2009-08-17 15:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2006-02-09 13:24 . 2006-02-09 13:26 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2006-02-09 13:24 . 2009-08-17 15:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2006-02-09 13:24 . 2009-08-17 15:00 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2006-02-09 13:24 . 2006-02-09 13:26 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-09-22 23:11 . 2008-02-14 11:56 49664 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\RES\DLL\IJInstUS.dll + 2009-09-22 23:11 . 2008-02-14 11:56 38912 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\RES\DLL\IJInstJP.dll + 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll + 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll + 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll + 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe + 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe + 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe + 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe + 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll + 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll + 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe + 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll + 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll + 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll + 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - 2007-10-24 06:47 . 2007-10-24 06:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL - 2007-10-24 06:47 . 2007-10-24 06:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll - 2007-10-24 06:47 . 2007-10-24 06:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll - 2007-10-24 06:47 . 2007-10-24 06:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll - 2007-10-24 06:47 . 2007-10-24 06:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll - 2007-10-24 06:47 . 2007-10-24 06:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll - 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll - 2007-10-24 06:47 . 2007-10-24 06:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe - 2007-10-24 06:47 . 2007-10-24 06:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe - 2007-10-24 06:47 . 2007-10-24 06:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll - 2007-10-24 06:47 . 2007-10-24 06:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll - 2007-10-24 06:47 . 2007-10-24 06:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll - 2007-10-24 06:47 . 2007-10-24 06:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll - 2007-10-24 06:47 . 2007-10-24 06:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - 2007-10-24 06:47 . 2007-10-24 06:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll - 2007-10-24 06:47 . 2007-10-24 06:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll - 2007-10-24 06:47 . 2007-10-24 06:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll - 2007-10-24 06:47 . 2007-10-24 06:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll - 2007-10-24 06:47 . 2007-10-24 06:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2007-10-24 06:47 . 2007-10-24 06:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll - 2007-10-24 06:47 . 2007-10-24 06:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll - 2007-10-24 06:47 . 2007-10-24 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll - 2007-10-24 06:47 . 2007-10-24 06:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll - 2007-10-24 06:47 . 2007-10-24 06:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll - 2007-10-24 06:47 . 2007-10-24 06:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll - 2007-10-24 06:47 . 2007-10-24 06:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll - 2007-10-24 06:47 . 2007-10-24 06:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll - 2007-10-24 06:47 . 2007-10-24 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe - 2007-10-24 06:47 . 2007-10-24 06:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll - 2007-10-24 06:47 . 2007-10-24 06:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll - 2007-10-24 06:47 . 2007-10-24 06:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - 2007-10-24 06:47 . 2007-10-24 06:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll - 2007-10-24 06:47 . 2007-10-24 06:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll - 2007-10-24 06:47 . 2007-10-24 06:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - 2007-10-24 06:47 . 2007-10-24 06:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2008-11-25 08:59 . 2008-11-25 08:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe - 2007-10-24 06:47 . 2007-10-24 06:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe - 2007-10-24 06:47 . 2007-10-24 06:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll - 2007-10-24 06:47 . 2007-10-24 06:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe - 2007-10-24 06:47 . 2007-10-24 06:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll - 2007-10-24 06:47 . 2007-10-24 06:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll - 2007-10-24 06:47 . 2007-10-24 06:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll - 2007-10-24 06:47 . 2007-10-24 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll - 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll - 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll - 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll - 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2008-07-25 15:16 . 2008-07-25 15:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll - 2007-10-24 06:47 . 2007-10-24 06:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2008-07-25 15:16 . 2008-07-25 15:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2006-02-09 19:21 . 2006-02-09 19:21 20480 c:\windows\Installer\cfc0d.msi + 2007-02-05 02:44 . 2007-02-05 02:44 48128 c:\windows\Installer\63571.msi + 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\38385c4.msp + 2009-08-11 07:25 . 2009-08-11 07:25 88576 c:\windows\Installer\37c7d0b.msi + 2008-08-31 17:52 . 2008-08-31 17:52 55296 c:\windows\Installer\1a3daa.msi + 2009-08-20 15:03 . 2009-08-20 15:03 23558 c:\windows\Installer\{AC76BA86-7AD7-5676-5A64-7E8A45000001}\ARPPRODUCTICON.exe - 2007-02-05 02:52 . 2009-06-17 07:17 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe + 2007-02-05 02:52 . 2009-07-15 07:05 35088 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe + 2007-02-05 02:52 . 2009-07-15 07:05 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe - 2007-02-05 02:52 . 2009-06-17 07:17 18704 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe + 2007-02-05 02:52 . 2009-07-15 07:05 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe - 2007-02-05 02:52 . 2009-06-17 07:17 20240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe + 2006-10-27 01:09 . 2006-10-27 01:09 48448 c:\windows\Installer\$PatchCache$\Managed\00002119410000000000000000F01FEC\12.0.4518\PUBTRAP.DLL + 2009-07-29 07:02 . 2009-04-29 04:56 44544 c:\windows\ie7updates\KB972260-IE7\pngfilt.dll + 2009-07-29 07:02 . 2009-04-29 04:55 52224 c:\windows\ie7updates\KB972260-IE7\msfeedsbs.dll + 2009-07-29 07:02 . 2009-04-29 04:55 27648 c:\windows\ie7updates\KB972260-IE7\jsproxy.dll + 2009-07-29 07:02 . 2009-04-28 09:05 13824 c:\windows\ie7updates\KB972260-IE7\ieudinit.exe + 2009-07-29 07:02 . 2009-04-29 04:55 44544 c:\windows\ie7updates\KB972260-IE7\iernonce.dll + 2009-07-29 07:02 . 2009-04-29 04:55 78336 c:\windows\ie7updates\KB972260-IE7\ieencode.dll + 2009-07-29 07:02 . 2009-04-28 09:05 70656 c:\windows\ie7updates\KB972260-IE7\ie4uinit.exe + 2009-07-29 07:02 . 2009-04-29 04:55 63488 c:\windows\ie7updates\KB972260-IE7\icardie.dll + 2009-07-29 07:02 . 2004-08-04 08:00 35328 c:\windows\ie7updates\KB972260-IE7\corpol.dll + 2009-08-11 07:28 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll + 2009-08-12 14:02 . 2009-08-12 14:02 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll + 2009-08-12 18:48 . 2009-08-12 18:48 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll + 2009-08-12 18:39 . 2009-08-12 18:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll + 2009-08-12 17:24 . 2009-08-12 17:24 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll + 2009-08-12 01:13 . 2009-08-12 01:13 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe + 2009-08-12 01:12 . 2009-08-12 01:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll + 2009-08-12 18:36 . 2009-08-12 18:36 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll + 2009-08-12 17:23 . 2009-08-12 17:23 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe + 2009-08-12 17:23 . 2009-08-12 17:23 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll + 2009-08-11 07:29 . 2009-08-11 07:29 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2009-08-11 07:29 . 2009-08-11 07:29 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll + 2009-08-11 07:29 . 2009-08-11 07:29 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2009-08-11 07:31 . 2009-08-11 07:31 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2009-08-11 07:31 . 2009-08-11 07:31 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll + 2009-08-11 07:36 . 2009-08-11 07:36 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2009-08-11 07:31 . 2009-08-11 07:31 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll + 2009-08-11 07:31 . 2009-08-11 07:31 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll + 2009-08-11 07:29 . 2009-08-11 07:29 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2009-08-11 07:29 . 2009-08-11 07:29 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll + 2009-08-11 07:36 . 2009-08-11 07:36 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2008-01-24 03:32 . 2008-01-24 03:32 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2009-08-11 07:31 . 2009-08-11 07:31 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2009-08-11 07:36 . 2009-08-11 07:36 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2008-01-24 03:31 . 2008-01-24 03:31 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2009-08-11 07:31 . 2009-08-11 07:31 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2009-08-11 07:31 . 2009-08-11 07:31 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2009-08-11 07:29 . 2009-08-11 07:29 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe + 2009-08-11 07:29 . 2009-08-11 07:29 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll + 2009-08-11 07:36 . 2009-08-11 07:36 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2008-01-24 03:31 . 2008-01-24 03:31 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2008-01-24 03:32 . 2008-01-24 03:32 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-08-11 07:36 . 2009-08-11 07:36 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-08-11 07:31 . 2009-08-11 07:31 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll - 2008-01-24 03:31 . 2008-01-24 03:31 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2009-08-11 07:36 . 2009-08-11 07:36 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2009-08-11 07:36 . 2009-08-11 07:36 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2008-01-24 03:32 . 2008-01-24 03:32 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2009-08-11 07:31 . 2009-08-11 07:31 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll + 2009-08-11 07:31 . 2009-08-11 07:31 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2009-08-11 07:36 . 2009-08-11 07:36 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2008-01-24 03:32 . 2008-01-24 03:32 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2008-01-24 03:31 . 2008-01-24 03:31 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2009-08-11 07:36 . 2009-08-11 07:36 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2009-08-11 07:36 . 2009-08-11 07:36 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2008-01-24 03:31 . 2008-01-24 03:31 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2008-01-24 03:31 . 2008-01-24 03:31 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2009-08-11 07:36 . 2009-08-11 07:36 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2008-01-24 03:31 . 2008-01-24 03:31 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2009-08-11 07:36 . 2009-08-11 07:36 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2009-08-11 07:36 . 2009-08-11 07:36 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2008-01-24 03:31 . 2008-01-24 03:31 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2009-07-15 07:02 . 2005-10-17 21:14 80896 c:\windows\$NtUninstallKB961371$\fontsub.dll + 2009-08-12 01:10 . 2004-08-04 08:00 50176 c:\windows\$NtUninstallKB925720$\utilman.exe + 2009-08-12 01:10 . 2004-08-04 08:00 35840 c:\windows\$NtUninstallKB925720$\umandlg.dll + 2009-08-12 01:10 . 2004-08-04 08:00 53760 c:\windows\$NtUninstallKB925720$\narrator.exe + 2009-08-12 01:10 . 2004-08-04 08:00 72704 c:\windows\$NtUninstallKB925720$\magnify.exe + 2009-07-15 07:04 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973346\update\spcustom.dll + 2009-07-15 07:04 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973346\spmsg.dll + 2009-07-29 07:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB972260-IE7\update\spcustom.dll + 2009-07-29 07:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB972260-IE7\spmsg.dll + 2009-06-29 16:23 . 2009-06-29 16:23 44544 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\pngfilt.dll + 2009-06-29 16:23 . 2009-06-29 16:23 52224 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\msfeedsbs.dll + 2009-06-29 16:23 . 2009-06-29 16:23 27648 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\jsproxy.dll + 2009-06-29 11:25 . 2009-06-29 11:25 13824 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieudinit.exe + 2009-06-29 16:23 . 2009-06-29 16:23 44544 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\iernonce.dll + 2009-06-29 16:23 . 2009-06-29 16:23 78336 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ieencode.dll + 2009-06-29 11:25 . 2009-06-29 11:25 70656 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\ie4uinit.exe + 2009-06-29 16:23 . 2009-06-29 16:23 63488 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\icardie.dll + 2009-06-29 16:23 . 2009-06-29 16:23 17408 c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\corpol.dll + 2009-07-15 07:04 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971633\update\spcustom.dll + 2009-07-15 07:04 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971633\spmsg.dll + 2009-07-15 07:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB961371\update\spcustom.dll + 2009-07-15 07:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB961371\spmsg.dll + 2009-06-16 14:43 . 2009-06-16 14:43 81920 c:\windows\$hf_mig$\KB961371\SP3QFE\fontsub.dll + 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\$hf_mig$\KB961371\SP3GDR\fontsub.dll + 2009-06-16 14:45 . 2009-06-16 14:45 81920 c:\windows\$hf_mig$\KB961371\SP2QFE\fontsub.dll + 2009-08-12 01:13 . 2007-11-30 11:18 26488 c:\windows\$hf_mig$\KB961118\update\spcustom.dll + 2009-08-12 01:13 . 2007-11-30 11:18 17272 c:\windows\$hf_mig$\KB961118\spmsg.dll + 2009-08-12 01:10 . 2005-10-12 23:16 22752 c:\windows\$hf_mig$\KB925720\update\spcustom.dll + 2009-08-12 01:10 . 2005-10-12 23:16 14048 c:\windows\$hf_mig$\KB925720\spmsg.dll + 2006-10-04 10:40 . 2006-10-04 10:40 50176 c:\windows\$hf_mig$\KB925720\SP2QFE\utilman.exe + 2006-10-04 14:05 . 2006-10-04 14:05 35840 c:\windows\$hf_mig$\KB925720\SP2QFE\umandlg.dll + 2006-10-04 10:40 . 2006-10-04 10:40 53760 c:\windows\$hf_mig$\KB925720\SP2QFE\narrator.exe + 2006-10-04 10:40 . 2006-10-04 10:40 72704 c:\windows\$hf_mig$\KB925720\SP2QFE\magnify.exe + 2009-08-11 07:36 . 2009-08-11 07:36 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2008-01-24 03:31 . 2008-01-24 03:31 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2009-09-22 23:11 . 2007-01-26 15:44 4608 c:\windows\twain_32\MP190 series\USDRESUS.DLL + 2009-09-22 23:11 . 2007-01-26 15:44 4096 c:\windows\twain_32\MP190 series\USDRESJP.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 9216 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNML29I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 9216 c:\windows\system32\spool\drivers\w32x86\3\CNML29I.DLL + 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll - 2007-10-24 06:47 . 2007-10-24 06:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2008-07-25 15:16 . 2008-07-25 15:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll - 2007-10-24 06:47 . 2007-10-24 06:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2008-07-25 15:17 . 2008-07-25 15:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2008-07-25 15:17 . 2008-07-25 15:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll - 2007-10-24 06:47 . 2007-10-24 06:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll - 2007-10-24 06:47 . 2007-10-24 06:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2008-07-25 15:17 . 2008-07-25 15:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll - 2007-10-24 06:47 . 2007-10-24 06:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2008-07-25 15:17 . 2008-07-25 15:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe - 2007-10-24 06:47 . 2007-10-24 06:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2008-07-25 15:16 . 2008-07-25 15:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2009-08-11 07:31 . 2009-08-11 07:31 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll - 2008-01-24 03:31 . 2008-01-24 03:31 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2009-08-11 07:36 . 2009-08-11 07:36 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2008-01-24 03:30 . 2008-01-24 03:30 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2009-08-11 07:36 . 2009-08-11 07:36 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2008-01-24 03:31 . 2008-01-24 03:31 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2009-08-11 07:36 . 2009-08-11 07:36 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2009-08-11 07:36 . 2009-08-11 07:36 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2008-01-24 03:31 . 2008-01-24 03:31 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2008-01-24 03:32 . 2008-01-24 03:32 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2009-08-11 07:36 . 2009-08-11 07:36 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2009-08-11 07:36 . 2009-08-11 07:36 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2008-01-24 03:32 . 2008-01-24 03:32 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll + 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll + 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll + 2009-09-22 23:11 . 2007-02-06 21:00 258048 c:\windows\twain_32\MP190 series\USIP.DLL + 2009-09-22 23:11 . 2007-11-07 10:28 524288 c:\windows\twain_32\MP190 series\TPM.DLL + 2009-09-22 23:11 . 2005-02-02 18:34 118784 c:\windows\twain_32\MP190 series\SCRPRMV.DLL + 2009-09-22 23:11 . 2007-11-07 10:27 147456 c:\windows\twain_32\MP190 series\SCANINTF.DLL + 2009-09-22 23:11 . 2006-12-13 11:28 122880 c:\windows\twain_32\MP190 series\MC2.DLL + 2009-09-22 23:11 . 2004-06-07 12:58 290816 c:\windows\twain_32\MP190 series\libBLC.dll + 2009-09-22 23:11 . 2004-08-26 17:07 114688 c:\windows\twain_32\MP190 series\ITLIB32.DLL + 2009-09-22 23:11 . 2007-11-07 10:27 135168 c:\windows\twain_32\MP190 series\IPM.DLL + 2009-09-22 23:11 . 2007-11-07 10:27 184320 c:\windows\twain_32\MP190 series\IOP.DLL + 2009-09-22 23:11 . 2007-03-19 14:06 143360 c:\windows\twain_32\MP190 series\CUBS.DLL + 2009-09-22 23:11 . 2005-08-24 15:51 126976 c:\windows\twain_32\MP190 series\CFine2.dll + 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe + 2009-08-11 07:28 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll + 2006-10-24 16:30 . 2006-10-24 16:30 276992 c:\windows\system32\WMPhoto.dll + 2006-10-24 16:29 . 2006-10-24 16:29 352256 c:\windows\system32\WindowsCodecsExt.dll + 2006-10-24 16:30 . 2006-10-24 16:30 716288 c:\windows\system32\WindowsCodecs.dll - 2004-08-04 08:00 . 2009-04-29 04:56 233472 c:\windows\system32\webcheck.dll + 2004-08-04 08:00 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll - 2004-08-04 08:00 . 2009-04-29 04:56 105984 c:\windows\system32\url.dll + 2004-08-04 08:00 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll + 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\system32\UIAutomationCore.dll + 2004-08-04 08:00 . 2009-06-16 14:55 119808 c:\windows\system32\t2embed.dll + 2009-08-11 07:28 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll + 2009-08-11 07:28 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll + 2009-08-11 07:28 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll + 2009-08-11 07:28 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll + 2009-08-11 07:28 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll + 2009-08-11 07:28 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe + 2009-09-22 23:11 . 2008-02-26 05:00 391168 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMUR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 309760 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMUB9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 444928 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMSM9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 814592 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMSB9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 102912 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMPV9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 165888 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMLR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 552448 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMDR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 243200 c:\windows\system32\spool\drivers\w32x86\canonmp190_series7b78\CNMD59I.DLL + 2009-08-11 07:28 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll + 2009-08-11 07:28 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll + 2009-08-11 07:28 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll + 2009-08-11 07:28 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll + 2009-08-11 07:28 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll + 2009-09-22 23:11 . 2008-02-26 05:00 391168 c:\windows\system32\spool\drivers\w32x86\3\CNMUR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 309760 c:\windows\system32\spool\drivers\w32x86\3\CNMUB9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 444928 c:\windows\system32\spool\drivers\w32x86\3\CNMSM9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 814592 c:\windows\system32\spool\drivers\w32x86\3\CNMSB9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 102912 c:\windows\system32\spool\drivers\w32x86\3\CNMPV9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 165888 c:\windows\system32\spool\drivers\w32x86\3\CNMLR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 552448 c:\windows\system32\spool\drivers\w32x86\3\CNMDR9I.DLL + 2009-09-22 23:11 . 2008-02-26 05:00 243200 c:\windows\system32\spool\drivers\w32x86\3\CNMD59I.DLL + 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\system32\rgb9rast_2.dll + 2008-02-27 05:47 . 2009-09-22 17:24 191364 c:\windows\system32\Restore\rstrlog.dat + 2009-08-11 07:28 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll + 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\system32\PresentationNative_v0300.dll + 2008-07-30 00:35 . 2008-07-30 00:35 326160 c:\windows\system32\PresentationHost.exe + 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll + 2006-10-24 16:30 . 2006-10-24 16:30 412160 c:\windows\system32\photometadatahandler.dll + 2004-08-07 13:10 . 2009-08-12 01:11 466266 c:\windows\system32\perfh009.dat - 2004-08-04 08:00 . 2004-08-04 08:00 215552 c:\windows\system32\osk.exe + 2004-08-04 08:00 . 2006-10-04 08:48 215552 c:\windows\system32\osk.exe - 2004-08-04 08:00 . 2009-04-29 04:56 102912 c:\windows\system32\occache.dll + 2004-08-04 08:00 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll - 2004-08-04 08:00 . 2009-04-29 04:56 671232 c:\windows\system32\mstime.dll + 2004-08-04 08:00 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll + 2004-08-04 08:00 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll - 2004-08-04 08:00 . 2009-04-29 04:56 193024 c:\windows\system32\msrating.dll - 2004-08-04 08:00 . 2009-04-29 04:56 477696 c:\windows\system32\mshtmled.dll + 2004-08-04 08:00 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll + 2007-08-13 22:54 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll - 2007-08-13 22:54 . 2009-04-29 04:55 459264 c:\windows\system32\msfeeds.dll - 2007-10-24 06:47 . 2007-10-24 06:47 158720 c:\windows\system32\mscorier.dll + 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\system32\mscorier.dll - 2007-10-24 06:47 . 2007-10-24 06:47 282112 c:\windows\system32\mscoree.dll + 2008-07-25 15:16 . 2008-07-25 15:16 282112 c:\windows\system32\mscoree.dll + 2007-08-13 22:34 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll - 2007-08-13 22:34 . 2009-04-29 04:55 268288 c:\windows\system32\iertutil.dll - 2004-08-04 08:00 . 2009-04-29 04:55 385024 c:\windows\system32\iedkcs32.dll + 2004-08-04 08:00 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll + 2007-07-11 16:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll + 2004-08-04 08:00 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll - 2004-08-04 08:00 . 2009-04-25 05:26 161792 c:\windows\system32\ieakui.dll + 2004-08-04 08:00 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll - 2004-08-04 08:00 . 2009-04-29 04:55 230400 c:\windows\system32\ieaksie.dll - 2004-08-04 08:00 . 2009-04-29 04:55 153088 c:\windows\system32\ieakeng.dll + 2004-08-04 08:00 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll + 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\system32\icardagt.exe + 2004-08-07 13:02 . 2009-08-11 13:12 366504 c:\windows\system32\FNTCACHE.DAT - 2004-08-04 08:00 . 2009-04-29 04:55 133120 c:\windows\system32\extmgr.dll + 2004-08-04 08:00 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll + 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\system32\evr.dll - 2004-08-04 08:00 . 2009-04-29 04:55 214528 c:\windows\system32\dxtrans.dll + 2004-08-04 08:00 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll - 2004-08-04 08:00 . 2009-04-29 04:55 347136 c:\windows\system32\dxtmsft.dll + 2004-08-04 08:00 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll + 2009-08-14 17:51 . 2008-04-17 16:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspi.dll + 2009-08-11 07:28 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll + 2006-06-23 11:25 . 2009-06-29 16:12 827392 c:\windows\system32\dllcache\wininet.dll - 2006-06-23 11:25 . 2009-04-29 04:56 827392 c:\windows\system32\dllcache\wininet.dll + 2007-08-13 22:54 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll - 2007-08-13 22:54 . 2009-04-29 04:56 233472 c:\windows\system32\dllcache\webcheck.dll - 2007-08-13 22:44 . 2009-04-29 04:56 105984 c:\windows\system32\dllcache\url.dll + 2007-08-13 22:44 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll + 2009-06-16 14:55 . 2009-06-16 14:55 119808 c:\windows\system32\dllcache\t2embed.dll + 2009-08-11 07:28 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe + 2006-10-04 08:48 . 2006-10-04 08:48 215552 c:\windows\system32\dllcache\osk.exe - 2007-08-13 22:44 . 2009-04-29 04:56 102912 c:\windows\system32\dllcache\occache.dll + 2007-08-13 22:44 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll - 2006-06-23 11:25 . 2009-04-29 04:56 671232 c:\windows\system32\dllcache\mstime.dll + 2006-06-23 11:25 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll + 2006-06-23 11:25 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll - 2006-06-23 11:25 . 2009-04-29 04:56 193024 c:\windows\system32\dllcache\msrating.dll - 2006-06-23 11:25 . 2009-04-29 04:56 477696 c:\windows\system32\dllcache\mshtmled.dll + 2006-06-23 11:25 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll + 2008-04-05 03:25 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll - 2008-04-05 03:25 . 2009-04-29 04:55 459264 c:\windows\system32\dllcache\msfeeds.dll + 2007-08-13 22:43 . 2009-06-29 08:35 634632 c:\windows\system32\dllcache\iexplore.exe + 2008-04-05 03:25 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll - 2008-04-05 03:25 . 2009-04-29 04:55 268288 c:\windows\system32\dllcache\iertutil.dll + 2007-08-13 22:39 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll - 2007-08-13 22:39 . 2009-04-29 04:55 385024 c:\windows\system32\dllcache\iedkcs32.dll + 2008-04-05 03:24 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll - 2007-08-13 21:56 . 2009-04-25 05:26 161792 c:\windows\system32\dllcache\ieakui.dll + 2007-08-13 21:56 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll - 2007-08-13 22:39 . 2009-04-29 04:55 230400 c:\windows\system32\dllcache\ieaksie.dll + 2007-08-13 22:39 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll - 2007-08-13 22:39 . 2009-04-29 04:55 153088 c:\windows\system32\dllcache\ieakeng.dll + 2007-08-13 22:39 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll - 2006-06-23 11:25 . 2009-04-29 04:55 133120 c:\windows\system32\dllcache\extmgr.dll + 2006-06-23 11:25 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll + 2006-06-23 11:25 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll - 2006-06-23 11:25 . 2009-04-29 04:55 214528 c:\windows\system32\dllcache\dxtrans.dll + 2006-06-23 11:25 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll - 2006-06-23 11:25 . 2009-04-29 04:55 347136 c:\windows\system32\dllcache\dxtmsft.dll + 2007-08-13 22:39 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll - 2007-08-13 22:39 . 2009-04-29 04:55 124928 c:\windows\system32\dllcache\advpack.dll + 2009-09-22 23:11 . 2008-02-14 12:07 598360 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\DelDrv.exe - 2004-08-04 08:00 . 2009-04-29 04:55 124928 c:\windows\system32\advpack.dll + 2004-08-04 08:00 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll + 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe + 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll + 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll + 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll + 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll + 2009-08-11 07:31 . 2009-08-11 07:31 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi + 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe + 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll + 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll + 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat + 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll + 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll + 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll + 2008-07-29 23:59 . 2008-07-29 23:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll + 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe + 2008-07-29 23:16 . 2008-07-29 23:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll + 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe + 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe + 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll + 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll + 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe + 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe + 2008-11-25 08:59 . 2008-11-25 08:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll - 2007-10-24 06:47 . 2007-10-24 06:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll - 2007-10-24 06:47 . 2007-10-24 06:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll - 2007-10-24 06:47 . 2007-10-24 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll - 2007-10-24 06:47 . 2007-10-24 06:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll - 2007-10-24 06:47 . 2007-10-24 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll - 2007-10-24 06:47 . 2007-10-24 06:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll - 2007-10-24 06:47 . 2007-10-24 06:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll - 2007-10-24 06:47 . 2007-10-24 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll - 2007-10-24 06:47 . 2007-10-24 06:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll - 2007-10-24 06:47 . 2007-10-24 06:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll - 2007-10-24 06:47 . 2007-10-24 06:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll - 2007-10-24 06:47 . 2007-10-24 06:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2008-07-25 15:17 . 2008-07-25 15:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll - 2007-10-24 06:47 . 2007-10-24 06:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2008-11-25 08:59 . 2008-11-25 08:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll - 2007-10-24 06:47 . 2007-10-24 06:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll - 2007-10-24 06:47 . 2007-10-24 06:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll - 2007-10-24 06:47 . 2007-10-24 06:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll - 2007-10-24 06:47 . 2007-10-24 06:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll - 2007-10-24 06:47 . 2007-10-24 06:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe - 2007-10-24 06:47 . 2007-10-24 06:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll - 2007-10-24 06:47 . 2007-10-24 06:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe - 2007-10-24 06:47 . 2007-10-24 06:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll - 2007-10-24 06:47 . 2007-10-24 06:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe - 2007-10-24 06:47 . 2007-10-24 06:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe - 2007-10-24 06:47 . 2007-10-24 06:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll - 2007-10-24 06:47 . 2007-10-24 06:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll - 2007-10-24 06:47 . 2007-10-24 06:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll - 2007-10-24 06:47 . 2007-10-24 06:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- September 23, 2009
- 13 replies
Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

Negster, I posted each log below in the order you requested. C:\Avenger.txt: Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File move operation "C:\WINDOWS\system32\logevent.dll|C:\WINDOWS\system32\eventlog.dll" completed successfully. Completed script processing. ******************* Finished! Terminate. C:\ARK.txt: GMER 1.0.15.15087 - http://www.gmer.net Rootkit quick scan 2009-09-22 20:34:33 Windows 5.1.2600 Service Pack 2 Running: e8cqmn90.exe; Driver: C:\DOCUME~1\JOEDOE~1\LOCALS~1\Temp\pwtdypog.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company) ---- EOF - GMER 1.0.15 ---- ComboFix is an incredibly long text, I'll try to paste it in the next post. If that doesn't work, I'll break it off into sections...
- September 23, 2009
- 13 replies
Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

Nevermind, it just finished. This is what came back: Running from: C:\Documents and Settings\Joe Doering\desktop\dkjeter.exe Log file at : C:\Documents and Settings\Joe Doering\Desktop\Win32kDiag.txt WARNING: Could not get backup privileges! Searching 'C:\WINDOWS'... Found mount point : C:\WINDOWS\$hf_mig$\KB918899\KB918899 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB922760\KB922760 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB924496\KB924496 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB925454\KB925454 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB928090\KB928090 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB931768\KB931768 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB933566\KB933566 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB937143\KB937143 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB939653\KB939653 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB942615\KB942615 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB944533\KB944533 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\addins\addins Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP108.tmp\ZAP108.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18A.tmp\ZAP18A.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP292.tmp\ZAP292.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA.tmp\ZAPAA.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB.tmp\ZAPAB.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBE.tmp\ZAPBE.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC0.tmp\ZAPC0.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCB.tmp\ZAPCB.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\temp\temp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\tmp\tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Config\Config Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Debug\UserMode\UserMode Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ftpcache\ftpcache Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Cbz\Cbz Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Lib\Lib Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Wave\Wave Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\chsime\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imejp\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imejp98\imejp98 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\shared\res\res Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\java\classes\classes Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\java\trustlib\trustlib Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Minidump\Minidump Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\msapps\msinfo\msinfo Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\mui\mui Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\ERRORREP\UserDumps\UserDumps Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\System\News\News Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\PIF\PIF Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\security\logs\logs Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\backup\backup Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\10\policy\policy Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\51\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\51\policy\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\52\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\52\policy\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\60\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\70\70 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\f0c43c883b45dd5bc3e231479dfed214\f0c43c883b45dd5bc3e231479dfed214 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment Mount point destination : \Device\__max++>\^ Cannot access: C:\WINDOWS\system32\eventlog.dll [1] 2008-04-13 20:11:53 56320 C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll (Microsoft Corporation) [1] 2004-08-04 04:00:00 61952 C:\WINDOWS\system32\eventlog.dll () [2] 2004-08-04 04:00:00 55808 C:\WINDOWS\system32\logevent.dll (Microsoft Corporation) Found mount point : C:\WINDOWS\twain_32\PA207\PA207 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\twain_32\ZS211\ZS211 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp Mount point destination : \Device\__max++>\^ Finished!
- September 22, 2009
- 13 replies
Need Help

brendancarlin replied to brendancarlin's topic in Resolved Malware Removal Logs

Negster, I really appreciate your help on this one. I downloaded the program from the infect PC in Normal Operating mode. I did change the program name before I saved it to my desktop. I don't think it went all the way through, but this is what I got: Running from: C:\Documents and Settings\Joe Doering\desktop\dkjeter.exe Log file at : C:\Documents and Settings\Joe Doering\Desktop\Win32kDiag.txt WARNING: Could not get backup privileges! Searching 'C:\WINDOWS'... Found mount point : C:\WINDOWS\$hf_mig$\KB918899\KB918899 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB922760\KB922760 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB924496\KB924496 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB925454\KB925454 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB928090\KB928090 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB931768\KB931768 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB933566\KB933566 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB937143\KB937143 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB939653\KB939653 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB942615\KB942615 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\$hf_mig$\KB944533\KB944533 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\addins\addins Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP108.tmp\ZAP108.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18A.tmp\ZAP18A.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP292.tmp\ZAP292.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA.tmp\ZAPAA.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB.tmp\ZAPAB.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBE.tmp\ZAPBE.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC0.tmp\ZAPC0.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCB.tmp\ZAPCB.tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\temp\temp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\assembly\tmp\tmp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Config\Config Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Debug\UserMode\UserMode Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ftpcache\ftpcache Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Cbz\Cbz Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Lib\Lib Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Wave\Wave Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\chsime\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imejp\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imejp98\imejp98 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\ime\shared\res\res Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC\12.0.4518\12.0.4518 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\java\classes\classes Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\java\trustlib\trustlib Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Minidump\Minidump Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\msapps\msinfo\msinfo Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\mui\mui Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\ERRORREP\UserDumps\UserDumps Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\System\News\News Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\PIF\PIF Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\security\logs\logs Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\backup\backup Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\10\policy\policy Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\51\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\51\policy\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\52\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\52\policy\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\60\msft\msft Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\backup\asms\70\70 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\f0c43c883b45dd5bc3e231479dfed214\f0c43c883b45dd5bc3e231479dfed214 Mount point destination : \Device\__max++>\^ Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment Mount point destination : \Device\__max++>\^ Cannot access: C:\WINDOWS\system32\eventlog.dll
- September 22, 2009
- 13 replies
Need Help

brendancarlin posted a topic in Resolved Malware Removal Logs

I'm infected with something and the traditional MBAM, Spybot scans won't work. They run then immediately are disabled. If I try to restart the program I receive the following prompt: "Windows cannot access the specified device, path, or file..." I tried to create a log with HiJack This, but the same thing happened. I followed the steps for RootRepeal on this website, the same thing happened. My search engine has been hijacked and I'm not using the infected PC to post this. It has a Windows XP operating system and I use Internet Explorer as my web browser. I'm not sure if this helps, but when I downloaded RootRepeal I did it in SafeMode with Networking and still experienced the same problem. Not sure what to do...
- September 22, 2009
- 13 replies

Sign In

brendancarlin

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by brendancarlin

Need Help

Need Help

Need Help

Need Help

Need Help

Need Help

Need Help

Need Help

Need Help

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information