Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » SecurityTool and Redirected Google Links

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

SecurityTool and Redirected Google Links

Reply
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 13-10-2009, 03:07 AM
Newbie
D-A-L Newbie
  
Join Date: Oct 2009
Posts: 3
italianpnoy112 Is a beginner here at D-A-L
SecurityTool and Redirected Google Links
Ok so just recently I was attacked by SecurityTool. Luckily I was able to find my way around it by downloading Malwarebytes and doing a Full Scan but it seems that every now and then it comes back and the havoc it reeks gets more annoying by the second. Another new thing that I started noticing is redirected search links. Whenever I click on one I get redirected to some spam page that has nothing related to what I'm searching.

Here's my Hijack Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:01:45 PM, on 10/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, News, Sport, Music, Movies, Money, Cars, Shopping, Windows Live from MSN UK
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, News, Sport, Music, Movies, Money, Cars, Shopping, Windows Live from MSN UK
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: (no name) - {528EA803-D096-4B92-B669-C0DA7A9AE6DD} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {618C7065-CA25-4891-A9EF-0527474254AA} - (no file)
O2 - BHO: (no name) - {8550754f-58b9-c524-0c18-e73cc8cfe729} - C:\WINDOWS\ukopoxubacepexo.dll
O2 - BHO: (no name) - {92229a5e-c42b-4605-9275-a151afe26df0} - (no file)
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: (no name) - {d442792b-48c0-43d1-a6db-494589ecbc3b} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\sadasdgfd.exe" /runcleanupscript
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vibuyujes] Rundll32.exe "c:\windows\system32\zohewigu.dll",a
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: c:\windows\system32\ c:\windows\system32\bolakuzu.dll c:\windows\system32\zohewigu.dll,fotuliza.dll
O21 - SSODL: roluvuhoy - {81af624f-3316-4144-bb19-67241da69071} - c:\windows\system32\bolakuzu.dll (file missing)
O21 - SSODL: rubudemif - {5bc8c056-f51b-4809-91ec-fedf4372dc9c} - c:\windows\system32\zohewigu.dll
O22 - SharedTaskScheduler: jugezatag - {81af624f-3316-4144-bb19-67241da69071} - c:\windows\system32\bolakuzu.dll (file missing)
O22 - SharedTaskScheduler: kupuhivus - {5bc8c056-f51b-4809-91ec-fedf4372dc9c} - c:\windows\system32\zohewigu.dll
O23 - Service: AntiPol (antippolice_) - Unknown owner - C:\WINDOWS\svchast.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8442 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 13-10-2009, 06:25 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: SecurityTool and Redirected Google Links
Visit this page below to familiarize yourself to the tool below and download from one of the links provided.

A guide and tutorial on using ComboFix




If you have previously downloaded ComboFix,please delete that version now.



It is IMPORTANT that it is saved directly to your desktop

Close any open browsers.

Disconnect from the Internet.

Please do not re-connect your machine back to the Internet until Combofix has completely finished.

Disable your antivirus program and any realtime malware scanners and script blockers now


How To Disable



Double click on combofix.exe and follow the prompts.

When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.

Note:
Do not mouseclick combofix's window while it's running.

That may cause the program to freeze/hang.

Do NOT post the ComboFix-quarantined-files.txt unless I ask.

Re-enable your anti-virus and re-connect back to the internet and post the combofix log.



*Note*
In case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your scanner and redownload Combofix again.
Some scanners may see some combofix related components as suspicious and block or delete them while there's nothing wrong with them.

ComboFix SHOULD NOT be used unless requested by a forum helper.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 14-10-2009, 02:30 AM
Newbie
D-A-L Newbie
  
Join Date: Oct 2009
Posts: 3
italianpnoy112 Is a beginner here at D-A-L
Re: SecurityTool and Redirected Google Links
ComboFix 09-10-13.01 - DonDon 10/13/2009 18:08.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.303 [GMT -7:00]
Running from: c:\documents and settings\DonDon\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\85475938
c:\documents and settings\All Users\Application Data\85475938\85475938.bat
c:\documents and settings\All Users\Application Data\85475938\85475938.exe
c:\documents and settings\DonDon\Start Menu\Programs\Security Tool.lnk
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\oqerilow.dll
c:\windows\system32\bszip.dll
c:\windows\system32\config\systemprofile\Start Menu\Programs\Windows Police Pro
c:\windows\system32\config\systemprofile\Start Menu\Programs\Windows Police Pro\Windows Police Pro.lnk
c:\windows\system32\drivers\gasfkyaehbxjwt.sys
c:\windows\system32\drivers\npf.sys
c:\windows\system32\fotuliza.dll
c:\windows\system32\gasfkydtcpwwbv.dll
c:\windows\system32\gasfkyinqqajiu.dll
c:\windows\system32\gasfkylelsxicx.dll
c:\windows\system32\gasfkyompunmvh.dat
c:\windows\system32\gasfkyrieojlpb.dat
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\ripeyoji.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\windows\system32\yanukoka.dll
c:\windows\system32\zohewigu.dll
c:\windows\system32\zokulabo.exe
c:\windows\ukopoxubacepexo.dll
c:\windows\utotidedugugek.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gasfkycbnkihsk
-------\Legacy_gasfkycbnkihsk
-------\Legacy_SENEKA
-------\Legacy_ILVMONEYDRIVER53
-------\Legacy_npf
-------\Service_IlvMoneyDRIVER53
-------\Service_npf


((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
.

2009-10-13 02:01 . 2009-10-13 02:01 -------- d-----w- c:\program files\Trend Micro
2009-10-09 20:31 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-09 20:31 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-09 20:29 . 2009-10-09 20:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-09 20:19 . 2009-10-09 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-08 08:36 . 2009-10-08 08:36 -------- d-----w- c:\program files\AVG
2009-10-05 01:21 . 2009-10-05 01:21 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-10-05 01:16 . 2009-10-05 01:16 -------- d-----w- c:\program files\Atari
2009-10-05 01:10 . 2009-10-05 01:10 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-05 01:10 . 2009-10-05 01:10 -------- d-----w- c:\documents and settings\DonDon\Application Data\DAEMON Tools Pro
2009-10-05 01:07 . 2009-10-05 01:07 -------- d-----w- c:\documents and settings\DonDon\Application Data\Leadertech
2009-10-05 01:05 . 2009-10-05 01:05 -------- d-----w- c:\documents and settings\DonDon\Application Data\Atari
2009-10-05 01:01 . 2009-10-05 01:01 -------- d-----w- c:\program files\MagicISO
2009-09-27 23:10 . 2009-09-27 23:10 -------- d-----w- c:\program files\Redbana
2009-09-19 04:41 . 2009-09-19 04:41 -------- d-----w- c:\program files\Audacity
2009-09-18 02:05 . 2009-09-18 02:05 -------- d-----w- c:\program files\Asiasoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-10-13 01:53 . 2005-03-30 05:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-10-12 22:09 . 2009-06-07 05:21 -------- d-----w- c:\documents and settings\DonDon\Application Data\Move Networks
2009-10-10 04:15 . 2009-05-06 04:50 -------- d-----w- c:\documents and settings\DonDon\Application Data\LimeWire
2009-10-08 03:00 . 2009-09-08 22:51 120 ----a-w- c:\windows\Jrimaci.dat
2009-10-05 01:16 . 2005-03-30 05:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-05 01:07 . 2008-12-02 03:06 -------- d-----w- c:\documents and settings\DonDon\Application Data\Sonic
2009-09-27 23:22 . 2009-07-14 21:12 -------- d-----w- c:\program files\Scream Machines
2009-09-26 19:28 . 2009-04-19 21:24 -------- d-----w- c:\documents and settings\DonDon\Application Data\Hamachi
2009-09-13 04:55 . 2009-06-01 03:24 -------- d-----w- c:\documents and settings\DonDon\Application Data\gtk-2.0
2009-09-07 23:29 . 2009-08-30 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-09-06 23:58 . 2008-12-04 00:01 59792 ----a-w- c:\documents and settings\DonDon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-29 19:27 . 2009-08-29 19:27 -------- d-----w- c:\documents and settings\DonDon\Application Data\Octoshape
2009-07-31 18:58 . 2009-04-11 01:07 235824 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-07-07 20:24 . 2009-07-07 20:24 37888 --sha-w- c:\windows\SYSTEM32\biyekupu.dll
2009-07-08 20:24 . 2009-07-08 20:24 37888 --sha-w- c:\windows\SYSTEM32\dagimewo.dll
2009-07-10 17:53 . 2009-07-10 17:53 50688 --sha-w- c:\windows\SYSTEM32\dajufiwe.dll.tmp
2009-07-13 01:48 . 2009-07-13 01:48 38400 --sha-w- c:\windows\SYSTEM32\hidumule.dll
2009-07-06 16:57 . 2009-07-06 16:57 88576 --sha-w- c:\windows\SYSTEM32\jemonuro.dll
2009-07-12 13:48 . 2009-07-12 13:48 88064 --sha-w- c:\windows\SYSTEM32\jipezayi.dll
2009-07-13 01:49 . 2009-07-13 01:49 51712 --sha-w- c:\windows\SYSTEM32\jumidani.dll
2009-07-13 22:36 . 2009-07-13 22:36 37888 --sha-w- c:\windows\SYSTEM32\kahufeto.dll
2009-07-13 01:48 . 2009-07-13 01:48 51712 --sha-w- c:\windows\SYSTEM32\kapekabo.dll
2009-07-13 22:36 . 2009-07-13 22:36 1050659 --sha-w- c:\windows\SYSTEM32\kelesopu.exe
2009-07-10 17:52 . 2009-07-10 17:52 50688 --sha-w- c:\windows\SYSTEM32\kidodize.dll
2009-07-11 19:47 . 2009-07-11 19:47 38400 --sha-w- c:\windows\SYSTEM32\kiganopo.dll
2009-07-06 16:57 . 2009-07-06 16:57 37888 --sha-w- c:\windows\SYSTEM32\lagiweba.dll
2009-07-06 16:52 . 2009-07-06 16:52 50688 --sha-w- c:\windows\SYSTEM32\ludusaku.dll.tmp
2009-07-06 16:57 . 2009-07-06 16:57 26624 --sha-w- c:\windows\SYSTEM32\mivikaju.dll
2009-07-07 04:57 . 2009-07-07 04:57 51200 --sha-w- c:\windows\SYSTEM32\molizedo.dll
2009-07-10 17:53 . 2009-07-10 17:53 50688 --sha-w- c:\windows\SYSTEM32\navujoko.dll.tmp
2009-07-10 17:53 . 2009-07-10 17:53 50688 --sha-w- c:\windows\SYSTEM32\puzihajo.dll.tmp
2009-07-08 08:24 . 2009-07-08 08:24 1051171 --sha-w- c:\windows\SYSTEM32\rejutigo.exe
2009-07-11 19:47 . 2009-07-11 19:47 1011449 --sha-w- c:\windows\SYSTEM32\rerazaki.exe
2009-07-07 20:24 . 2009-07-07 20:24 1049635 --sha-w- c:\windows\SYSTEM32\soditika.exe
2009-07-10 17:52 . 2009-07-10 17:52 38400 --sha-w- c:\windows\SYSTEM32\suvatepe.dll
2009-07-10 17:52 . 2009-07-10 17:52 26624 --sha-w- c:\windows\SYSTEM32\tavajaba.dll
2009-07-10 17:52 . 2009-07-10 17:52 1011349 --sha-w- c:\windows\SYSTEM32\tozoneba.exe
2009-07-12 13:48 . 2009-07-12 13:48 38400 --sha-w- c:\windows\SYSTEM32\vojameku.dll
2009-07-09 08:24 . 2009-07-09 08:24 1011003 --sha-w- c:\windows\SYSTEM32\vuvimuwe.exe
2009-07-06 16:52 . 2009-07-06 16:52 50688 --sha-w- c:\windows\SYSTEM32\wipomowe.dll.tmp
2009-07-06 16:52 . 2009-07-06 16:52 50688 --sha-w- c:\windows\SYSTEM32\womodefo.dll.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2e2878c1-bb87-471b-be7d-7cd18fdc3ccb}]
2009-07-13 01:49 51712 --sha-w- c:\windows\SYSTEM32\jumidani.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2004-07-19 306688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"VirusScan Online"="c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2004-08-18 180224]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-20 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"MCUpdateExe"="c:\progra~1\mcafee.com\agent\McUpda te.exe" [2006-01-11 212992]
"MCAgentExe"="c:\progra~1\mcafee.com\agent\McAgent .exe" [2005-09-23 303104]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\sadasdgfd.exe" [2009-09-10 1312080]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2004-09-14 131072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-03-30 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-1-17 450560]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]

[HKLM\~\startupfolder\c:^documents and settings^all users^start menu^programs^startup^america online 9.0 tray icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^dondon^start menu^programs^startup^hamachi.lnk]
path=c:\documents and settings\DonDon\Start Menu\Programs\Startup\hamachi.lnk
backup=c:\windows\pss\hamachi.lnkStartup

[HKLM\~\startupfolder\c:^documents and settings^dondon^start menu^programs^startup^ikowin32.exe]
path=c:\documents and settings\DonDon\Start Menu\Programs\Startup\ikowin32.exe
backup=c:\windows\pss\ikowin32.exeStartup

[HKLM\~\startupfolder\c:^documents and settings^dondon^start menu^programs^startup^limewire on startup.lnk]
path=c:\documents and settings\DonDon\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\p ol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Atari\\RollerCoaster Tycoon 3 Platinum\\RCT3plus.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Dell Support\\DSAgnt.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\WINDOWS\\SYSTEM32\\spoolsv.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"=
"c:\\WINDOWS\\SYSTEM32\\dla\\tfswctrl.exe"=
"c:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe"=
"c:\\WINDOWS\\SYSTEM32\\LVCOMSX.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"56920:TCP"= 56920:TCP:Pando Media Booster
"56920:UDP"= 56920:UDP:Pando Media Booster

S2 antippolice_;AntiPol;c:\windows\svchast.exe --> c:\windows\svchast.exe [?]
S3 NaiFiltr;NaiFiltr;c:\windows\SYSTEM32\DRIVERS\NaiF iltr.sys [3/29/2005 10:21 PM 23296]
S3 tap0901;TAP-Win32 Adapter V9;c:\windows\SYSTEM32\DRIVERS\tap0901.sys [11/19/2008 11:22 AM 25216]
S3 xdva281;XDva281;\??\c:\windows\system32\XDva281.sy s --> c:\windows\system32\XDva281.sys [?]
S4 gupdate1c9fc589d42eba0;Google Update Service (gupdate1c9fc589d42eba0);c:\program files\Google\Update\GoogleUpdate.exe [7/3/2009 8:36 PM 133104]
.
Contents of the 'Scheduled Tasks' folder

2009-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-04 03:36]

2009-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-04 03:36]

2009-10-10 c:\windows\Tasks\McAfee.com Scan for Viruses - My Computer (KOMODO-Daryll).job
- c:\program files\mcafee.com\vso\mcmnhdlr.exe [2005-03-30 23:15]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.dell4me.com/myway
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
FF - ProfilePath - c:\documents and settings\DonDon\Application Data\Mozilla\Firefox\Profiles\3z4u6lch.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=&query=
FF - prefs.js: browser.search.selectedEngine - AIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=&query=
FF - plugin: c:\documents and settings\DonDon\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\DonDon\Application Data\Mozilla\plugins\npoctoshape.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dl l
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - HiddenExtension: XUL Cache: {CD5F93F5-4EEF-4949-82C3-AAA6F6F14995} - c:\documents and settings\DonDon\Local Settings\Application Data\{CD5F93F5-4EEF-4949-82C3-AAA6F6F14995}
FF - HiddenExtension: XUL Cache: {2B769074-89E3-4769-A231-00175C5B40BB} - c:\documents and settings\Administrator\Local Settings\Application Data\{2B769074-89E3-4769-A231-00175C5B40BB}\
.
- - - - ORPHANS REMOVED - - - -

BHO-{528EA803-D096-4B92-B669-C0DA7A9AE6DD} - (no file)
BHO-{618C7065-CA25-4891-A9EF-0527474254AA} - (no file)
BHO-{8550754f-58b9-c524-0c18-e73cc8cfe729} - c:\windows\ukopoxubacepexo.dll
BHO-{92229a5e-c42b-4605-9275-a151afe26df0} - (no file)
BHO-{d442792b-48c0-43d1-a6db-494589ecbc3b} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKLM-Run-vibuyujes - c:\windows\system32\ripeyoji.dll
HKLM-Run-85475938 - c:\documents and settings\All Users\Application Data\85475938\85475938.exe
HKLM-Run-kazakajezu - yanukoka.dll
SharedTaskScheduler-{81af624f-3316-4144-bb19-67241da69071} - c:\windows\system32\bolakuzu.dll
SharedTaskScheduler-{95e49359-bd4f-44f1-98e3-99a56ea2f467} - c:\windows\system32\ripeyoji.dll
SSODL-roluvuhoy-{81af624f-3316-4144-bb19-67241da69071} - c:\windows\system32\bolakuzu.dll
SSODL-wosajusul-{95e49359-bd4f-44f1-98e3-99a56ea2f467} - c:\windows\system32\ripeyoji.dll
AddRemove-Dolphin - c:\documents and settings\DonDon\Desktop\Emulator\Dolphin\uninst.ex e
AddRemove-Pcsx2_is1 - c:\documents and settings\DonDon\Desktop\Emulator\PS2\Pcsx2\unins00 0.exe
AddRemove-StreetPlugin - c:\program files\Learn2.com\StRunner\stuninst.exe
AddRemove-SystemRequirementsLab - c:\program files\SystemRequirementsLab\Uninstall.exe



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-10-13 18:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2952)
c:\progra~1\mcafee.com\vso\McVSSkt.dll
c:\program files\Stardock\Object Desktop\IconPackager\iprepair.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ati2evxx.exe
c:\program files\Intel\Intel Application Accelerator\IAANTmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\SYSTEM32\wdfmgr.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\progra~1\McAfee.com\VSO\McVSEscn.exe
c:\program files\Logitech\Video\FxSvr2.exe
.
************************************************** ************************
.
Completion time: 2009-10-14 18:27 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-14 01:27

Pre-Run: 12,789,108,736 bytes free
Post-Run: 16,028,921,856 bytes free

270 --- E O F --- 2008-12-18 06:42
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 15-10-2009, 06:40 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: SecurityTool and Redirected Google Links
Open notepad(Must be NotePad) and copy/paste the text in the quotebox below into it:NOT THE WORD QUOTE


Quote:
File::
c:\windows\SYSTEM32\biyekupu.dll
c:\windows\SYSTEM32\dagimewo.dll
c:\windows\SYSTEM32\dajufiwe.dll.tmp
c:\windows\SYSTEM32\hidumule.dll
c:\windows\SYSTEM32\jemonuro.dll
c:\windows\SYSTEM32\jipezayi.dll
c:\windows\SYSTEM32\jumidani.dll
c:\windows\SYSTEM32\kahufeto.dll
c:\windows\SYSTEM32\kapekabo.dll
c:\windows\SYSTEM32\kelesopu.exe
c:\windows\SYSTEM32\kidodize.dll
c:\windows\SYSTEM32\kiganopo.dll
c:\windows\SYSTEM32\lagiweba.dll
c:\windows\SYSTEM32\ludusaku.dll.tmp
c:\windows\SYSTEM32\mivikaju.dll
c:\windows\SYSTEM32\molizedo.dll
c:\windows\SYSTEM32\navujoko.dll.tmp
c:\windows\SYSTEM32\puzihajo.dll.tmp
c:\windows\SYSTEM32\rejutigo.exe
c:\windows\SYSTEM32\rerazaki.exe
c:\windows\SYSTEM32\soditika.exe
c:\windows\SYSTEM32\suvatepe.dll
c:\windows\SYSTEM32\tavajaba.dll
c:\windows\SYSTEM32\tozoneba.exe
c:\windows\SYSTEM32\vojameku.dll
c:\windows\SYSTEM32\vuvimuwe.exe
c:\windows\SYSTEM32\wipomowe.dll.tmp
c:\windows\SYSTEM32\womodefo.dll.tmp

Reg::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2e2878c1-bb87-471b-be7d-7cd18fdc3ccb}]
Save this as CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.


[IMG][/IMG]



This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 20-10-2009, 01:57 AM
Newbie
D-A-L Newbie
  
Join Date: Oct 2009
Posts: 3
italianpnoy112 Is a beginner here at D-A-L
Re: SecurityTool and Redirected Google Links
ComboFix 09-10-13.01 - DonDon 10/19/2009 17:38.2.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.261 [GMT -7:00]
Running from: c:\documents and settings\DonDon\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\DonDon\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\windows\SYSTEM32\biyekupu.dll"
"c:\windows\SYSTEM32\dagimewo.dll"
"c:\windows\SYSTEM32\dajufiwe.dll.tmp"
"c:\windows\SYSTEM32\hidumule.dll"
"c:\windows\SYSTEM32\jemonuro.dll"
"c:\windows\SYSTEM32\jipezayi.dll"
"c:\windows\SYSTEM32\jumidani.dll"
"c:\windows\SYSTEM32\kahufeto.dll"
"c:\windows\SYSTEM32\kapekabo.dll"
"c:\windows\SYSTEM32\kelesopu.exe"
"c:\windows\SYSTEM32\kidodize.dll"
"c:\windows\SYSTEM32\kiganopo.dll"
"c:\windows\SYSTEM32\lagiweba.dll"
"c:\windows\SYSTEM32\ludusaku.dll.tmp"
"c:\windows\SYSTEM32\mivikaju.dll"
"c:\windows\SYSTEM32\molizedo.dll"
"c:\windows\SYSTEM32\navujoko.dll.tmp"
"c:\windows\SYSTEM32\puzihajo.dll.tmp"
"c:\windows\SYSTEM32\rejutigo.exe"
"c:\windows\SYSTEM32\rerazaki.exe"
"c:\windows\SYSTEM32\soditika.exe"
"c:\windows\SYSTEM32\suvatepe.dll"
"c:\windows\SYSTEM32\tavajaba.dll"
"c:\windows\SYSTEM32\tozoneba.exe"
"c:\windows\SYSTEM32\vojameku.dll"
"c:\windows\SYSTEM32\vuvimuwe.exe"
"c:\windows\SYSTEM32\wipomowe.dll.tmp"
"c:\windows\SYSTEM32\womodefo.dll.tmp"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\10736421
c:\documents and settings\All Users\Application Data\10736421\10736421.exe
c:\documents and settings\All Users\Application Data\28417224
c:\documents and settings\All Users\Application Data\28417224\28417224.exe
c:\documents and settings\All Users\Application Data\83597436
c:\documents and settings\All Users\Application Data\83597436\83597436.exe
c:\documents and settings\DonDon\Desktop\Security Tool.lnk
c:\documents and settings\DonDon\Start Menu\Programs\Security Tool.lnk
c:\windows\SYSTEM32\biyekupu.dll
c:\windows\SYSTEM32\dagimewo.dll
c:\windows\SYSTEM32\dajufiwe.dll.tmp
c:\windows\SYSTEM32\hidumule.dll
c:\windows\SYSTEM32\jemonuro.dll
c:\windows\SYSTEM32\jipezayi.dll
c:\windows\SYSTEM32\kahufeto.dll
c:\windows\SYSTEM32\kapekabo.dll
c:\windows\SYSTEM32\kelesopu.exe
c:\windows\SYSTEM32\kidodize.dll
c:\windows\SYSTEM32\kiganopo.dll
c:\windows\system32\ladobenu.dll
c:\windows\SYSTEM32\lagiweba.dll
c:\windows\SYSTEM32\ludusaku.dll.tmp
c:\windows\SYSTEM32\mivikaju.dll
c:\windows\SYSTEM32\molizedo.dll
c:\windows\SYSTEM32\navujoko.dll.tmp
c:\windows\SYSTEM32\puzihajo.dll.tmp
c:\windows\SYSTEM32\rejutigo.exe
c:\windows\SYSTEM32\rerazaki.exe
c:\windows\system32\rokesoza.dll
c:\windows\SYSTEM32\soditika.exe
c:\windows\SYSTEM32\suvatepe.dll
c:\windows\SYSTEM32\tavajaba.dll
c:\windows\system32\tozoneba.exe
c:\windows\system32\vadurota.dll
c:\windows\SYSTEM32\vojameku.dll
c:\windows\SYSTEM32\vuvimuwe.exe
c:\windows\system32\wayokuzo.dll
c:\windows\SYSTEM32\wipomowe.dll.tmp
c:\windows\SYSTEM32\womodefo.dll.tmp

.
((((((((((((((((((((((((( Files Created from 2009-09-20 to 2009-10-20 )))))))))))))))))))))))))))))))
.

2009-10-19 05:22 . 2009-10-19 05:29 -------- d-----w- c:\program files\PhotoScape
2009-10-14 23:57 . 2009-03-06 14:22 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2009-10-14 23:57 . 2009-02-09 12:10 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2009-10-14 23:57 . 2009-02-09 12:10 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2009-10-14 23:57 . 2009-02-06 11:11 110592 ------w- c:\windows\system32\dllcache\services.exe
2009-10-14 23:57 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe
2009-10-14 23:57 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2009-10-14 23:57 . 2009-02-09 12:10 714752 ------w- c:\windows\system32\dllcache\ntdll.dll
2009-10-14 23:57 . 2009-02-09 12:10 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2009-10-14 23:57 . 2009-02-09 12:10 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-10-14 23:57 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2009-10-14 23:56 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-10-14 23:56 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-10-14 23:56 . 2008-04-21 12:08 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2009-10-13 02:01 . 2009-10-13 02:01 -------- d-----w- c:\program files\Trend Micro
2009-10-09 20:31 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-09 20:31 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-09 20:29 . 2009-10-09 20:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-09 20:19 . 2009-10-09 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-08 08:36 . 2009-10-08 08:36 -------- d-----w- c:\program files\AVG
2009-10-05 01:21 . 2009-10-05 01:21 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-10-05 01:16 . 2009-10-05 01:16 -------- d-----w- c:\program files\Atari
2009-10-05 01:10 . 2009-10-05 01:10 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-05 01:10 . 2009-10-05 01:10 -------- d-----w- c:\documents and settings\DonDon\Application Data\DAEMON Tools Pro
2009-10-05 01:07 . 2009-10-05 01:07 -------- d-----w- c:\documents and settings\DonDon\Application Data\Leadertech
2009-10-05 01:05 . 2009-10-05 01:05 -------- d-----w- c:\documents and settings\DonDon\Application Data\Atari
2009-10-05 01:01 . 2009-10-05 01:01 -------- d-----w- c:\program files\MagicISO
2009-09-27 23:10 . 2009-09-27 23:10 -------- d-----w- c:\program files\Redbana

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-10-19 06:01 . 2009-06-01 03:24 -------- d-----w- c:\documents and settings\DonDon\Application Data\gtk-2.0
2009-10-19 05:22 . 2008-12-04 00:01 63320 ----a-w- c:\documents and settings\DonDon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-15 05:25 . 2005-03-30 05:22 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2009-10-13 01:53 . 2005-03-30 05:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-10-12 22:09 . 2009-06-07 05:21 -------- d-----w- c:\documents and settings\DonDon\Application Data\Move Networks
2009-10-10 04:15 . 2009-05-06 04:50 -------- d-----w- c:\documents and settings\DonDon\Application Data\LimeWire
2009-10-08 03:00 . 2009-09-08 22:51 120 ----a-w- c:\windows\Jrimaci.dat
2009-10-05 01:16 . 2005-03-30 05:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-05 01:07 . 2008-12-02 03:06 -------- d-----w- c:\documents and settings\DonDon\Application Data\Sonic
2009-09-27 23:22 . 2009-07-14 21:12 -------- d-----w- c:\program files\Scream Machines
2009-09-26 19:28 . 2009-04-19 21:24 -------- d-----w- c:\documents and settings\DonDon\Application Data\Hamachi
2009-09-19 04:41 . 2009-09-19 04:41 -------- d-----w- c:\program files\Audacity
2009-09-18 02:05 . 2009-09-18 02:05 -------- d-----w- c:\program files\Asiasoft
2009-09-11 14:18 . 2004-08-04 11:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 23:29 . 2009-08-30 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-09-04 21:03 . 2004-08-04 11:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 19:27 . 2009-08-29 19:27 -------- d-----w- c:\documents and settings\DonDon\Application Data\Octoshape
2009-08-29 07:36 . 2004-08-04 11:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-04 11:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-04 11:00 17408 ------w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-04 11:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 09:01 . 2004-08-04 11:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 15:13 . 1980-01-01 06:00 2145280 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 1980-01-01 06:00 2023936 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-31 18:58 . 2009-04-11 01:07 235824 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-29 04:37 . 2004-08-04 11:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:37 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-07-19 05:11 . 2009-07-19 05:11 89088 --sha-w- c:\windows\SYSTEM32\buhedina.dll
2009-07-16 21:47 . 2009-07-16 21:47 37888 --sha-w- c:\windows\SYSTEM32\kowatapi.dll
2009-07-19 05:11 . 2009-07-19 05:11 38400 --sha-w- c:\windows\SYSTEM32\mifolole.dll
2009-07-19 21:48 . 2009-07-19 21:48 39424 --sha-w- c:\windows\SYSTEM32\ranuvozo.dll
2009-07-16 21:48 . 2009-07-16 21:48 52224 --sha-w- c:\windows\SYSTEM32\sewupedi.dll
2009-07-19 05:11 . 2009-07-19 05:11 1011256 --sha-w- c:\windows\SYSTEM32\tagetega.exe
2009-07-16 21:47 . 2009-07-16 21:47 1111915 --sha-w- c:\windows\SYSTEM32\viwafinu.exe
2009-07-17 17:00 . 2009-07-17 17:00 38400 --sha-w- c:\windows\SYSTEM32\wifanana.dll
2009-07-19 21:48 . 2009-07-19 21:48 1011607 --sha-w- c:\windows\SYSTEM32\zabodowo.exe
2009-07-17 17:00 . 2009-07-17 17:00 1115785 --sha-w- c:\windows\SYSTEM32\zujobato.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-10-14_01.23.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-20 00:48 . 2009-10-20 00:48 16384 c:\windows\temp\Perflib_Perfdata_490.dat
+ 2004-08-04 11:00 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\wdigest.dll
+ 2008-07-14 11:09 . 2009-07-14 11:03 46080 c:\windows\SYSTEM32\tzchange.exe
+ 2004-08-04 11:00 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\telnet.exe
- 2008-12-02 11:00 . 2007-08-11 04:46 26488 c:\windows\SYSTEM32\spupdsvc.exe
+ 2008-12-02 11:00 . 2008-07-09 07:38 26488 c:\windows\SYSTEM32\spupdsvc.exe
+ 2004-08-04 11:00 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\secur32.dll
+ 2004-08-04 11:00 . 2009-02-06 10:39 35328 c:\windows\SYSTEM32\sc.exe
+ 2004-08-04 11:00 . 2009-08-29 07:36 44544 c:\windows\SYSTEM32\pngfilt.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 44544 c:\windows\SYSTEM32\pngfilt.dll
+ 2005-03-30 05:05 . 2009-10-15 20:00 69748 c:\windows\SYSTEM32\PERFC009.DAT
- 2005-03-30 05:05 . 2009-05-25 21:52 69748 c:\windows\SYSTEM32\PERFC009.DAT
- 2004-08-04 11:00 . 2008-04-14 00:12 91648 c:\windows\SYSTEM32\mtxoci.dll
+ 2004-08-04 11:00 . 2008-06-12 14:23 91648 c:\windows\SYSTEM32\mtxoci.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 66560 c:\windows\SYSTEM32\mtxclu.dll
+ 2004-08-04 11:00 . 2008-06-12 14:23 66560 c:\windows\SYSTEM32\mtxclu.dll
- 2007-08-14 02:54 . 2008-10-16 20:38 52224 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2007-08-14 02:54 . 2009-08-29 07:36 52224 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2004-08-04 11:00 . 2008-06-12 14:23 58880 c:\windows\SYSTEM32\msdtclog.dll
- 2004-08-04 11:00 . 2008-04-14 00:11 58880 c:\windows\SYSTEM32\msdtclog.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 27648 c:\windows\SYSTEM32\jsproxy.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 27648 c:\windows\SYSTEM32\jsproxy.dll
- 2007-08-14 02:39 . 2008-10-16 13:11 13824 c:\windows\SYSTEM32\ieudinit.exe
+ 2007-08-14 02:39 . 2009-08-28 10:28 13824 c:\windows\SYSTEM32\ieudinit.exe
+ 2004-08-04 11:00 . 2009-08-29 07:36 44544 c:\windows\SYSTEM32\iernonce.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 44544 c:\windows\SYSTEM32\iernonce.dll
+ 2004-08-04 11:00 . 2009-08-28 10:28 70656 c:\windows\SYSTEM32\ie4uinit.exe
- 2004-08-04 11:00 . 2008-10-16 13:11 70656 c:\windows\SYSTEM32\ie4uinit.exe
+ 2007-08-14 02:36 . 2009-08-29 07:36 63488 c:\windows\SYSTEM32\icardie.dll
- 2007-08-14 02:36 . 2008-10-16 20:38 63488 c:\windows\SYSTEM32\icardie.dll
+ 2004-08-04 11:00 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DRIVERS\ksecdd.sys
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\DLLCACHE\wdigest.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll
- 2008-12-02 03:17 . 2008-10-16 20:38 44544 c:\windows\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 44544 c:\windows\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\SYSTEM32\DLLCACHE\mtxoci.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\SYSTEM32\DLLCACHE\mtxclu.dll
+ 2008-12-04 00:11 . 2009-08-29 07:36 52224 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
- 2008-12-04 00:11 . 2008-10-16 20:38 52224 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\SYSTEM32\DLLCACHE\msdtclog.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\SYSTEM32\DLLCACHE\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DLLCACHE\ksecdd.sys
- 2008-12-02 03:17 . 2008-10-16 20:38 27648 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 27648 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2008-12-04 00:11 . 2009-08-28 10:28 13824 c:\windows\SYSTEM32\DLLCACHE\ieudinit.exe
- 2008-12-04 00:11 . 2008-10-16 13:11 13824 c:\windows\SYSTEM32\DLLCACHE\ieudinit.exe
+ 2007-08-14 02:39 . 2009-08-29 07:36 44544 c:\windows\SYSTEM32\DLLCACHE\iernonce.dll
- 2007-08-14 02:39 . 2008-10-16 20:38 44544 c:\windows\SYSTEM32\DLLCACHE\iernonce.dll
+ 2009-08-29 07:36 . 2009-08-29 07:36 78336 c:\windows\SYSTEM32\DLLCACHE\ieencode.dll
+ 2007-08-14 02:39 . 2009-08-28 10:28 70656 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
- 2007-08-14 02:39 . 2008-10-16 13:11 70656 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
- 2008-12-04 00:11 . 2008-10-16 20:38 63488 c:\windows\SYSTEM32\DLLCACHE\icardie.dll
+ 2008-12-04 00:11 . 2009-08-29 07:36 63488 c:\windows\SYSTEM32\DLLCACHE\icardie.dll
+ 2009-07-29 04:37 . 2009-07-29 04:37 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll
+ 2009-08-29 07:36 . 2009-08-29 07:36 17408 c:\windows\SYSTEM32\DLLCACHE\corpol.dll
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll
+ 2004-08-04 11:00 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\avifil32.dll
- 2004-08-04 11:00 . 2008-04-14 00:11 84992 c:\windows\SYSTEM32\avifil32.dll
- 2004-08-04 11:00 . 2008-04-14 00:11 58880 c:\windows\SYSTEM32\atl.dll
+ 2004-08-04 11:00 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\atl.dll
+ 2009-06-25 02:56 . 2009-06-25 02:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updat es\hotfix.exe
- 2007-04-14 04:58 . 2007-04-14 04:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ie.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ie.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPe rfMonExt.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPe rfMonExt.dll
+ 2008-05-28 08:30 . 2008-05-28 08:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_wp.exe
- 2007-04-14 05:30 . 2007-04-14 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_wp.exe
+ 2009-10-15 18:48 . 2008-10-16 20:38 44544 c:\windows\ie7updates\KB974455-IE7\pngfilt.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 52224 c:\windows\ie7updates\KB974455-IE7\msfeedsbs.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 27648 c:\windows\ie7updates\KB974455-IE7\jsproxy.dll
+ 2009-10-15 18:48 . 2008-10-16 13:11 13824 c:\windows\ie7updates\KB974455-IE7\ieudinit.exe
+ 2009-10-15 18:48 . 2008-10-16 20:38 44544 c:\windows\ie7updates\KB974455-IE7\iernonce.dll
+ 2009-10-15 18:48 . 2008-04-14 00:11 81920 c:\windows\ie7updates\KB974455-IE7\ieencode.dll
+ 2009-10-15 18:48 . 2008-10-16 13:11 70656 c:\windows\ie7updates\KB974455-IE7\ie4uinit.exe
+ 2009-10-15 18:48 . 2008-10-16 20:38 63488 c:\windows\ie7updates\KB974455-IE7\icardie.dll
+ 2009-10-15 18:48 . 2008-04-14 00:11 35328 c:\windows\ie7updates\KB974455-IE7\corpol.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 90112 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_99a1e 28c\System.Drawing.Design.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 61440 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\Custom Marshalers\1.0.5000.0__b03f5f7f11d50a3a_5244975c\C ustomMarshalers.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 50688 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIA utomationProvider\b9a622531616dcfbb005e0215d658848 \UIAutomationProvider.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 77824 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Windows.Pres#\6cdfcd83e12350178deba2d26d68d96e \System.Windows.Presentation.ni.dll
+ 2009-10-15 18:48 . 2009-10-15 18:48 48640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationFontCac#\ff3401f9aac1f01e1d15457d602811d3 \PresentationFontCache.ni.exe
+ 2009-10-15 22:27 . 2009-10-15 22:27 40960 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationCFFRast#\7f9d06eb470a85d80b676c9c8f0fd20d \PresentationCFFRasterizer.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 77824 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Vsa\d94fc25d39800cb137d0639137e0e9c5\Micros oft.Vsa.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 81920 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\e299fd71b4c71854673c47f85b4cf180 \Microsoft.Build.Framework.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\24e88fe2e103eac93e52fb6e2959085c \Microsoft.Build.Framework.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 15360 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfs vc\662febc2f309e92a880682f527f4e426\dfsvc.ni.exe
+ 2009-10-15 19:10 . 2009-10-15 19:10 27136 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Acc essibility\1a67452bf4558b2574698b6008e7af74\Access ibility.ni.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 90112 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.RegularExp ressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu larExpressions.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 90112 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.RegularExp ressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu larExpressions.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
+ 2009-10-15 13:52 . 2009-10-15 13:52 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
+ 2009-10-15 13:52 . 2009-10-15 13:52 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 77824 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
- 2009-04-11 01:05 . 2009-04-11 01:05 77824 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 77824 c:\windows\ASSEMBLY\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 77824 c:\windows\ASSEMBLY\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 69120 c:\windows\ASSEMBLY\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 69120 c:\windows\ASSEMBLY\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-04-11 01:04 . 2009-04-11 01:04 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-04-11 01:04 . 2009-04-11 01:04 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-04 11:00 . 2009-04-10 08:01 530280 c:\windows\SYSTEM32\wmspdmod.dll
+ 2004-08-04 11:00 . 2009-07-13 17:08 286720 c:\windows\SYSTEM32\wmpdxm.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 132096 c:\windows\SYSTEM32\wkssvc.dll
+ 2004-08-04 11:00 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\wkssvc.dll
+ 2004-08-04 11:00 . 2008-12-16 12:30 354304 c:\windows\SYSTEM32\winhttp.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 354304 c:\windows\SYSTEM32\winhttp.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 233472 c:\windows\SYSTEM32\webcheck.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 233472 c:\windows\SYSTEM32\webcheck.dll
+ 2004-08-04 11:00 . 2009-02-06 10:10 227840 c:\windows\SYSTEM32\WBEM\wmiprvse.exe
+ 2004-08-04 11:00 . 2009-02-09 12:10 453120 c:\windows\SYSTEM32\WBEM\wmiprvsd.dll
+ 2004-08-04 11:00 . 2009-02-09 12:10 473600 c:\windows\SYSTEM32\WBEM\fastprox.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 105984 c:\windows\SYSTEM32\url.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 105984 c:\windows\SYSTEM32\url.dll
+ 2004-08-04 11:00 . 2009-02-06 11:11 110592 c:\windows\SYSTEM32\services.exe
+ 2004-08-04 11:00 . 2009-06-25 08:25 147456 c:\windows\SYSTEM32\schannel.dll
+ 2004-08-04 11:00 . 2009-02-09 12:10 401408 c:\windows\SYSTEM32\rpcss.dll
+ 2004-08-04 11:00 . 2009-04-15 14:51 585216 c:\windows\SYSTEM32\rpcrt4.dll
- 2005-03-30 05:05 . 2009-05-25 21:52 436680 c:\windows\SYSTEM32\PERFH009.DAT
+ 2005-03-30 05:05 . 2009-10-15 20:00 436680 c:\windows\SYSTEM32\PERFH009.DAT
+ 2004-08-04 11:00 . 2009-03-06 14:22 284160 c:\windows\SYSTEM32\pdh.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 284160 c:\windows\SYSTEM32\pdh.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 102912 c:\windows\SYSTEM32\occache.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 102912 c:\windows\SYSTEM32\occache.dll
+ 2004-08-04 11:00 . 2009-02-09 12:10 714752 c:\windows\SYSTEM32\ntdll.dll
+ 2004-08-04 11:00 . 2008-06-20 17:46 245248 c:\windows\SYSTEM32\mswsock.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 245248 c:\windows\SYSTEM32\mswsock.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 671232 c:\windows\SYSTEM32\mstime.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 671232 c:\windows\SYSTEM32\mstime.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 193024 c:\windows\SYSTEM32\msrating.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 193024 c:\windows\SYSTEM32\msrating.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 477696 c:\windows\SYSTEM32\mshtmled.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 477696 c:\windows\SYSTEM32\mshtmled.dll
- 2007-08-14 02:54 . 2008-10-16 20:38 459264 c:\windows\SYSTEM32\msfeeds.dll
+ 2007-08-14 02:54 . 2009-08-29 07:36 459264 c:\windows\SYSTEM32\msfeeds.dll
+ 2004-08-04 11:00 . 2008-06-12 14:23 161792 c:\windows\SYSTEM32\msdtcuiu.dll
- 2004-08-04 11:00 . 2008-04-14 00:11 161792 c:\windows\SYSTEM32\msdtcuiu.dll
+ 2004-08-04 11:00 . 2008-06-12 14:23 956928 c:\windows\SYSTEM32\msdtctm.dll
- 2004-08-04 11:00 . 2008-04-14 00:11 956928 c:\windows\SYSTEM32\msdtctm.dll
+ 2004-08-04 11:00 . 2008-06-12 14:23 428032 c:\windows\SYSTEM32\msdtcprx.dll
+ 2004-08-04 11:00 . 2009-06-25 08:25 730112 c:\windows\SYSTEM32\lsasrv.dll
+ 2004-08-04 11:00 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\localspl.dll
- 2004-08-04 11:00 . 2008-04-14 00:11 989696 c:\windows\SYSTEM32\kernel32.dll
+ 2004-08-04 11:00 . 2009-03-21 14:06 989696 c:\windows\SYSTEM32\kernel32.dll
+ 2004-08-04 11:00 . 2009-06-25 08:25 301568 c:\windows\SYSTEM32\kerberos.dll
- 2004-08-04 11:00 . 2008-05-09 10:53 512000 c:\windows\SYSTEM32\jscript.dll
+ 2004-08-04 11:00 . 2009-08-13 15:16 512000 c:\windows\SYSTEM32\jscript.dll
+ 2007-08-14 02:34 . 2009-08-29 07:36 268288 c:\windows\SYSTEM32\iertutil.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 385024 c:\windows\SYSTEM32\iedkcs32.dll
+ 2007-07-11 20:27 . 2009-08-29 07:36 380928 c:\windows\SYSTEM32\ieapfltr.dll
- 2004-08-04 11:00 . 2008-10-15 07:04 161792 c:\windows\SYSTEM32\ieakui.dll
+ 2004-08-04 11:00 . 2009-08-27 05:18 161792 c:\windows\SYSTEM32\ieakui.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 230400 c:\windows\SYSTEM32\ieaksie.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 230400 c:\windows\SYSTEM32\ieaksie.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 153088 c:\windows\SYSTEM32\ieakeng.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 153088 c:\windows\SYSTEM32\ieakeng.dll
+ 2004-08-10 19:08 . 2009-10-19 05:10 243128 c:\windows\SYSTEM32\FNTCACHE.DAT
- 2004-08-04 11:00 . 2008-10-16 20:38 133120 c:\windows\SYSTEM32\extmgr.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 133120 c:\windows\SYSTEM32\extmgr.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 214528 c:\windows\SYSTEM32\dxtrans.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 214528 c:\windows\SYSTEM32\dxtrans.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 347136 c:\windows\SYSTEM32\dxtmsft.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 347136 c:\windows\SYSTEM32\dxtmsft.dll
+ 2004-08-04 11:00 . 2008-06-20 11:08 225856 c:\windows\SYSTEM32\DRIVERS\tcpip6.sys
+ 2004-08-04 11:00 . 2008-06-20 11:51 361600 c:\windows\SYSTEM32\DRIVERS\tcpip.sys
+ 2004-08-04 11:00 . 2008-12-11 10:57 333952 c:\windows\SYSTEM32\DRIVERS\srv.sys
- 2004-08-04 11:00 . 2008-04-14 00:11 147968 c:\windows\SYSTEM32\dnsapi.dll
+ 2004-08-04 11:00 . 2008-06-20 17:46 147968 c:\windows\SYSTEM32\dnsapi.dll
+ 2004-08-04 11:00 . 2009-04-10 08:01 530280 c:\windows\SYSTEM32\DLLCACHE\wmspdmod.dll
+ 2004-08-04 11:00 . 2009-07-13 17:08 286720 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 832512 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2008-12-16 12:30 . 2008-12-16 12:30 354304 c:\windows\SYSTEM32\DLLCACHE\winhttp.dll
+ 2007-08-14 02:54 . 2009-08-29 07:36 233472 c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
- 2007-08-14 02:54 . 2008-10-16 20:38 233472 c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
+ 2007-08-14 02:44 . 2009-08-29 07:36 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
- 2007-08-14 02:44 . 2008-10-16 20:38 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
+ 2008-06-20 11:08 . 2008-06-20 11:08 225856 c:\windows\SYSTEM32\DLLCACHE\tcpip6.sys
+ 2008-06-20 11:51 . 2008-06-20 11:51 361600 c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
+ 2009-07-29 04:37 . 2009-07-29 04:37 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
- 2008-12-10 23:21 . 2008-10-03 10:02 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
+ 2008-12-10 23:21 . 2009-08-26 08:00 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
+ 2008-12-02 11:04 . 2008-12-11 10:57 333952 c:\windows\SYSTEM32\DLLCACHE\srv.sys
+ 2009-06-25 08:25 . 2009-06-25 08:25 147456 c:\windows\SYSTEM32\DLLCACHE\schannel.dll
+ 2009-04-15 14:51 . 2009-04-15 14:51 585216 c:\windows\SYSTEM32\DLLCACHE\rpcrt4.dll
- 2007-08-14 02:44 . 2008-10-16 20:38 102912 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2007-08-14 02:44 . 2009-08-29 07:36 102912 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\DLLCACHE\mswebdvd.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\SYSTEM32\DLLCACHE\msv1_0.dll
- 2008-12-02 03:17 . 2008-10-16 20:38 671232 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 671232 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 193024 c:\windows\SYSTEM32\DLLCACHE\msrating.dll
- 2008-12-02 03:17 . 2008-10-16 20:38 193024 c:\windows\SYSTEM32\DLLCACHE\msrating.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 477696 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
- 2008-12-02 03:17 . 2008-10-16 20:38 477696 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
- 2008-12-04 00:11 . 2008-10-16 20:38 459264 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2008-12-04 00:11 . 2009-08-29 07:36 459264 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 161792 c:\windows\SYSTEM32\DLLCACHE\msdtcuiu.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 956928 c:\windows\SYSTEM32\DLLCACHE\msdtctm.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 428032 c:\windows\SYSTEM32\DLLCACHE\msdtcprx.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 730112 c:\windows\SYSTEM32\DLLCACHE\lsasrv.dll
+ 2009-05-07 15:32 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\DLLCACHE\localspl.dll
+ 2009-03-21 14:06 . 2009-03-21 14:06 989696 c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\SYSTEM32\DLLCACHE\kerberos.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 512000 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
+ 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
+ 2004-08-04 11:00 . 2009-08-27 05:18 634648 c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
+ 2008-12-04 00:11 . 2009-08-29 07:36 268288 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
+ 2007-08-14 02:39 . 2009-08-29 07:36 385024 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2008-12-04 00:11 . 2009-08-29 07:36 380928 c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dll
- 2007-08-14 01:56 . 2008-10-15 07:04 161792 c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
+ 2007-08-14 01:56 . 2009-08-27 05:18 161792 c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
+ 2007-08-14 02:39 . 2009-08-29 07:36 230400 c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
- 2007-08-14 02:39 . 2008-10-16 20:38 230400 c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
+ 2007-08-14 02:39 . 2009-08-29 07:36 153088 c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
- 2007-08-14 02:39 . 2008-10-16 20:38 153088 c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 133120 c:\windows\SYSTEM32\DLLCACHE\extmgr.dll
- 2008-12-02 03:17 . 2008-10-16 20:38 133120 c:\windows\SYSTEM32\DLLCACHE\extmgr.dll
- 2008-12-02 03:17 . 2008-10-16 20:38 214528 c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 214528 c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
- 2008-12-02 03:17 . 2008-10-16 20:38 347136 c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 347136 c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2008-06-20 17:46 . 2008-06-20 17:46 147968 c:\windows\SYSTEM32\DLLCACHE\dnsapi.dll
- 2007-08-14 02:39 . 2008-10-16 20:38 124928 c:\windows\SYSTEM32\DLLCACHE\advpack.dll
+ 2007-08-14 02:39 . 2009-08-29 07:36 124928 c:\windows\SYSTEM32\DLLCACHE\advpack.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 124928 c:\windows\SYSTEM32\advpack.dll
- 2004-08-04 11:00 . 2008-10-16 20:38 124928 c:\windows\SYSTEM32\advpack.dll
- 2004-08-04 11:00 . 2008-04-14 00:11 617472 c:\windows\SYSTEM32\advapi32.dll
+ 2004-08-04 11:00 . 2009-02-09 12:10 617472 c:\windows\SYSTEM32\advapi32.dll
+ 2009-08-08 09:35 . 2009-08-08 09:35 819016 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdacwks.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ld.dll
- 2007-04-14 04:58 . 2007-04-14 04:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ld.dll
- 2007-04-14 04:56 . 2007-04-14 04:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor jit.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor jit.dll
- 2007-04-14 05:30 . 2007-04-14 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
+ 2008-05-28 08:30 . 2008-05-28 08:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 826368 c:\windows\ie7updates\KB974455-IE7\wininet.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 233472 c:\windows\ie7updates\KB974455-IE7\webcheck.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 105984 c:\windows\ie7updates\KB974455-IE7\url.dll
+ 2009-10-15 18:48 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB974455-IE7\spuninst\updspapi.dll
+ 2009-10-15 18:48 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB974455-IE7\spuninst\spuninst.exe
+ 2009-10-15 18:48 . 2008-10-16 20:38 102912 c:\windows\ie7updates\KB974455-IE7\occache.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 671232 c:\windows\ie7updates\KB974455-IE7\mstime.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 193024 c:\windows\ie7updates\KB974455-IE7\msrating.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 477696 c:\windows\ie7updates\KB974455-IE7\mshtmled.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 459264 c:\windows\ie7updates\KB974455-IE7\msfeeds.dll
+ 2009-10-15 18:48 . 2008-10-15 07:06 633632 c:\windows\ie7updates\KB974455-IE7\iexplore.exe
+ 2009-10-15 18:48 . 2008-10-16 20:38 267776 c:\windows\ie7updates\KB974455-IE7\iertutil.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 384512 c:\windows\ie7updates\KB974455-IE7\iedkcs32.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 383488 c:\windows\ie7updates\KB974455-IE7\ieapfltr.dll
+ 2009-10-15 18:48 . 2008-10-15 07:04 161792 c:\windows\ie7updates\KB974455-IE7\ieakui.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 230400 c:\windows\ie7updates\KB974455-IE7\ieaksie.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 153088 c:\windows\ie7updates\KB974455-IE7\ieakeng.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 133120 c:\windows\ie7updates\KB974455-IE7\extmgr.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 214528 c:\windows\ie7updates\KB974455-IE7\dxtrans.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 347136 c:\windows\ie7updates\KB974455-IE7\dxtmsft.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 124928 c:\windows\ie7updates\KB974455-IE7\advpack.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 835584 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Drawing\1.0.5000.0__b03f5f7f11d50a3a_f06dd2b2\Sys tem.Drawing.dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 192512 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_280a9 dcc\System.Drawing.Design.dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 118784 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\Custom Marshalers\1.0.5000.0__b03f5f7f11d50a3a_eb1789f6\C ustomMarshalers.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 380928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Wsa tConfig\ee523c18d34c6e11f6096e0bb878e67d\WsatConfi g.ni.exe
+ 2009-10-15 22:29 . 2009-10-15 22:29 270336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Win dowsFormsIntegra#\a26a28600433ad4907b55e42ceb32a40 \WindowsFormsIntegration.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 196608 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIA utomationTypes\9fca74ebdde012b503cec6ee0d73b596\UI AutomationTypes.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 483328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIA utomationClient\6399149bd528ad5c007371ec893d82d7\U IAutomationClient.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 458752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Xml.Linq\90ecf577500413f4cc612434d59bf565\Syst em.Xml.Linq.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 237568 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Web.RegularE#\6b8f2e778eba3931057217c2512b201c \System.Web.RegularExpressions.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 880640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\243e31744402adbebb6aebe610fb55a5 \System.Web.Extensions.Design.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 684032 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Transactions\4bdd3ce8337c4619dfb09de5ab3f9b62\ System.Transactions.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 233472 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\47d862e0dc37c830cc3397decf6c0590 \System.ServiceProcess.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 733184 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Security\428a3be3d5be01f129e0effdc455d831\Syst em.Security.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 339968 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\ef827bc54e7620e870821803e8507c8b \System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2009-10-15 22:28 . 2009-10-15 22:28 729088 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Net\c38e3e2766068205791f9ba92286398f\System.Ne t.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 356352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Management.I#\b8ea9fdd4d0df7b7f10b2f514954fa18 \System.Management.Instrumentation.ni.dll
+ 2009-10-15 22:26 . 2009-10-15 22:26 417792 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.IO.Log\e81f4580e0c23765c6dde900f392f446\System .IO.Log.ni.dll
+ 2009-10-15 22:26 . 2009-10-15 22:26 241664 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.IdentityMode#\ed8e39453591d30135a5674ca7dbbe95 \System.IdentityModel.Selectors.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 294912 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\ff85d9d54701c8cde7b513ff808fd5e3 \System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 659456 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\ff85d9d54701c8cde7b513ff808fd5e3 \System.EnterpriseServices.ni.dll
+ 2009-10-15 18:51 . 2009-10-15 18:51 229376 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Drawing.Desi#\4593151ab44d4f61e4cafaf9e77a8d25 \System.Drawing.Design.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 937984 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\8f4a6e521fe3c8257e706338152acc8f \System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 512000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\135aa2f31c01565700d44313b925a205 \System.DirectoryServices.Protocols.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 184320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Data.DataSet#\63402da5b777bf5021bc3e50c4b42e5d \System.Data.DataSetExtensions.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 163840 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Configuratio#\1105b46975896c9bc6e66d5f9079e716 \System.Configuration.Install.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 696320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.AddIn\4aa38945f8e3c247d1d162ccd705e7a6\System. AddIn.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 102400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.AddIn.Contra#\cb239156223d1455d025454c762c59e6 \System.AddIn.Contract.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 323584 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMS vcHost\d7b7eeaae96dea8991ba2723c93a2392\SMSvcHost. ni.exe
+ 2009-10-15 22:27 . 2009-10-15 22:27 299008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMD iagnostics\47e0aab602bcd6e6e333ac24d7b8f6aa\SMDiag nostics.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 139264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Ser viceModelReg\8af5d1dac7b4e52f2cf21c6f5c0647c2\Serv iceModelReg.ni.exe
+ 2009-10-15 18:50 . 2009-10-15 18:50 393216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationFramewo#\e132e2525f13601d13efbd22549afbca \PresentationFramework.Aero.ni.dll
+ 2009-10-15 18:50 . 2009-10-15 18:50 274432 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationFramewo#\c49dd0ac011661f5cd81df49fa2390b9 \PresentationFramework.Royale.ni.dll
+ 2009-10-15 18:50 . 2009-10-15 18:50 245760 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationFramewo#\c340248174b3999d838745253310e932 \PresentationFramework.Classic.ni.dll
+ 2009-10-15 18:50 . 2009-10-15 18:50 552960 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationFramewo#\b1f6daefb01fd048efef31dfd3233dff \PresentationFramework.Luna.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 155648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSB uild\66b87acc1afeb6d4bf426773f4ea5473\MSBuild.ni.e xe
+ 2009-10-15 22:27 . 2009-10-15 22:27 401408 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\7a27ef93b10fe08816dc25709fb33af7 \Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 167936 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\ab1dd1079764acac4cbe55d6555f4ff7 \Microsoft.Build.Utilities.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 196608 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\6ff9ba4057f061812db56ccc82db2516 \Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 876544 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\9e2334dbe9e76dd6fc2bde86c9b515b9 \Microsoft.Build.Engine.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 237568 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Con#\76e2409d2e0f856aaa3b463447149f0f \Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 237568 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Cus tomMarshalers\58ec7ce15fd463d65d3e45db4e0613cf\Cus tomMarshalers.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 503808 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Com SvcConfig\c7a907c8b8d42cf645282c32bea13b6d\ComSvcC onfig.ni.exe
+ 2009-10-15 22:26 . 2009-10-15 22:26 884736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Asp NetMMCExt\2a66ea6b955eabdb437c6cfcac78c45e\AspNetM MCExt.ni.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 839680 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 839680 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 884736 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0 .0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 884736 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0 .0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
+ 2009-10-15 13:52 . 2009-10-15 13:52 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
- 2009-04-11 01:04 . 2009-04-11 01:04 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 299008 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Remoti ng\2.0.0.0__b77a5c561934e089\System.Runtime.Remoti ng.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 299008 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Remoti ng\2.0.0.0__b77a5c561934e089\System.Runtime.Remoti ng.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 372736 c:\windows\ASSEMBLY\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 372736 c:\windows\ASSEMBLY\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 630784 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing\2.0.0. 0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 630784 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing\2.0.0. 0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 401408 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 401408 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 933888 c:\windows\ASSEMBLY\GAC_MSIL\System.Deployment\2.0 .0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 933888 c:\windows\ASSEMBLY\GAC_MSIL\System.Deployment\2.0 .0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 741376 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.SqlXml\2. 0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 741376 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.SqlXml\2. 0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 425984 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 425984 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 671744 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic \8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.d ll
- 2009-04-11 01:04 . 2009-04-11 01:04 671744 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic \8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.d ll
- 2009-04-11 01:04 . 2009-04-11 01:04 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 749568 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 749568 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 655360 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
- 2009-04-11 01:05 . 2009-04-11 01:05 655360 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
+ 2009-10-15 13:52 . 2009-10-15 13:52 348160 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
- 2009-04-11 01:04 . 2009-04-11 01:04 348160 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 507904 c:\windows\ASSEMBLY\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 507904 c:\windows\ASSEMBLY\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 261120 c:\windows\ASSEMBLY\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 261120 c:\windows\ASSEMBLY\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 113664 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 113664 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 483840 c:\windows\ASSEMBLY\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 483840 c:\windows\ASSEMBLY\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
+ 2009-10-14 23:57 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_65 95b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2004-08-04 11:00 . 2009-05-20 19:44 2355200 c:\windows\SYSTEM32\WMVCore.dll
+ 2004-08-04 11:00 . 2009-07-13 17:08 5537792 c:\windows\SYSTEM32\wmp.dll
- 2004-08-04 11:00 . 2007-04-30 16:20 5537792 c:\windows\SYSTEM32\wmp.dll
+ 2004-08-04 11:00 . 2009-04-17 12:26 1847168 c:\windows\SYSTEM32\win32k.sys
+ 2004-08-04 11:00 . 2009-08-29 07:36 1168384 c:\windows\SYSTEM32\urlmon.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 8461312 c:\windows\SYSTEM32\shell32.dll
+ 2004-08-04 11:00 . 2008-06-17 19:02 8461312 c:\windows\SYSTEM32\shell32.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 1435648 c:\windows\SYSTEM32\query.dll
+ 2004-08-04 11:00 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\query.dll
+ 2004-08-04 11:00 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\quartz.dll
+ 2004-08-04 11:00 . 2009-06-10 16:19 2066432 c:\windows\SYSTEM32\mstscax.dll
+ 2004-08-04 11:00 . 2009-08-29 07:36 3598336 c:\windows\SYSTEM32\mshtml.dll
+ 2007-08-14 02:54 . 2009-08-29 07:36 6067200 c:\windows\SYSTEM32\ieframe.dll
+ 2007-02-13 00:10 . 2009-06-29 08:33 2452872 c:\windows\SYSTEM32\ieapfltr.dat
+ 2004-08-04 11:00 . 2009-05-20 19:44 2355200 c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll
- 2004-08-04 11:00 . 2007-04-30 16:20 5537792 c:\windows\SYSTEM32\DLLCACHE\wmp.dll
+ 2004-08-04 11:00 . 2009-07-13 17:08 5537792 c:\windows\SYSTEM32\DLLCACHE\wmp.dll
+ 2008-12-02 11:04 . 2009-04-17 12:26 1847168 c:\windows\SYSTEM32\DLLCACHE\win32k.sys
+ 2008-12-02 03:17 . 2009-08-29 07:36 1168384 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2008-06-17 19:02 . 2008-06-17 19:02 8461312 c:\windows\SYSTEM32\DLLCACHE\shell32.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\DLLCACHE\query.dll
+ 2008-05-07 05:12 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\DLLCACHE\quartz.dll
- 2008-12-02 03:13 . 2008-08-14 10:11 2189184 c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
+ 2008-12-02 03:13 . 2009-08-05 03:44 2189184 c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
- 2008-12-02 03:13 . 2008-08-14 09:33 2023936 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
+ 2008-12-02 03:13 . 2009-08-04 14:20 2023936 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
+ 2008-12-02 03:13 . 2009-08-04 14:20 2066048 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
- 2008-12-02 03:13 . 2008-08-14 09:33 2066048 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
- 2008-12-02 03:13 . 2008-08-14 10:09 2145280 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
+ 2008-12-02 03:13 . 2009-08-04 15:13 2145280 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
+ 2009-06-10 16:19 . 2009-06-10 16:19 2066432 c:\windows\SYSTEM32\DLLCACHE\mstscax.dll
+ 2008-12-02 03:17 . 2009-08-29 07:36 3598336 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2008-12-04 00:11 . 2009-08-29 07:36 6067200 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
+ 2008-12-04 00:11 . 2009-06-29 08:33 2452872 c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dat
+ 2009-08-08 09:35 . 2009-08-08 09:35 5849920 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rwks.dll
+ 2009-08-08 09:35 . 2009-08-08 09:35 4345856 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rlib.dll
+ 2008-05-28 08:35 . 2008-05-28 08:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Web.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Web.dll
+ 2008-05-28 08:35 . 2008-05-28 08:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor svr.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor svr.dll
+ 2008-05-28 07:43 . 2008-05-28 07:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor lib.dll
- 2007-04-14 04:50 . 2007-04-14 04:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor lib.dll
+ 2009-08-10 06:32 . 2009-08-10 06:32 5288960 c:\windows\Installer\7d433fa.msp
+ 2009-10-15 18:48 . 2008-10-16 20:38 1160192 c:\windows\ie7updates\KB974455-IE7\urlmon.dll
+ 2009-10-15 18:48 . 2008-12-13 06:40 3593216 c:\windows\ie7updates\KB974455-IE7\mshtml.dll
+ 2009-10-15 18:48 . 2008-10-16 20:38 6066176 c:\windows\ie7updates\KB974455-IE7\ieframe.dll
+ 2009-10-15 18:48 . 2007-04-17 09:32 2455488 c:\windows\ie7updates\KB974455-IE7\ieapfltr.dat
+ 2008-12-02 03:13 . 2009-08-05 03:44 2189184 c:\windows\Driver Cache\I386\ntoskrnl.exe
- 2008-12-02 03:13 . 2008-08-14 10:11 2189184 c:\windows\Driver Cache\I386\ntoskrnl.exe
- 2008-12-02 03:13 . 2008-08-14 09:33 2023936 c:\windows\Driver Cache\I386\ntkrpamp.exe
+ 2008-12-02 03:13 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\I386\ntkrpamp.exe
+ 2008-12-02 03:13 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\I386\ntkrnlpa.exe
- 2008-12-02 03:13 . 2008-08-14 09:33 2066048 c:\windows\Driver Cache\I386\ntkrnlpa.exe
+ 2008-12-02 03:13 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\I386\ntkrnlmp.exe
- 2008-12-02 03:13 . 2008-08-14 10:09 2145280 c:\windows\Driver Cache\I386\ntkrnlmp.exe
+ 2009-10-15 13:51 . 2009-10-15 13:51 4792320 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System \1.0.5000.0__b77a5c561934e089_ef00d4c6\System.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 1966080 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System \1.0.5000.0__b77a5c561934e089_cc30d6f4\System.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 2088960 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Xml\1.0.5000.0__b77a5c561934e089_7c313c02\System. Xml.dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 5513216 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Xml\1.0.5000.0__b77a5c561934e089_14febbec\System. Xml.dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 7884800 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Windows.Forms\1.0.5000.0__b77a5c561934e089_53dd72 98\System.Windows.Forms.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 3018752 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Windows.Forms\1.0.5000.0__b77a5c561934e089_52b54f 64\System.Windows.Forms.dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 2244608 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Drawing\1.0.5000.0__b03f5f7f11d50a3a_14b8bb54\Sys tem.Drawing.dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 3395584 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Design\1.0.5000.0__b03f5f7f11d50a3a_aa4b2f75\Syst em.Design.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 1470464 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System .Design\1.0.5000.0__b03f5f7f11d50a3a_a9dcab4d\Syst em.Design.dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 8908800 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\MSCORL IB\1.0.5000.0__b77a5c561934e089_c8fd1c07\mscorlib. dll
+ 2009-10-15 13:51 . 2009-10-15 13:51 3391488 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\MSCORL IB\1.0.5000.0__b77a5c561934e089_1a452510\mscorlib. dll
+ 2009-10-15 18:48 . 2009-10-15 18:48 3403776 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Win dowsBase\dfd60c318a7316f9a7b7b3d997ee4ebd\WindowsB ase.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 1118208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIA utomationClients#\8c2536730a74819833e8d1eb69a9a646 \UIAutomationClientsideProviders.ni.dll
+ 2009-10-15 18:48 . 2009-10-15 18:48 8310784 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem\ccfeb59f4a9b75909eb2d1121232a769\System.ni.dll
+ 2009-10-15 18:52 . 2009-10-15 18:52 5771264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Xml\717cce3690d643df19d6a4117283048e\System.Xm l.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 1585152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.WorkflowServ#\32af08b16f34e5661bfde3f96c3b3c59 \System.WorkflowServices.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 2105344 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Workflow.Run#\423638994e98efd90ec1dfde0649cc91 \System.Workflow.Runtime.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 4583424 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Workflow.Com#\227149a442681e36715bb88e3589e039 \System.Workflow.ComponentModel.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 3088384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Workflow.Act#\379eb1ae2d1ad4f4e6da6c5865322c55 \System.Workflow.Activities.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 1986560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Web.Services\aa319d767042e97c692041f76f123f2f\ System.Web.Services.ni.dll
+ 2009-10-15 22:29 . 2009-10-15 22:29 2342912 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Web.Mobile\b7092e8403b56e3913488855e45a35ff\Sy stem.Web.Mobile.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 2420736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\475081a0245b53d4fca01abfd2d33b9d \System.Web.Extensions.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 2039808 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Speech\736d8a2291d7173935e6e0945e5c17cd\System .Speech.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 1601536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.ServiceModel#\edc9b39f342c1f7b81c92c105bed4d63 \System.ServiceModel.Web.ni.dll
+ 2009-10-15 22:26 . 2009-10-15 22:26 2445312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\44fce5ee5d99270d4b6edc34256d6b21 \System.Runtime.Serialization.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 1134592 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Printing\b2f88468f0bef357e846afa982a2499a\Syst em.Printing.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 1064960 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Management\0b655ffd2d01e5740f46e1c78f0833a1\Sy stem.Management.ni.dll
+ 2009-10-15 22:26 . 2009-10-15 22:26 1122304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.IdentityModel\7781d1b2914db9b9792ba20230f52bf5 \System.IdentityModel.ni.dll
+ 2009-10-15 18:51 . 2009-10-15 18:51 1667072 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Drawing\e58e83951091f2616344c5d2a6787660\Syste m.Drawing.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 1224704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\e96695c65a4104ee4687f3e5f0581d34 \System.DirectoryServices.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 1798144 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Deployment\f0a1895c7d475f156ed4cdd9f0bd2797\Sy stem.Deployment.ni.dll
+ 2009-10-15 18:50 . 2009-10-15 18:50 7102464 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Data\b39a611d2b2fc659d5472dd76b24d3b2\System.D ata.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 2756608 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Data.SqlXml\a40074cafd6ba635e32950af0e099c7d\S ystem.Data.SqlXml.ni.dll
+ 2009-10-15 18:50 . 2009-10-15 18:50 2592768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Data.Linq\bcc1921fa645d1983efb4006c1b1f4bd\Sys tem.Data.Linq.ni.dll
+ 2009-10-15 18:50 . 2009-10-15 18:50 2347008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Core\aab7dbce5c61725f815d4a446ecc0ef2\System.C ore.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 1011712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Configuration\e2de26078a8c3d29dbfcf408e23aa2b1 \System.Configuration.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 2416640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Rea chFramework\50372bb0a6034564ae23694c9f7f072c\Reach Framework.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 2035712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationUI\c052ed4c2cafacbde96dd4984611269f\Prese ntationUI.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 1581056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationBuildTa#\5b363159779eca8315a5d4bcf07823f2 \PresentationBuildTasks.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 1740800 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.VisualBas#\ed0cdc51d89bb41a9ab760ca3cf52bf9 \Microsoft.VisualBasic.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 1232896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\a1bbeca12b0ba2e80de08ebe6b13a862 \Microsoft.Transactions.Bridge.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 2441216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.JScript\1822d4d26d06cc01b65408493ac1a2b4\Mi crosoft.JScript.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 1695744 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\b846f5c1b90e4222e79a420d92062f79 \Microsoft.Build.Tasks.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\97e0f012f5892553aa1be1f456f51a94 \Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 1892352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\f995aa0150ee7b6ae2e85a1acee09f16 \Microsoft.Build.Engine.ni.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 3076096 c:\windows\ASSEMBLY\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 3076096 c:\windows\ASSEMBLY\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 2068480 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.XML.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 2068480 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.XML.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 5013504 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Forms\ 2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 5013504 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Forms\ 2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-04-11 01:05 . 2009-04-11 01:05 5070848 c:\windows\ASSEMBLY\GAC_MSIL\System.Design\2.0.0.0 __b03f5f7f11d50a3a\System.Design.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 5070848 c:\windows\ASSEMBLY\GAC_MSIL\System.Design\2.0.0.0 __b03f5f7f11d50a3a\System.Design.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 5431296 c:\windows\ASSEMBLY\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 5431296 c:\windows\ASSEMBLY\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
- 2009-04-11 01:04 . 2009-04-11 01:04 3036160 c:\windows\ASSEMBLY\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 3036160 c:\windows\ASSEMBLY\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
+ 2009-10-15 13:52 . 2009-10-15 13:52 4345856 c:\windows\ASSEMBLY\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 1232896 c:\windows\ASSEMBLY\GAC\System\1.0.5000.0__b77a5c5 61934e089\System.dll
- 2008-12-02 14:40 . 2008-12-02 14:40 1232896 c:\windows\ASSEMBLY\GAC\System\1.0.5000.0__b77a5c5 61934e089\System.dll
- 2008-12-02 14:40 . 2008-12-02 14:40 1265664 c:\windows\ASSEMBLY\GAC\System.Web\1.0.5000.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2009-10-15 13:50 . 2009-10-15 13:50 1265664 c:\windows\ASSEMBLY\GAC\System.Web\1.0.5000.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2009-08-11 04:08 . 2009-08-11 04:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updat es\M953297\M953297Uninstall.msp
+ 2009-08-10 21:09 . 2009-08-10 21:09 17254912 c:\windows\Installer\7d433f2.msp
+ 2009-10-15 18:51 . 2009-10-15 18:51 13193216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\9d25b8eabd8203e4d0490363140c4526 \System.Windows.Forms.ni.dll
+ 2009-10-15 22:28 . 2009-10-15 22:28 12517376 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Web\16a34a274ee877b4cf03d1a1bb57eb82\System.We b.ni.dll
+ 2009-10-15 22:27 . 2009-10-15 22:27 18153472 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.ServiceModel\299c38b70a596904e4274c9450221e6a\ System.ServiceModel.ni.dll
+ 2009-10-15 18:51 . 2009-10-15 18:51 10936320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Sys tem.Design\2aab58cae4d998cf867f483302e94c27\System .Design.ni.dll
+ 2009-10-15 18:50 . 2009-10-15 18:50 15044608 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationFramewo#\620c65049de60114ae182c70ebbb3305 \PresentationFramework.ni.dll
+ 2009-10-15 18:49 . 2009-10-15 18:49 12595200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Pre sentationCore\dbfa432eec6dd6c069fc11ce09a967e6\Pre sentationCore.ni.dll
+ 2009-10-15 13:53 . 2009-10-15 13:53 11436032 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\msc orlib\fee8c8ba9b84a7832274adcbfc9d5ca4\mscorlib.ni .dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2e2878c1-bb87-471b-be7d-7cd18fdc3ccb}]
2009-07-16 21:48 52224 --sha-w- c:\windows\SYSTEM32\sewupedi.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2004-07-19 306688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"VirusScan Online"="c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2004-08-18 180224]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-20 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"MCUpdateExe"="c:\progra~1\mcafee.com\agent\McUpda te.exe" [2006-01-11 212992]
"MCAgentExe"="c:\progra~1\mcafee.com\agent\McAgent .exe" [2005-09-23 303104]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\sadasdgfd.exe" [2009-09-10 1312080]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2004-09-14 131072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-03-30 98304]
"vibuyujes"="c:\windows\system32\vadurota.dll" [BU]
"kazakajezu"="rokesoza.dll" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-1-17 450560]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]

[HKLM\~\startupfolder\c:^documents and settings^all users^start menu^programs^startup^america online 9.0 tray icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^dondon^start menu^programs^startup^hamachi.lnk]
path=c:\documents and settings\DonDon\Start Menu\Programs\Startup\hamachi.lnk
backup=c:\windows\pss\hamachi.lnkStartup

[HKLM\~\startupfolder\c:^documents and settings^dondon^start menu^programs^startup^ikowin32.exe]
path=c:\documents and settings\DonDon\Start Menu\Programs\Startup\ikowin32.exe
backup=c:\windows\pss\ikowin32.exeStartup

[HKLM\~\startupfolder\c:^documents and settings^dondon^start menu^programs^startup^limewire on startup.lnk]
path=c:\documents and settings\DonDon\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\p ol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Atari\\RollerCoaster Tycoon 3 Platinum\\RCT3plus.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Dell Support\\DSAgnt.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\WINDOWS\\SYSTEM32\\spoolsv.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"=
"c:\\WINDOWS\\SYSTEM32\\dla\\tfswctrl.exe"=
"c:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe"=
"c:\\WINDOWS\\SYSTEM32\\LVCOMSX.EXE"=
"c:\\WINDOWS\\SYSTEM32\\taskmgr.exe"=
"c:\\Program Files\\Logitech\\Video\\LogiTray.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"56920:TCP"= 56920:TCP:Pando Media Booster
"56920:UDP"= 56920:UDP:Pando Media Booster

S2 antippolice_;AntiPol;c:\windows\svchast.exe --> c:\windows\svchast.exe [?]
S3 NaiFiltr;NaiFiltr;c:\windows\SYSTEM32\DRIVERS\NaiF iltr.sys [3/29/2005 10:21 PM 23296]
S3 tap0901;TAP-Win32 Adapter V9;c:\windows\SYSTEM32\DRIVERS\tap0901.sys [11/19/2008 11:22 AM 25216]
S3 xdva281;XDva281;\??\c:\windows\system32\XDva281.sy s --> c:\windows\system32\XDva281.sys [?]
S4 gupdate1c9fc589d42eba0;Google Update Service (gupdate1c9fc589d42eba0);c:\program files\Google\Update\GoogleUpdate.exe [7/3/2009 8:36 PM 133104]
.
Contents of the 'Scheduled Tasks' folder

2009-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-04 03:36]

2009-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-04 03:36]

2009-10-10 c:\windows\Tasks\McAfee.com Scan for Viruses - My Computer (KOMODO-Daryll).job
- c:\program files\mcafee.com\vso\mcmnhdlr.exe [2005-03-30 23:15]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.dell4me.com/myway
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
FF - ProfilePath - c:\documents and settings\DonDon\Application Data\Mozilla\Firefox\Profiles\3z4u6lch.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=&query=
FF - prefs.js: browser.search.selectedEngine - AIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=&query=
FF - plugin: c:\documents and settings\DonDon\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\DonDon\Application Data\Mozilla\plugins\npoctoshape.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dl l
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - HiddenExtension: XUL Cache: {CD5F93F5-4EEF-4949-82C3-AAA6F6F14995} - c:\documents and settings\DonDon\Local Settings\Application Data\{CD5F93F5-4EEF-4949-82C3-AAA6F6F14995}
FF - HiddenExtension: XUL Cache: {2B769074-89E3-4769-A231-00175C5B40BB} - c:\documents and settings\Administrator\Local Settings\Application Data\{2B769074-89E3-4769-A231-00175C5B40BB}\
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-28417224 - c:\docume~1\ALLUSE~1\APPLIC~1\28417224\28417224.ex e
HKLM-Run-83597436 - c:\docume~1\ALLUSE~1\APPLIC~1\83597436\83597436.ex e
HKLM-Run-10736421 - c:\docume~1\ALLUSE~1\APPLIC~1\10736421\10736421.ex e
SharedTaskScheduler-{0be722f5-19e4-4be3-b56b-c20e9e76c9d7} - c:\windows\system32\vadurota.dll
SSODL-yumuluhiz-{0be722f5-19e4-4be3-b56b-c20e9e76c9d7} - c:\windows\system32\vadurota.dll



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-10-19 17:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2172)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\progra~1\mcafee.com\vso\McVSSkt.dll
c:\program files\Stardock\Object Desktop\IconPackager\iprepair.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ati2evxx.exe
c:\program files\Intel\Intel Application Accelerator\IAANTmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\SYSTEM32\wdfmgr.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\progra~1\McAfee.com\VSO\McVSEscn.exe
c:\program files\Logitech\Video\FxSvr2.exe
.
************************************************** ************************
.
Completion time: 2009-10-20 17:53 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-20 00:53
ComboFix2.txt 2009-10-14 01:27

Pre-Run: 14,744,539,136 bytes free
Post-Run: 14,704,615,424 bytes free

823 --- E O F --- 2009-10-15 18:53


__________________________________________________ _______

Hijack Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 546 PM, on 10/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\LVCOMSX.EXE
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, News, Sport, Music, Movies, Money, Cars, Shopping, Windows Live from MSN UK
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, News, Sport, Music, Movies, Money, Cars, Shopping, Windows Live from MSN UK
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2e2878c1-bb87-471b-be7d-7cd18fdc3ccb} - sewupedi.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\sadasdgfd.exe" /runcleanupscript
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vibuyujes] Rundll32.exe "c:\windows\system32\vadurota.dll",a
O4 - HKLM\..\Run: [kazakajezu] Rundll32.exe "rokesoza.dll",s
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AntiPol (antippolice_) - Unknown owner - C:\WINDOWS\svchast.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 7219 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 20-10-2009, 08:10 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: SecurityTool and Redirected Google Links
OK now I need you to run malwarebytes from safe mode and post the log from that please.

Safe Mode:


Now reboot into safe mode( without networking support) by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Google links redirected randomnation Spyware, Adware, Viruses and HijackThis Logs 1 30-03-2009 01:28 AM
Google links being redirected. shorty1974 Spyware, Adware, Viruses and HijackThis Logs 2 10-01-2009 07:05 PM
google search links redirected ricod Spyware, Adware, Viruses and HijackThis Logs 1 13-08-2008 03:45 AM
Google links are being redirected eirwynnt Spyware, Adware, Viruses and HijackThis Logs 7 29-07-2008 11:31 AM
Google links are being redirected(RESOLVED) WereHound Spyware, Adware, Viruses and HijackThis Logs 5 20-10-2006 05:20 PM


All times are GMT +1. The time now is 11:59 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav