Jump to content

Troublesome Infection

Genjoukai

By Genjoukai
in Resolved Malware Removal Logs

 Share

Recommended Posts

Genjoukai

Genjoukai

Posted
Posted

I was surfing the web when I was infected by a very troublesome virus/malware that mbam seems to have difficulty removing.

The infection bring 2 popups 1 for some fake program called malware and another is a fake windows security alert. Then a 3rd that seems to be installing derogatory shortcuts on my pc to some unknown site.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 6:35:07 AM, on 12/26/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Creative\Shared Files\CTAudSvc.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\AskBarDis\bar\bin\AskService.exe

C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Nexon\Mabinogi\npkcmsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Razer\Diamondback 3G\razerhid.exe

C:\Program Files\Razer\Tarantula\razerhid.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe

C:\Program Files\Razer\Diamondback 3G\razertra.exe

C:\Program Files\Razer\Tarantula\razertra.exe

C:\Program Files\DNA\btdna.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Razer\Diamondback 3G\razerofa.exe

C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\spoolsv.exe

C:\DOCUME~1\David\LOCALS~1\Temp\richtx64.exe

C:\DOCUME~1\David\LOCALS~1\Temp\wscsvc32.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe

O4 - HKLM\..\Run: [Tarantula] C:\Program Files\Razer\Tarantula\razerhid.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

O4 - HKCU\..\Run: [richtx64.exe] C:\DOCUME~1\David\LOCALS~1\Temp\richtx64.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207965669234

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareup...15109/CTPID.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe

O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\Nexon\Mabinogi\npkcmsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

--

End of file - 13988 bytes

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Hi,

Not sure if your Malwarebytes is up to date, because it should remove what it found..

  • Start MalwareBytes and click the Update tab. There click "Check for updates"
  • Once the updates are downloaded, perform a quick scan again.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply along with a fresh HijackThis log, then we'll proceed from there with new steps.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Extra note.. Please uninstall the Ask Toolbar since this one is not recommended.

Link to post
Share on other sites
Genjoukai

Genjoukai

Posted
  • Author
Posted

my mbam is up to date i've scaned with mbam twice now and the same files keep coming back

Malwarebytes' Anti-Malware 1.42

Database version: 3432

Windows 5.1.2600 Service Pack 3 (Safe Mode)

Internet Explorer 8.0.6001.18702

12/26/2009 10:54:54 AM

mbam-log-2009-12-26 (10-54-54).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)

Objects scanned: 378636

Time elapsed: 1 hour(s), 6 minute(s), 26 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\richtx64.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\David\Local Settings\temp\richtx64.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\Documents and Settings\David\Local Settings\temp\H8SRT4af2.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.

C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\12E59VGZ\eH3f2178bfV03006f35002R185a5efd102T7414945aQ000002f3901801F002a000aJ0600050

1l040930dP000301080[1] (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Hi,

* Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix in your next reply.

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.

Also, please perform this in Windows normal mode instead of safe mode.

Link to post
Share on other sites
Genjoukai

Genjoukai

Posted
  • Author
Posted

ComboFix 09-12-26.01 - David 12/26/2009 17:22:47.4.2 - x86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3069.2787 [GMT -5:00]

Running from: c:\documents and settings\David\Desktop\ComboFix.exe

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

AV: PC-cillin Internet Security - Virus Protection *On-access scanning enabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}

FW: PC-cillin Internet Security - Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\David\Application Data\Desktopicon

c:\documents and settings\David\Application Data\Desktopicon\config.ini

c:\windows\system32\tmp11.tmp

c:\windows\system32\tmp12.tmp

c:\windows\system32\tmp13.tmp

c:\windows\system32\tmp14.tmp

c:\windows\system32\tmp15.tmp

c:\windows\system32\tmp16.tmp

c:\windows\system32\tmp45.tmp

c:\windows\system32\tmp46.tmp

.

((((((((((((((((((((((((( Files Created from 2009-11-26 to 2009-12-26 )))))))))))))))))))))))))))))))

.

2009-12-26 11:32 . 2009-12-26 11:32 388096 ----a-r- c:\documents and settings\David\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2009-12-26 11:32 . 2009-12-26 11:32 -------- d-----w- c:\program files\TrendMicro

2009-12-19 12:00 . 2009-12-19 12:00 1794456 ----a-w- c:\documents and settings\David\Application Data\Move Networks\MoveMediaPlayerWin_071701000002.exe

2009-12-14 07:03 . 2009-12-14 07:03 -------- d-----w- c:\program files\AskBarDis

2009-12-11 05:35 . 2009-12-11 05:35 -------- d-----w- c:\program files\2K Games

2009-12-11 05:35 . 2009-12-11 05:47 -------- d-----w- C:\BDS

2009-12-11 05:27 . 2009-12-11 05:27 -------- d-----w- c:\program files\DAEMON Tools Toolbar

2009-12-11 05:26 . 2009-12-11 05:27 -------- d-----w- c:\program files\DAEMON Tools Lite

2009-12-11 05:26 . 2009-12-11 05:34 -------- d-----w- c:\documents and settings\David\Application Data\DAEMON Tools Lite

2009-12-11 05:26 . 2009-12-11 05:26 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite

2009-12-11 05:21 . 2009-12-11 05:21 -------- d-----w- c:\program files\Alcohol Soft

2009-12-05 02:53 . 2009-12-05 02:53 -------- d-----w- c:\program files\Gpotato

2009-12-05 02:45 . 2009-12-05 03:45 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\PMB Files

2009-12-05 02:45 . 2009-12-05 02:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files

2009-12-05 02:44 . 2009-12-05 02:44 -------- d-----w- c:\program files\Pando Networks

2009-12-04 03:43 . 2009-12-04 03:44 -------- d-----w- c:\program files\Ventrilo

2009-11-28 19:15 . 2009-09-23 14:41 26176 ---ha-w- c:\windows\system32\hamachi.sys

2009-11-27 16:56 . 2009-11-27 16:56 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\Blizzard Entertainment

2009-11-27 06:03 . 2009-11-27 06:03 -------- d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-26 22:18 . 2009-08-08 20:09 -------- d-----w- c:\documents and settings\David\Application Data\DNA

2009-12-26 22:17 . 2009-08-08 20:09 -------- d-----w- c:\program files\DNA

2009-12-26 11:10 . 2009-06-10 21:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-26 11:10 . 2009-08-12 23:31 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-12-25 22:58 . 2009-08-15 03:28 -------- d-----w- c:\documents and settings\David\Application Data\Skype

2009-12-25 21:01 . 2009-08-15 03:29 -------- d-----w- c:\documents and settings\David\Application Data\skypePM

2009-12-22 19:07 . 2009-10-02 22:50 -------- d-----w- c:\documents and settings\David\Application Data\Move Networks

2009-12-19 17:23 . 2009-10-18 21:06 -------- d-----w- c:\program files\World of Warcraft

2009-12-19 16:15 . 2009-08-12 01:55 -------- d-----w- c:\program files\Heroes of Newerth

2009-12-19 12:00 . 2009-10-02 22:50 143976 ----a-w- c:\documents and settings\David\Application Data\Move Networks\uninstall.exe

2009-12-19 12:00 . 2009-10-15 00:50 5642688 ----a-w- c:\documents and settings\David\Application Data\Move Networks\plugins\npqmp071701000002.dll

2009-12-14 08:36 . 2008-04-09 13:48 -------- d-----w- c:\documents and settings\David\Application Data\Azureus

2009-12-14 07:04 . 2008-04-08 21:59 -------- d-----w- c:\program files\Azureus

2009-12-11 05:35 . 2008-04-03 14:38 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-12-11 05:27 . 2009-04-25 18:14 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-12-08 01:55 . 2009-08-13 03:59 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-12-04 03:43 . 2009-11-08 15:36 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2009-12-03 21:14 . 2009-06-10 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-03 21:13 . 2009-06-10 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-11-27 06:03 . 2008-04-08 21:13 -------- d-----w- c:\program files\DIFX

2009-11-24 15:39 . 2009-11-24 15:39 1093064 ----a-w- c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll

2009-11-21 03:41 . 2009-11-19 17:52 -------- d-----w- c:\program files\Heroes of Newerth Test Client

2009-11-20 20:56 . 2005-08-17 02:58 -------- d-----w- c:\program files\RGB

2009-11-14 12:44 . 2008-04-08 21:10 -------- d-----w- c:\documents and settings\David\Application Data\Creative

2009-11-10 15:03 . 2009-11-10 14:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment

2009-11-10 13:06 . 2009-10-18 21:05 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment

2009-11-08 15:58 . 2009-11-08 15:58 -------- d-----w- c:\documents and settings\All Users\Application Data\BioWare

2009-11-08 15:36 . 2009-11-08 15:36 -------- d-----w- c:\program files\AGEIA Technologies

2009-11-08 15:36 . 2009-11-08 15:15 -------- d-----w- c:\program files\Common Files\BioWare

2009-11-08 15:28 . 2009-11-08 15:15 -------- d-----w- c:\program files\Dragon Age

2009-10-31 16:00 . 2008-04-03 14:41 -------- d-----w- c:\program files\Creative

2009-10-31 15:58 . 2009-10-31 14:19 -------- d--h--w- c:\program files\Creative Installation Information

2009-10-31 15:50 . 2009-10-31 14:55 70681997 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative Console Launcher 2.60.29__\CSL_PCAPP_LB_2_60_29.exe

2009-10-31 15:44 . 2009-10-31 14:54 12846328 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative WaveStudio 7.11.00__\WAVESTD_PCAPP_LB_7_11_00.exe

2009-10-31 15:43 . 2009-10-31 14:50 62059520 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative Console Launcher 2.60.35__\CSL_PCAPP_LB_2_60_35A.exe

2009-10-31 15:38 . 2009-10-31 14:50 6657680 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative SoundFont Bank Manager 3.21.00__\SFBM_PCAPP_LB_3_21_00.exe

2009-10-31 15:37 . 2009-10-31 14:47 37406376 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative MediaSource 5 Player_Organizer 5.25.02__\CMS5_PCAPP_LB_5_25_02.exe

2009-10-31 15:35 . 2009-10-31 14:41 62234496 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative Console Launcher 2.61.09__\CSL_PCAPP_LB_2_61_09.exe

2009-10-31 15:21 . 2008-04-03 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative

2009-10-31 15:20 . 2008-04-03 14:22 444952 ----a-w- c:\windows\system32\wrap_oal.dll

2009-10-31 15:20 . 2008-04-03 14:22 109080 ----a-w- c:\windows\system32\OpenAL32.dll

2009-10-31 15:00 . 2009-10-31 15:00 12437250 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Sound Blaster Plugin 2.01.02 for Microsoft Windows XP Media Center Edition _br____\SBMC_PCApp_LB_2_01_02.exe

2009-10-31 15:00 . 2009-10-31 14:59 11690872 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative MediaSource Plugin for CD Burner 3.10.18__\CMS_BURNER_PCAPP_LB_3_10_18.exe

2009-10-31 14:59 . 2009-10-31 14:58 8179932 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative MediaSource Plugin for MiniDisc 1.00.58__\CMS_MDC_PCAPP_LB_1_00_58.exe

2009-10-31 14:41 . 2009-10-31 14:36 56725552 ----a-w- c:\documents and settings\All Users\Application Data\Creative\Software Update\cache\Creative Sound Blaster X-Fi series driver 2.18.0013__\SBXF_PCDRV_LB_2_18_0013.exe

2009-10-31 14:22 . 2009-10-31 14:15 -------- d-----w- c:\program files\Common Files\Creative Labs Shared

2009-10-31 14:19 . 2009-10-31 14:19 -------- d-----w- c:\program files\Common Files\Creative

2009-10-31 14:17 . 2009-10-31 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative Labs

2009-10-29 07:45 . 2005-08-16 10:18 916480 ----a-w- c:\windows\system32\wininet.dll

2009-10-28 09:58 . 2009-10-28 09:58 -------- d-----w- c:\documents and settings\David\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1

2009-10-28 07:34 . 2009-10-28 07:33 -------- d-----w- c:\program files\Common Files\Adobe AIR

2009-10-28 07:34 . 2009-08-16 05:53 38208 ----a-w- c:\documents and settings\David\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

2009-10-28 04:58 . 2008-04-09 13:23 -------- d-----w- c:\program files\Steam

2009-10-28 01:49 . 2008-04-08 21:42 -------- d-----w- c:\program files\Warcraft III

2009-10-28 01:36 . 2008-08-26 00:31 100305 ----a-w- c:\windows\War3Unin.dat

2009-10-21 05:38 . 2005-08-16 10:18 75776 ----a-w- c:\windows\system32\strmfilt.dll

2009-10-21 05:38 . 2005-08-16 10:18 25088 ----a-w- c:\windows\system32\httpapi.dll

2009-10-20 16:20 . 2004-08-04 05:00 265728 ----a-w- c:\windows\system32\drivers\http.sys

2009-10-19 16:40 . 2009-10-18 09:18 2083786840 ----a-w- c:\documents and settings\David\Application Data\ijjigame\U_SUN_setup.exe

2009-10-18 06:29 . 2009-10-18 06:29 138240 ----a-w- c:\documents and settings\David\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll

2009-10-18 06:29 . 2009-10-18 06:29 138240 ----a-w- c:\documents and settings\David\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll

2009-10-18 06:29 . 2009-10-18 06:29 138240 ----a-w- c:\documents and settings\David\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll

2009-10-18 06:29 . 2009-10-18 06:29 138240 ----a-w- c:\documents and settings\David\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll

2009-10-15 00:50 . 2009-10-15 00:50 97216 ----a-w- c:\documents and settings\David\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe

2009-10-13 10:30 . 2005-08-16 10:18 270336 ----a-w- c:\windows\system32\oakley.dll

2009-10-12 13:38 . 2005-08-16 10:18 149504 ----a-w- c:\windows\system32\rastls.dll

2009-10-12 13:38 . 2005-08-16 10:18 79872 ----a-w- c:\windows\system32\raschap.dll

2009-10-02 22:50 . 2009-08-03 21:48 4187512 ----a-w- c:\documents and settings\David\Application Data\Move Networks\plugins\npqmp071505000010.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-08-26_03.14.35 )))))))))))))))))))))))))))))))))))))))))

.

- 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

+ 2007-11-07 07:19 . 2007-11-07 07:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll

+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll

- 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll

+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll

- 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll

+ 2009-08-08 20:20 . 2009-03-16 19:18 69448 c:\windows\system32\XAPOFX1_3.dll

- 2009-08-08 20:20 . 2009-03-16 18:18 69448 c:\windows\system32\XAPOFX1_3.dll

+ 2009-08-08 20:20 . 2008-07-31 14:41 68616 c:\windows\system32\XAPOFX1_1.dll

- 2009-08-08 20:20 . 2008-07-30 10:20 68616 c:\windows\system32\XAPOFX1_1.dll

- 2008-06-24 21:34 . 2008-05-30 18:17 65032 c:\windows\system32\XAPOFX1_0.dll

+ 2008-06-24 21:34 . 2008-05-30 19:17 65032 c:\windows\system32\XAPOFX1_0.dll

+ 2009-08-08 20:20 . 2009-03-16 19:18 22360 c:\windows\system32\X3DAudio1_6.dll

- 2009-08-08 20:20 . 2009-03-16 18:18 22360 c:\windows\system32\X3DAudio1_6.dll

- 2008-06-24 21:34 . 2008-05-30 18:17 25608 c:\windows\system32\X3DAudio1_4.dll

+ 2008-06-24 21:34 . 2008-05-30 19:17 25608 c:\windows\system32\X3DAudio1_4.dll

+ 2007-07-30 23:19 . 2009-08-06 23:24 44768 c:\windows\system32\wups2.dll

+ 2005-08-16 10:40 . 2009-08-06 23:24 35552 c:\windows\system32\wups.dll

+ 2005-08-16 10:40 . 2009-08-06 23:24 53472 c:\windows\system32\wuauclt.exe

+ 2005-08-16 10:18 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll

+ 2009-10-18 09:16 . 2009-06-23 17:21 64000 c:\windows\system32\uc_sfighters_launching.dll

+ 2009-10-18 09:16 . 2009-03-31 21:43 53248 c:\windows\system32\uc_luminary_launching.dll

+ 2009-10-18 09:17 . 2009-08-25 21:04 75264 c:\windows\system32\uc_holybeast_launching.dll

+ 2009-10-18 09:16 . 2009-07-01 14:25 61440 c:\windows\system32\uc_atlantica_launching.dll

+ 2008-04-03 14:36 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe

+ 2009-11-28 20:30 . 2009-09-29 00:34 52536 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterui.dll

+ 2009-11-28 20:30 . 2009-09-29 00:34 52536 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterdat.dll

+ 2009-11-28 20:30 . 2009-09-29 00:34 40248 c:\windows\system32\spool\drivers\w32x86\3\LMIprinter.dll

+ 2009-10-28 23:46 . 2009-08-06 23:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll

+ 2009-10-28 23:46 . 2009-08-06 23:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll

+ 2008-04-03 14:22 . 2009-06-04 04:36 10240 c:\windows\system32\sfman32.dll

- 2005-08-16 10:18 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll

+ 2005-08-16 10:18 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll

+ 2008-04-03 14:22 . 2009-06-04 04:36 16384 c:\windows\system32\regplib.exe

+ 2008-04-03 14:24 . 2009-06-04 04:36 68608 c:\windows\system32\piaproxy.dll

+ 2009-04-03 17:39 . 2009-04-03 17:39 70936 c:\windows\system32\PhysXLoader.dll

+ 2008-12-04 14:28 . 2008-12-04 14:28 24344 c:\windows\system32\PhysXDevice.dll

- 2005-08-16 10:18 . 2009-06-10 21:05 71732 c:\windows\system32\perfc009.dat

+ 2005-08-16 10:18 . 2009-12-26 22:24 71732 c:\windows\system32\perfc009.dat

+ 2007-08-13 22:54 . 2009-10-29 07:45 55296 c:\windows\system32\msfeedsbs.dll

- 2007-08-13 22:54 . 2009-07-03 17:09 55296 c:\windows\system32\msfeedsbs.dll

+ 2005-08-16 10:18 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll

- 2008-11-05 18:13 . 2009-08-16 05:53 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe

+ 2008-11-05 18:13 . 2009-12-09 03:47 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe

+ 2008-04-03 14:22 . 2009-06-04 04:32 12800 c:\windows\system32\killapps.exe

+ 2005-08-16 10:18 . 2009-10-29 07:45 25600 c:\windows\system32\jsproxy.dll

- 2005-08-16 10:18 . 2009-07-03 17:09 25600 c:\windows\system32\jsproxy.dll

+ 2009-10-18 09:16 . 2009-07-03 04:34 58800 c:\windows\system32\ijjiProcessRestarter.exe

+ 2009-10-18 09:16 . 2009-07-03 04:34 58800 c:\windows\system32\ijjiPlugin2.dll

+ 2009-10-18 09:16 . 2009-01-29 15:53 87472 c:\windows\system32\ijjiChannelingPlugin.dll

- 2008-04-03 14:22 . 2001-07-11 01:51 77824 c:\windows\system32\EAXAC3.DLL

+ 2008-04-03 14:22 . 2001-07-11 14:51 77824 c:\windows\system32\eaxac3.dll

+ 2009-11-27 06:03 . 2006-07-02 03:39 36864 c:\windows\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\AmdK8.sys

+ 2008-04-03 14:22 . 2009-06-04 06:48 15384 c:\windows\system32\drivers\pfmodnt.sys

+ 2005-08-16 10:18 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys

+ 2009-09-23 15:41 . 2009-09-23 14:41 26176 c:\windows\system32\drivers\hamachi.sys

+ 2008-04-03 14:24 . 2009-06-04 06:48 95768 c:\windows\system32\drivers\emupia2k.sys

+ 2008-04-03 14:24 . 2009-06-04 06:47 14360 c:\windows\system32\drivers\ctprxy2k.sys

+ 2009-06-04 06:46 . 2009-06-04 06:46 72728 c:\windows\system32\drivers\CTHWIUT.sys

- 2009-06-10 21:02 . 2009-07-03 17:09 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2009-06-10 21:02 . 2009-10-29 07:45 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2005-08-16 10:40 . 2009-08-06 23:24 35552 c:\windows\system32\dllcache\wups.dll

+ 2005-08-16 10:40 . 2009-08-06 23:24 53472 c:\windows\system32\dllcache\wuauclt.exe

+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll

+ 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll

- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll

+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll

+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll

+ 2008-04-11 21:50 . 2009-10-29 07:45 55296 c:\windows\system32\dllcache\msfeedsbs.dll

- 2008-04-11 21:50 . 2009-07-03 17:09 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll

+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys

- 2008-04-03 14:34 . 2009-07-03 17:09 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2008-04-03 14:34 . 2009-10-29 07:45 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll

+ 2005-08-16 10:18 . 2009-08-06 23:24 96480 c:\windows\system32\dllcache\cdm.dll

+ 2009-08-26 03:15 . 2008-10-16 19:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe

+ 2009-08-26 03:15 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\cache\wscntfy.exe

+ 2009-08-26 03:15 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe

+ 2009-08-26 03:15 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe

+ 2009-08-26 03:15 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\cache\ssdpsrv.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe

+ 2009-08-26 03:15 . 2008-04-14 00:12 59904 c:\windows\system32\dllcache\cache\regsvc.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\cache\rasauto.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll

+ 2009-08-26 03:15 . 2006-10-19 01:47 27136 c:\windows\system32\dllcache\cache\mspmsnsv.dll

+ 2009-08-26 03:15 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\cache\msgsvc.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe

+ 2009-08-26 03:15 . 2008-04-14 00:11 22016 c:\windows\system32\dllcache\cache\lpk.dll

+ 2009-08-26 03:15 . 2008-04-14 00:11 19968 c:\windows\system32\dllcache\cache\linkinfo.dll

+ 2009-08-26 03:15 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys

+ 2009-08-26 03:15 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys

+ 2009-08-26 03:15 . 2008-04-14 00:11 56320 c:\windows\system32\dllcache\cache\eventlog.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe

+ 2009-08-26 03:15 . 2008-04-14 00:11 62464 c:\windows\system32\dllcache\cache\cryptsvc.dll

+ 2009-08-26 03:15 . 2008-04-14 00:11 77824 c:\windows\system32\dllcache\cache\browser.dll

+ 2009-08-26 03:15 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\cache\asyncmac.sys

+ 2009-08-26 03:15 . 2004-08-10 11:00 11648 c:\windows\system32\dllcache\cache\acpiec.sys

+ 2008-04-03 14:22 . 2009-06-04 04:31 36864 c:\windows\system32\devreg.dll

+ 2008-04-03 14:22 . 2009-06-04 04:33 26919 c:\windows\system32\data\ctd20x.dat

+ 2008-04-03 14:22 . 2009-06-04 04:55 39424 c:\windows\system32\CTxfiSpk.dll

+ 2008-04-03 14:22 . 2009-06-04 04:50 47104 c:\windows\system32\CTxfiReg.exe

+ 2008-04-03 14:22 . 2009-06-04 04:55 25600 c:\windows\system32\Ctxfihlp.exe

+ 2008-04-03 14:22 . 2009-06-04 04:55 41472 c:\windows\system32\CTxfiBtn.dll

+ 2008-04-03 14:42 . 1999-11-18 05:00 25088 c:\windows\system32\CTSVCCTL.EXE

- 2008-04-03 14:42 . 1999-11-18 00:00 25088 c:\windows\system32\CTSVCCTL.EXE

+ 2008-04-03 14:42 . 1999-12-13 05:01 44032 c:\windows\system32\CTSVCCDA.EXE

- 2008-04-03 14:42 . 1999-12-13 00:01 44032 c:\windows\system32\CTSVCCDA.EXE

+ 2007-03-13 14:32 . 2007-03-13 14:32 89336 c:\windows\system32\ctpxst32.exe

+ 2008-04-03 14:22 . 2009-06-04 04:36 74752 c:\windows\system32\ctosuser.dll

+ 2008-04-03 14:24 . 2009-06-04 04:37 53248 c:\windows\system32\ctdproxy.dll

+ 2006-12-12 14:39 . 2009-06-04 04:40 56509 c:\windows\system32\ctdnlstr.dat

+ 2008-04-03 14:24 . 2005-11-08 11:42 81920 c:\windows\system32\ctcoinst.dll

+ 2008-04-03 14:22 . 2009-06-04 04:37 50688 c:\windows\system32\ctasio.dll

+ 2009-06-04 04:50 . 2009-06-04 04:50 15360 c:\windows\system32\Ct20xspi.dll

+ 2008-04-03 14:24 . 2005-11-08 11:18 87040 c:\windows\system32\commonfx.dll

+ 2005-08-16 10:18 . 2009-08-06 23:24 96480 c:\windows\system32\cdm.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelTraditionalChinese.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelSwedish.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelSpanish.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelSimplifiedChinese.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelPortugese.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelKorean.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelJapanese.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelGerman.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 58648 c:\windows\system32\AgCPanelFrench.dll

+ 2006-12-05 18:52 . 2006-12-05 18:52 48400 c:\windows\system32\AddCat.exe

+ 2008-04-03 14:22 . 2009-06-04 04:56 48640 c:\windows\system32\ac3api.dll

+ 2008-04-03 14:22 . 2009-06-04 04:57 60928 c:\windows\system32\a3d.dll

+ 2009-06-24 23:56 . 2009-06-24 23:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe

- 2007-04-14 00:58 . 2007-04-14 00:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

+ 2008-05-28 04:49 . 2008-05-28 04:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

- 2007-04-14 00:57 . 2007-04-14 00:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll

+ 2008-05-28 04:49 . 2008-05-28 04:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll

- 2007-04-14 00:57 . 2007-04-14 00:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll

+ 2008-05-28 04:49 . 2008-05-28 04:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll

- 2007-04-14 01:30 . 2007-04-14 01:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe

+ 2008-05-28 05:30 . 2008-05-28 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe

+ 2007-01-15 20:11 . 2009-06-24 16:56 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\ToGac.exe

+ 2007-01-15 20:11 . 2009-06-24 16:56 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\SetRegNI.exe

- 2005-08-16 10:38 . 2007-01-02 20:29 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorld.dll

+ 2005-08-16 10:38 . 2009-06-24 02:01 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorld.dll

- 2005-08-16 10:38 . 2007-01-02 20:29 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorie.dll

+ 2005-08-16 10:38 . 2009-06-24 02:01 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorie.dll

- 2005-08-16 10:38 . 2008-04-13 16:10 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe

+ 2005-08-16 10:38 . 2009-06-24 02:12 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe

- 2005-08-16 10:38 . 2008-04-13 16:10 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe

+ 2005-08-16 10:38 . 2009-06-24 02:12 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe

+ 2009-10-31 14:18 . 2007-10-12 08:19 53248 c:\windows\ksdef.exe

+ 2009-10-18 06:29 . 2009-10-18 06:29 20992 c:\windows\Installer\265e3d6.msi

+ 2009-10-28 07:34 . 2009-10-28 07:34 27648 c:\windows\Installer\176df1a.msi

+ 2009-11-24 18:43 . 2009-11-24 18:43 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe

+ 2009-06-04 04:59 . 2009-06-04 04:59 11776 c:\windows\INRES.DLL

- 2008-04-03 14:22 . 2005-11-08 11:42 11776 c:\windows\INRES.DLL

+ 2009-12-09 03:31 . 2009-08-29 08:08 12800 c:\windows\ie8updates\KB976325-IE8\xpshims.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 55296 c:\windows\ie8updates\KB976325-IE8\msfeedsbs.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 25600 c:\windows\ie8updates\KB976325-IE8\jsproxy.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll

+ 2009-10-18 09:16 . 2009-07-03 04:34 87472 c:\windows\Downloaded Program Files\ijjiPreStarter2.exe

+ 2009-10-18 09:16 . 2009-07-03 04:34 79280 c:\windows\Downloaded Program Files\ijjiPreNotify2.exe

+ 2009-10-18 09:16 . 2009-07-03 04:34 50608 c:\windows\Downloaded Program Files\ijjiNotify2.exe

+ 2002-07-25 23:13 . 2006-05-16 15:58 24576 c:\windows\Downloaded Program Files\dwusplay.dll

- 2002-07-25 23:13 . 2002-07-25 23:13 24576 c:\windows\Downloaded Program Files\dwusplay.dll

+ 2009-10-31 14:23 . 2006-10-06 06:17 53248 c:\windows\Ctregrun.exe

+ 2009-10-15 04:02 . 2009-10-15 04:02 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fcb1b8cd\System.Drawing.Design.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_37f14b2d\CustomMarshalers.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 90112 c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a_f0406b5e\System.Drawing.Design.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 61440 c:\windows\assembly\NativeImages1_v1.0.3705\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a_ad10ba64\CustomMarshalers.dll

+ 2009-10-15 04:09 . 2009-10-15 04:09 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe

+ 2009-10-15 04:07 . 2009-10-15 04:07 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe

+ 2009-10-15 04:54 . 2009-10-15 04:54 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2009-10-15 04:06 . 2009-10-15 04:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll

+ 2009-11-24 18:44 . 2009-07-14 11:03 46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe

+ 2009-11-24 18:44 . 2009-10-29 02:03 16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll

+ 2009-10-15 04:02 . 2008-04-14 00:11 57344 c:\windows\$NtUninstallKB974571$\msasn1.dll

+ 2009-08-26 14:40 . 2008-10-23 10:06 62976 c:\windows\$NtUninstallKB970653-v3$\tzchange.exe

+ 2009-08-26 14:40 . 2009-07-16 04:14 14336 c:\windows\$NtUninstallKB970653-v3$\spuninst\tzchange.dll

+ 2009-10-15 04:00 . 2008-04-14 00:12 49152 c:\windows\$NtUninstallKB968389$\wdigest.dll

+ 2009-10-15 04:00 . 2009-02-03 19:59 56832 c:\windows\$NtUninstallKB968389$\secur32.dll

+ 2009-10-15 04:00 . 2008-04-13 18:31 92288 c:\windows\$NtUninstallKB968389$\ksecdd.sys

+ 2009-10-15 04:01 . 2007-12-17 12:00 66592 c:\windows\$NtUninstallKB953295$\togac.exe

+ 2009-10-15 04:01 . 2007-12-17 11:59 66592 c:\windows\$NtUninstallKB953295$\setregni.exe

+ 2009-10-15 04:01 . 2007-01-02 20:29 86016 c:\windows\$NtUninstallKB953295$\mscorld.dll

+ 2009-10-15 04:01 . 2007-01-02 20:29 73728 c:\windows\$NtUninstallKB953295$\mscorie.dll

+ 2009-10-15 04:01 . 2008-04-13 16:10 32768 c:\windows\$NtUninstallKB953295$\aspnet_wp.exe

+ 2009-10-15 04:01 . 2008-04-13 16:10 32768 c:\windows\$NtUninstallKB953295$\aspnet_state.exe

+ 2009-11-04 02:20 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB976749-IE8\update\spcustom.dll

+ 2009-11-04 02:20 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB976749-IE8\spmsg.dll

+ 2009-10-15 04:00 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll

+ 2009-10-15 04:00 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975467\spmsg.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975025\spmsg.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974571\spmsg.dll

+ 2009-09-04 20:57 . 2009-09-04 20:57 58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll

+ 2009-10-15 04:04 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB974455-IE8\update\spcustom.dll

+ 2009-10-15 04:04 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB974455-IE8\spmsg.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 12800 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\xpshims.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 55296 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeedsbs.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 25600 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\jsproxy.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974112\spmsg.dll

+ 2009-11-24 18:44 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973687\update\spcustom.dll

+ 2009-11-24 18:44 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973687\spmsg.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973525\spmsg.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971961-IE8\update\spcustom.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971961-IE8\spmsg.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB971486\spmsg.dll

+ 2009-11-10 20:48 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969947\update\spcustom.dll

+ 2009-11-10 20:48 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969947\spmsg.dll

+ 2009-10-15 04:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll

+ 2009-10-15 04:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969059\spmsg.dll

+ 2009-10-15 04:00 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB968389\update\spcustom.dll

+ 2009-10-15 04:00 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB968389\spmsg.dll

+ 2009-06-25 08:41 . 2009-06-25 08:41 54272 c:\windows\$hf_mig$\KB968389\SP3QFE\wdigest.dll

+ 2009-06-25 08:41 . 2009-06-25 08:41 56832 c:\windows\$hf_mig$\KB968389\SP3QFE\secur32.dll

+ 2009-06-24 10:28 . 2009-06-24 10:28 92928 c:\windows\$hf_mig$\KB968389\SP3QFE\ksecdd.sys

+ 2009-09-09 23:40 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956844\update\spcustom.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956844\spmsg.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2009-06-04 04:33 . 2009-06-04 04:33 7680 c:\windows\system32\enlocstr.exe

+ 2009-08-26 03:15 . 2008-04-14 00:12 5120 c:\windows\system32\dllcache\cache\sfc.dll

+ 2009-08-26 03:15 . 2004-08-10 11:00 2944 c:\windows\system32\dllcache\cache\null.sys

+ 2009-08-26 03:15 . 2004-08-10 11:00 4224 c:\windows\system32\dllcache\cache\beep.sys

- 2008-04-03 14:22 . 2005-11-08 11:12 2091 c:\windows\system32\data\cts20x.dat

+ 2008-04-03 14:22 . 2009-06-04 04:33 2091 c:\windows\system32\data\cts20x.dat

+ 2009-06-04 04:55 . 2009-06-04 04:55 2560 c:\windows\system32\CtxfiRes.dll

- 2005-08-16 10:38 . 2007-01-02 20:29 8192 c:\windows\Microsoft.NET\Framework\v1.0.3705\IEExec.exe

+ 2005-08-16 10:38 . 2009-06-29 15:57 8192 c:\windows\Microsoft.NET\Framework\v1.0.3705\IEExec.exe

+ 2009-06-04 04:55 . 2009-06-04 04:55 2560 c:\windows\CTXFIRES.DLL

+ 2009-10-15 04:07 . 2009-10-15 04:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll

+ 2009-10-15 04:01 . 2007-01-02 20:29 8192 c:\windows\$NtUninstallKB953295$\ieexec.exe

- 2009-05-08 03:35 . 2009-05-08 03:35 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll

+ 2008-07-29 08:54 . 2008-07-29 08:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll

- 2008-07-29 07:54 . 2008-07-29 07:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll

- 2009-08-08 20:20 . 2009-03-16 18:18 517448 c:\windows\system32\XAudio2_4.dll

+ 2009-08-08 20:20 . 2009-03-16 19:18 517448 c:\windows\system32\XAudio2_4.dll

+ 2009-08-08 20:20 . 2008-07-31 14:40 509448 c:\windows\system32\XAudio2_2.dll

- 2009-08-08 20:20 . 2008-07-30 10:20 509448 c:\windows\system32\XAudio2_2.dll

- 2008-06-24 21:34 . 2008-05-30 18:19 507400 c:\windows\system32\XAudio2_1.dll

+ 2008-06-24 21:34 . 2008-05-30 19:19 507400 c:\windows\system32\XAudio2_1.dll

+ 2009-08-08 20:20 . 2009-03-16 19:18 235352 c:\windows\system32\xactengine3_4.dll

- 2009-08-08 20:20 . 2009-03-16 18:18 235352 c:\windows\system32\xactengine3_4.dll

+ 2009-08-08 20:20 . 2008-07-30 11:20 238088 c:\windows\system32\xactengine3_2.dll

- 2009-08-08 20:20 . 2008-07-30 10:20 238088 c:\windows\system32\xactengine3_2.dll

+ 2008-06-24 21:34 . 2008-05-30 19:18 238088 c:\windows\system32\xactengine3_1.dll

- 2008-06-24 21:34 . 2008-05-30 18:18 238088 c:\windows\system32\xactengine3_1.dll

+ 2005-08-16 10:40 . 2009-08-06 23:24 209632 c:\windows\system32\wuweb.dll

+ 2005-08-16 10:40 . 2009-08-06 23:24 327896 c:\windows\system32\wucltui.dll

+ 2005-08-16 10:40 . 2009-08-06 23:23 575704 c:\windows\system32\wuapi.dll

+ 2005-08-16 10:19 . 2009-04-02 03:02 604160 c:\windows\system32\wmspdmod.dll

+ 2005-08-16 10:18 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll

+ 2009-03-26 20:09 . 2009-03-26 20:09 600217 c:\windows\system32\UDAAIM32.exe

+ 2009-10-18 09:16 . 2009-03-11 22:20 208384 c:\windows\system32\uc_rohan_launching.dll

+ 2005-08-16 10:19 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll

- 2005-08-16 10:19 . 2008-10-03 10:02 247326 c:\windows\system32\strmdll.dll

+ 2008-04-03 14:22 . 2009-06-04 04:36 108544 c:\windows\system32\sfms32.dll

+ 2005-08-16 10:18 . 2009-06-25 08:25 147456 c:\windows\system32\schannel.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 197912 c:\windows\system32\physxcudart_20.dll

+ 2008-11-26 13:55 . 2008-11-26 13:55 288024 c:\windows\system32\PhysXCplUI.exe

+ 2008-11-25 13:38 . 2008-11-25 13:38 288024 c:\windows\system32\PhysXCompatCplUI.exe

+ 2005-08-16 10:18 . 2009-12-26 22:24 442466 c:\windows\system32\perfh009.dat

- 2005-08-16 10:18 . 2009-06-10 21:05 442466 c:\windows\system32\perfh009.dat

- 2005-08-16 10:18 . 2009-07-03 17:09 206848 c:\windows\system32\occache.dll

+ 2005-08-16 10:18 . 2009-10-29 07:45 206848 c:\windows\system32\occache.dll

+ 2008-04-23 10:07 . 2008-04-23 10:07 805400 c:\windows\system32\oalinst.exe

+ 2007-07-30 23:18 . 2009-08-06 23:23 215920 c:\windows\system32\muweb.dll

+ 2008-04-12 22:44 . 2009-08-06 23:23 274288 c:\windows\system32\mucltui.dll

+ 2005-08-16 10:18 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll

+ 2007-08-13 22:54 . 2009-10-29 07:45 594432 c:\windows\system32\msfeeds.dll

- 2007-08-13 22:54 . 2009-07-03 17:09 594432 c:\windows\system32\msfeeds.dll

+ 2009-10-28 03:40 . 2009-10-28 03:40 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe

- 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe

+ 2005-08-16 10:18 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll

+ 2009-10-31 14:18 . 2007-10-29 03:16 151040 c:\windows\system32\KSXPPI32.dll

+ 2005-08-16 10:18 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll

+ 2005-08-16 10:18 . 2009-06-22 06:44 726528 c:\windows\system32\jscript.dll

- 2005-08-16 10:18 . 2009-03-08 08:33 726528 c:\windows\system32\jscript.dll

+ 2009-10-18 09:16 . 2009-07-03 04:34 710064 c:\windows\system32\ijjiSetup.exe

+ 2005-08-16 10:18 . 2009-10-29 07:45 184320 c:\windows\system32\iepeers.dll

- 2005-08-16 10:18 . 2009-07-03 17:09 184320 c:\windows\system32\iepeers.dll

+ 2005-08-16 10:18 . 2009-10-29 07:45 387584 c:\windows\system32\iedkcs32.dll

- 2005-08-16 10:18 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe

+ 2005-08-16 10:18 . 2009-10-28 14:40 173056 c:\windows\system32\ie4uinit.exe

+ 2008-04-03 14:24 . 2009-06-04 06:47 158744 c:\windows\system32\drivers\ctsfm2k.sys

+ 2008-04-03 14:24 . 2009-06-04 06:47 130072 c:\windows\system32\drivers\ctoss2k.sys

+ 2008-04-03 14:24 . 2009-06-04 06:47 347080 c:\windows\system32\drivers\ctdvda2k.sys

+ 2008-04-03 14:24 . 2009-06-04 06:47 526232 c:\windows\system32\drivers\ctaud2k.sys

+ 2008-04-03 14:24 . 2009-06-04 06:47 511000 c:\windows\system32\drivers\ctac32k.sys

+ 2009-06-04 06:46 . 2009-06-04 06:46 171032 c:\windows\system32\drivers\CT20XUT.sys

+ 2005-08-16 10:40 . 2009-08-06 23:24 209632 c:\windows\system32\dllcache\wuweb.dll

+ 2005-08-16 10:40 . 2009-08-06 23:24 327896 c:\windows\system32\dllcache\wucltui.dll

+ 2005-08-16 10:40 . 2009-08-06 23:23 575704 c:\windows\system32\dllcache\wuapi.dll

+ 2009-04-02 03:02 . 2009-04-02 03:02 604160 c:\windows\system32\dllcache\wmspdmod.dll

+ 2008-04-03 14:34 . 2009-10-29 07:45 916480 c:\windows\system32\dllcache\wininet.dll

+ 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll

+ 2009-09-09 21:41 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll

+ 2006-08-21 15:52 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll

- 2006-08-21 15:52 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll

+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll

+ 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll

- 2007-08-13 22:44 . 2009-07-03 17:09 206848 c:\windows\system32\dllcache\occache.dll

+ 2007-08-13 22:44 . 2009-10-29 07:45 206848 c:\windows\system32\dllcache\occache.dll

+ 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll

+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll

- 2008-04-11 21:50 . 2009-07-03 17:09 594432 c:\windows\system32\dllcache\msfeeds.dll

+ 2008-04-11 21:50 . 2009-10-29 07:45 594432 c:\windows\system32\dllcache\msfeeds.dll

+ 2009-04-15 03:50 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll

+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll

+ 2008-05-09 10:53 . 2009-06-22 06:44 726528 c:\windows\system32\dllcache\jscript.dll

- 2008-05-09 10:53 . 2009-03-08 08:33 726528 c:\windows\system32\dllcache\jscript.dll

+ 2009-06-10 21:02 . 2009-10-29 07:45 246272 c:\windows\system32\dllcache\ieproxy.dll

- 2009-06-10 21:02 . 2009-07-03 17:09 246272 c:\windows\system32\dllcache\ieproxy.dll

+ 2008-04-03 14:34 . 2009-10-29 07:45 184320 c:\windows\system32\dllcache\iepeers.dll

- 2008-04-03 14:34 . 2009-07-03 17:09 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2007-08-13 22:39 . 2009-10-29 07:45 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2007-08-13 22:39 . 2009-10-28 14:40 173056 c:\windows\system32\dllcache\ie4uinit.exe

- 2007-08-13 22:39 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe

+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys

+ 2009-08-26 03:15 . 2008-04-14 00:12 129024 c:\windows\system32\dllcache\cache\xmlprov.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\cache\winlogon.exe

+ 2009-08-26 03:15 . 2009-07-03 17:09 915456 c:\windows\system32\dllcache\cache\wininet.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\cache\user32.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 185856 c:\windows\system32\dllcache\cache\upnphost.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\cache\termsrv.dll

+ 2009-08-26 03:15 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys

+ 2009-08-26 03:15 . 2008-04-14 00:12 249856 c:\windows\system32\dllcache\cache\tapisrv.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 171008 c:\windows\system32\dllcache\cache\srsvc.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 135168 c:\windows\system32\dllcache\cache\shsvcs.dll

+ 2009-08-26 03:15 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\cache\services.exe

+ 2009-08-26 03:15 . 2008-04-14 00:12 192512 c:\windows\system32\dllcache\cache\schedsvc.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 181248 c:\windows\system32\dllcache\cache\scecli.dll

+ 2009-08-26 03:15 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\cache\rpcss.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 409088 c:\windows\system32\dllcache\cache\qmgr.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 435200 c:\windows\system32\dllcache\cache\ntmssvc.dll

+ 2009-08-26 03:15 . 2008-04-13 19:15 574976 c:\windows\system32\dllcache\cache\ntfs.sys

+ 2009-08-26 03:15 . 2008-04-14 00:12 198144 c:\windows\system32\dllcache\cache\netman.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 407040 c:\windows\system32\dllcache\cache\netlogon.dll

+ 2009-08-26 03:15 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys

+ 2009-08-26 03:15 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\cache\mswsock.dll

+ 2009-08-26 03:15 . 2008-04-14 00:11 927504 c:\windows\system32\dllcache\cache\mfc40u.dll

+ 2009-08-26 03:15 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\cache\kernel32.dll

+ 2009-08-26 03:15 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\cache\imm32.dll

+ 2009-08-26 03:15 . 2008-07-07 20:26 253952 c:\windows\system32\dllcache\cache\es.dll

+ 2009-08-26 03:15 . 2008-04-14 00:11 792064 c:\windows\system32\dllcache\cache\comres.dll

+ 2009-08-26 03:15 . 2008-04-14 00:11 617472 c:\windows\system32\dllcache\cache\comctl32.dll

+ 2009-08-26 03:15 . 2008-04-13 16:39 142592 c:\windows\system32\dllcache\cache\aec.sys

+ 2006-12-04 15:04 . 2009-06-04 04:36 275257 c:\windows\system32\data\CTP0760W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 277688 c:\windows\system32\data\CTP073AW.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 277688 c:\windows\system32\data\CTP0730W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 357983 c:\windows\system32\data\CTP0679W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 357983 c:\windows\system32\data\CTP0678W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275766 c:\windows\system32\data\CTP055AW.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 276094 c:\windows\system32\data\CTP0550W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275508 c:\windows\system32\data\CTP046CW.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275508 c:\windows\system32\data\CTP046BW.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275508 c:\windows\system32\data\CTP046AW.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275836 c:\windows\system32\data\CTP0469W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275836 c:\windows\system32\data\CTP0468W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275836 c:\windows\system32\data\CTP0466W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275836 c:\windows\system32\data\CTP0465W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275836 c:\windows\system32\data\CTP0464W.DAT

+ 2008-04-03 14:22 . 2009-06-04 04:36 276282 c:\windows\system32\data\CTP0463W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275836 c:\windows\system32\data\CTP0462W.DAT

+ 2006-12-04 15:04 . 2009-06-04 04:36 275836 c:\windows\system32\data\CTP0460W.DAT

+ 2009-08-08 20:20 . 2009-03-09 20:27 453456 c:\windows\system32\d3dx10_41.dll

- 2009-08-08 20:20 . 2009-03-09 19:27 453456 c:\windows\system32\d3dx10_41.dll

- 2009-06-17 00:02 . 2008-10-10 08:52 452440 c:\windows\system32\d3dx10_40.dll

+ 2009-06-17 00:02 . 2008-10-15 11:22 452440 c:\windows\system32\d3dx10_40.dll

- 2009-08-08 20:20 . 2008-07-10 15:01 467984 c:\windows\system32\d3dx10_39.dll

+ 2009-08-08 20:20 . 2008-07-12 12:18 467984 c:\windows\system32\d3dx10_39.dll

+ 2008-06-24 21:34 . 2008-05-30 19:11 467984 c:\windows\system32\d3dx10_38.dll

- 2008-06-24 21:34 . 2008-05-30 18:11 467984 c:\windows\system32\d3dx10_38.dll

+ 2009-10-31 15:20 . 2008-02-04 14:27 102400 c:\windows\system32\cttele32.dll

+ 2008-04-03 14:24 . 2005-11-08 11:18 548352 c:\windows\system32\ctsblfx.dll

+ 2008-04-03 14:24 . 2009-06-04 04:40 114688 c:\windows\system32\ctemupia.dll

+ 2008-04-03 14:24 . 2005-11-08 11:18 157696 c:\windows\system32\cteapsfx.dll

+ 2008-04-03 14:24 . 2008-09-30 03:23 181760 c:\windows\system32\ctdvinst.dll

+ 2008-04-03 14:22 . 2009-06-04 04:40 321512 c:\windows\system32\ctdlang.dat

+ 2008-04-03 14:24 . 2005-11-08 11:18 536576 c:\windows\system32\ctaudfx.dll

+ 2008-04-03 14:22 . 2009-06-04 04:37 193024 c:\windows\system32\ct_oal.dll

+ 2008-10-07 14:13 . 2008-10-07 14:13 116977 c:\windows\system32\AGEIA\AG1021\diag.bin

+ 2008-10-07 14:13 . 2008-10-07 14:13 214629 c:\windows\system32\AGEIA\AG1021\app.bin

+ 2008-10-07 14:13 . 2008-10-07 14:13 119473 c:\windows\system32\AGEIA\AG1011\diag.bin

+ 2008-10-07 14:13 . 2008-10-07 14:13 199885 c:\windows\system32\AGEIA\AG1011\app.bin

+ 2009-10-31 14:18 . 2007-07-16 07:50 782336 c:\windows\OALInst.exe

+ 2009-08-08 03:51 . 2009-08-08 03:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

- 2007-04-14 00:58 . 2007-04-14 00:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

+ 2008-05-28 04:49 . 2008-05-28 04:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

+ 2008-05-28 04:48 . 2008-05-28 04:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

- 2007-04-14 00:56 . 2007-04-14 00:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

- 2007-04-14 01:30 . 2007-04-14 01:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

+ 2008-05-28 05:30 . 2008-05-28 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

+ 2005-08-16 10:38 . 2009-06-24 01:59 303104 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll

- 2005-08-16 10:38 . 2004-07-20 00:54 303104 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll

+ 2005-08-16 10:38 . 2009-06-24 02:12 200704 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll

- 2005-08-16 10:38 . 2008-04-13 16:09 200704 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll

+ 2009-03-20 15:48 . 2009-03-20 15:48 183808 c:\windows\Installer\e200a8.msp

+ 2009-11-24 18:43 . 2009-11-24 18:43 429568 c:\windows\Installer\86c37.msi

+ 2009-10-28 07:33 . 2009-10-28 07:33 216576 c:\windows\Installer\176deef.msi

+ 2009-12-04 03:44 . 2009-12-04 03:44 683520 c:\windows\Installer\1713038.msi

+ 2008-02-14 00:22 . 2008-02-14 00:22 579112 c:\windows\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.1.8044\file_tgctlsr.dll

+ 2008-02-14 00:21 . 2008-02-14 00:21 370216 c:\windows\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.1.8044\file_sdcnetcheck.dll

+ 2009-11-04 02:20 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll

+ 2009-11-04 02:20 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe

+ 2009-12-09 03:31 . 2009-08-29 08:08 916480 c:\windows\ie8updates\KB976325-IE8\wininet.dll

+ 2009-12-09 03:31 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll

+ 2009-12-09 03:31 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe

+ 2009-12-09 03:31 . 2009-08-29 08:08 206848 c:\windows\ie8updates\KB976325-IE8\occache.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 246272 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 184320 c:\windows\ie8updates\KB976325-IE8\iepeers.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 387584 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll

+ 2009-12-09 03:31 . 2009-08-28 10:35 173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe

+ 2009-10-15 04:04 . 2009-07-03 17:09 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll

+ 2009-10-15 04:04 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll

+ 2009-10-15 04:04 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe

+ 2009-10-15 04:04 . 2009-07-03 17:09 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll

+ 2009-10-15 04:04 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe

+ 2009-09-09 23:40 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe

+ 2009-09-09 23:40 . 2009-03-08 08:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll

+ 2005-08-16 10:37 . 2009-08-18 14:55 179712 c:\windows\ehome\ehkeyctl.dll

+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys

+ 2009-10-18 09:59 . 2009-10-18 09:59 779720 c:\windows\Downloaded Program Files\PurpleBean.exe

+ 2009-10-18 09:16 . 2009-07-03 04:34 579032 c:\windows\Downloaded Program Files\PLauncher.exe

+ 2006-10-03 16:34 . 2006-05-16 15:58 484272 c:\windows\Downloaded Program Files\isusweb.dll

+ 2009-10-18 09:16 . 2009-07-03 04:34 480688 c:\windows\Downloaded Program Files\ijjistarter2.exe

+ 2009-10-18 09:16 . 2009-07-03 04:34 112048 c:\windows\Downloaded Program Files\ijjiSetup1010.dll

+ 2002-07-25 23:13 . 2006-05-16 15:58 196608 c:\windows\Downloaded Program Files\dwusplay.exe

- 2002-07-25 23:13 . 2002-07-25 23:13 196608 c:\windows\Downloaded Program Files\dwusplay.exe

+ 2009-11-27 06:03 . 2009-12-11 05:48 155648 c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP\WiseCustomCalla.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_c1eaac1e\System.Drawing.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_6734f453\System.Drawing.Design.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_bc08e080\CustomMarshalers.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 847872 c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a_39a29551\System.Drawing.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe

+ 2009-10-15 04:09 . 2009-10-15 04:09 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll

+ 2009-10-15 04:09 . 2009-10-15 04:09 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll

+ 2009-10-15 04:09 . 2009-10-15 04:09 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll

+ 2009-10-15 04:54 . 2009-10-15 04:54 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll

+ 2009-10-15 04:54 . 2009-10-15 04:54 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe

+ 2009-10-15 04:55 . 2009-10-15 04:55 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe

+ 2009-10-15 04:08 . 2009-10-15 04:08 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe

+ 2009-10-15 04:55 . 2009-10-15 04:55 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe

+ 2009-10-15 04:54 . 2009-10-15 04:54 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll

+ 2009-10-15 04:06 . 2009-10-15 04:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2009-10-15 04:06 . 2009-10-15 04:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2009-10-15 04:06 . 2009-10-15 04:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2009-05-08 03:34 . 2009-05-08 03:34 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll

- 2009-05-08 04:11 . 2009-05-08 04:11 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiplay.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll

- 2009-05-08 04:11 . 2009-05-08 04:11 868352 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 868352 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll

- 2008-08-16 03:07 . 2008-08-16 03:07 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll

Link to post
Share on other sites
Genjoukai

Genjoukai

Posted
  • Author
Posted

couldn't post the entire log in 1 reply here 2nd half

+ 2009-11-24 18:44 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB976098-v2$\spuninst\updspapi.dll

+ 2009-11-24 18:44 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe

+ 2009-10-15 04:00 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975467$\spuninst\updspapi.dll

+ 2009-10-15 04:00 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe

+ 2009-10-15 04:00 . 2009-06-25 08:25 136192 c:\windows\$NtUninstallKB975467$\msv1_0.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975025$\spuninst\updspapi.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974571$\spuninst\updspapi.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe

+ 2009-10-15 04:02 . 2008-10-03 10:02 247326 c:\windows\$NtUninstallKB974112$\strmdll.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974112$\spuninst\updspapi.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe

+ 2009-09-09 23:40 . 2008-05-06 20:16 382840 c:\windows\$NtUninstallKB973768$\spuninst\updspapi.dll

+ 2009-09-09 23:40 . 2008-05-06 20:16 231288 c:\windows\$NtUninstallKB973768$\spuninst\spuninst.exe

+ 2009-09-09 23:40 . 2006-10-09 20:18 178176 c:\windows\$NtUninstallKB973768$\ehkeyctl.dll

+ 2009-11-24 18:44 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973687$\spuninst\updspapi.dll

+ 2009-11-24 18:44 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe

+ 2009-10-15 04:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973525$\spuninst\updspapi.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe

+ 2009-10-15 04:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971486$\spuninst\updspapi.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe

+ 2009-08-26 14:40 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB970653-v3$\spuninst\updspapi.dll

+ 2009-08-26 14:40 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB970653-v3$\spuninst\spuninst.exe

+ 2009-11-10 20:48 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB969947$\spuninst\updspapi.dll

+ 2009-11-10 20:48 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB969947$\spuninst\spuninst.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB969059$\spuninst\updspapi.dll

+ 2009-10-15 04:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe

+ 2009-09-09 23:40 . 2007-07-27 14:41 382840 c:\windows\$NtUninstallKB968816_WM9$\spuninst\updspapi.dll

+ 2009-09-09 23:40 . 2007-07-27 14:41 231288 c:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe

+ 2009-10-15 04:00 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB968389$\spuninst\updspapi.dll

+ 2009-10-15 04:00 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe

+ 2009-10-15 04:00 . 2008-12-05 06:54 144896 c:\windows\$NtUninstallKB968389$\schannel.dll

+ 2009-10-15 04:00 . 2008-04-14 00:12 132608 c:\windows\$NtUninstallKB968389$\msv1_0.dll

+ 2009-10-15 04:00 . 2009-02-09 12:10 729088 c:\windows\$NtUninstallKB968389$\lsasrv.dll

+ 2009-10-15 04:00 . 2008-04-14 00:11 299520 c:\windows\$NtUninstallKB968389$\kerberos.dll

+ 2009-10-15 04:04 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB958869$\spuninst\updspapi.dll

+ 2009-10-15 04:04 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe

+ 2009-09-09 23:40 . 2008-04-14 00:12 153088 c:\windows\$NtUninstallKB956844$\triedit.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956844$\spuninst\updspapi.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe

+ 2009-10-15 04:02 . 2006-10-19 01:47 603648 c:\windows\$NtUninstallKB954155_WM9$\wmspdmod.dll

+ 2009-10-15 04:02 . 2007-07-27 14:41 382840 c:\windows\$NtUninstallKB954155_WM9$\spuninst\updspapi.dll

+ 2009-10-15 04:02 . 2007-07-27 14:41 231288 c:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe

+ 2009-10-15 04:01 . 2009-04-13 17:42 371424 c:\windows\$NtUninstallKB953295$\spuninst\updspapi.dll

+ 2009-10-15 04:01 . 2009-04-13 17:42 213216 c:\windows\$NtUninstallKB953295$\spuninst\spuninst.exe

+ 2009-10-15 04:01 . 2004-07-20 00:54 303104 c:\windows\$NtUninstallKB953295$\mscorjit.dll

+ 2009-10-15 04:01 . 2008-04-13 16:09 200704 c:\windows\$NtUninstallKB953295$\aspnet_isapi.dll

+ 2009-11-04 02:20 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB976749-IE8\update\updspapi.dll

+ 2009-11-04 02:20 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB976749-IE8\update\update.exe

+ 2009-11-04 02:20 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB976749-IE8\spuninst.exe

+ 2009-10-15 04:00 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975467\update\updspapi.dll

+ 2009-10-15 04:00 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975467\update\update.exe

+ 2009-10-15 04:00 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975467\spuninst.exe

+ 2009-09-11 14:13 . 2009-09-11 14:13 136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975025\update\updspapi.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975025\update\update.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975025\spuninst.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974571\update\updspapi.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974571\update\update.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974571\spuninst.exe

+ 2009-10-15 04:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974455-IE8\update\updspapi.dll

+ 2009-10-15 04:04 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB974455-IE8\update\update.exe

+ 2009-10-15 04:04 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB974455-IE8\spuninst.exe

+ 2009-10-15 02:01 . 2009-08-29 08:01 916480 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 206848 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\occache.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 594432 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeeds.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 246272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieproxy.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 184320 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iepeers.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 387584 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iedkcs32.dll

+ 2009-10-15 02:01 . 2009-08-28 10:07 173056 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ie4uinit.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974112\update\updspapi.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974112\update\update.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974112\spuninst.exe

+ 2009-08-26 08:03 . 2009-08-26 08:03 247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll

+ 2009-11-24 18:44 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973687\update\updspapi.dll

+ 2009-11-24 18:44 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973687\update\update.exe

+ 2009-11-24 18:44 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973687\spuninst.exe

+ 2009-10-15 04:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973525\update\updspapi.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973525\update\update.exe

+ 2009-10-15 04:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973525\spuninst.exe

+ 2009-09-09 23:40 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971961-IE8\update\updspapi.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971961-IE8\update\update.exe

+ 2009-09-09 23:40 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971961-IE8\spuninst.exe

+ 2009-09-09 21:41 . 2009-06-22 06:47 726528 c:\windows\$hf_mig$\KB971961-IE8\SP3QFE\jscript.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971486\update\updspapi.dll

+ 2009-10-15 04:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971486\update\update.exe

+ 2009-10-15 04:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971486\spuninst.exe

+ 2009-11-10 20:48 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969947\update\updspapi.dll

+ 2009-11-10 20:48 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969947\update\update.exe

+ 2009-11-10 20:48 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969947\spuninst.exe

+ 2009-10-15 04:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll

+ 2009-10-15 04:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969059\update\update.exe

+ 2009-10-15 04:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969059\spuninst.exe

+ 2009-10-15 04:00 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll

+ 2009-10-15 04:00 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB968389\update\update.exe

+ 2009-10-15 04:00 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB968389\spuninst.exe

+ 2009-06-25 08:41 . 2009-06-25 08:41 147456 c:\windows\$hf_mig$\KB968389\SP3QFE\schannel.dll

+ 2009-06-25 08:41 . 2009-06-25 08:41 136704 c:\windows\$hf_mig$\KB968389\SP3QFE\msv1_0.dll

+ 2009-06-26 09:41 . 2009-06-26 09:41 730112 c:\windows\$hf_mig$\KB968389\SP3QFE\lsasrv.dll

+ 2009-06-25 08:41 . 2009-06-25 08:41 301568 c:\windows\$hf_mig$\KB968389\SP3QFE\kerberos.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956844\update\updspapi.dll

+ 2009-09-09 23:40 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB956844\update\update.exe

+ 2009-09-09 23:40 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956844\spuninst.exe

+ 2009-09-09 21:41 . 2009-06-21 21:49 153088 c:\windows\$hf_mig$\KB956844\SP3QFE\triedit.dll

+ 2009-10-15 01:59 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll

- 2008-07-29 12:05 . 2008-07-29 12:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll

+ 2008-07-29 13:05 . 2008-07-29 13:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll

+ 2009-07-21 05:03 . 2009-07-21 05:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll

+ 2005-08-16 10:40 . 2009-08-06 23:23 1929952 c:\windows\system32\wuaueng.dll

+ 2005-08-16 10:19 . 2009-05-20 08:56 2458112 c:\windows\system32\WMVCore.dll

- 2005-08-16 10:19 . 2008-06-18 10:03 2458112 c:\windows\system32\WMVCore.dll

+ 2005-08-16 10:18 . 2009-08-14 13:21 1850624 c:\windows\system32\win32k.sys

+ 2005-08-16 10:18 . 2009-10-29 07:45 1208832 c:\windows\system32\urlmon.dll

- 2005-08-16 10:18 . 2009-07-03 17:09 1208832 c:\windows\system32\urlmon.dll

+ 2005-08-16 10:18 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll

- 2005-08-16 10:18 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll

- 2005-08-16 10:18 . 2009-02-06 11:06 2145280 c:\windows\system32\ntoskrnl.exe

+ 2005-08-16 10:18 . 2009-08-04 15:13 2145280 c:\windows\system32\ntoskrnl.exe

- 2004-08-04 04:59 . 2009-02-06 10:32 2023936 c:\windows\system32\ntkrnlpa.exe

+ 2004-08-04 04:59 . 2009-08-04 14:20 2023936 c:\windows\system32\ntkrnlpa.exe

+ 2007-05-15 21:43 . 2009-07-31 15:05 1372672 c:\windows\system32\msxml6.dll

+ 2009-07-21 05:05 . 2009-07-21 05:05 1348432 c:\windows\system32\msxml4.dll

+ 2005-08-16 10:18 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll

+ 2005-08-16 10:18 . 2009-10-29 07:45 5940736 c:\windows\system32\mshtml.dll

+ 2009-10-28 03:40 . 2009-10-28 03:40 3885984 c:\windows\system32\Macromed\Flash\NPSWF32.dll

+ 2007-08-13 22:34 . 2009-10-29 07:45 1985536 c:\windows\system32\iertutil.dll

- 2007-08-13 22:34 . 2009-07-03 17:09 1985536 c:\windows\system32\iertutil.dll

+ 2005-08-16 10:27 . 2009-11-10 23:30 2072080 c:\windows\system32\FNTCACHE.DAT

- 2005-08-16 10:27 . 2009-07-19 16:14 2072080 c:\windows\system32\FNTCACHE.DAT

+ 2009-10-31 14:18 . 2008-02-12 02:50 1670016 c:\windows\system32\drivers\skfilt.SYS

+ 2008-04-03 14:24 . 2009-06-04 06:48 1177624 c:\windows\system32\drivers\ha20x2k.sys

+ 2009-06-04 06:46 . 2009-06-04 06:46 1324056 c:\windows\system32\drivers\CTEXFIFX.sys

+ 2005-08-16 10:40 . 2009-08-06 23:23 1929952 c:\windows\system32\dllcache\wuaueng.dll

+ 2008-04-03 14:34 . 2009-05-20 08:56 2458112 c:\windows\system32\dllcache\WMVCore.dll

- 2008-04-03 14:34 . 2008-06-18 10:03 2458112 c:\windows\system32\dllcache\WMVCore.dll

+ 2008-10-15 18:41 . 2009-08-14 13:21 1850624 c:\windows\system32\dllcache\win32k.sys

+ 2008-04-03 14:34 . 2009-10-29 07:45 1208832 c:\windows\system32\dllcache\urlmon.dll

- 2008-04-03 14:34 . 2009-07-03 17:09 1208832 c:\windows\system32\dllcache\urlmon.dll

+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll

+ 2008-10-15 18:40 . 2009-08-05 00:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe

+ 2008-10-15 18:40 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe

- 2008-10-15 18:40 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe

- 2008-10-15 18:40 . 2009-02-07 23:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe

+ 2008-10-15 18:40 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe

+ 2008-10-15 18:40 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe

- 2008-10-15 18:40 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2008-08-16 02:53 . 2009-07-31 15:05 1372672 c:\windows\system32\dllcache\msxml6.dll

+ 2008-11-12 05:49 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll

+ 2007-10-30 21:25 . 2009-10-29 07:45 5940736 c:\windows\system32\dllcache\mshtml.dll

- 2008-04-11 21:50 . 2009-07-03 17:09 1985536 c:\windows\system32\dllcache\iertutil.dll

+ 2008-04-11 21:50 . 2009-10-29 07:45 1985536 c:\windows\system32\dllcache\iertutil.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll

+ 2009-08-26 03:15 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\cache\ntoskrnl.exe

+ 2009-08-26 03:15 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\cache\ntkrnlpa.exe

+ 2009-08-26 03:15 . 2009-07-19 13:18 5937152 c:\windows\system32\dllcache\cache\mshtml.dll

+ 2009-08-26 03:15 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\cache\explorer.exe

- 2009-08-08 20:20 . 2009-03-09 19:27 4178264 c:\windows\system32\D3DX9_41.dll

+ 2009-08-08 20:20 . 2009-03-09 20:27 4178264 c:\windows\system32\D3DX9_41.dll

- 2009-06-17 00:02 . 2008-10-10 08:52 4379984 c:\windows\system32\D3DX9_40.dll

+ 2009-06-17 00:02 . 2008-10-15 11:22 4379984 c:\windows\system32\D3DX9_40.dll

- 2009-08-08 20:20 . 2008-07-10 15:00 3851784 c:\windows\system32\D3DX9_39.dll

+ 2009-08-08 20:20 . 2008-07-12 12:18 3851784 c:\windows\system32\D3DX9_39.dll

- 2008-06-24 21:34 . 2008-05-30 18:11 3850760 c:\windows\system32\D3DX9_38.dll

+ 2008-06-24 21:34 . 2008-05-30 19:11 3850760 c:\windows\system32\D3DX9_38.dll

- 2009-08-08 20:20 . 2009-03-09 19:27 1846632 c:\windows\system32\D3DCompiler_41.dll

+ 2009-08-08 20:20 . 2009-03-09 20:27 1846632 c:\windows\system32\D3DCompiler_41.dll

+ 2009-06-17 00:02 . 2008-10-15 11:22 2036576 c:\windows\system32\D3DCompiler_40.dll

- 2009-06-17 00:02 . 2008-10-10 08:52 2036576 c:\windows\system32\D3DCompiler_40.dll

+ 2009-08-08 20:20 . 2008-07-12 12:18 1493528 c:\windows\system32\D3DCompiler_39.dll

- 2009-08-08 20:20 . 2008-07-10 15:00 1493528 c:\windows\system32\D3DCompiler_39.dll

- 2008-06-24 21:34 . 2008-05-30 18:11 1491992 c:\windows\system32\D3DCompiler_38.dll

+ 2008-06-24 21:34 . 2008-05-30 19:11 1491992 c:\windows\system32\D3DCompiler_38.dll

+ 2008-04-03 14:22 . 2009-06-04 04:49 1213440 c:\windows\system32\CTxfispi.exe

+ 2009-08-08 03:51 . 2009-08-08 03:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2009-08-08 03:51 . 2009-08-08 03:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

- 2008-11-25 08:59 . 2008-11-25 08:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2008-05-28 05:35 . 2008-05-28 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll

- 2007-04-14 01:35 . 2007-04-14 01:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll

+ 2008-05-28 05:35 . 2008-05-28 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll

- 2007-04-14 01:35 . 2007-04-14 01:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll

+ 2008-05-28 04:48 . 2008-05-28 04:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

- 2007-04-14 00:57 . 2007-04-14 00:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

+ 2008-05-28 04:48 . 2008-05-28 04:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll

- 2007-04-14 00:57 . 2007-04-14 00:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll

+ 2008-05-28 04:43 . 2008-05-28 04:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

- 2007-04-14 00:50 . 2007-04-14 00:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

+ 2005-08-16 10:38 . 2009-06-29 15:58 1200128 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Web.dll

- 2005-08-16 10:38 . 2007-01-02 20:40 1200128 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Web.dll

+ 2005-08-16 10:38 . 2009-06-24 02:00 2281472 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll

- 2005-08-16 10:38 . 2007-12-17 11:59 2281472 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll

+ 2005-08-16 10:38 . 2009-06-24 02:00 2273280 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll

- 2005-08-16 10:38 . 2007-12-17 11:58 2273280 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll

+ 2005-08-16 10:38 . 2009-06-29 15:58 1998848 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll

- 2005-08-16 10:38 . 2007-01-02 20:21 1998848 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll

+ 2009-05-26 16:23 . 2009-05-26 16:23 3478528 c:\windows\Installer\8c4843.msp

+ 2009-12-26 11:32 . 2009-12-26 11:32 1093632 c:\windows\Installer\26ca8d.msi

+ 2009-11-08 15:36 . 2009-11-08 15:36 1500160 c:\windows\Installer\12505de.msi

+ 2009-11-04 02:20 . 2009-08-29 08:08 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 1208832 c:\windows\ie8updates\KB976325-IE8\urlmon.dll

+ 2009-12-09 03:31 . 2009-10-22 09:19 5939712 c:\windows\ie8updates\KB976325-IE8\mshtml.dll

+ 2009-12-09 03:31 . 2009-08-29 08:08 1985536 c:\windows\ie8updates\KB976325-IE8\iertutil.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll

+ 2009-10-15 04:04 . 2009-07-19 13:18 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll

+ 2009-10-15 04:04 . 2009-07-03 17:09 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll

+ 2008-10-15 18:40 . 2009-08-05 00:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2008-10-15 18:40 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe

- 2008-10-15 18:40 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2008-10-15 18:40 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe

- 2008-10-15 18:40 . 2009-02-07 23:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2008-10-15 18:40 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe

- 2008-10-15 18:40 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2009-10-15 04:02 . 2009-10-15 04:02 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ace245a2\System.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_00f86240\System.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b89e8fc0\System.Xml.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b3253234\System.Xml.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f2edccce\System.Windows.Forms.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_5ba0e409\System.Windows.Forms.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7bd7f060\System.Drawing.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_ed39fab2\System.Design.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5e8f4f8f\System.Design.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4cab6f38\mscorlib.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_263da5d8\mscorlib.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 1855488 c:\windows\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_b9d11293\System.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 2027520 c:\windows\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_ade83979\System.Xml.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 2953216 c:\windows\assembly\NativeImages1_v1.0.3705\System.Windows.Forms\1.0.3300.0__b77a5c561934e089_5056f801\System.Windows.Forms.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 1454080 c:\windows\assembly\NativeImages1_v1.0.3705\System.Design\1.0.3300.0__b03f5f7f11d50a3a_2d8a3c2f\System.Design.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 3301376 c:\windows\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_94fdb894\mscorlib.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll

+ 2009-10-15 04:09 . 2009-10-15 04:09 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll

+ 2009-10-15 04:09 . 2009-10-15 04:09 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll

+ 2009-10-15 04:54 . 2009-10-15 04:54 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll

+ 2009-10-15 04:54 . 2009-10-15 04:54 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2009-10-15 04:55 . 2009-10-15 04:55 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2009-10-15 04:06 . 2009-10-15 04:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2009-05-08 03:34 . 2009-05-08 03:34 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2009-10-15 04:06 . 2009-10-15 04:06 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

- 2009-05-08 03:35 . 2009-05-08 03:35 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

- 2008-04-09 13:21 . 2008-04-09 13:21 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

+ 2009-10-15 04:02 . 2009-10-15 04:02 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

- 2008-04-09 13:21 . 2008-04-09 13:21 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

+ 2009-10-15 04:01 . 2009-10-15 04:01 1200128 c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll

- 2008-08-16 03:01 . 2008-08-16 03:01 1200128 c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-05-02 16:17 . 2009-05-02 16:17 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-12-11 05:49 . 2009-12-11 05:49 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-09-10 09:01 . 2009-09-10 09:01 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll

- 2009-05-08 04:11 . 2009-05-08 04:11 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll

+ 2009-11-24 18:44 . 2008-09-10 01:14 1307648 c:\windows\$NtUninstallKB973687$\msxml6.dll

+ 2009-11-24 18:44 . 2008-09-04 17:15 1106944 c:\windows\$NtUninstallKB973687$\msxml3.dll

+ 2009-10-15 04:01 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe

+ 2009-10-15 04:01 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe

+ 2009-10-15 04:01 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe

+ 2009-10-15 04:01 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe

+ 2009-11-10 20:48 . 2009-04-17 12:26 1847168 c:\windows\$NtUninstallKB969947$\win32k.sys

+ 2009-10-15 04:02 . 2008-04-14 00:12 1435648 c:\windows\$NtUninstallKB969059$\query.dll

+ 2009-09-09 23:40 . 2008-06-18 10:03 2458112 c:\windows\$NtUninstallKB968816_WM9$\wmvcore.dll

+ 2009-10-15 04:01 . 2007-01-02 20:40 1200128 c:\windows\$NtUninstallKB953295$\system.web.dll

+ 2009-10-15 04:01 . 2007-12-17 11:59 2281472 c:\windows\$NtUninstallKB953295$\mscorwks.dll

+ 2009-10-15 04:01 . 2007-12-17 11:58 2273280 c:\windows\$NtUninstallKB953295$\mscorsvr.dll

+ 2009-10-15 04:01 . 2007-01-02 20:21 1998848 c:\windows\$NtUninstallKB953295$\mscorlib.dll

+ 2009-11-04 02:13 . 2009-10-22 09:18 5943296 c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 1209344 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\urlmon.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 5942272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll

+ 2009-10-15 02:01 . 2009-08-29 08:01 1986048 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iertutil.dll

+ 2009-11-24 18:41 . 2009-07-31 04:24 1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll

+ 2009-11-24 18:41 . 2009-07-31 04:24 1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll

+ 2009-10-15 01:58 . 2009-08-04 13:56 2189312 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

+ 2009-10-15 01:58 . 2009-08-04 13:17 2023936 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe

+ 2009-08-04 22:47 . 2009-08-04 22:47 2066176 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe

+ 2009-10-15 01:58 . 2009-08-04 13:54 2145280 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe

+ 2009-08-14 12:19 . 2009-08-14 12:19 1859712 c:\windows\$hf_mig$\KB969947\SP3QFE\win32k.sys

+ 2009-07-17 16:01 . 2009-07-17 16:01 1435648 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll

+ 2008-04-11 19:54 . 2009-12-01 20:06 25966024 c:\windows\system32\MRT.exe

+ 2007-08-13 22:54 . 2009-10-29 07:45 11069952 c:\windows\system32\ieframe.dll

+ 2008-04-11 21:50 . 2009-10-29 07:45 11069952 c:\windows\system32\dllcache\ieframe.dll

+ 2009-10-31 15:16 . 2009-05-18 18:34 22691984 c:\windows\system32\AppSetup.exe

+ 2009-08-11 01:08 . 2009-08-11 01:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp

+ 2009-08-15 00:32 . 2009-08-15 00:32 11110912 c:\windows\Installer\790b3c.msp

+ 2009-08-10 18:09 . 2009-08-10 18:09 17254912 c:\windows\Installer\790b34.msp

+ 2009-09-09 23:40 . 2009-09-09 23:40 15709696 c:\windows\Installer\700fe3.msp

+ 2009-12-09 03:31 . 2009-08-29 08:08 11069440 c:\windows\ie8updates\KB976325-IE8\ieframe.dll

+ 2009-10-15 04:04 . 2009-07-19 22:48 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll

+ 2009-10-15 04:56 . 2009-10-15 04:56 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll

+ 2009-10-15 04:54 . 2009-10-15 04:54 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll

+ 2009-10-15 04:08 . 2009-10-15 04:08 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll

+ 2009-10-15 04:07 . 2009-10-15 04:07 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll

+ 2009-08-29 17:31 . 2009-08-29 17:31 11069952 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieframe.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

2009-04-02 17:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-07 323392]

"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-10-06 2075384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]

"CTHelper"="CTHELPER.EXE" [2006-12-12 19456]

"CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]

"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]

"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-09-17 124200]

"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-14 16384]

"Diamondback"="c:\program files\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456]

"Tarantula"="c:\program files\Razer\Tarantula\razerhid.exe" [2006-09-30 176128]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-17 185896]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-04 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]

"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 1807960]

"nwiz"="nwiz.exe" [2008-05-16 1630208]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"CTxfiHlp"="CTXFIHLP.EXE" [2009-06-04 25600]

"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-08-06 233576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SetDefaultMIDI"="MIDIDEF.EXE" [2005-11-08 25600]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Steam\\steamapps\\deusxmachina\\day of defeat source\\hl2.exe"=

"c:\\Program Files\\Stardock Games\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=

"c:\\Program Files\\Steam\\steamapps\\deusxmachina\\counter-strike source\\hl2.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"=

"c:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat"=

"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

"c:\\Program Files\\Steam\\steamapps\\deusxmachina\\team fortress 2\\hl2.exe"=

"c:\\Program Files\\Steam\\steamapps\\zeroseraph\\team fortress 2\\hl2.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

"c:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=

"c:\\Program Files\\Atari\\AITD\\Alone.exe"=

"c:\\Program Files\\Steam\\Steam.exe"=

"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=

"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=

"c:\\Program Files\\Warcraft III\\listchecker\\pickup.listchecker.exe"=

"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\Bootstrapper.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\BattleForge.exe"=

"c:\\Program Files\\Persona\\Persona.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=

"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\AeriaGames\\WolfTeam\\Wolfteam.bin"=

"c:\\AeriaGames\\DragonSky\\DragonSky.exe"=

"c:\\Program Files\\Heroes of Newerth\\hon.exe"=

"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\REACTOR.exe"=

"c:\\WINDOWS\\Downloaded Program Files\\PurpleBean.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\Launcher.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=

"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=

"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=

"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=

"c:\\Program Files\\2K Games\\Gearbox Software\\Borderlands\\Binaries\\Borderlands.exe"=

"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Documents and Settings\\David\\Local Settings\\Apps\\2.0\\ZZJPJMG1.C3N\\NBJJB3LX.BEC\\curs..tion_eee711038731a406_0004.0000_1332b9f434841748\\CurseClient.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"37103:TCP"= 37103:TCP:uTorrent

"37103:UDP"= 37103:UDP:uTorrent

"57785:TCP"= 57785:TCP:Azureus

"57785:UDP"= 57785:UDP:Azureus

"6112:TCP"= 6112:TCP:Warcraft III

"6113:TCP"= 6113:TCP:Warcraft III

"6114:TCP"= 6114:TCP:Warcraft III

"6115:TCP"= 6115:TCP:Warcraft III

"6116:TCP"= 6116:TCP:Warcraft III

"6117:TCP"= 6117:TCP:Warcraft III

"6118:TCP"= 6118:TCP:Warcraft III

"6119:TCP"= 6119:TCP:Warcraft III

"6112:UDP"= 6112:UDP:Warcraft III

"6113:UDP"= 6113:UDP:Warcraft III

"6114:UDP"= 6114:UDP:Warcraft III

"6115:UDP"= 6115:UDP:Warcraft III

"6116:UDP"= 6116:UDP:Warcraft III

"6117:UDP"= 6117:UDP:Warcraft III

"6118:UDP"= 6118:UDP:Warcraft III

"6119:UDP"= 6119:UDP:Warcraft III

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"8370:TCP"= 8370:TCP:League of Legends Launcher

"8370:UDP"= 8370:UDP:League of Legends Launcher

"8371:TCP"= 8371:TCP:League of Legends Launcher

"8371:UDP"= 8371:UDP:League of Legends Launcher

"8372:TCP"= 8372:TCP:League of Legends Launcher

"8372:UDP"= 8372:UDP:League of Legends Launcher

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

"57018:TCP"= 57018:TCP:Pando Media Booster

"57018:UDP"= 57018:UDP:Pando Media Booster

"7777:TCP"= 7777:TCP:Borderlands

"28900:TCP"= 28900:TCP:Borderlands

"28902:TCP"= 28902:TCP:Borderlands

"28910:TCP"= 28910:TCP:Borderlands

"7777:UDP"= 7777:UDP:Borderlands

"27900:UDP"= 27900:UDP:Borderlands

"28902:UDP"= 28902:UDP:Borderlands

R3 Razerlow;Diamondback 3G USB Filter Driver;c:\windows\system32\drivers\DB3G.sys [4/8/2008 4:13 PM 13225]

R3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [4/8/2008 4:15 PM 45440]

S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4/25/2009 1:14 PM 691696]

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/12/2009 10:59 PM 108289]

S2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [12/14/2009 2:03 AM 464264]

S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [12/14/2009 2:03 AM 234888]

S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [9/18/2006 4:50 PM 345696]

S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [8/29/2006 3:54 PM 923216]

S2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [9/11/2006 6:11 PM 36368]

S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [8/29/2006 3:55 PM 566872]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [10/31/2009 9:15 AM 79360]

S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [10/31/2009 9:22 AM 79360]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [6/4/2009 1:46 AM 171032]

S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [6/4/2009 1:46 AM 171032]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [6/4/2009 1:46 AM 1324056]

S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [6/4/2009 1:46 AM 1324056]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [6/4/2009 1:46 AM 72728]

S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [6/4/2009 1:46 AM 72728]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [11/8/2009 10:28 AM 25832]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [4/6/2009 12:19 PM 23064]

S3 skfilt;skfilt;c:\windows\system32\drivers\skfilt.SYS [10/31/2009 9:18 AM 1670016]

S3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [8/29/2006 3:54 PM 280392]

S3 XDva164;XDva164;\??\c:\windows\system32\XDva164.sys --> c:\windows\system32\XDva164.sys [?]

S3 XDva165;XDva165;\??\c:\windows\system32\XDva165.sys --> c:\windows\system32\XDva165.sys [?]

S3 XDva167;XDva167;\??\c:\windows\system32\XDva167.sys --> c:\windows\system32\XDva167.sys [?]

S3 XDva177;XDva177;\??\c:\windows\system32\XDva177.sys --> c:\windows\system32\XDva177.sys [?]

S3 XDva186;XDva186;\??\c:\windows\system32\XDva186.sys --> c:\windows\system32\XDva186.sys [?]

S3 XDva224;XDva224;\??\c:\windows\system32\XDva224.sys --> c:\windows\system32\XDva224.sys [?]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

FF - ProfilePath - c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\

FF - prefs.js: browser.search.selectedEngine - DAEMON Search

FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official

FF - plugin: c:\documents and settings\David\Application Data\Move Networks\plugins\npqmp071505000010.dll

FF - plugin: c:\documents and settings\David\Application Data\Move Networks\plugins\npqmp071701000002.dll

FF - plugin: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll

FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll

FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-lphcgp1j0eec3 - c:\windows\system32\lphcgp1j0eec3.exe

MSConfigStartUp-SMrhclp1j0eec3 - c:\program files\rhclp1j0eec3\rhclp1j0eec3.exe

**************************************************************************

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CTHelper = CTHELPER.EXE?

CTxfiHlp = CTXFIHLP.EXE?

scanning hidden files ...

scan completed successfully

hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-4218801841-1175837858-694166655-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:67,52,92,08,dc,5f,55,9b,bb,c4,6b,9e,51,b6,46,5b,3f,f6,ea,33,59,b5,fa,

cb,18,50,7c,ec,c7,1e,01,ac,df,dd,b1,6a,4c,ce,a5,4e,85,76,40,64,07,35,3b,a2,\

"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-4218801841-1175837858-694166655-1005\Software\SecuROM\License information*]

"datasecu"=hex:8a,4f,a2,8e,d0,74,ae,ed,c6,e7,cd,92,09,12,b1,22,9d,c3,34,9d,68,

3f,21,b7,e9,bf,a8,f7,9c,6e,24,8e,7f,74,5f,8c,0c,dc,0c,23,5f,71,bb,e3,a0,6e,\

"rkeysecu"=hex:d8,60,ff,72,56,62,c1,09,34,1e,cf,60,f1,e6,bc,09

.

Completion time: 2009-12-26 17:34:19

ComboFix-quarantined-files.txt 2009-12-26 22:34

ComboFix2.txt 2009-08-26 03:16

ComboFix3.txt 2009-06-13 19:02

Pre-Run: 409,446,465,536 bytes free

Post-Run: 410,118,074,368 bytes free

- - End Of File - - 4C344FDFEAF746D04F54D5ED390CB301

also i can't seem to uninstall the ask toolbar as you recommended.

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Hi,

also i can't seem to uninstall the ask toolbar as you recommended.
Then we'll have to deal with it manually..

I see you ran Combofix more than one time, so it's a bit confusing here if it has done its job properly before.

Anyway, I also see that your Antivirus was still enabled when you ran Combofix, so please disable it.

Then, * Open notepad - don't use any other texteditor than notepad or the script will fail.

Copy/paste the text in the quotebox below into notepad:

Folder::

c:\program files\AskBarDis

Driver::

ASKService

ASKUpgrade

XDva164

XDva165

XDva167

XDva177

XDva186

XDva224

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-

[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

CFScript.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

Link to post
Share on other sites
Genjoukai

Genjoukai

Posted
  • Author
Posted

ComboFix 09-12-27.02 - David 12/28/2009 1:46.5.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3069.2392 [GMT -5:00]

Running from: c:\documents and settings\David\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\David\Desktop\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}

FW: PC-cillin Internet Security - Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\AskBarDis

c:\program files\AskBarDis\bar\bin\askBar.dll

c:\program files\AskBarDis\bar\bin\askPopStp.dll

c:\program files\AskBarDis\bar\bin\AskService.exe

c:\program files\AskBarDis\bar\bin\AskSplash.exe

c:\program files\AskBarDis\bar\bin\AskTBApp.exe

c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe

c:\program files\AskBarDis\bar\bin\psvince.dll

c:\program files\AskBarDis\bar\Cache\00D80DA1

c:\program files\AskBarDis\bar\Cache\00D8134E.bin

c:\program files\AskBarDis\bar\Cache\00D81448.bin

c:\program files\AskBarDis\bar\Cache\00D814E5.bin

c:\program files\AskBarDis\bar\Cache\00D81590.bin

c:\program files\AskBarDis\bar\Cache\00D83202.bin

c:\program files\AskBarDis\bar\Cache\00D8326F.bin

c:\program files\AskBarDis\bar\Cache\00D832DC.bin

c:\program files\AskBarDis\bar\Cache\files.ini

c:\program files\AskBarDis\bar\History\search

c:\program files\AskBarDis\bar\Settings\AskLogo.ico

c:\program files\AskBarDis\bar\Settings\config.dat

c:\program files\AskBarDis\bar\Settings\config.dat.bak

c:\program files\AskBarDis\bar\Settings\prevcfg.htm

c:\program files\AskBarDis\bar\Settings\prevCfg2.htm

c:\program files\AskBarDis\unins000.dat

c:\program files\AskBarDis\unins000.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_ASKSERVICE

-------\Legacy_ASKUPGRADE

-------\Legacy_XDVA164

-------\Legacy_XDVA165

-------\Legacy_XDVA167

-------\Legacy_XDVA177

-------\Legacy_XDVA186

-------\Legacy_XDVA224

-------\Service_ASKService

-------\Service_ASKUpgrade

-------\Service_XDva164

-------\Service_XDva165

-------\Service_XDva167

-------\Service_XDva177

-------\Service_XDva186

-------\Service_XDva224

((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-28 )))))))))))))))))))))))))))))))

.

2009-12-26 11:32 . 2009-12-26 11:32 -------- d-----w- c:\program files\TrendMicro

2009-12-11 05:35 . 2009-12-11 05:35 -------- d-----w- c:\program files\2K Games

2009-12-11 05:35 . 2009-12-11 05:47 -------- d-----w- C:\BDS

2009-12-11 05:27 . 2009-12-11 05:27 -------- d-----w- c:\program files\DAEMON Tools Toolbar

2009-12-11 05:26 . 2009-12-11 05:27 -------- d-----w- c:\program files\DAEMON Tools Lite

2009-12-11 05:26 . 2009-12-11 05:34 -------- d-----w- c:\documents and settings\David\Application Data\DAEMON Tools Lite

2009-12-11 05:26 . 2009-12-11 05:26 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite

2009-12-11 05:21 . 2009-12-11 05:21 -------- d-----w- c:\program files\Alcohol Soft

2009-12-05 02:53 . 2009-12-05 02:53 -------- d-----w- c:\program files\Gpotato

2009-12-05 02:45 . 2009-12-05 03:45 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\PMB Files

2009-12-05 02:45 . 2009-12-05 02:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files

2009-12-05 02:44 . 2009-12-05 02:44 -------- d-----w- c:\program files\Pando Networks

2009-12-04 03:43 . 2009-12-04 03:44 -------- d-----w- c:\program files\Ventrilo

2009-11-28 20:30 . 2009-11-28 20:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ICS

2009-11-28 19:15 . 2009-09-23 14:41 26176 ---ha-w- c:\windows\system32\hamachi.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-28 07:02 . 2009-08-08 20:09 -------- d-----w- c:\program files\DNA

2009-12-28 07:02 . 2009-08-08 20:09 -------- d-----w- c:\documents and settings\David\Application Data\DNA

2009-12-26 11:10 . 2009-06-10 21:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-25 22:58 . 2009-08-15 03:28 -------- d-----w- c:\documents and settings\David\Application Data\Skype

2009-12-25 21:01 . 2009-08-15 03:29 -------- d-----w- c:\documents and settings\David\Application Data\skypePM

2009-12-25 02:26 . 2009-11-13 09:29 623944 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2009-12-22 19:07 . 2009-10-02 22:50 -------- d-----w- c:\documents and settings\David\Application Data\Move Networks

2009-12-19 17:23 . 2009-10-18 21:06 -------- d-----w- c:\program files\World of Warcraft

2009-12-19 16:15 . 2009-08-12 01:55 -------- d-----w- c:\program files\Heroes of Newerth

2009-12-14 08:36 . 2008-04-09 13:48 -------- d-----w- c:\documents and settings\David\Application Data\Azureus

2009-12-14 07:04 . 2008-04-08 21:59 -------- d-----w- c:\program files\Azureus

2009-12-11 05:35 . 2008-04-03 14:38 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-12-11 05:27 . 2009-04-25 18:14 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-12-08 01:55 . 2009-08-13 03:59 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-12-04 03:43 . 2009-11-08 15:36 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2009-12-03 21:14 . 2009-06-10 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-03 21:13 . 2009-06-10 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-11-27 06:03 . 2008-04-08 21:13 -------- d-----w- c:\program files\DIFX

2009-11-21 03:41 . 2009-11-19 17:52 -------- d-----w- c:\program files\Heroes of Newerth Test Client

2009-11-20 20:56 . 2005-08-17 02:58 -------- d-----w- c:\program files\RGB

2009-11-14 12:44 . 2008-04-08 21:10 -------- d-----w- c:\documents and settings\David\Application Data\Creative

2009-11-10 15:03 . 2009-11-10 14:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment

2009-11-10 13:06 . 2009-10-18 21:05 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment

2009-11-08 15:58 . 2009-11-08 15:58 -------- d-----w- c:\documents and settings\All Users\Application Data\BioWare

2009-11-08 15:36 . 2009-11-08 15:36 -------- d-----w- c:\program files\AGEIA Technologies

2009-11-08 15:36 . 2009-11-08 15:15 -------- d-----w- c:\program files\Common Files\BioWare

2009-11-08 15:28 . 2009-11-08 15:15 -------- d-----w- c:\program files\Dragon Age

2009-10-31 16:00 . 2008-04-03 14:41 -------- d-----w- c:\program files\Creative

2009-10-31 15:58 . 2009-10-31 14:19 -------- d--h--w- c:\program files\Creative Installation Information

2009-10-31 15:21 . 2008-04-03 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative

2009-10-31 15:20 . 2008-04-03 14:22 444952 ----a-w- c:\windows\system32\wrap_oal.dll

2009-10-31 15:20 . 2008-04-03 14:22 109080 ----a-w- c:\windows\system32\OpenAL32.dll

2009-10-31 15:20 . 2009-10-31 15:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\Creative

2009-10-31 14:22 . 2009-10-31 14:15 -------- d-----w- c:\program files\Common Files\Creative Labs Shared

2009-10-31 14:19 . 2009-10-31 14:19 -------- d-----w- c:\program files\Common Files\Creative

2009-10-31 14:17 . 2009-10-31 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative Labs

2009-10-29 07:45 . 2005-08-16 10:18 916480 ------w- c:\windows\system32\wininet.dll

2009-10-28 01:36 . 2008-08-26 00:31 100305 ----a-w- c:\windows\War3Unin.dat

2009-10-21 05:38 . 2005-08-16 10:18 75776 ----a-w- c:\windows\system32\strmfilt.dll

2009-10-21 05:38 . 2005-08-16 10:18 25088 ----a-w- c:\windows\system32\httpapi.dll

2009-10-20 16:20 . 2004-08-04 05:00 265728 ----a-w- c:\windows\system32\drivers\http.sys

2009-10-13 10:30 . 2005-08-16 10:18 270336 ----a-w- c:\windows\system32\oakley.dll

2009-10-12 13:38 . 2005-08-16 10:18 149504 ----a-w- c:\windows\system32\rastls.dll

2009-10-12 13:38 . 2005-08-16 10:18 79872 ----a-w- c:\windows\system32\raschap.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-07 323392]

"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-10-06 2075384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]

"CTHelper"="CTHELPER.EXE" [2006-12-12 19456]

"CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]

"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]

"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-09-17 124200]

"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-14 16384]

"Diamondback"="c:\program files\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456]

"Tarantula"="c:\program files\Razer\Tarantula\razerhid.exe" [2006-09-30 176128]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-17 185896]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-04 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]

"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 1807960]

"nwiz"="nwiz.exe" [2008-05-16 1630208]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"CTxfiHlp"="CTXFIHLP.EXE" [2009-06-04 25600]

"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-08-06 233576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SetDefaultMIDI"="MIDIDEF.EXE" [2005-11-08 25600]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Steam\\steamapps\\deusxmachina\\day of defeat source\\hl2.exe"=

"c:\\Program Files\\Stardock Games\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=

"c:\\Program Files\\Steam\\steamapps\\deusxmachina\\counter-strike source\\hl2.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"=

"c:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat"=

"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

"c:\\Program Files\\Steam\\steamapps\\deusxmachina\\team fortress 2\\hl2.exe"=

"c:\\Program Files\\Steam\\steamapps\\zeroseraph\\team fortress 2\\hl2.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

"c:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=

"c:\\Program Files\\Atari\\AITD\\Alone.exe"=

"c:\\Program Files\\Steam\\Steam.exe"=

"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=

"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=

"c:\\Program Files\\Warcraft III\\listchecker\\pickup.listchecker.exe"=

"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\Bootstrapper.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\BattleForge.exe"=

"c:\\Program Files\\Persona\\Persona.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=

"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\AeriaGames\\WolfTeam\\Wolfteam.bin"=

"c:\\AeriaGames\\DragonSky\\DragonSky.exe"=

"c:\\Program Files\\Heroes of Newerth\\hon.exe"=

"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\REACTOR.exe"=

"c:\\WINDOWS\\Downloaded Program Files\\PurpleBean.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\Launcher.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=

"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=

"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=

"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=

"c:\\Program Files\\2K Games\\Gearbox Software\\Borderlands\\Binaries\\Borderlands.exe"=

"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Documents and Settings\\David\\Local Settings\\Apps\\2.0\\ZZJPJMG1.C3N\\NBJJB3LX.BEC\\curs..tion_eee711038731a406_0004.0000_1332b9f434841748\\CurseClient.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"37103:TCP"= 37103:TCP:uTorrent

"37103:UDP"= 37103:UDP:uTorrent

"57785:TCP"= 57785:TCP:Azureus

"57785:UDP"= 57785:UDP:Azureus

"6112:TCP"= 6112:TCP:Warcraft III

"6113:TCP"= 6113:TCP:Warcraft III

"6114:TCP"= 6114:TCP:Warcraft III

"6115:TCP"= 6115:TCP:Warcraft III

"6116:TCP"= 6116:TCP:Warcraft III

"6117:TCP"= 6117:TCP:Warcraft III

"6118:TCP"= 6118:TCP:Warcraft III

"6119:TCP"= 6119:TCP:Warcraft III

"6112:UDP"= 6112:UDP:Warcraft III

"6113:UDP"= 6113:UDP:Warcraft III

"6114:UDP"= 6114:UDP:Warcraft III

"6115:UDP"= 6115:UDP:Warcraft III

"6116:UDP"= 6116:UDP:Warcraft III

"6117:UDP"= 6117:UDP:Warcraft III

"6118:UDP"= 6118:UDP:Warcraft III

"6119:UDP"= 6119:UDP:Warcraft III

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"8370:TCP"= 8370:TCP:League of Legends Launcher

"8370:UDP"= 8370:UDP:League of Legends Launcher

"8371:TCP"= 8371:TCP:League of Legends Launcher

"8371:UDP"= 8371:UDP:League of Legends Launcher

"8372:TCP"= 8372:TCP:League of Legends Launcher

"8372:UDP"= 8372:UDP:League of Legends Launcher

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

"57018:TCP"= 57018:TCP:Pando Media Booster

"57018:UDP"= 57018:UDP:Pando Media Booster

"7777:TCP"= 7777:TCP:Borderlands

"28900:TCP"= 28900:TCP:Borderlands

"28902:TCP"= 28902:TCP:Borderlands

"28910:TCP"= 28910:TCP:Borderlands

"7777:UDP"= 7777:UDP:Borderlands

"27900:UDP"= 27900:UDP:Borderlands

"28902:UDP"= 28902:UDP:Borderlands

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4/25/2009 1:14 PM 691696]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/12/2009 10:59 PM 108289]

R2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [9/18/2006 4:50 PM 345696]

R2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [8/29/2006 3:54 PM 923216]

R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [9/11/2006 6:11 PM 36368]

R2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [8/29/2006 3:55 PM 566872]

R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [6/4/2009 1:46 AM 171032]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [6/4/2009 1:46 AM 1324056]

R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [6/4/2009 1:46 AM 72728]

R3 Razerlow;Diamondback 3G USB Filter Driver;c:\windows\system32\drivers\DB3G.sys [4/8/2008 4:13 PM 13225]

R3 skfilt;skfilt;c:\windows\system32\drivers\skfilt.SYS [10/31/2009 9:18 AM 1670016]

R3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [4/8/2008 4:15 PM 45440]

R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [8/29/2006 3:54 PM 280392]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [10/31/2009 9:15 AM 79360]

S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [10/31/2009 9:22 AM 79360]

S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [6/4/2009 1:46 AM 171032]

S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [6/4/2009 1:46 AM 1324056]

S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [6/4/2009 1:46 AM 72728]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [11/8/2009 10:28 AM 25832]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [4/6/2009 12:19 PM 23064]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

FF - ProfilePath - c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\

FF - prefs.js: browser.search.selectedEngine - DAEMON Search

FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official

FF - plugin: c:\documents and settings\David\Application Data\Move Networks\plugins\npqmp071505000010.dll

FF - plugin: c:\documents and settings\David\Application Data\Move Networks\plugins\npqmp071701000002.dll

FF - plugin: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll

FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll

FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll

FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

- - - - ORPHANS REMOVED - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-12-28 02:00

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CTHelper = CTHELPER.EXE?

CTxfiHlp = CTXFIHLP.EXE?

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys nvatabus.sys spyu.sys hal.dll >>UNKNOWN [0x8B071938]<<

kernel: MBR read successfully

detected MBR rootkit hooks:

\Driver\Disk -> CLASSPNP.SYS @ 0xba0ccf28

\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8

\Driver\atapi -> atapi.sys @ 0xb9df3b40

IoDeviceObjectType -> ParseProcedure -> ntkrnlpa.exe @ 0x805827e8

\Device\Harddisk0\DR0 -> ParseProcedure -> ntkrnlpa.exe @ 0x805827e8

NDIS: Broadcom NetXtreme 57xx Gigabit Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9cccbb0

PacketIndicateHandler -> NDIS.sys @ 0xb9cd9a21

SendHandler -> NDIS.sys @ 0xb9cb787b

user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-4218801841-1175837858-694166655-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:67,52,92,08,dc,5f,55,9b,bb,c4,6b,9e,51,b6,46,5b,3f,f6,ea,33,59,b5,fa,

cb,18,50,7c,ec,c7,1e,01,ac,df,dd,b1,6a,4c,ce,a5,4e,85,76,40,64,07,35,3b,a2,\

"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-4218801841-1175837858-694166655-1005\Software\SecuROM\License information*]

"datasecu"=hex:8a,4f,a2,8e,d0,74,ae,ed,c6,e7,cd,92,09,12,b1,22,9d,c3,34,9d,68,

3f,21,b7,e9,bf,a8,f7,9c,6e,24,8e,7f,74,5f,8c,0c,dc,0c,23,5f,71,bb,e3,a0,6e,\

"rkeysecu"=hex:d8,60,ff,72,56,62,c1,09,34,1e,cf,60,f1,e6,bc,09

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1200)

c:\windows\system32\WININET.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\ieframe.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Roxio\Drag-to-Disc\Shellex.dll

c:\windows\system32\DLAAPI_W.DLL

c:\windows\system32\CDRTC.DLL

c:\program files\Roxio\Drag-to-Disc\ShellRes.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Creative\Shared Files\CTAudSvc.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\CTsvcCDA.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\nexon\Mabinogi\npkcmsvc.exe

c:\windows\system32\nvsvc32.exe

c:\progra~1\TRENDM~1\INTERN~1\PcCtlCom.exe

c:\windows\system32\PnkBstrA.exe

c:\windows\system32\PnkBstrB.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

c:\program files\Dell Support Center\bin\sprtsvc.exe

c:\windows\ehome\mcrdsvc.exe

c:\windows\system32\dllhost.exe

c:\progra~1\TRENDM~1\INTERN~1\PccGuide.exe

c:\windows\eHome\ehmsas.exe

c:\windows\system32\CTHELPER.EXE

c:\windows\SYSTEM32\CTXFISPI.EXE

c:\program files\Razer\Diamondback 3G\razertra.exe

c:\program files\Razer\Diamondback 3G\razerofa.exe

c:\windows\system32\RUNDLL32.EXE

c:\windows\system32\CTXFIHLP.EXE

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Razer\Tarantula\razertra.exe

.

**************************************************************************

.

Completion time: 2009-12-28 02:11:16 - machine was rebooted

ComboFix-quarantined-files.txt 2009-12-28 07:11

ComboFix2.txt 2009-12-26 22:34

ComboFix3.txt 2009-08-26 03:16

ComboFix4.txt 2009-06-13 19:02

Pre-Run: 406,959,427,584 bytes free

Post-Run: 406,854,299,648 bytes free

- - End Of File - - 608C8066242D37F2721D0BFD354020FD

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Good to hear ;)

* Go to start > run and copy and paste next command in the field:

ComboFix /Uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Please read my Prevention page with lots of info and tips how to prevent this in the future.

And if you want to improve speed/system performance after malware removal, take a look here.

Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Happy Surfing again!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.