Jump to content

Mr Brightside

Members
  • Content Count

    25
  • Joined

  • Last visited

About Mr Brightside

  • Rank
    Member

Previous Fields

  • System Specifications:
    Windows XP SP2 2GB RAM NVidia GeForce FX 5200 Intel Pentium 4 2.8 GHz
  1. I tried doing that a couple of days after you posted it, with no luck, then New Years got in the way, so sorry for the late reply. Luckily, I tried it again today, and my problem is now fixed! Thank you very much Noah, for fixing all my problems. It is mucho appreciated!! on me
  2. Okay, I've done all that now, however some time after that I got a warning message from AVG with this threat message: File Name: F:\resycled\boot.com Threat Name: Virus Found on Win32/Cryptor Detected on Open Moved to Vault. I then proceeded to delete the item. Now when I try to access my external hard drive, I obviously get this error message: (I can still access it by typing 'F:\' or right clicking the f-drive and selecting 'Explore', but it would be nice to sort it properly) Grr. Thanks, Mr Brightside.
  3. Wow, took a long time lol =) Especially as I had to restart it 3 times because some stupid members of my family don't know what a new tab is.
  4. Here's the new ComboFix log: and here's the new HJT log: Sorry, but I didn't see anything about this =( I ran ComboFix like you said, waited until it rebooted and asked me to log in, but then I went and had a shower whilst it "finished up". When I came back down the command prompt had gone and only the log was displayed. ~Mr Brightside
  5. + 2008-10-16 14:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll - 2008-07-18 21:10:42 53,448 -c--a-w c:\windows\system32\dllcache\wuauclt.exe + 2008-10-16 14:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe - 2008-07-18 21:09:42 1,811,656 -c--a-w c:\windows\system32\dllcache\wuaueng.dll + 2008-10-16 14:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll - 2008-07-18 21:09:46 325,832 -c--a-w c:\windows\system32\dllcache\wucltui.dll + 2008-10-16 14:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll - 2008-07-18 21:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll + 2008-10-16 14:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll - 2008-07-18 21:09:44 205,000 -c--a-w c:\windows\system32\dllcache\wuweb.dll + 2008-10-16 14:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll + 2008-04-14 00:12:11 383,488 -c--a-w c:\windows\system32\dllcache\wzcdlg.dll + 2008-04-14 00:12:11 338,432 -c--a-w c:\windows\system32\dllcache\zipfldr.dll + 2008-04-29 10:19:50 12,960 ----a-w c:\windows\system32\drivers\Awrtpd.sys + 2008-04-29 10:19:54 15,648 ----a-w c:\windows\system32\drivers\Awrtrd.sys - 2008-11-01 19:11:51 79,504 -c--a-w c:\windows\system32\drivers\inspect.sys + 2008-11-24 23:14:35 79,504 -c--a-w c:\windows\system32\drivers\inspect.sys + 2008-04-29 10:20:00 15,648 ----a-w c:\windows\system32\drivers\NSDriver.sys - 2008-05-02 21:46:00 6,554,496 -c--a-w c:\windows\system32\drivers\nv4_mini.sys + 2008-05-16 14:01:00 6,557,408 ----a-w c:\windows\system32\drivers\nv4_mini.sys - 2007-03-07 23:51:00 43,528 -c--a-w c:\windows\system32\drivers\pxhelp20.sys + 2008-04-07 23:16:45 43,872 ----a-w c:\windows\system32\drivers\pxhelp20.sys - 2008-08-26 07:24:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll + 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dxtmsft.dll - 2008-08-26 07:24:28 214,528 ----a-w c:\windows\system32\dxtrans.dll + 2008-10-16 20:38:34 214,528 ----a-w c:\windows\system32\dxtrans.dll + 2008-07-29 21:10:04 73,720 ----a-w c:\windows\system32\dxva2.dll + 2008-07-29 21:10:04 493,048 ----a-w c:\windows\system32\evr.dll - 2008-08-26 07:24:28 133,120 -c--a-w c:\windows\system32\extmgr.dll + 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\extmgr.dll - 2008-10-31 07:11:42 2,509,128 -c--a-w c:\windows\system32\FNTCACHE.DAT + 2008-11-29 09:00:24 2,508,920 -c--a-w c:\windows\system32\FNTCACHE.DAT - 2008-04-14 00:11:54 285,184 ----a-w c:\windows\system32\gdi32.dll + 2008-10-23 12:36:14 286,720 ----a-w c:\windows\system32\gdi32.dll + 1996-04-03 19:33:26 5,248 ----a-w c:\windows\system32\giveio.sys - 2008-11-01 19:11:49 143,096 ----a-w c:\windows\system32\guard32.dll + 2008-12-06 12:03:48 147,192 ----a-w c:\windows\system32\guard32.dll + 2008-07-29 19:24:50 622,080 ----a-w c:\windows\system32\icardagt.exe - 2008-08-26 07:24:28 63,488 -c--a-w c:\windows\system32\icardie.dll + 2008-10-16 20:38:35 63,488 ----a-w c:\windows\system32\icardie.dll + 2008-07-29 19:24:50 11,264 ----a-w c:\windows\system32\icardres.dll - 2008-08-25 08:37:59 70,656 -c--a-w c:\windows\system32\ie4uinit.exe + 2008-10-16 13:11:09 70,656 ----a-w c:\windows\system32\ie4uinit.exe - 2008-08-26 07:24:28 153,088 -c--a-w c:\windows\system32\ieakeng.dll + 2008-10-16 20:38:35 153,088 ----a-w c:\windows\system32\ieakeng.dll - 2008-08-26 07:24:28 230,400 -c--a-w c:\windows\system32\ieaksie.dll + 2008-10-16 20:38:35 230,400 ----a-w c:\windows\system32\ieaksie.dll - 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\ieakui.dll + 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll - 2008-08-26 07:24:28 383,488 -c--a-w c:\windows\system32\ieapfltr.dll + 2008-10-16 20:38:35 383,488 ----a-w c:\windows\system32\ieapfltr.dll - 2008-08-26 07:24:29 384,512 -c--a-w c:\windows\system32\iedkcs32.dll + 2008-10-16 20:38:35 384,512 ----a-w c:\windows\system32\iedkcs32.dll - 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll + 2008-10-16 20:38:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll - 2008-08-26 07:24:29 44,544 -c--a-w c:\windows\system32\iernonce.dll + 2008-10-16 20:38:37 44,544 ----a-w c:\windows\system32\iernonce.dll - 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll + 2008-10-16 20:38:37 267,776 ----a-w c:\windows\system32\iertutil.dll - 2008-08-25 08:38:00 13,824 -c--a-w c:\windows\system32\ieudinit.exe + 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe + 2008-07-29 19:24:50 97,800 ----a-w c:\windows\system32\infocardapi.dll - 2008-08-26 07:24:30 27,648 ----a-w c:\windows\system32\jsproxy.dll + 2008-10-16 20:38:37 27,648 ----a-w c:\windows\system32\jsproxy.dll - 2008-05-02 21:46:00 425,984 -c--a-w c:\windows\system32\keystone.exe + 2008-05-16 14:01:00 425,984 ----a-w c:\windows\system32\keystone.exe - 2005-01-28 12:44:28 96,768 -c--a-w c:\windows\system32\logagent.exe + 2008-06-10 05:52:04 96,768 ----a-w c:\windows\system32\logagent.exe + 2008-05-16 10:58:04 12,632 ----a-w c:\windows\system32\lsdelete.exe - 2008-10-07 19:19:40 16,721,856 -c--a-w c:\windows\system32\MRT.exe + 2008-12-09 23:24:37 17,593,280 -c--a-w c:\windows\system32\MRT.exe - 2007-10-24 01:47:38 282,112 -c--a-w c:\windows\system32\mscoree.dll + 2008-07-25 11:16:58 282,112 ----a-w c:\windows\system32\mscoree.dll - 2007-10-24 01:47:38 158,720 -c--a-w c:\windows\system32\mscorier.dll + 2008-07-25 11:16:58 158,720 ----a-w c:\windows\system32\mscorier.dll - 2007-10-24 01:47:38 84,480 -c--a-w c:\windows\system32\mscories.dll + 2008-07-25 11:16:58 83,968 ----a-w c:\windows\system32\mscories.dll - 2008-08-26 07:24:30 459,264 -c--a-w c:\windows\system32\msfeeds.dll + 2008-10-16 20:38:37 459,264 ----a-w c:\windows\system32\msfeeds.dll - 2008-08-26 07:24:30 52,224 -c--a-w c:\windows\system32\msfeedsbs.dll + 2008-10-16 20:38:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll - 2008-08-27 08:24:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll + 2008-10-17 02:08:40 3,593,216 ----a-w c:\windows\system32\mshtml.dll - 2008-08-26 07:24:30 477,696 -c--a-w c:\windows\system32\mshtmled.dll + 2008-10-16 20:38:38 477,696 ----a-w c:\windows\system32\mshtmled.dll - 2008-08-26 07:24:30 193,024 -c--a-w c:\windows\system32\msrating.dll + 2008-10-16 20:38:38 193,024 ----a-w c:\windows\system32\msrating.dll - 2008-08-26 07:24:30 671,232 -c--a-w c:\windows\system32\mstime.dll + 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\mstime.dll - 2008-04-14 00:12:01 1,104,896 ----a-w c:\windows\system32\msxml3.dll + 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\system32\msxml3.dll - 2008-04-14 00:12:01 1,306,624 -c----w c:\windows\system32\msxml6.dll + 2008-09-10 01:14:56 1,307,648 -c----w c:\windows\system32\msxml6.dll - 2008-07-18 21:07:34 270,880 ----a-w c:\windows\system32\mucltui.dll + 2008-10-16 14:06:48 268,648 ----a-w c:\windows\system32\mucltui.dll - 2007-10-24 01:47:44 15,360 -c--a-w c:\windows\system32\mui\0409\mscorees.dll + 2008-07-25 11:17:04 15,360 ----a-w c:\windows\system32\mui\0409\mscorees.dll - 2008-07-18 21:07:32 210,976 ----a-w c:\windows\system32\muweb.dll + 2008-10-16 14:06:48 208,744 ----a-w c:\windows\system32\muweb.dll - 2008-05-02 21:46:00 6,108,160 ----a-w c:\windows\system32\nv4_disp.dll + 2008-05-16 14:01:00 6,108,928 ----a-w c:\windows\system32\nv4_disp.dll - 2008-05-02 21:46:00 425,984 ----a-w c:\windows\system32\nvapi.dll + 2008-05-16 14:01:00 425,984 ----a-w c:\windows\system32\nvapi.dll - 2008-05-02 21:46:00 442,368 -c--a-w c:\windows\system32\nvappbar.exe + 2008-05-16 14:01:00 442,368 ----a-w c:\windows\system32\nvappbar.exe - 2008-05-02 21:46:00 41,984 -c--a-w c:\windows\system32\nvcod.dll + 2008-05-16 14:01:00 114,688 ----a-w c:\windows\system32\nvcod.dll - 2008-05-02 21:46:00 41,984 -c--a-w c:\windows\system32\nvcodins.dll + 2008-05-16 14:01:00 114,688 ----a-w c:\windows\system32\nvcodins.dll - 2008-05-02 21:46:00 147,456 -c--a-w c:\windows\system32\nvcolor.exe + 2008-05-16 14:01:00 147,456 ----a-w c:\windows\system32\nvcolor.exe - 2008-05-02 21:46:00 13,529,088 ----a-w c:\windows\system32\nvcpl.dll + 2008-05-16 14:01:00 13,529,088 ----a-w c:\windows\system32\nvcpl.dll - 2008-05-02 21:46:00 768,544 -c--a-w c:\windows\system32\nvcplui.exe + 2008-05-16 14:01:00 768,544 ----a-w c:\windows\system32\nvcplui.exe - 2008-05-02 21:46:00 1,241,088 -c--a-w c:\windows\system32\nvcuda.dll + 2008-05-16 14:01:00 1,241,088 ----a-w c:\windows\system32\nvcuda.dll - 2008-05-02 21:46:00 6,582,272 -c--a-w c:\windows\system32\nvdisps.dll + 2008-05-16 14:01:00 6,582,272 ----a-w c:\windows\system32\nvdisps.dll - 2008-05-02 21:46:00 1,339,392 -c--a-w c:\windows\system32\nvdspsch.exe + 2008-05-16 14:01:00 1,339,392 ----a-w c:\windows\system32\nvdspsch.exe - 2008-05-02 21:46:00 313,888 -c--a-w c:\windows\system32\nvexpbar.dll + 2008-05-16 14:01:00 313,888 ----a-w c:\windows\system32\nvexpbar.dll - 2008-05-02 21:46:00 3,391,488 -c--a-w c:\windows\system32\nvgames.dll + 2008-05-16 14:01:00 3,391,488 ----a-w c:\windows\system32\nvgames.dll - 2008-05-02 21:46:00 1,486,848 -c--a-w c:\windows\system32\nview.dll + 2008-05-16 14:01:00 1,486,848 ----a-w c:\windows\system32\nview.dll - 2008-05-02 21:46:00 229,376 -c--a-w c:\windows\system32\nvmccs.dll + 2008-05-16 14:01:00 229,376 ----a-w c:\windows\system32\nvmccs.dll - 2008-05-02 21:46:00 45,056 -c--a-w c:\windows\system32\nvmccsrs.dll + 2008-05-16 14:01:00 45,056 ----a-w c:\windows\system32\nvmccsrs.dll - 2008-05-02 21:46:00 188,416 -c--a-w c:\windows\system32\nvmccss.dll + 2008-05-16 14:01:00 188,416 ----a-w c:\windows\system32\nvmccss.dll - 2008-05-02 21:46:00 86,016 -c--a-w c:\windows\system32\nvmctray.dll + 2008-05-16 14:01:00 86,016 ----a-w c:\windows\system32\nvmctray.dll - 2008-05-02 21:46:00 1,257,472 -c--a-w c:\windows\system32\nvmobls.dll + 2008-05-16 14:01:00 1,257,472 ----a-w c:\windows\system32\nvmobls.dll - 2008-05-02 21:46:00 286,720 -c--a-w c:\windows\system32\nvnt4cpl.dll + 2008-05-16 14:01:00 286,720 ----a-w c:\windows\system32\nvnt4cpl.dll - 2008-05-02 21:46:00 8,769,536 -c--a-w c:\windows\system32\nvoglnt.dll + 2008-05-16 14:01:00 8,769,536 ----a-w c:\windows\system32\nvoglnt.dll - 2008-05-02 21:46:00 466,944 ----a-w c:\windows\system32\nvshell.dll + 2008-05-16 14:01:00 466,944 ----a-w c:\windows\system32\nvshell.dll - 2008-05-02 21:46:00 159,812 ----a-w c:\windows\system32\nvsvc32.exe + 2008-05-16 14:01:00 159,812 ----a-w c:\windows\system32\nvsvc32.exe - 2008-05-02 21:46:00 442,368 -c--a-w c:\windows\system32\nvudisp.exe + 2008-05-16 14:01:00 446,464 -c--a-w c:\windows\system32\nvudisp.exe - 2008-04-30 16:27:42 442,368 -c--a-w c:\windows\system32\NVUNINST.EXE + 2008-05-16 11:48:14 446,464 -c--a-w c:\windows\system32\NVUNINST.EXE - 2008-05-02 21:46:00 3,776,512 -c--a-w c:\windows\system32\nvvitvs.dll + 2008-05-16 14:01:00 3,776,512 ----a-w c:\windows\system32\nvvitvs.dll - 2008-05-02 21:46:00 81,920 -c--a-w c:\windows\system32\nvwddi.dll + 2008-05-16 14:01:00 81,920 ----a-w c:\windows\system32\nvwddi.dll - 2008-05-02 21:46:00 1,703,936 -c--a-w c:\windows\system32\nvwdmcpl.dll + 2008-05-16 14:01:00 1,703,936 ----a-w c:\windows\system32\nvwdmcpl.dll - 2008-05-02 21:46:00 1,019,904 -c--a-w c:\windows\system32\nvwimg.dll + 2008-05-16 14:01:00 1,019,904 ----a-w c:\windows\system32\nvwimg.dll - 2008-05-02 21:46:00 2,629,632 -c--a-w c:\windows\system32\nvwss.dll + 2008-05-16 14:01:00 2,629,632 ----a-w c:\windows\system32\nvwss.dll - 2008-05-02 21:46:00 1,630,208 -c--a-w c:\windows\system32\nwiz.exe + 2008-05-16 14:01:00 1,630,208 ----a-w c:\windows\system32\nwiz.exe - 2008-08-26 07:24:30 102,912 ----a-w c:\windows\system32\occache.dll + 2008-10-16 20:38:39 102,912 ----a-w c:\windows\system32\occache.dll - 2008-10-31 07:15:45 65,160 ----a-w c:\windows\system32\perfc009.dat + 2008-11-27 01:07:09 72,576 -c--a-w c:\windows\system32\perfc009.dat - 2008-10-31 07:15:45 410,882 ----a-w c:\windows\system32\perfh009.dat + 2008-11-27 01:07:09 445,370 -c--a-w c:\windows\system32\perfh009.dat - 2008-08-26 07:24:30 44,544 -c--a-w c:\windows\system32\pngfilt.dll + 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\pngfilt.dll - 2008-11-09 15:57:28 111,928 -c--a-w c:\windows\system32\PnkBstrB.exe + 2008-12-15 18:58:18 111,928 -c--a-w c:\windows\system32\PnkBstrB.exe + 2008-07-29 19:59:58 105,016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll + 2008-07-29 20:35:46 326,160 ----a-w c:\windows\system32\PresentationHost.exe + 2008-07-29 19:59:58 43,544 ----a-w c:\windows\system32\PresentationHostProxy.dll + 2008-07-29 19:59:58 781,344 ----a-w c:\windows\system32\PresentationNative_v0300.dll - 2007-10-20 00:56:10 551,672 -c--a-w c:\windows\system32\px.dll + 2008-04-07 23:16:45 588,272 -c----w c:\windows\system32\px.dll - 2007-10-20 00:56:10 518,904 -c--a-w c:\windows\system32\pxdrv.dll + 2008-04-07 23:16:45 543,216 -c----w c:\windows\system32\pxdrv.dll - 2007-10-20 00:56:12 72,440 -c--a-w c:\windows\system32\pxhpinst.exe + 2008-04-07 23:16:45 72,176 -c----w c:\windows\system32\pxhpinst.exe - 2007-10-20 00:56:12 187,128 -c--a-w c:\windows\system32\pxmas.dll + 2008-04-07 23:16:45 186,864 -c----w c:\windows\system32\pxmas.dll - 2007-10-20 00:56:12 379,640 -c--a-w c:\windows\system32\pxwave.dll + 2008-04-07 23:16:45 379,376 -c----w c:\windows\system32\pxwave.dll + 2008-05-02 21:46:00 6,108,160 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nv4_disp.dll + 2008-05-02 21:46:00 6,554,496 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nv4_mini.sys + 2008-05-02 21:46:00 425,984 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvapi.dll + 2008-05-02 21:46:00 41,984 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvcod.dll + 2008-05-02 21:46:00 13,529,088 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvcpl.dll + 2008-05-02 21:46:00 1,241,088 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvcuda.dll + 2008-05-02 21:46:00 6,582,272 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvdisps.dll + 2008-05-02 21:46:00 3,391,488 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvgames.dll + 2008-05-02 21:46:00 229,376 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvmccs.dll + 2008-05-02 21:46:00 188,416 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvmccss.dll + 2008-05-02 21:46:00 86,016 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvmctray.dll + 2008-05-02 21:46:00 1,257,472 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvmobls.dll + 2008-05-02 21:46:00 286,720 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvnt4cpl.dll + 2008-05-02 21:46:00 8,769,536 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvoglnt.dll + 2008-05-02 21:46:00 159,812 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvsvc32.exe + 2008-05-02 21:46:00 3,776,512 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvvitvs.dll + 2008-05-02 21:46:00 81,920 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvwddi.dll + 2008-05-02 21:46:00 2,629,632 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\nvwss.dll - 2008-07-25 18:20:17 1,860,488 -c--a-w c:\windows\system32\Restore\rstrlog.dat + 2008-12-14 19:30:12 683,472 -c--a-w c:\windows\system32\Restore\rstrlog.dat + 2006-08-24 16:15:06 150,808 ----a-w c:\windows\system32\rgb9rast_2.dll - 2007-01-19 12:53:04 51,056 -c--a-w c:\windows\system32\sirenacm.dll + 2007-10-18 11:31:46 51,224 ----a-w c:\windows\system32\sirenacm.dll + 2008-10-16 14:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll + 2008-10-16 14:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll + 2006-09-24 13:28:46 5,248 ----a-w c:\windows\system32\speedfan.sys - 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll + 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll + 2008-07-06 12:06:10 765,440 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll + 2008-07-06 12:06:10 198,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll + 2008-07-06 12:06:10 373,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll + 2008-07-06 12:06:10 744,960 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll + 2008-03-13 04:52:36 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unires.dll + 2008-07-06 12:06:10 1,676,288 ----a-w c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll + 2008-07-06 12:06:10 89,088 ----a-w c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll + 2008-07-06 10:50:03 597,504 ------w c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe + 2008-07-06 12:06:10 147,456 ----a-w c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll + 2008-07-06 12:06:10 748,032 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll + 2008-07-06 17:36:12 2,936,832 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll + 2008-07-06 12:06:10 748,032 ----a-w c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll + 2008-07-06 17:36:12 2,936,832 ----a-w c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll + 2008-07-06 12:06:10 765,440 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll + 2008-07-06 12:06:10 1,676,288 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll + 2008-07-06 12:06:10 765,440 ----a-w c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll + 2008-07-06 12:06:10 1,676,288 ----a-w c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll - 2007-08-10 19:46:18 26,488 -c--a-w c:\windows\system32\spupdsvc.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\system32\spupdsvc.exe - 2008-04-14 00:12:07 246,814 -c--a-w c:\windows\system32\strmdll.dll + 2008-10-03 10:02:42 247,326 ----a-w c:\windows\system32\strmdll.dll + 2008-07-29 21:10:04 26,112 ----a-w c:\windows\system32\TsWpfWrp.exe - 2008-07-11 12:42:28 62,976 -c--a-w c:\windows\system32\tzchange.exe + 2008-10-23 10:06:59 62,976 ----a-w c:\windows\system32\tzchange.exe + 2008-07-29 19:59:58 161,296 ----a-w c:\windows\system32\UIAutomationCore.dll - 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll + 2008-10-16 20:38:39 105,984 ----a-w c:\windows\system32\url.dll - 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll + 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\urlmon.dll - 2007-10-20 00:56:10 88,824 -c--a-w c:\windows\system32\VXBLOCK.dll + 2008-04-07 23:16:45 88,560 -c----w c:\windows\system32\VXBLOCK.dll - 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll + 2008-10-16 20:38:39 233,472 ----a-w c:\windows\system32\webcheck.dll - 2008-04-14 00:12:08 712,704 -c----w c:\windows\system32\windowscodecs.dll + 2008-07-11 08:55:42 712,704 ------w c:\windows\system32\windowscodecs.dll - 2008-04-14 00:12:08 346,112 -c----w c:\windows\system32\windowscodecsext.dll + 2008-07-11 08:55:42 347,648 ------w c:\windows\system32\windowscodecsext.dll - 2008-08-26 07:24:31 826,368 ----a-w c:\windows\system32\wininet.dll + 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\wininet.dll - 2005-01-28 12:44:28 1,027,072 -c--a-w c:\windows\system32\wmnetmgr.dll + 2008-06-10 06:28:36 1,028,096 ----a-w c:\windows\system32\WMNetmgr.dll - 2006-12-07 05:29:34 2,374,472 -c--a-w c:\windows\system32\wmvcore.dll + 2008-06-10 07:07:24 2,376,760 ----a-w c:\windows\system32\WMVCore.dll - 2008-07-18 21:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll + 2008-10-16 14:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll - 2008-07-18 21:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe + 2008-10-16 14:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe - 2008-07-18 21:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll + 2008-10-16 14:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll - 2008-07-18 21:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll + 2008-10-16 14:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll - 2008-07-18 21:10:20 36,552 -c--a-w c:\windows\system32\wups.dll + 2008-10-16 14:08:58 34,328 -c--a-w c:\windows\system32\wups.dll - 2008-07-18 21:10:40 45,768 -c--a-w c:\windows\system32\wups2.dll + 2008-10-16 14:09:44 43,544 -c--a-w c:\windows\system32\wups2.dll - 2008-07-18 21:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll + 2008-10-16 14:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll + 2008-07-29 21:26:06 301,568 ----a-w c:\windows\system32\XPSViewer\XPSViewer.exe + 2008-12-16 18:17:54 16,384 ----atw c:\windows\temp\Perflib_Perfdata_16c.dat - 2008-02-20 17:02:13 8,192 -c--a-w c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2008-11-27 01:02:38 8,192 ----a-w c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2006-06-05 13:14:28 479,232 -c--a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll + 2006-06-05 14:14:28 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll - 2006-06-05 13:14:28 548,864 -c--a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll + 2006-06-05 14:14:28 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll - 2006-06-05 13:14:28 626,688 -c--a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll + 2006-06-05 14:14:28 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll + 2008-07-25 11:17:20 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll + 2008-07-25 11:17:20 558,080 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll + 2008-07-25 11:17:20 635,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll + 2007-11-06 21:23:56 224,768 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2007-11-07 02:19:32 568,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 02:19:32 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - 2008-02-20 17:02:22 258,048 -c--a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2008-11-27 01:02:51 258,048 ----a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2008-02-20 17:02:22 113,664 -c--a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2008-11-27 01:02:51 113,664 ----a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2008-02-01 11:11:10 586,240 ----a-w c:\windows\WLXPGSS.SCR . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Acme.PCHButton"="c:\progra~1\HPPAVI~1\Pavilion\XPEWWBP4\plugin\bin\PCHButton.exe" [2003-10-21 155648] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2008-12-06 1797880] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336] "COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2008-12-06 1797880] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "CTHelper"="CTHELPER.EXE" [2003-05-28 c:\windows\system32\cthelper.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SetDefaultMidi"="MIDIDEF.EXE" [2002-12-03 c:\windows\mididef.exe] c:\documents and settings\Administrator\Start Menu\Programs\Startup\ Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2007-04-20 2746104] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-06-11 16:42 176128 c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.MJPG"= pvmjpg21.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Adobe Gamma.lnk] backup=c:\windows\pss\Adobe Gamma.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk] backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk] backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin200.exe.lnk] backup=c:\windows\pss\TrayMin200.exe.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] --a------ 2008-08-14 06:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a--c--- 2007-08-24 06:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a--c--- 2006-10-30 08:36 256576 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx] --a--c--- 2008-02-27 16:56 1032376 c:\program files\Kontiki\KHost.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2008-05-16 14:01 13529088 c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2008-05-16 14:01 86016 c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a--c--- 2008-03-28 22:37 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a--c--- 2007-11-30 17:03 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] --a--c--- 2008-05-02 04:15 15872 c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2008-05-16 14:01 1630208 c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "CTHelper"=CTHELPER.EXE "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Kontiki\\KService.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-07-07 97928] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-01-12 101776] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-01-12 31504] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-07 231704] S3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\COH_Mon.sys [] S3 SSDefrag;SSDefrag;\??\c:\windows\system32\drivers\SSDefrag.sys [2007-11-14 34560] S4 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [] S4 MioNet;MioNet Service;"c:\program files\MioNet\MioNetManager.exe" -s "c:\program files\MioNet\wrapper.conf" [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5a989412-8707-11db-ad69-000ea65e656a}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com k: \Shell\Open\command - k:\resycled\boot.com k: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f17fef25-fbdc-11dc-ae83-000ea65e656a}] \Shell\AutoRun\command - K:\SETUP.EXE \Shell\configure\command - K:\SETUP.EXE \Shell\install\command - K:\SETUP.EXE *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder 2008-12-13 c:\windows\Tasks\Uniblue SpyEraser Nag.job - c:\program files\Uniblue\SpyEraser\SpyEraser.exe [] 2007-12-19 c:\windows\Tasks\Uniblue SpyEraser.job - c:\program files\Uniblue\SpyEraser\SpyEraser.exe [] 2008-12-16 c:\windows\Tasks\User_Feed_Synchronization-{DB997C11-DFCE-4FE5-A391-59F852E4FD68}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 11:58] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.blueyonder.co.uk/blueyonder/index.jsp uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.blueyonder.co.uk/blueyonder/index.jsp mSearch Bar = hxxp://srch-gb10.hpwis.com/ uInternet Connection Wizard,ShellNext = hxxp://gb10.hpwis.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {FF44030B-689E-4427-87CD-4AFF01B4D5AD} = 62.30.112.39,194.117.134.19 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sqy84vg1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - prefs.js: network.proxy.type - 4 FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Java\jre1.5.0_09\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_09\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_09\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_09\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_09\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_09\bin\NPJPI150_09.dll FF - plugin: c:\program files\Java\jre1.5.0_09\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npBBCPlugin.dll FF - plugin: c:\program files\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-16 18:33:14 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(964) c:\progra~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\COMODO\Firewall\cmdagent.exe c:\windows\eHome\ehsched.exe c:\program files\Kontiki\KService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\program files\Windows Media Connect 2\wmccds.exe c:\program files\AVG\AVG8\avgrsx.exe . ************************************************************************** . Completion time: 2008-12-16 18:37:55 - machine was rebooted ComboFix-quarantined-files.txt 2008-12-16 18:37:50 ComboFix2.txt 2008-11-13 18:14:36 ComboFix3.txt 2008-02-06 17:28:30 Pre-Run: 24,067,055,616 bytes free Post-Run: 24,041,046,016 bytes free 1388 --- E O F --- 2008-12-14 20:54:30 Sorry, for some reason it made me do it in 3 posts, even though I was under the word limit for only two Thanks, ~Mr Brightside
  6. + 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll + 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll + 2008-11-23 13:41:50 86,746 ----a-r c:\windows\Installer\{184E7118-0295-43C4-B72C-1D54AA75AAF7}\wlmail.exe + 2008-11-24 03:01:43 123,008 ----a-r c:\windows\Installer\{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}\WLXPhotoGalleryIcon.exe + 2008-11-23 23:15:21 29,926 ----a-r c:\windows\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe - 2008-10-17 02:01:59 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2008-12-14 20:54:25 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2008-10-17 02:02:00 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2008-12-14 20:54:26 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2008-10-17 02:01:59 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2008-12-14 20:54:25 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2008-10-17 02:01:59 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2008-12-14 20:54:25 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2008-10-17 02:02:00 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2008-12-14 20:54:26 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2008-10-17 02:02:00 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2008-12-14 20:54:26 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2008-10-17 02:02:00 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2008-12-14 20:54:26 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2008-10-17 02:01:59 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2008-12-14 20:54:25 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2008-10-17 02:02:00 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2008-12-14 20:54:26 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2008-10-17 02:02:00 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2008-12-14 20:54:26 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2008-10-17 02:02:00 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2008-12-14 20:54:26 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2008-10-17 02:01:59 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2008-12-14 20:54:25 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2008-11-23 12:46:51 86,746 ----a-r c:\windows\Installer\{DFD6935E-D94A-4DBE-AD8F-E37CBC6B577F}\wlmail.exe - 2007-10-24 01:47:38 82,944 -c--a-w c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2008-07-25 11:16:58 82,944 ----a-w c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe - 2007-10-24 01:47:38 16,896 -c--a-w c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2008-07-25 11:16:58 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp10.dll - 2007-10-24 01:47:40 16,896 -c--a-w c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2008-07-25 11:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll - 2007-10-24 01:47:42 16,896 -c--a-w c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2008-07-25 11:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll - 2007-10-24 01:47:40 16,896 -c--a-w c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2008-07-25 11:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\SharedReg12.dll - 2007-10-24 01:47:38 97,280 -c--a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2008-07-25 11:16:58 96,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll - 2007-10-24 01:47:26 28,672 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2008-07-25 11:16:42 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll - 2007-10-24 01:47:30 145,408 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2008-07-25 11:16:48 145,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll - 2007-10-24 01:47:32 13,824 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2008-07-25 11:16:50 13,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll - 2007-10-24 01:47:48 193,016 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2008-07-25 11:17:10 193,016 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll - 2007-10-24 01:47:20 218,112 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2008-07-25 11:16:36 218,112 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll - 2007-10-24 01:47:40 10,752 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 11:17:00 10,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll - 2007-10-24 01:47:42 147,968 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2008-07-25 11:17:02 147,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll - 2007-10-24 01:47:26 99,320 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2008-07-25 11:16:44 98,808 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - 2007-10-24 01:47:42 59,392 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2008-07-25 11:17:02 58,880 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe - 2007-10-24 01:47:22 36,864 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 11:16:40 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe - 2007-10-24 01:47:22 22,024 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2008-07-25 11:16:40 22,024 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll - 2007-10-24 01:47:22 17,928 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2008-07-25 11:16:40 17,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll - 2007-10-24 01:47:22 33,288 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2008-07-25 11:16:40 33,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - 2007-10-24 01:47:22 84,480 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2008-07-25 11:16:38 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll - 2007-10-24 01:47:22 24,576 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2008-07-25 11:16:40 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe - 2007-10-24 01:47:22 32,776 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2008-07-25 11:16:40 33,288 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe - 2007-10-24 01:47:22 106,496 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2008-07-25 11:16:40 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe - 2007-10-24 01:47:22 33,800 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2008-07-25 11:16:40 34,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe - 2007-10-24 01:47:22 33,280 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2008-07-25 11:16:40 33,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe - 2007-10-24 01:47:22 507,904 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2008-07-25 11:16:40 507,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll - 2007-10-24 01:47:40 106,496 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2008-07-25 11:17:00 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe - 2007-10-24 01:47:40 101,896 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2008-07-25 11:17:00 89,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll - 2007-10-24 01:47:30 80,376 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2008-07-25 11:16:50 80,376 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - 2007-10-24 01:47:30 1,162,744 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2008-07-25 11:16:50 1,163,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - 2007-10-24 01:47:30 13,312 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2008-07-25 11:16:50 13,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll - 2007-10-24 01:47:42 27,136 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2008-07-25 11:17:02 27,136 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - 2007-10-24 01:47:40 69,120 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2008-07-25 11:17:00 69,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll - 2007-10-24 01:47:30 35,320 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2008-07-25 11:16:50 35,320 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - 2007-10-24 01:47:28 66,552 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2008-07-25 11:16:46 62,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll - 2007-10-24 01:47:28 5,120 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2008-07-25 11:16:46 5,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe - 2007-10-24 01:47:54 572,936 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2008-07-25 11:17:16 575,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - 2007-10-24 01:47:40 798,224 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2008-07-25 11:17:00 798,224 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll - 2007-10-24 01:47:36 18,936 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2008-07-25 11:16:58 18,936 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll - 2007-10-24 01:47:40 9,728 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2008-07-25 11:17:00 9,728 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe - 2007-10-24 01:47:40 8,192 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2008-07-25 11:17:02 8,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll - 2007-10-24 01:47:40 77,824 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2008-07-25 11:17:00 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll - 2007-10-24 01:47:40 6,656 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2008-07-25 11:17:00 6,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll - 2007-10-24 01:47:40 230,904 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2008-07-25 11:17:00 230,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe - 2007-10-24 01:47:40 28,672 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2008-07-25 11:17:00 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe - 2007-10-24 01:47:40 65,032 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2008-07-25 11:17:00 65,032 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll - 2007-10-24 01:47:40 72,192 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2008-07-25 11:17:00 72,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll - 2007-10-24 01:47:34 40,960 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2008-07-25 11:16:54 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe - 2007-10-24 01:47:36 348,160 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2008-07-25 11:16:56 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll - 2007-10-24 01:47:36 36,864 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2008-07-25 11:16:56 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll - 2007-10-24 01:47:36 655,360 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2008-07-25 11:16:56 655,360 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll - 2007-10-24 01:47:36 77,824 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2008-07-25 11:16:56 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll - 2007-10-24 01:47:34 749,568 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2008-07-25 11:16:54 749,568 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll - 2007-10-24 01:47:52 110,592 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-07-25 11:17:14 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll - 2007-10-24 01:47:52 372,736 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2008-07-25 11:17:14 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll - 2007-10-24 01:47:50 671,744 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2008-07-25 11:17:12 659,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll - 2007-10-24 01:47:20 28,672 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2008-07-25 11:16:38 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll - 2007-10-24 01:47:52 5,632 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2008-07-25 11:17:16 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll - 2007-10-24 01:47:20 32,768 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2008-07-25 11:16:38 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll - 2007-10-24 01:47:20 12,800 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-25 11:16:38 12,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2007-10-24 01:47:20 7,168 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2008-07-25 11:16:38 7,168 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll - 2007-10-24 01:47:22 97,792 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2008-07-25 11:16:40 97,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll - 2007-10-24 01:47:36 69,632 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 11:16:56 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe - 2007-10-24 01:47:40 822,280 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2008-07-25 11:17:02 998,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll - 2007-10-24 01:47:40 83,456 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2008-07-25 11:17:00 83,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll - 2007-10-24 01:47:40 308,224 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2008-07-25 11:17:00 308,224 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll - 2007-10-24 01:47:40 47,104 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2008-07-25 11:17:00 46,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll - 2007-10-24 01:47:40 348,672 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2008-07-25 11:17:00 367,104 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - 2007-10-24 01:47:40 94,208 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2008-07-25 11:17:00 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll - 2007-10-24 01:47:40 4,444,160 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2008-07-25 11:17:00 4,546,560 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll - 2007-10-24 01:47:40 114,688 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2008-07-25 11:17:00 114,176 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - 2007-10-24 01:47:44 340,992 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2008-07-25 11:17:04 345,600 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll - 2007-10-24 01:47:40 77,312 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2008-07-25 11:17:00 77,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - 2007-10-24 01:47:36 18,944 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2008-07-25 11:16:58 18,944 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll - 2007-10-24 01:47:40 242,688 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2008-07-25 11:17:02 230,912 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll - 2007-10-24 01:47:40 70,144 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2008-07-25 11:17:02 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - 2007-10-24 01:47:40 19,456 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2008-07-25 11:17:02 19,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll - 2007-10-24 01:47:36 5,814,784 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2008-07-25 11:16:58 5,815,296 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - 2007-10-24 01:47:44 31,744 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2008-07-25 11:17:04 31,744 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll - 2007-10-24 01:47:40 101,880 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2008-07-25 11:17:02 100,856 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe - 2007-10-24 01:47:40 24,584 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2008-07-25 11:17:02 24,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll - 2007-10-24 01:47:40 89,096 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2008-07-25 11:17:02 88,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll - 2007-10-24 01:47:36 144,896 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2008-07-25 11:16:58 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll - 2007-10-24 01:47:40 53,248 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2008-07-25 11:17:00 53,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe - 2007-10-24 01:47:40 32,768 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2008-07-25 11:17:00 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe - 2007-10-24 01:47:46 61,952 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2008-07-25 11:17:06 61,952 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe - 2007-10-24 01:47:42 16,896 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2008-07-25 11:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll - 2007-10-24 01:47:40 119,296 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2008-07-25 11:17:00 118,784 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll - 2007-10-24 01:47:44 95,232 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2008-07-25 11:17:04 95,232 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll - 2007-10-24 01:47:40 392,696 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2008-07-25 11:17:02 392,184 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll - 2007-10-24 01:47:40 110,592 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2008-07-25 11:17:02 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll - 2007-10-24 01:47:42 425,984 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2008-07-25 11:17:02 425,984 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll - 2007-10-24 01:47:40 81,920 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2008-07-25 11:17:00 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll - 2007-10-24 01:47:40 3,036,160 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2008-07-25 11:17:00 2,933,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll - 2007-10-24 01:47:40 483,840 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2008-07-25 11:17:02 486,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll - 2007-10-24 01:47:40 741,376 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2008-07-25 11:17:02 745,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll - 2007-10-24 01:47:28 933,888 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2008-07-25 11:16:46 970,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll - 2007-10-24 01:47:40 5,070,848 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2008-07-25 11:17:00 5,062,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll - 2007-10-24 01:47:40 401,408 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2008-07-25 11:17:00 401,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll - 2007-10-24 01:47:40 188,416 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2008-07-25 11:17:02 188,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll - 2007-10-24 01:47:40 3,076,096 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2008-07-25 11:17:00 3,149,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll - 2007-10-24 01:47:40 81,920 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2008-07-25 11:17:00 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll - 2007-10-24 01:47:40 630,784 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2008-07-25 11:17:00 626,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll - 2007-10-24 01:47:40 258,048 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2008-07-25 11:17:02 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll - 2007-10-24 01:47:40 57,392 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2008-07-25 11:17:02 57,392 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll - 2007-10-24 01:47:40 113,664 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2008-07-25 11:17:02 113,664 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll - 2007-10-24 01:47:40 372,736 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2008-07-25 11:17:00 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll - 2007-10-24 01:47:40 258,048 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2008-07-25 11:17:00 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll - 2007-10-24 01:47:40 299,008 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2008-07-25 11:17:00 303,104 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll - 2007-10-24 01:47:40 131,072 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-25 11:17:00 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll - 2007-10-24 01:47:40 258,048 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2008-07-25 11:17:00 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll - 2007-10-24 01:47:40 114,688 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2008-07-25 11:17:00 114,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll - 2007-10-24 01:47:40 261,120 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2008-07-25 11:17:02 261,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll - 2007-10-24 01:47:40 5,431,296 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2008-07-25 11:17:00 5,238,784 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll - 2007-10-24 01:47:40 884,736 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2008-07-25 11:17:02 835,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll - 2007-10-24 01:47:40 90,112 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2008-07-25 11:17:02 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll - 2007-10-24 01:47:40 839,680 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2008-07-25 11:17:00 839,680 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll - 2007-10-24 01:47:40 5,013,504 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2008-07-25 11:17:00 5,025,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll - 2007-10-24 01:47:40 2,068,480 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2008-07-25 11:17:00 2,048,000 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll - 2007-10-24 01:47:40 81,400 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2008-07-25 11:17:02 81,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL - 2007-10-24 01:47:48 1,172,472 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2008-07-25 11:17:10 1,172,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe - 2007-10-24 01:47:20 1,344,000 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2008-07-25 11:16:38 1,344,000 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll - 2007-10-24 01:47:22 434,688 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2008-07-25 11:16:40 438,272 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll - 2007-10-24 01:47:40 37,896 -c--a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-07-25 11:17:02 37,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-07-29 19:16:38 168,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe + 2008-07-29 19:24:50 881,664 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe + 2008-07-29 19:16:38 397,312 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll + 2008-07-29 19:16:38 163,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll + 2008-07-29 19:16:38 11,280 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll + 2008-07-29 19:16:38 156,688 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe + 2008-07-29 19:16:38 20,504 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll + 2008-07-29 19:16:38 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2008-07-29 19:16:38 132,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe + 2008-07-29 19:16:38 966,656 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll + 2008-07-29 19:16:38 5,931,008 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll + 2008-07-29 19:16:38 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll + 2008-07-29 19:16:38 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2008-07-29 19:16:38 152,576 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe + 2008-07-29 19:32:52 17,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe + 2008-07-29 21:10:04 806,928 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll + 2008-07-29 21:10:04 4,883,464 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll + 2008-07-29 21:10:04 2,637,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll + 2008-07-29 21:10:04 71,160 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll + 2008-07-29 19:59:58 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll + 2008-07-29 21:10:04 46,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe + 2008-07-29 19:59:58 132,120 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2008-07-29 20:35:46 864,256 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll + 2008-07-29 19:59:58 1,738,760 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll + 2008-07-29 23:40:48 168,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll + 2008-07-29 23:40:48 233,976 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll + 2008-07-29 23:40:48 41,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe + 2008-07-29 23:40:48 41,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe + 2008-07-29 23:40:48 41,984 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe + 2008-07-29 23:40:48 1,548,280 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\csc.exe + 2008-07-29 23:40:48 78,856 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe + 2008-07-29 23:40:48 95,224 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe + 2008-07-29 23:15:24 225,490 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat + 2008-07-29 18:47:34 97,280 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe + 2008-07-29 18:47:34 276,984 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll + 2008-07-29 18:47:34 1,064,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll + 2008-07-29 18:47:34 177,152 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll + 2008-07-29 18:47:34 269,304 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe + 2008-07-29 18:47:34 113,152 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll + 2008-07-29 18:47:34 84,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll + 2008-07-29 18:47:34 125,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll + 2008-07-29 18:47:34 126,464 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll + 2008-07-29 18:47:34 130,048 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll + 2008-07-29 18:47:34 137,728 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll + 2008-07-29 18:47:34 122,368 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll + 2008-07-29 18:47:34 133,120 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll + 2008-07-29 18:47:34 111,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll + 2008-07-29 18:47:34 132,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll + 2008-07-29 18:47:34 128,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll + 2008-07-29 18:47:34 97,792 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll + 2008-07-29 18:47:34 94,720 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll + 2008-07-29 18:47:34 129,024 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll + 2008-07-29 18:47:34 121,856 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll + 2008-07-29 18:47:34 128,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll + 2008-07-29 18:47:34 122,880 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll + 2008-07-29 18:47:34 123,904 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll + 2008-07-29 18:47:34 121,344 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll + 2008-07-29 18:47:34 121,344 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll + 2008-07-29 18:47:34 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll + 2008-07-29 18:47:34 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll + 2008-07-29 18:47:34 131,584 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll + 2008-07-29 18:47:34 110,080 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll + 2008-07-29 18:47:34 1,364,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll + 2008-07-29 18:47:34 1,054,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll + 2008-07-29 18:47:34 632,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll + 2008-07-29 18:47:34 413,184 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll + 2008-07-29 18:47:34 689,152 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll + 2008-07-29 18:47:34 102,904 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll + 2008-07-29 18:47:34 89,592 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll + 2008-07-29 18:47:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll + 2008-07-29 18:47:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll + 2008-07-29 18:47:34 111,608 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll + 2008-07-29 18:47:34 113,656 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll + 2008-07-29 18:47:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll + 2008-07-29 18:47:34 112,120 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll + 2008-07-29 18:47:34 101,368 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll + 2008-07-29 18:47:34 111,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll + 2008-07-29 18:47:34 110,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll + 2008-07-29 18:47:34 95,224 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll + 2008-07-29 18:47:34 92,664 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll + 2008-07-29 18:47:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll + 2008-07-29 18:47:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll + 2008-07-29 18:47:34 109,048 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll + 2008-07-29 18:47:34 107,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll + 2008-07-29 18:47:34 107,000 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll + 2008-07-29 18:47:34 105,976 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll + 2008-07-29 18:47:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll + 2008-07-29 18:47:34 89,080 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll + 2008-07-29 18:47:34 110,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll + 2008-07-29 18:47:34 111,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll + 2008-07-29 18:47:34 107,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll + 2008-07-29 18:47:34 984,056 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll + 2008-07-29 23:40:48 802,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll + 2008-07-29 23:40:48 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll + 2008-07-29 23:40:48 41,984 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll + 2008-07-29 23:40:48 91,136 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe + 2008-07-29 23:40:48 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll + 2008-07-29 23:40:48 1,720,824 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe + 2008-07-29 23:40:48 196,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe + 2008-07-29 23:40:48 70,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll + 2007-08-09 18:51:36 1,410,560 ----a-w c:\windows\Resources\Themes\Windows XP Vista Home Basic\Shell\Alternat\Shellstyle.dll + 2007-08-09 18:51:36 1,410,560 ----a-w c:\windows\Resources\Themes\Windows XP Vista Home Basic\Shell\NormalColor\Shellstyle.dll + 2008-11-04 10:15:38 114,688 ----a-w c:\windows\system32\Adobe\Director\np32dsw.dll + 2008-11-04 10:24:12 202,168 ----a-w c:\windows\system32\Adobe\Director\SwDir.dll + 2008-11-04 10:16:16 499,712 ----a-w c:\windows\system32\Adobe\Shockwave 11\Control.dll + 2008-11-04 09:56:40 1,798,144 ----a-w c:\windows\system32\Adobe\Shockwave 11\dirapi.dll + 2008-11-04 10:16:20 9,216 ----a-w c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll + 2008-11-04 09:41:22 710,144 ----a-w c:\windows\system32\Adobe\Shockwave 11\gi.dll + 2008-11-04 09:41:24 1,145,896 ----a-w c:\windows\system32\Adobe\Shockwave 11\gt.exe + 2008-11-04 09:41:22 52,288 ----a-w c:\windows\system32\Adobe\Shockwave 11\gtapi.dll + 2008-11-04 09:52:10 892,928 ----a-w c:\windows\system32\Adobe\Shockwave 11\iml32.dll + 2008-11-04 09:41:22 54,656 ----a-w c:\windows\system32\Adobe\Shockwave 11\pccuapi.dll + 2008-11-04 10:14:58 266,240 ----a-w c:\windows\system32\Adobe\Shockwave 11\Plugin.dll + 2008-11-04 10:16:52 446,464 ----a-w c:\windows\system32\Adobe\Shockwave 11\Proj.dll + 2008-11-04 10:23:52 460,216 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwHelper_1100470.exe + 2008-11-04 10:14:42 114,688 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwInit.exe + 2008-11-04 10:14:40 94,208 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll + 2008-11-04 09:41:22 58,736 ----a-w c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL + 1999-06-25 10:55:30 149,504 ----a-w c:\windows\system32\Adobe\Shockwave 11\UNWISE.EXE - 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll + 2008-10-16 20:38:34 124,928 ----a-w c:\windows\system32\advpack.dll - 2008-07-18 21:10:48 94,920 ----a-w c:\windows\system32\cdm.dll + 2008-10-16 14:09:44 92,696 ----a-w c:\windows\system32\cdm.dll - 2008-07-11 16:26:51 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2008-12-07 00:46:26 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-07-11 16:26:51 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-12-07 00:46:26 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-07-11 16:26:51 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-12-07 00:46:26 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2007-10-24 01:47:28 96,760 -c--a-w c:\windows\system32\dfshim.dll + 2008-07-25 11:16:46 96,760 ----a-w c:\windows\system32\dfshim.dll - 2008-08-26 07:24:28 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll + 2008-10-16 20:38:34 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll + 2008-04-14 00:11:50 84,992 -c--a-w c:\windows\system32\dllcache\avifil32.dll + 2008-04-13 17:03:24 63,488 -c--a-w c:\windows\system32\dllcache\browselc.dll - 2008-07-18 21:10:48 94,920 -c--a-w c:\windows\system32\dllcache\cdm.dll + 2008-10-16 14:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll + 2008-04-14 00:11:51 59,904 -c--a-w c:\windows\system32\dllcache\devenum.dll + 2008-04-14 00:11:52 60,928 -c--a-w c:\windows\system32\dllcache\dpnhupnp.dll - 2008-08-26 07:24:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll + 2008-10-16 20:38:34 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll - 2008-08-26 07:24:28 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll + 2008-10-16 20:38:34 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll - 2008-08-26 07:24:28 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll + 2008-10-16 20:38:35 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll + 2008-04-14 00:11:53 80,384 -c--a-w c:\windows\system32\dllcache\faultrep.dll + 2008-10-23 12:36:14 286,720 -c----w c:\windows\system32\dllcache\gdi32.dll - 2008-08-26 07:24:28 63,488 -c--a-w c:\windows\system32\dllcache\icardie.dll + 2008-10-16 20:38:35 63,488 -c--a-w c:\windows\system32\dllcache\icardie.dll - 2008-08-25 08:37:59 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe + 2008-10-16 13:11:09 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe - 2008-08-26 07:24:28 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll + 2008-10-16 20:38:35 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll - 2008-08-26 07:24:28 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll + 2008-10-16 20:38:35 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll - 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll + 2008-10-15 07:04:53 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll - 2008-08-26 07:24:28 383,488 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll + 2008-10-16 20:38:35 383,488 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll - 2008-08-26 07:24:29 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll + 2008-10-16 20:38:35 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll - 2008-10-03 17:41:15 6,066,176 -c--a-w c:\windows\system32\dllcache\ieframe.dll + 2008-10-16 20:38:37 6,066,176 -c--a-w c:\windows\system32\dllcache\ieframe.dll - 2008-08-26 07:24:29 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll + 2008-10-16 20:38:37 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll - 2008-08-26 07:24:29 267,776 -c--a-w c:\windows\system32\dllcache\iertutil.dll + 2008-10-16 20:38:37 267,776 -c--a-w c:\windows\system32\dllcache\iertutil.dll - 2008-08-25 08:38:00 13,824 -c--a-w c:\windows\system32\dllcache\ieudinit.exe + 2008-10-16 13:11:09 13,824 -c--a-w c:\windows\system32\dllcache\ieudinit.exe - 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\system32\dllcache\iexplore.exe + 2008-10-15 07:06:26 633,632 -c--a-w c:\windows\system32\dllcache\iexplore.exe + 2008-04-13 16:22:12 48,128 -c--a-w c:\windows\system32\dllcache\inetres.dll - 2008-08-26 07:24:30 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll + 2008-10-16 20:38:37 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll - 2005-01-28 12:44:28 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe + 2008-06-10 05:52:04 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe - 2008-04-13 19:17:01 456,576 -c--a-w c:\windows\system32\dllcache\mrxsmb.sys + 2008-10-24 11:21:09 455,296 -c--a-w c:\windows\system32\dllcache\mrxsmb.sys - 2008-08-26 07:24:30 459,264 -c--a-w c:\windows\system32\dllcache\msfeeds.dll + 2008-10-16 20:38:37 459,264 -c--a-w c:\windows\system32\dllcache\msfeeds.dll - 2008-08-26 07:24:30 52,224 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll + 2008-10-16 20:38:37 52,224 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll + 2008-04-14 00:11:59 539,136 -c--a-w c:\windows\system32\dllcache\msftedit.dll - 2008-08-27 08:24:32 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll + 2008-10-17 02:08:40 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll - 2008-08-26 07:24:30 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll + 2008-10-16 20:38:38 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll + 2008-04-14 00:12:00 105,984 -c--a-w c:\windows\system32\dllcache\msoert2.dll - 2008-08-26 07:24:30 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll + 2008-10-16 20:38:38 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll - 2008-08-26 07:24:30 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll + 2008-10-16 20:38:39 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll + 2008-09-04 17:15:04 1,106,944 -c----w c:\windows\system32\dllcache\msxml3.dll - 2008-04-14 00:12:01 1,306,624 -c--a-w c:\windows\system32\dllcache\msxml6.dll + 2008-09-10 01:14:56 1,307,648 -c--a-w c:\windows\system32\dllcache\msxml6.dll - 2008-05-02 21:46:00 6,554,496 -c--a-w c:\windows\system32\dllcache\nv4_mini.sys + 2008-05-16 14:01:00 6,557,408 -c--a-w c:\windows\system32\dllcache\nv4_mini.sys - 2008-08-26 07:24:30 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll + 2008-10-16 20:38:39 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll + 2008-04-14 00:12:02 84,992 -c--a-w c:\windows\system32\dllcache\olepro32.dll - 2008-08-26 07:24:30 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-10-16 20:38:39 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-04-14 00:12:03 386,048 -c--a-w c:\windows\system32\dllcache\qdvd.dll + 2008-04-14 00:12:03 562,176 -c--a-w c:\windows\system32\dllcache\qedit.dll + 2008-04-13 17:03:19 549,376 -c--a-w c:\windows\system32\dllcache\shdoclc.dll - 2008-04-14 00:12:07 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll + 2008-10-03 10:02:42 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll - 2008-08-26 07:24:30 105,984 -c--a-w c:\windows\system32\dllcache\url.dll + 2008-10-16 20:38:39 105,984 -c--a-w c:\windows\system32\dllcache\url.dll - 2008-08-26 07:24:31 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll + 2008-10-16 20:38:39 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll - 2008-08-26 07:24:31 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll + 2008-10-16 20:38:39 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll + 2008-04-14 00:12:08 589,312 -c--a-w c:\windows\system32\dllcache\wiashext.dll - 2008-08-26 07:24:31 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll + 2008-10-16 20:38:40 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll - 2005-01-28 12:44:28 1,027,072 -c--a-w c:\windows
  7. Here's the ComboFix log: ComboFix 08-12-15.08 - Administrator 2008-12-16 18:09:01.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1403 [GMT 0:00] Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\msqpdxnvuasrvk.dll . ((((((((((((((((((((((((( Files Created from 2008-11-16 to 2008-12-16 ))))))))))))))))))))))))))))))) . 2008-12-14 19:12 . 2008-12-14 19:12 61,440 --a------ c:\windows\system32\drivers\xsqatwof.sys 2008-12-14 17:43 . 2008-12-14 17:43 <DIR> d-------- C:\rsit 2008-12-14 17:35 . 2008-12-14 17:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-14 17:35 . 2008-12-14 17:35 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes 2008-12-13 23:32 . 2008-12-13 23:34 <DIR> d-------- c:\program files\SpeedFan 2008-12-13 23:32 . 2008-12-13 23:32 45 --a------ c:\windows\system32\initdebug.nfo 2008-12-13 22:55 . 2008-12-13 23:45 <DIR> d-------- c:\documents and settings\Administrator\Application Data\vlc 2008-12-11 18:40 . 2008-12-11 18:40 <DIR> d-------- c:\program files\Lavasoft 2008-12-11 18:39 . 2008-12-11 18:39 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-11 18:20 . 2008-12-14 19:48 <DIR> d-------- c:\program files\Trend Micro 2008-12-07 23:35 . 2008-12-07 23:35 21 --a------ c:\windows\Picasa.ini 2008-12-05 20:35 . 2008-12-05 20:35 27,904 --a------ c:\windows\system32\drivers\Ndisprot.sys 2008-11-30 00:01 . 2008-11-30 00:01 <DIR> d-------- c:\windows\system32\Adobe 2008-11-27 19:09 . 2008-11-27 19:09 <DIR> d-------- c:\documents and settings\Administrator\AppData 2008-11-27 18:56 . 2008-11-27 18:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\Stardock 2008-11-27 01:06 . 2008-11-27 01:06 <DIR> d-------- c:\windows\system32\XPSViewer 2008-11-27 01:06 . 2008-11-27 01:06 <DIR> d-------- c:\program files\Reference Assemblies 2008-11-27 01:05 . 2008-11-27 01:06 <DIR> d-------- C:\fac462f81a38d19e36f46f 2008-11-27 01:05 . 2008-07-06 12:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll 2008-11-27 01:05 . 2008-07-06 12:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll 2008-11-27 01:05 . 2008-07-06 10:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2008-11-27 01:05 . 2008-07-06 12:06 575,488 --------- c:\windows\system32\xpsshhdr.dll 2008-11-27 01:05 . 2008-07-06 12:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll 2008-11-27 01:05 . 2008-07-06 12:06 117,760 --------- c:\windows\system32\prntvpt.dll 2008-11-27 01:05 . 2008-07-06 12:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2008-11-27 00:37 . 2008-11-27 00:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\CenerTCPMessenger 2008-11-27 00:19 . 2008-11-27 00:19 <DIR> d-------- c:\program files\Alky for Applications 2008-11-27 00:19 . 2008-11-27 00:22 1,984,462 --a------ c:\windows\setupapi.log.0.old 2008-11-27 00:18 . 2007-07-28 17:00 16,384 --a------ c:\windows\system32\lcid.exe 2008-11-24 21:09 . 2008-11-24 22:58 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{8CC5CF4A-124E-41BA-B58C-A41F05BE09CC} 2008-11-23 20:33 . 2008-11-23 20:33 <DIR> d-------- c:\windows\system32\IOSUBSYS 2008-11-23 13:42 . 2008-11-23 13:42 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition 2008-11-23 13:31 . 2008-11-24 03:01 <DIR> d-------- c:\program files\Windows Live 2008-11-23 12:50 . 2008-11-23 13:18 <DIR> d-------- c:\documents and settings\Administrator\Tracing 2008-11-23 12:49 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll 2008-11-23 12:44 . 2008-11-23 12:44 <DIR> d-------- c:\program files\Microsoft 2008-11-23 12:40 . 2008-11-23 12:40 <DIR> d-------- c:\program files\Common Files\Windows Live 2008-11-17 20:04 . 2008-11-17 20:04 2,306,113 --a------ c:\windows\system32\GPhotos.scr 2008-11-16 19:01 . 2008-11-16 19:01 <DIR> d-------- C:\AllokVideoFolder 2008-11-16 18:51 . 2008-11-16 18:51 <DIR> d-------- c:\program files\Haali . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-16 18:33 --------- d-----w c:\documents and settings\All Users\Application Data\Kontiki 2008-12-16 17:58 --------- d-----w c:\documents and settings\Administrator\Application Data\uTorrent 2008-12-15 23:57 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-15 18:58 139,152 -c--a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-12-14 20:54 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-12-07 12:10 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2008-12-06 12:03 101,776 -c--a-w c:\windows\system32\drivers\cmdGuard.sys 2008-11-30 18:49 --------- d-----w c:\documents and settings\Administrator\Application Data\dvdcss 2008-11-27 01:06 --------- d-----w c:\program files\MSBuild 2008-11-24 23:14 31,504 -c--a-w c:\windows\system32\drivers\cmdhlp.sys 2008-11-23 20:33 --------- d-----w c:\program files\Google 2008-11-23 13:40 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller 2008-11-23 13:30 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller 2008-11-23 12:45 --------- d-----w c:\program files\MSN Messenger 2008-11-15 14:47 --------- d-----w c:\program files\PowerStrip 2008-11-15 13:56 23,600 ----a-w c:\windows\system32\drivers\TVICHW32.SYS 2008-11-13 18:02 --------- d-----w c:\program files\Spybot - Search & Destroy 2008-11-01 15:17 --------- d-----w c:\program files\Unlocker 2008-10-25 21:52 --------- d-----w c:\program files\Common Files\Adobe 2008-10-25 21:40 --------- d-----w c:\program files\Common Files\Macrovision Shared 2008-10-25 21:13 326 ----a-w c:\windows\system32\drivers\hosts 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-04-14 21:44 32 -c--a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2008-02-23 11:44 22,328 -c--a-w c:\documents and settings\Administrator\Application Data\PnkBstrK.sys 2005-09-28 14:11 32 -c--a-r c:\documents and settings\All Users\hash.dat 2007-08-25 03:52 300,400 -c--a-w c:\program files\mozilla firefox\components\coFFPlgn.dll 2008-07-11 16:26 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008071120080712\index.dat . ((((((((((((((((((((((((((((( snapshot@2008-11-13_18.13.13.93 ))))))))))))))))))))))))))))))))))))))))) . + 2008-09-10 01:10:56 1,379,840 -c--a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll + 2008-09-04 17:12:27 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe + 2008-07-09 13:08:38 382,840 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll + 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys + 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll + 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe + 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll + 2008-07-08 13:02:04 755,576 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe + 2008-07-08 13:02:12 382,840 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll + 2008-04-14 00:12:01 1,306,624 -c----w c:\windows\$NtUninstallKB954459$\msxml6.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB954459$\spuninst\updspapi.dll + 2008-04-14 00:12:01 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe + 2008-07-09 13:08:38 382,840 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll + 2008-04-13 19:17:01 456,576 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys + 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe + 2008-07-08 13:02:12 382,840 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll - 2008-02-20 17:02:11 69,120 -c--a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-11-27 01:02:37 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2008-02-20 17:02:17 72,192 -c--a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-11-27 01:02:42 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-11-27 01:06:14 163,840 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2008-02-20 17:01:58 4,444,160 -c--a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-11-27 01:02:53 4,546,560 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-11-27 01:06:19 4,210,688 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2008-02-20 17:02:19 483,840 -c--a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-11-27 01:02:53 486,400 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2008-02-20 17:02:04 3,036,160 -c--a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2008-11-27 01:02:55 2,933,248 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2008-02-20 17:02:22 258,048 -c--a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-11-27 01:02:51 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2008-02-20 17:02:22 113,664 -c--a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-11-27 01:02:51 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-11-27 01:06:20 368,640 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll - 2008-02-20 17:02:17 261,120 -c--a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2008-11-27 01:02:45 261,632 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2008-02-20 17:02:02 5,431,296 -c--a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2008-11-27 01:02:30 5,238,784 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2008-02-20 17:02:09 10,752 -c--a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-11-27 01:02:36 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2008-02-20 17:02:03 507,904 -c--a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2008-11-27 01:02:32 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2008-02-20 17:02:10 13,312 -c--a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-11-27 01:02:37 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2008-02-20 17:02:13 8,192 -c--a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-11-27 01:02:38 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2008-02-20 17:02:14 77,824 -c--a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2008-11-27 01:02:38 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2008-02-20 17:02:15 6,656 -c--a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-11-27 01:02:39 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-11-27 01:07:24 106,496 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll - 2008-02-20 17:02:23 348,160 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-11-27 01:02:47 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-11-27 01:07:25 733,184 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2008-02-20 17:02:24 36,864 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-11-27 01:02:48 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-11-27 01:07:26 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-11-27 01:07:26 802,816 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll - 2008-02-20 17:02:25 655,360 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-11-27 01:02:49 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-11-27 01:07:26 94,208 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll - 2008-02-20 17:02:26 77,824 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2008-11-27 01:02:50 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2008-02-20 17:02:15 749,568 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-11-27 01:02:42 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-11-27 01:06:14 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll - 2008-02-20 17:02:14 110,592 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-11-27 01:02:41 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2008-02-20 17:02:13 372,736 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2008-11-27 01:02:41 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2008-02-20 17:02:19 28,672 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-11-27 01:02:44 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2008-02-20 17:02:12 671,744 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-11-27 01:02:40 659,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-11-27 01:07:25 41,984 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll - 2008-02-20 17:01:59 5,632 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2008-11-27 01:02:54 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2008-02-20 17:02:21 12,800 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-11-27 01:02:44 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2008-02-20 17:02:12 32,768 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-11-27 01:02:40 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2008-02-20 17:02:11 7,168 -c--a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-11-27 01:02:39 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-11-27 01:06:23 598,016 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll + 2008-11-27 01:06:19 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll + 2008-11-27 01:06:24 46,104 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe + 2008-11-27 01:06:25 196,608 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2008-11-27 01:06:25 139,264 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2008-11-27 01:06:25 397,312 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll + 2008-11-27 01:06:25 163,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2008-11-27 01:06:26 5,283,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2008-11-27 01:06:26 864,256 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2008-11-27 01:06:20 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2008-11-27 01:07:27 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll + 2008-11-27 01:06:15 110,592 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll - 2008-02-20 17:02:16 110,592 -c--a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2008-11-27 01:02:52 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2008-03-27 15:26:10 47,832 -c--a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2008-11-27 01:07:27 45,056 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2008-11-27 01:07:28 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2008-11-27 01:07:33 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll - 2008-02-20 17:02:16 81,920 -c--a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-11-27 01:02:52 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2008-02-20 17:02:03 425,984 -c--a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-11-27 01:02:54 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-11-27 01:07:29 667,648 ----a-w c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll + 2008-11-27 01:07:29 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2008-11-27 01:07:29 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll + 2008-11-27 01:07:30 2,879,488 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll + 2008-11-27 01:07:23 684,032 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll + 2008-11-27 01:07:22 294,912 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll + 2008-11-27 01:07:22 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll + 2008-11-27 01:07:22 442,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll + 2008-11-23 13:42:39 236,392 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll - 2008-02-20 17:02:05 741,376 -c--a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2008-11-27 01:02:49 745,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2008-02-20 17:02:06 933,888 -c--a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2008-11-27 01:02:46 970,752 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2008-02-20 17:02:26 5,070,848 -c--a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-11-27 01:02:36 5,062,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-11-27 01:07:23 286,720 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll - 2008-02-20 17:02:24 188,416 -c--a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2008-11-27 01:02:43 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2008-02-20 17:02:09 401,408 -c--a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-11-27 01:02:45 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2008-02-20 17:02:20 81,920 -c--a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-11-27 01:02:35 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2008-02-20 17:02:00 630,784 -c--a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-11-27 01:02:56 626,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-11-27 01:06:27 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2008-11-27 01:06:15 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2008-11-27 01:06:15 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll + 2008-11-27 01:07:31 143,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll - 2008-02-20 17:02:22 372,736 -c--a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2008-11-27 01:02:50 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2008-02-20 17:02:20 258,048 -c--a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-11-27 01:02:48 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-11-27 01:07:33 233,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll - 2008-02-20 17:02:18 299,008 -c--a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-11-27 01:02:47 303,104 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2008-02-20 17:02:18 131,072 -c--a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-11-27 01:02:46 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-11-27 01:06:15 966,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2008-02-20 17:02:00 258,048 -c--a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2008-11-27 01:02:57 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2008-11-27 01:06:18 73,728 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll + 2008-11-27 01:06:18 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2008-11-27 01:07:21 569,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll + 2008-11-27 01:06:17 5,931,008 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll - 2008-02-20 17:02:01 114,688 -c--a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-11-27 01:02:57 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-11-27 01:06:24 688,128 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll + 2008-11-27 01:07:34 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll + 2008-11-27 01:07:34 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll + 2008-11-27 01:07:35 225,280 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll + 2008-11-27 01:07:31 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll + 2008-11-27 01:07:31 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll + 2008-11-27 01:07:35 335,872 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll + 2008-11-27 01:07:35 1,277,952 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll - 2008-02-20 17:02:07 884,736 -c--a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2008-11-27 01:02:34 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2008-02-20 17:02:08 90,112 -c--a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-11-27 01:02:33 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-11-27 01:07:36 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll - 2008-02-20 17:02:07 839,680 -c--a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2008-11-27 01:02:33 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2008-02-20 17:02:10 5,013,504 -c--a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-11-27 01:02:35 5,025,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-11-27 01:07:32 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2008-11-27 01:06:22 1,138,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll + 2008-11-27 01:06:22 1,630,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll + 2008-11-27 01:06:23 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll + 2008-11-27 01:07:22 507,904 ----a-w c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll + 2008-11-27 01:07:32 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll - 2008-02-20 17:02:01 2,068,480 -c--a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2008-11-27 01:02:56 2,048,000 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2008-02-20 17:02:06 3,076,096 -c--a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2008-11-27 01:02:43 3,149,824 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2008-11-27 01:06:24 167,936 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll + 2008-11-27 01:06:24 385,024 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2008-11-27 01:06:20 40,960 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2008-11-27 01:06:21 98,304 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll + 2008-11-27 01:06:21 1,245,184 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2008-11-27 01:06:25 94,208 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2008-11-27 08:32:51 25,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll + 2008-11-27 08:32:53 842,240 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c7ffd8c23e8de4018a88185b3b60631e\AspNetMMCExt.ni.dll + 2008-11-27 08:32:39 409,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\19b50dd470540911fc5cc65331a769e4\ComSvcConfig.ni.exe + 2008-11-27 08:33:05 220,672 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll + 2008-11-27 08:32:54 14,336 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a2865dcec9c5d3cc9c55f026cbad6fcc\dfsvc.ni.exe + 2008-11-27 08:33:06 222,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c5c4db4f9bc7a454e9cfc2548a9d45a5\Microsoft.Build.Conversion.v3.5.ni.dll + 2008-11-27 08:32:58 1,886,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ce984d7bbd9a6d5d3cca28c4e5038020\Microsoft.Build.Engine.ni.dll + 2008-11-27 08:33:08 838,656 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\daf5ff5e06c80eefa80c6fcc79aec963\Microsoft.Build.Engine.ni.dll + 2008-11-27 08:33:09 65,024 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\36dbc4689f7c51e393504230004c9dec\Microsoft.Build.Framework.ni.dll + 2008-11-27 08:32:55 74,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\66359457e427c0d547750a79f754f9ba\Microsoft.Build.Framework.ni.dll + 2008-11-27 08:33:12 1,620,480 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\152cf75db013f0523933ac45177b4217\Microsoft.Build.Tasks.ni.dll + 2008-11-27 08:33:14 1,965,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cd6eeb3d7ea1f65c28a43e665db38644\Microsoft.Build.Tasks.v3.5.ni.dll + 2008-11-27 08:33:16 175,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\28eede53267524df58362a75a668cf86\Microsoft.Build.Utilities.v3.5.ni.dll + 2008-11-27 08:33:15 144,384 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\43dceeb2d0601d79af40752fb20283c2\Microsoft.Build.Utilities.ni.dll + 2008-11-27 08:34:36 2,332,160 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\7d61e63dea85f4f77ea4c13df7651ec7\Microsoft.JScript.ni.dll + 2008-11-27 08:32:41 1,092,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\21bb6244c91b6207fbcb038884a641ef\Microsoft.Transactions.Bridge.ni.dll + 2008-11-27 08:32:43 386,560 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\539e297cc9bc67fbf2fbdc9dc5fcd0f1\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2008-11-27 08:33:19 1,711,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll + 2008-11-27 08:34:37 55,296 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\28ea74096df47800fe2c78bb2b9a4f2a\Microsoft.Vsa.ni.dll + 2008-11-27 08:32:55 133,632 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\87c84ffaaad81d8d106a9aa9d68b5926\MSBuild.ni.exe + 2008-11-27 08:16:43 11,485,184 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll + 2008-11-27 08:16:56 1,451,008 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b6bfb51dec7f8cc42c21c5928470c773\PresentationBuildTasks.ni.dll + 2008-11-27 08:16:56 39,424 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\487c1bc20f6e73e8e79503898d17d102\PresentationCFFRasterizer.ni.dll + 2008-11-27 08:17:22 12,213,248 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\12dcb10b76012416357bdbb010fdaa97\PresentationCore.ni.dll + 2008-11-27 08:17:24 47,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\9469981a17c01dd154c540127e678b35\PresentationFontCache.ni.exe + 2008-11-27 08:17:56 258,048 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\79c2fd29b1e46c943960278051b4e1b9\PresentationFramework.Royale.ni.dll + 2008-11-27 08:17:50 14,320,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9519494798a88867406b5755e1dbded6\PresentationFramework.ni.dll + 2008-11-27 08:17:52 368,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9e71fd0d299c5668c96a54e4a63479fa\PresentationFramework.Aero.ni.dll + 2008-11-27 08:17:55 539,648 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b4dc4bd8534d90fbb7430926ad990cd9\PresentationFramework.Luna.ni.dll + 2008-11-27 08:17:54 224,768 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ef1a93d10c3a91b728745dbfcc79c2c7\PresentationFramework.Classic.ni.dll + 2008-11-27 08:17:59 1,656,832 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\87fb973e4ab6a21fd00e45656fa7c115\PresentationUI.ni.dll + 2008-11-27 08:18:04 2,125,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\5c59991df60164cae10fd81b88a8e5b1\ReachFramework.ni.dll + 2008-11-27 08:32:44 319,488 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\6781b87c8d3b55e6120b1e86bea6e040\ServiceModelReg.ni.exe + 2008-11-27 08:32:45 255,488 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\2e19ccefc30d7b827bab3f7d8dcc0ab9\SMDiagnostics.ni.dll + 2008-11-27 08:32:47 365,056 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\b9c1a29e684bc02e49226ff1e9eec253\SMSvcHost.ni.exe + 2008-11-27 08:33:21 82,944 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f2b48eab657b4ef1d19dac11bdf0c913\System.AddIn.Contract.ni.dll + 2008-11-27 08:33:21 632,832 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\b01721205312c6c18df033cc47b60e5c\System.AddIn.ni.dll + 2008-11-27 08:33:22 94,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a8e047504bdad9ec14efd483574b0dd5\System.ComponentModel.DataAnnotations.ni.dll + 2008-11-27 08:34:31 140,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\22a1629a4dcdd493bbd8be40cc122e94\System.Configuration.Install.ni.dll + 2008-11-27 08:32:59 970,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll + 2008-11-27 08:18:10 2,294,784 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\6c69930d05c557da70144bcc0add7065\System.Core.ni.dll + 2008-11-27 08:33:23 135,680 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4f4ddae492a4a4ce4a2961f3d72d9399\System.Data.DataSetExtensions.ni.dll + 2008-11-27 08:34:13 755,200 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\9867484f25281882e61f61066fa651a3\System.Data.Entity.Design.ni.dll + 2008-11-27 08:34:10 9,903,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\8c050147d7031f912f6ca2b15550173f\System.Data.Entity.ni.dll + 2008-11-27 08:18:34 2,510,848 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\fa206c73f39721cd2c55829b9853de44\System.Data.Linq.ni.dll + 2008-11-27 08:34:21 354,816 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3cb9c5203e50cb6af99b163522e9357c\System.Data.Services.Design.ni.dll + 2008-11-27 08:34:19 939,520 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\d3aed340a6562196ca40978556fb29d1\System.Data.Services.Client.ni.dll + 2008-11-27 08:34:17 1,326,080 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\6f298259c87cc6c7318d931f52f053c5\System.Data.Services.ni.dll + 2008-11-27 08:33:03 2,508,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0ec1b690c5ee057fa92ecff78de1457c\System.Data.SqlXml.ni.dll + 2008-11-27 08:18:23 6,614,016 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll + 2008-11-27 08:34:23 1,800,704 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\df1efcbac5973454c608890f72eb994d\System.Deployment.ni.dll + 2008-11-27 08:18:49 10,681,344 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\204db7071fb26343b0fd3f3d140c0bf8\System.Design.ni.dll + 2008-11-27 08:34:28 455,680 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\44de75caba2b9711b3d9030a30767f8b\System.DirectoryServices.Protocols.ni.dll + 2008-11-27 08:34:24 1,116,672 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6bcc481030a56c24d5990d199812c594\System.DirectoryServices.ni.dll + 2008-11-27 08:34:26 880,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c205bbbb88bfa4bd5e274f43ea0013cb\System.DirectoryServices.AccountManagement.ni.dll + 2008-11-27 08:18:56 208,384 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\5f5d64dd0e7991aaaad2d98ee52afe42\System.Drawing.Design.ni.dll + 2008-11-27 08:18:54 1,587,200 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll + 2008-11-27 08:34:29 627,712 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll + 2008-11-27 08:34:29 280,064 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.Wrapper.dll + 2008-11-27 08:31:58 212,992 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\be8c7482f1e78a3b4984af9082d455a7\System.IdentityModel.Selectors.ni.dll + 2008-11-27 08:31:57 1,056,768 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\94b2ca600c860c76e387f8bd317bd4c3\System.IdentityModel.ni.dll + 2008-11-27 08:32:00 381,440 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\bcfccfa22245d2223a764611c61a7cb9\System.IO.Log.ni.dll + 2008-11-27 08:34:31 330,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1db9deebde7c96b2874b4ffccac2f48e\System.Management.Instrumentation.ni.dll + 2008-11-27 08:34:33 997,888 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll + 2008-11-27 08:34:38 620,032 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\eabe1915c13467e1e66e2b073bcb842f\System.Net.ni.dll + 2008-11-27 08:19:00 1,035,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\db428f231a2ccaf490ae219efd2edc69\System.Printing.ni.dll + 2008-11-27 08:34:32 311,296 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\01dc643b54310ebc5ab7e4696df426bc\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2008-11-27 08:32:04 2,338,304 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bb748f8ef8c98eb5c7f79b8faee95397\System.Runtime.Serialization.ni.dll + 2008-11-27 08:33:04 676,352 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll + 2008-11-27 08:34:43 1,705,984 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\a3adabee8e63dc76f65710a9c32175fc\System.ServiceModel.Web.ni.dll + 2008-11-27 08:32:35 17,313,792 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d85d9535e91da842fded56869d57790a\System.ServiceModel.ni.dll + 2008-11-27 08:34:44 212,992 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll + 2008-11-27 08:19:03 1,912,832 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2e7a6c977ac9f8d46ebe2982697a0c8d\System.Speech.ni.dll + 2008-11-27 08:34:46 627,200 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll + 2008-11-27 08:35:00 141,312 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\fbe60d84b9f1ab74e396fb1507f69615\System.Web.Abstractions.ni.dll + 2008-11-27 08:35:06 36,864 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\17e2a7113434da494a846a8f4e4ac5e9\System.Web.DynamicData.Design.ni.dll + 2008-11-27 08:35:05 542,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aff5e0fa23e49ee75e458408c1f66da2\System.Web.DynamicData.ni.dll + 2008-11-27 08:35:09 301,056 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ca1ce755bb49324c7d275c426188a28f\System.Web.Entity.Design.ni.dll + 2008-11-27 08:35:08 328,192 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bbdc5cb2f2f92fd610de7331d748193a\System.Web.Entity.ni.dll + 2008-11-27 08:35:04 2,400,256 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6a20b64ad8e2aaa2f40d67ff01fcc708\System.Web.Extensions.ni.dll + 2008-11-27 08:35:12 858,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f288f2cb75465c0f45154079365af9e8\System.Web.Extensions.Design.ni.dll + 2008-11-27 08:35:15 2,209,280 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\e5995a34d44ad5af7d9f335075bded4d\System.Web.Mobile.ni.dll + 2008-11-27 08:35:16 202,240 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\70764208219715962d310336b5959dfa\System.Web.RegularExpressions.ni.dll + 2008-11-27 08:35:01 129,536 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\18e1acd6761195389db42bab83169fd2\System.Web.Routing.ni.dll + 2008-11-27 08:35:19 1,840,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll + 2008-11-27 08:34:58 11,791,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll + 2008-11-27 08:19:18 12,428,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll + 2008-11-27 08:35:20 37,888 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\b5a285233229bb4f9d9831ebf27fe9ac\System.Windows.Presentation.ni.dll + 2008-11-27 08:35:25 2,989,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\d6cc33db5d526553ffbbfd1d372a8493\System.Workflow.Activities.ni.dll + 2008-11-27 08:35:32 4,510,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9de33f5786cd15e220f47b916c5a15e9\System.Workflow.ComponentModel.ni.dll + 2008-11-27 08:35:36 1,904,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6d0966370023925610756f368140b947\System.Workflow.Runtime.ni.dll + 2008-11-27 08:35:40 1,355,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\43911ac4e29949c57560eee5cb7b76c2\System.WorkflowServices.ni.dll + 2008-11-27 08:35:41 400,896 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\8c0d96269480bdd3de8a825f0215308d\System.Xml.Linq.ni.dll + 2008-11-27 08:19:29 5,449,728 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll + 2008-11-27 08:16:53 7,867,392 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll + 2008-11-27 08:19:31 447,488 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d255ab525d10d8fefe5df9ba092b2df8\UIAutomationClient.ni.dll + 2008-11-27 08:19:34 1,049,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\8698f073a59ef0db10a3258b1f1deaee\UIAutomationClientsideProviders.ni.dll + 2008-11-27 08:19:35 60,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f5c0e1b77c840d99a68897898317b79\UIAutomationProvider.ni.dll + 2008-11-27 08:19:36 187,904 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\dbb2fcd246efaf3df823410597cd1677\UIAutomationTypes.ni.dll + 2008-11-27 08:17:02 3,311,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\df20e56b59b1b1a595af305ddc0777ba\WindowsBase.ni.dll + 2008-11-27 08:19:39 239,616 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a18dff8832712a0f6cccaaefbcc45861\WindowsFormsIntegration.ni.dll + 2008-11-27 08:32:48 321,024 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\7d2a3adbdcb675f872eb2dbf21f73596\WsatConfig.ni.exe + 2008-07-06 12:06:10 89,088 ------w c:\windows\Driver Cache\i386\filterpipelineprintproc.dll + 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys + 2008-07-06 12:06:10 765,440 ------w c:\windows\Driver Cache\i386\mxdwdrv.dll + 2008-07-06 12:06:10 198,656 ------w c:\windows\Driver Cache\i386\mxdwdui.dll + 2008-07-06 12:06:10 373,248 ------w c:\windows\Driver Cache\i386\unidrv.dll + 2008-07-06 12:06:10 744,960 ------w c:\windows\Driver Cache\i386\unidrvui.dll + 2008-03-13 04:52:36 761,344 ------w c:\windows\Driver Cache\i386\unires.dll + 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll + 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll + 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll + 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll + 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll + 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe + 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll + 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll + 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll + 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll + 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll + 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll + 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll + 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll + 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe + 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe + 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll + 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll + 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll + 2008-08-27 08:24:32 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll + 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll + 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll + 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll + 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll + 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll + 200
  8. Hi, thanks for helping me out!! MBAM did stop working, however, I saved the log from the scan before I used system restore, and before I tried to get it to remove the infections. Here it is: Malwarebytes' Anti-Malware 1.31 Database version: 1500 Windows 5.1.2600 Service Pack 3 14/12/2008 19:11:56 mbam-log-2008-12-14 (19-11-52).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 221884 Time elapsed: 1 hour(s), 11 minute(s), 55 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 12 Folders Infected: 1 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataDisp32 (Trojan.Vundo) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ff44030b-689e-4427-87cd-4aff01b4d5ad}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ff44030b-689e-4427-87cd-4aff01b4d5ad}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ff44030b-689e-4427-87cd-4aff01b4d5ad}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ff44030b-689e-4427-87cd-4aff01b4d5ad}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ff44030b-689e-4427-87cd-4aff01b4d5ad}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{ff44030b-689e-4427-87cd-4aff01b4d5ad}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.150;85.255.112.70 -> No action taken. Folders Infected: C:\Documents and Settings\All Users\Application Data\VideoEgg (Adware.VideoEgg) -> No action taken. Files Infected: C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Spyware.Passwords) -> No action taken. C:\WINDOWS\system32\msqpdxnvuasrvk.dll (Trojan.Agent) -> No action taken. C:\Documents and Settings\All Users\Application Data\VideoEgg\user.dat (Adware.VideoEgg) -> No action taken. C:\WINDOWS\system32\drivers\msqpdxcjjhpgar.sys (Trojan.Agent) -> No action taken. DDS (Version 1.0.1) - NTFSx86 Run by Administrator at 18:35:13.06 on 15/12/2008 Internet Explorer: 7.0.5730.11 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2047.1263 [GMT 0:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\ehome\ehSched.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Kontiki\KService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ps2.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\COMODO\Firewall\cfp.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Administrator\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.blueyonder.co.uk/blueyonder/index.jsp uSearch Page = hxxp://www.google.com uDefault_Search_URL = hxxp://www.google.com/ie uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.blueyonder.co.uk/blueyonder/index.jsp mSearch Bar = hxxp://srch-gb10.hpwis.com/ uInternet Connection Wizard,ShellNext = hxxp://gb10.hpwis.com/ uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll BHO: {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.5.0_09\bin\ssv.dll BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Acme.PCHButton] c:\progra~1\hppavi~1\pavilion\xpewwbp4\plugin\bin\PCHButton.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [PS2] c:\windows\system32\ps2.exe mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe mRun: [CTHelper] CTHELPER.EXE mRun: [COMODO Firewall Pro] "c:\program files\comodo\firewall\cfp.exe" -h mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [COMODO Internet Security] "c:\program files\comodo\firewall\cfp.exe" -h mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup dRunOnce: [setDefaultMidi] MIDIDEF.EXE StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_09\bin\ssv.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: {FF44030B-689E-4427-87CD-4AFF01B4D5AD} = 62.30.112.39,194.117.134.19 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: igfxcui - igfxsrvc.dll Notify: WBSrv - c:\progra~1\stardock\object~1\window~1\wbsrv.dll SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\stardock\object desktop\iconpackager\iprepair.dll SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Authentication Packages = msv1_0 nwprovau ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\sqy84vg1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - prefs.js: network.proxy.type - 4 ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-7 97928] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-7-7 26824] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2008-1-12 101776] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2008-1-12 31504] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-7 231704] R2 cmdAgent;COMODO Internet Security Helper Service;"c:\program files\comodo\firewall\cmdagent.exe" [2008-1-12 618232] R3 hcwPVRP2;Hauppauge WinTV-PVR PCI II (Encoder-16);c:\windows\system32\drivers\hcwPVRP2.sys [2005-5-13 793376] S3 COH_Mon;COH_Mon;\??\c:\windows\system32\drivers\COH_Mon.sys [] S3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\virusd~1\20080202.003\NAVENG.SYS [] S3 NAVEX15;NAVEX15;\??\c:\progra~1\common~1\symant~1\virusd~1\20080202.003\NAVEX15.SYS [] S3 SSDefrag;SSDefrag;\??\c:\windows\system32\drivers\SSDefrag.sys [2007-11-14 34560] S4 ccEvtMgr;Symantec Event Manager;"c:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [] S4 ccSetMgr;Symantec Settings Manager;"c:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [] S4 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [] S4 MioNet;MioNet Service;"c:\program files\mionet\mionetmanager.exe" -s "c:\program files\mionet\wrapper.conf" [] S4 Symantec Core LC;Symantec Core LC;"c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe" [] =============== Created Last 30 ================ 2008-12-14 20:42 54,156 a---h--- c:\windows\QTFont.qfn 2008-12-14 20:42 1,409 a------- c:\windows\QTFont.for 2008-12-14 19:12 61,440 a------- c:\windows\system32\drivers\xsqatwof.sys 2008-12-14 17:35 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes 2008-12-14 17:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2008-12-13 23:32 <DIR> --d----- c:\program files\SpeedFan 2008-12-13 23:32 45 a------- c:\windows\system32\initdebug.nfo 2008-12-11 18:40 <DIR> --d----- c:\program files\Lavasoft 2008-12-11 18:39 <DIR> --d----- c:\program files\common files\Wise Installation Wizard 2008-12-11 18:20 <DIR> --d----- c:\program files\Trend Micro 2008-12-07 23:35 21 a------- c:\windows\Picasa.ini 2008-12-05 20:35 41,984 a------- c:\windows\system32\msqpdxnvuasrvk.dll 2008-12-05 20:35 27,904 a------- c:\windows\system32\drivers\Ndisprot.sys 2008-11-30 00:01 <DIR> --d----- c:\windows\system32\Adobe 2008-11-27 19:09 <DIR> --d----- c:\documents and settings\administrator\AppData 2008-11-27 18:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Stardock 2008-11-27 01:06 <DIR> --d----- c:\windows\system32\XPSViewer 2008-11-27 01:05 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2008-11-27 01:05 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll 2008-11-27 01:05 117,760 -------- c:\windows\system32\prntvpt.dll 2008-11-27 01:05 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll 2008-11-27 01:05 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll 2008-11-27 01:05 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2008-11-27 01:05 575,488 -------- c:\windows\system32\xpsshhdr.dll 2008-11-27 01:05 <DIR> --d----- C:\fac462f81a38d19e36f46f 2008-11-27 00:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\CenerTCPMessenger 2008-11-27 00:19 1,984,462 a------- c:\windows\setupapi.log.0.old 2008-11-27 00:19 <DIR> --d----- c:\program files\Alky for Applications 2008-11-27 00:18 16,384 a------- c:\windows\system32\lcid.exe 2008-11-24 21:09 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{8CC5CF4A-124E-41BA-B58C-A41F05BE09CC} 2008-11-23 20:33 <DIR> --d----- c:\windows\system32\IOSUBSYS 2008-11-23 13:42 <DIR> --d----- c:\program files\Microsoft SQL Server Compact Edition 2008-11-23 12:50 <DIR> --d----- c:\documents and settings\administrator\Tracing 2008-11-23 12:49 3,426,072 a------- c:\windows\system32\d3dx9_32.dll 2008-11-23 12:44 <DIR> --d----- c:\program files\Microsoft 2008-11-23 12:40 <DIR> --d----- c:\program files\common files\Windows Live 2008-11-17 20:04 2,306,113 a------- c:\windows\system32\GPhotos.scr 2008-11-16 19:01 <DIR> --d----- C:\AllokVideoFolder 2008-11-16 18:51 <DIR> --d----- c:\program files\Haali ==================== Find3M ==================== 2008-12-13 19:48 139,152 ac------ c:\windows\system32\drivers\PnkBstrK.sys 2008-12-13 19:48 111,928 ac------ c:\windows\system32\PnkBstrB.exe 2008-12-06 12:03 147,192 a------- c:\windows\system32\guard32.dll 2008-12-06 12:03 101,776 ac------ c:\windows\system32\drivers\cmdGuard.sys 2008-11-24 23:14 31,504 ac------ c:\windows\system32\drivers\cmdhlp.sys 2008-11-15 13:56 23,600 a------- c:\windows\system32\drivers\TVICHW32.SYS 2008-11-08 18:35 3,276 a------- c:\windows\system32\d3d8caps.dat 2008-10-25 21:13 326 a------- c:\windows\system32\drivers\hosts 2008-10-24 11:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys 2008-10-23 12:36 286,720 a------- c:\windows\system32\gdi32.dll 2008-10-16 20:38 826,368 a------- c:\windows\system32\wininet.dll 2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll 2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll 2008-10-03 10:02 247,326 a------- c:\windows\system32\strmdll.dll 2008-04-14 21:44 32 ac------ c:\docume~1\alluse~1\applic~1\ezsid.dat 2008-02-23 11:44 22,328 ac------ c:\docume~1\admini~1\applic~1\PnkBstrK.sys 2005-09-28 14:11 32 ac---r-- c:\documents and settings\all users\hash.dat 2008-07-11 16:26 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008071120080712\index.dat ============= FINISH: 18:36:43.04 =============== Thanks, Mr Brightside.
  9. Hello. I ran into something bad about a week ago. From the instructions in the Spyware/Virus section of the forum I should tell you that I have run these full system scans: AVG Anti Virus - nothing came up Spybot Search and Destroy - nothing came up Adaware - 2 main infections, one which could be removed, and the other wouldn't. I would select it, click remove, but it would just flicker and not go away Malwarebytes' Anti Malware - lots of infections found, but when they were removed on restart, my internet didn't work. I panicked and did a system restore to before my problems started (maybe I shoulda done that from the start). Google is now running fine, as well as family tree maker. What I want to make sure of though is that my system is still virus and spyware free. Please could you have a look over my current HJT log: AlLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:06:24, on 14/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\ehome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kontiki\KService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\ps2.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\COMODO\Firewall\cfp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blueyonder.co.uk/blueyonder/index.jsp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-gb10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blueyonder.co.uk/blueyonder/index.jsp R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://gb10.hpwis.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPEWWBP4\plugin\bin\PCHButton.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'Default user') O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab O16 - DPF: {A1F35586-A5A8-4D37-947A-81875350B11F} (Bonusprint Image Uploader Version 4.5 Control) - http://webalbum.bonusprint.com/ukipc01/dow...geUploader4.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FF44030B-689E-4427-87CD-4AFF01B4D5AD}: NameServer = 62.30.112.39,194.117.134.19 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 8116 bytes Thanks, Mr Brightside.
  10. Lol! Thanks stormy. Ironic that the person who told me to ask at the PC Pitstop forums, is the one who solved my original problem Works Perfectly Now. I knew eventually I would post a screenshot showing the secret way of screwing up your computer. I can finally watch the new Prison Break!!!!!!!! w00t! Is this something I have done through msconfig? Or could it have been the viruses I got? Thank You Everyone! ~Mr Brightside
  11. Update: I still can't see my printer in Control Panel I still can't press "Add Printer". Error Message: "Operation could not be completed. The print spooler service is not running" I still can't see my Internet Connection in "Network Connections" I can now Add Hardware It still says I have no audio device - even after uninstalling and reinstalling my sound driver. (It says its working properly, and is enabled) I still can't access Help and Support.
  12. It wasn't set to Automatic. So I did that. Didn't make a difference, but maybe this error message can give a clue as to wth is happening to my comp I get this message with quite a few all of the services. Just by double clicking them. Or right clicking and selecting properties. But when I changed the setting to "Automatic" and clicked okay, it seemed to stick when I went back in afterwards.
  13. It said it installed, but I tried to install a program, and it gave the same error message as before. Here's some of the log (didn't know how much you wanted): 2008-02-06 11:14:41:859 972 b0 Misc =========== Logging initialized (build: 7.0.6000.381, tz: -0000) =========== 2008-02-06 11:14:41:859 972 b0 Misc = Process: \??\C:\WINDOWS\system32\winlogon.exe 2008-02-06 11:14:41:859 972 b0 Misc = Module: C:\WINDOWS\system32\wuaueng.dll 2008-02-06 11:14:41:859 972 b0 Shutdwn FATAL: WUAutoUpdateAtShutdown failed, hr=80240FFF 2008-02-06 11:17:02:203 1748 6f4 Misc =========== Logging initialized (build: 7.0.6000.381, tz: -0000) =========== 2008-02-06 11:17:02:203 1748 6f4 Misc = Process: C:\WINDOWS\System32\svchost.exe 2008-02-06 11:17:02:203 1748 6f4 Misc = Module: C:\WINDOWS\system32\wuaueng.dll 2008-02-06 11:17:02:203 1748 6f4 Service ************* 2008-02-06 11:17:02:203 1748 6f4 Service ** START ** Service: Service startup 2008-02-06 11:17:02:203 1748 6f4 Service ********* 2008-02-06 11:17:02:281 1748 6f4 Agent * WU client version 7.0.6000.381 2008-02-06 11:17:02:281 1748 6f4 Agent * Base directory: C:\WINDOWS\SoftwareDistribution 2008-02-06 11:17:02:281 1748 6f4 Agent * Access type: No proxy 2008-02-06 11:17:02:296 1748 6f4 Agent * Network state: Disconnected 2008-02-06 11:17:50:187 1748 6f4 Agent *********** Agent: Initializing Windows Update Agent *********** 2008-02-06 11:17:50:187 1748 6f4 Agent *********** Agent: Initializing global settings cache *********** 2008-02-06 11:17:50:187 1748 6f4 Agent * WSUS server: <NULL> 2008-02-06 11:17:50:187 1748 6f4 Agent * WSUS status server: <NULL> 2008-02-06 11:17:50:187 1748 6f4 Agent * Target group: (Unassigned Computers) 2008-02-06 11:17:50:187 1748 6f4 Agent * Windows Update access disabled: No 2008-02-06 11:17:55:703 1748 6f4 DnldMgr Download manager restoring 0 downloads 2008-02-06 11:17:55:859 1748 6f4 AU ########### AU: Initializing Automatic Updates ########### 2008-02-06 11:17:55:859 1748 6f4 AU AU setting next detection timeout to 2008-02-06 11:17:55 2008-02-06 11:17:55:859 1748 6f4 AU # Approval type: Scheduled (User preference) 2008-02-06 11:17:55:859 1748 6f4 AU # Scheduled install day/time: Every day at 3:00 2008-02-06 11:17:55:859 1748 6f4 AU # Auto-install minor updates: Yes (User preference) 2008-02-06 11:17:55:921 1748 6f4 AU AU finished delayed initialization 2008-02-06 11:17:55:937 1748 6f4 Report *********** Report: Initializing static reporting data *********** 2008-02-06 11:17:55:937 1748 6f4 Report * OS Version = 5.1.2600.2.0.65792 2008-02-06 11:17:55:937 1748 6f4 Report WARNING: Failed to load reporting information from WMI with hr = 8007042c. 2008-02-06 11:17:55:937 1748 6f4 Report * Locale ID = 2057 2008-02-06 11:17:56:812 1748 6f4 AU ############# 2008-02-06 11:17:56:812 1748 6f4 AU ## START ## AU: Search for updates 2008-02-06 11:17:56:812 1748 6f4 AU ######### 2008-02-06 11:17:56:812 1748 6f4 AU # WARNING: Failed to find updates with error code 8024001F 2008-02-06 11:17:56:812 1748 6f4 AU ######### 2008-02-06 11:17:56:812 1748 6f4 AU ## END ## AU: Search for updates [CallId = {00000000-0000-0000-0000-000000000000}] 2008-02-06 11:17:56:812 1748 6f4 AU ############# 2008-02-06 11:17:56:812 1748 6f4 AU Network connection not detected, subscribing for network reconnect for AU detection to happen 2008-02-06 11:18:12:265 1748 6f4 AU Forced install timer expired for scheduled install 2008-02-06 11:18:12:265 1748 6f4 AU UpdateDownloadProperties: 0 download(s) are still in progress. 2008-02-06 11:18:12:328 1748 6f4 AU Setting AU scheduled install time to 2008-02-07 03:00:00 2008-02-06 11:39:38:125 1748 6f4 AU Network connection established, AU can do detection now 2008-02-06 11:39:38:125 1748 6f4 AU ############# 2008-02-06 11:39:38:125 1748 6f4 AU ## START ## AU: Search for updates 2008-02-06 11:39:38:125 1748 6f4 AU ######### 2008-02-06 11:39:38:125 1748 6f4 AU <<## SUBMITTED ## AU: Search for updates [CallId = {CDBB7A4A-489D-46DB-92E2-5BB26F79200F}] 2008-02-06 11:39:38:140 1748 5b0 Agent ************* 2008-02-06 11:39:38:140 1748 5b0 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates] 2008-02-06 11:39:38:140 1748 5b0 Agent ********* 2008-02-06 11:39:38:140 1748 5b0 Agent * Online = Yes; Ignore download priority = No 2008-02-06 11:39:38:140 1748 5b0 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1" 2008-02-06 11:39:38:140 1748 5b0 Agent * ServiceID = {7971F918-A847-4430-9279-4A52D1EFE18D} 2008-02-06 11:39:38:265 1748 5b0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab: 2008-02-06 11:39:38:359 1748 5b0 Misc Microsoft signed: Yes 2008-02-06 11:40:10:750 1748 5b0 Misc WARNING: Send failed with hr = 80072ee7. 2008-02-06 11:40:10:750 1748 5b0 Misc WARNING: SendRequest failed with hr = 80072ee7. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <> 2008-02-06 11:40:10:750 1748 5b0 Misc WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.windowsupdate.com/v7/windowsupdate/redir/wuredir.cab>. error 0x8024402c 2008-02-06 11:40:10:750 1748 5b0 Misc WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x8024402c 2008-02-06 11:40:10:750 1748 5b0 Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x8024402c 2008-02-06 11:40:10:750 1748 5b0 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x8024402c 2008-02-06 11:40:18:718 1748 5b0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab: 2008-02-06 11:40:18:734 1748 5b0 Misc Microsoft signed: Yes 2008-02-06 11:40:18:859 1748 5b0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab: 2008-02-06 11:40:18:890 1748 5b0 Misc Microsoft signed: Yes 2008-02-06 11:40:23:906 1748 5b0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab: 2008-02-06 11:40:23:921 1748 5b0 Misc Microsoft signed: Yes 2008-02-06 11:40:26:406 1748 5b0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wsus3setup.cab: 2008-02-06 11:40:26:406 1748 5b0 Misc Microsoft signed: Yes 2008-02-06 11:40:26:468 1748 5b0 Setup *********** Setup: Checking whether self-update is required ***********
  14. They were just backups to things we deleted. So I just got rid of the lot. And some random internet explorer ones. Thank Again
×
×
  • Create New...