Logfile of random's system information tool 1.06 (written by random/random)
Run by Kristina at 2011-04-16 21:30:49
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 84 GB (55%) free of 153 GB
Total RAM: 1919 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:52, on 16.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17096)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\svchost.exe
C:\program files\microcom\adsl deskporte usb\CnxDslTb.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\BisonCam\BsMnt.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\ICQ7.2\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\Kristina\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kristina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] "c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe" "Microcom\ADSL DeskPorte USB"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [BisonHK] C:\WINDOWS\BisonCam\BisonHK.exe
O4 - HKLM\..\Run: [BsMnt] C:\WINDOWS\BisonCam\BsMnt.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - Startup: Microcom ADSL DeskPorte USB.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5524591843
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 9826 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Kristina.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A37C3781-FCCD-4293-9579-91EBF1A29702}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2010-11-10 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2010-11-10 503808]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-06-29 89541]
"CnxDslTaskBar"=c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe [2004-06-16 233472]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2006-01-07 81920]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2005-08-17 90112]
"BisonHK"=C:\WINDOWS\BisonCam\BisonHK.exe [2007-03-15 32768]
"BsMnt"=C:\WINDOWS\BisonCam\BsMnt.exe [2007-03-15 172032]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-04-07 2145000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE [2010-11-10 26624]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PHOTOfunSTUDIO.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Documents and Settings\Kristina\Start Menu\Programs\Startup
Microcom ADSL DeskPorte USB.lnk -
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-05 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-14 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2011-04-16 21:28:22 ----SHD---- C:\RECYCLER
2011-04-16 21:27:42 ----D---- C:\WINDOWS\temp
2011-04-16 21:27:41 ----A---- C:\ComboFix.txt
2011-04-12 20:11:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-12 20:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-12 20:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-12 20:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-12 20:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-12 20:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-12 20:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-12 20:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-12 20:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-12 20:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-12 20:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-03-23 19:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
======List of files/folders modified in the last 1 months======
2011-04-16 21:30:23 ----D---- C:\WINDOWS\Debug
2011-04-16 21:30:23 ----D---- C:\WINDOWS
2011-04-16 21:27:42 ----D---- C:\Qoobox
2011-04-16 21:25:21 ----A---- C:\WINDOWS\system.ini
2011-04-16 21:23:07 ----D---- C:\Program Files\TNod User & Password Finder
2011-04-16 21:21:59 ----D---- C:\WINDOWS\system32
2011-04-16 21:21:58 ----D---- C:\WINDOWS\system32\drivers
2011-04-16 21:21:58 ----D---- C:\WINDOWS\AppPatch
2011-04-16 21:21:54 ----D---- C:\Program Files\Common Files
2011-04-16 21:14:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-04-16 21:14:42 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-16 21:12:42 ----D---- C:\WINDOWS\Prefetch
2011-04-16 20:05:53 ----D---- C:\Program Files\SpeedFan
2011-04-16 19:29:18 ----D---- C:\Documents and Settings\Kristina\Application Data\Skype
2011-04-15 08:10:20 ----D---- C:\Program Files\Opera
2011-04-15 08:10:08 ----SHD---- C:\WINDOWS\Installer
2011-04-15 08:10:07 ----D---- C:\Config.Msi
2011-04-14 12:45:52 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-14 12:45:49 ----RSD---- C:\WINDOWS\assembly
2011-04-12 20:16:01 ----D---- C:\Program Files\Internet Explorer
2011-04-12 20:14:00 ----D---- C:\WINDOWS\WinSxS
2011-04-12 20:14:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-12 20:11:24 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-12 20:11:16 ----HD---- C:\WINDOWS\inf
2011-04-12 20:11:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-12 20:10:50 ----A---- C:\WINDOWS\win.ini
2011-04-12 20:06:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-12 20:03:18 ----D---- C:\WINDOWS\system32\en-us
2011-04-12 20:02:51 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-04-07 95872]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2009-02-19 63872]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-10-24 51072]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-04-07 139192]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-22 1574112]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-14 2418688]
R3 catchme;catchme; \??\C:\DOCUME~1\Kristina\LOCALS~1\Temp\catchme.sys []
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-09-25 115328]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-09-18 44032]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-08-22 1749760]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 Tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2008-10-06 137984]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2009-03-03 36864]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2009-03-05 74368]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2009-03-12 16128]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2009-03-19 43264]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-06-16 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-06-16 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys [2004-06-16 60416]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
S3 RTL8169;Realtek 8169 NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlh86.sys [2007-06-07 83456]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2009-03-23 54272]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-14 483328]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 810120]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-03-17 144752]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-04-07 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-11-24 53337]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-11-24 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-11-24 69718]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2006-01-06 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
poprosím o kontrolu, podozrenie na trojana
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: poprosím o kontrolu, podozrenie na trojana
Zdravím,
přidej taky C:\ComboFix.txt
jak se trojan projevuje, nebo proč máš podezření?
přidej taky C:\ComboFix.txt
jak se trojan projevuje, nebo proč máš podezření?
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: poprosím o kontrolu, podozrenie na trojana
nahlásil mi ho nod
Re: poprosím o kontrolu, podozrenie na trojana
ComboFix 11-04-15.06 - Kristina 16.04.2011 21:18:05.11.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1919.1274 [GMT 2:00]
Running from: c:\documents and settings\Kristina\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Kristina\WINDOWS
c:\program files\TNod User & Password Finder\TNODUP.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-16 to 2011-04-16 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2008-03-13 21:25 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45 . 2006-02-28 12:00 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2006-02-28 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 19:00 . 2006-02-28 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 19:00 . 2009-11-02 11:26 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 19:00 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-17 19:00 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2011-02-17 13:18 . 2006-02-28 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-02-28 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-17 07:24 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 11:44 . 2006-02-28 12:00 389120 ----a-w- c:\windows\system32\html.iec
2011-02-15 12:56 . 2006-02-28 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-02-28 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-02-28 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-02-28 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-02-28 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58 . 2008-03-13 21:23 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2008-03-13 21:23 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2006-02-28 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-02-11_20.40.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-10 21:03 . 2011-01-10 21:03 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_189d6662\vcomp.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80KOR.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80JPN.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ITA.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHT.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHS.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80FRA.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ESP.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ENU.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80DEU.dll
+ 2011-01-11 02:05 . 2011-01-11 02:05 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80u.dll
+ 2011-01-11 02:23 . 2011-01-11 02:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80.dll
+ 2011-01-10 19:21 . 2011-01-10 19:21 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_7837863c\ATL80.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 44544 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2011-04-12 18:06 72120 c:\windows\system32\perfc009.dat
+ 2006-11-07 20:03 . 2011-02-17 19:00 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 52224 c:\windows\system32\msfeedsbs.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 27648 c:\windows\system32\jsproxy.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 27648 c:\windows\system32\jsproxy.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\iernonce.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 44544 c:\windows\system32\iernonce.dll
- 2006-02-28 12:00 . 2010-12-20 12:54 70656 c:\windows\system32\ie4uinit.exe
+ 2006-02-28 12:00 . 2011-02-17 11:43 70656 c:\windows\system32\ie4uinit.exe
+ 2006-10-17 10:58 . 2011-02-17 19:00 63488 c:\windows\system32\icardie.dll
- 2006-10-17 10:58 . 2010-12-20 23:08 63488 c:\windows\system32\icardie.dll
+ 2009-08-14 07:19 . 2011-02-11 20:57 35132 c:\windows\system32\epfwdata.bin
+ 2010-04-07 20:08 . 2010-04-07 20:08 95872 c:\windows\system32\drivers\epfwtdir.sys
- 2006-02-28 12:00 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
+ 2006-02-28 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2006-10-17 10:58 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-10-17 10:58 . 2011-02-17 19:00 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-06-13 19:05 . 2011-02-17 11:43 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2009-06-13 19:05 . 2010-12-20 12:54 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2006-11-07 02:26 . 2011-02-17 19:00 44544 c:\windows\system32\dllcache\iernonce.dll
- 2006-11-07 02:26 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\iernonce.dll
- 2009-11-02 11:26 . 2010-12-20 23:08 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2009-11-02 11:26 . 2011-02-17 19:00 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2006-11-07 02:26 . 2011-02-17 11:43 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2006-11-07 02:26 . 2010-12-20 12:54 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-06-13 19:05 . 2011-02-17 19:00 63488 c:\windows\system32\dllcache\icardie.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
- 2006-10-17 11:03 . 2010-12-20 23:08 17408 c:\windows\system32\dllcache\corpol.dll
+ 2006-10-17 11:03 . 2011-02-17 19:00 17408 c:\windows\system32\dllcache\corpol.dll
+ 2011-03-12 17:11 . 2011-03-12 17:11 10134 c:\windows\Installer\{DE7E6DBF-ABEE-43FF-A3A1-4DCF46411736}\callmsi.exe
+ 2011-04-12 18:08 . 2011-04-12 18:08 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2010-11-09 19:38 . 2010-11-09 19:38 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 23040 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 23040 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 61440 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 61440 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 27136 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 27136 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 11264 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 11264 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 86016 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 86016 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 12288 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 12288 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 44544 c:\windows\ie7updates\KB2497640-IE7\pngfilt.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 52224 c:\windows\ie7updates\KB2497640-IE7\msfeedsbs.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 27648 c:\windows\ie7updates\KB2497640-IE7\jsproxy.dll
+ 2011-04-12 18:03 . 2010-12-20 12:54 13824 c:\windows\ie7updates\KB2497640-IE7\ieudinit.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 44544 c:\windows\ie7updates\KB2497640-IE7\iernonce.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 78336 c:\windows\ie7updates\KB2497640-IE7\ieencode.dll
+ 2011-04-12 18:03 . 2010-12-20 12:54 70656 c:\windows\ie7updates\KB2497640-IE7\ie4uinit.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 63488 c:\windows\ie7updates\KB2497640-IE7\icardie.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 17408 c:\windows\ie7updates\KB2497640-IE7\corpol.dll
+ 2011-04-12 18:11 . 2011-04-12 18:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-04-12 18:08 . 2011-04-12 18:08 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-04-12 18:07 . 2011-04-12 18:07 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-04-14 06:05 . 2011-04-14 06:05 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-02-25 20:56 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-02-25 20:56 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2006-09-24 13:28 . 2006-09-24 13:28 5248 c:\windows\system32\speedfan.sys
+ 1996-04-03 19:33 . 1996-04-03 19:33 5248 c:\windows\system32\giveio.sys
+ 2008-08-17 19:39 . 2011-04-12 18:10 4096 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 4096 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2011-04-12 18:06 . 2011-04-12 18:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-01-11 02:27 . 2011-01-11 02:27 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
+ 2011-01-11 02:24 . 2011-01-11 02:24 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll
+ 2011-01-11 02:08 . 2011-01-11 02:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcm80.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 233472 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 233472 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 105984 c:\windows\system32\url.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 105984 c:\windows\system32\url.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
+ 2006-02-28 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
+ 2006-02-28 12:00 . 2011-04-12 18:06 443862 c:\windows\system32\perfh009.dat
+ 2006-02-28 12:00 . 2011-02-17 19:00 102912 c:\windows\system32\occache.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 102912 c:\windows\system32\occache.dll
- 2006-02-28 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2006-02-28 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 671232 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 671232 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 193024 c:\windows\system32\msrating.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 193024 c:\windows\system32\msrating.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 478208 c:\windows\system32\mshtmled.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 478208 c:\windows\system32\mshtmled.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 468480 c:\windows\system32\msfeeds.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 468480 c:\windows\system32\msfeeds.dll
+ 2006-02-28 12:00 . 2011-03-04 06:45 512000 c:\windows\system32\jscript.dll
- 2006-02-28 12:00 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
+ 2006-10-17 10:57 . 2011-02-17 19:00 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 10:57 . 2010-12-20 23:08 268288 c:\windows\system32\iertutil.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 192512 c:\windows\system32\iepeers.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 192512 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 384512 c:\windows\system32\iedkcs32.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 384512 c:\windows\system32\iedkcs32.dll
- 2006-10-17 10:27 . 2010-12-20 23:08 380928 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 10:27 . 2011-02-17 19:00 380928 c:\windows\system32\ieapfltr.dll
+ 2006-02-28 12:00 . 2011-02-14 12:15 161792 c:\windows\system32\ieakui.dll
- 2006-02-28 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\ieakui.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 230400 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 230400 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 153088 c:\windows\system32\ieakeng.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 153088 c:\windows\system32\ieakeng.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 133120 c:\windows\system32\extmgr.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 133120 c:\windows\system32\extmgr.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 214528 c:\windows\system32\dxtrans.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 214528 c:\windows\system32\dxtrans.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 347136 c:\windows\system32\dxtmsft.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 347136 c:\windows\system32\dxtmsft.dll
+ 2010-04-07 20:07 . 2010-04-07 20:07 114984 c:\windows\system32\drivers\ehdrv.sys
+ 2010-04-07 20:03 . 2010-04-07 20:03 139192 c:\windows\system32\drivers\eamon.sys
+ 2006-02-28 12:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
- 2006-02-28 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2006-02-28 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
- 2008-04-21 06:44 . 2010-12-20 23:08 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-21 06:44 . 2011-02-17 19:00 832512 c:\windows\system32\dllcache\wininet.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2008-05-09 10:53 . 2011-03-04 06:45 434176 c:\windows\system32\dllcache\vbscript.dll
- 2006-10-17 11:05 . 2010-12-20 23:08 105984 c:\windows\system32\dllcache\url.dll
+ 2006-10-17 11:05 . 2011-02-17 19:00 105984 c:\windows\system32\dllcache\url.dll
+ 2008-10-15 12:05 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
- 2006-10-17 11:04 . 2010-12-20 23:08 102912 c:\windows\system32\dllcache\occache.dll
+ 2006-10-17 11:04 . 2011-02-17 19:00 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 671232 c:\windows\system32\dllcache\mstime.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-10-17 11:05 . 2010-12-20 23:08 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-10-17 11:05 . 2011-02-17 19:00 193024 c:\windows\system32\dllcache\msrating.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 468480 c:\windows\system32\dllcache\msfeeds.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-11-12 13:34 . 2011-02-17 13:18 455936 c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-02-28 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
- 2006-02-28 12:00 . 2010-09-18 10:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-14 18:12 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2008-05-09 10:53 . 2011-03-04 06:45 512000 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
+ 2008-08-14 07:10 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-14 07:10 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2006-10-17 11:04 . 2010-12-20 11:25 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2006-10-17 11:04 . 2011-02-14 12:17 634648 c:\windows\system32\dllcache\iexplore.exe
- 2009-06-13 19:05 . 2010-12-20 23:08 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 268288 c:\windows\system32\dllcache\iertutil.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 192512 c:\windows\system32\dllcache\iepeers.dll
- 2006-11-07 02:27 . 2010-12-20 23:08 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-11-07 02:27 . 2011-02-17 19:00 384512 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2006-02-28 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2006-02-28 12:00 . 2011-02-14 12:15 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2006-11-07 02:27 . 2011-02-17 19:00 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2006-11-07 02:27 . 2010-12-20 23:08 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2006-11-07 02:26 . 2010-12-20 23:08 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2006-11-07 02:26 . 2011-02-17 19:00 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
- 2006-10-17 10:57 . 2010-12-20 23:08 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-10-17 10:57 . 2011-02-17 19:00 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-10-17 10:58 . 2010-12-20 23:08 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-10-17 10:58 . 2011-02-17 19:00 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2010-04-20 05:30 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2008-06-20 11:40 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2006-11-07 02:26 . 2011-02-17 19:00 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-11-07 02:26 . 2010-12-20 23:08 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 124928 c:\windows\system32\advpack.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 124928 c:\windows\system32\advpack.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-04-12 18:14 . 2011-04-12 18:14 459264 c:\windows\Installer\dfc87.msi
+ 2011-03-12 17:11 . 2011-03-12 17:11 958464 c:\windows\Installer\330c8.msi
+ 2011-03-12 17:11 . 2011-03-12 17:11 101480 c:\windows\Installer\{DE7E6DBF-ABEE-43FF-A3A1-4DCF46411736}\egui.exe
- 2008-08-17 19:24 . 2010-11-09 19:37 135168 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-17 19:24 . 2011-04-12 18:07 135168 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-08-17 19:24 . 2010-11-09 19:37 593920 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-17 19:24 . 2011-04-12 18:07 593920 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 409600 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 409600 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 286720 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 286720 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 249856 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 249856 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 794624 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 794624 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 135168 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 135168 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 593920 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 593920 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 832512 c:\windows\ie7updates\KB2497640-IE7\wininet.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 233472 c:\windows\ie7updates\KB2497640-IE7\webcheck.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 105984 c:\windows\ie7updates\KB2497640-IE7\url.dll
+ 2011-04-12 18:03 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2497640-IE7\spuninst\updspapi.dll
+ 2011-04-12 18:03 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2497640-IE7\spuninst\spuninst.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 102912 c:\windows\ie7updates\KB2497640-IE7\occache.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 671232 c:\windows\ie7updates\KB2497640-IE7\mstime.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 193024 c:\windows\ie7updates\KB2497640-IE7\msrating.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 478208 c:\windows\ie7updates\KB2497640-IE7\mshtmled.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 468480 c:\windows\ie7updates\KB2497640-IE7\msfeeds.dll
+ 2011-04-12 18:03 . 2010-12-20 11:25 634648 c:\windows\ie7updates\KB2497640-IE7\iexplore.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 268288 c:\windows\ie7updates\KB2497640-IE7\iertutil.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 192512 c:\windows\ie7updates\KB2497640-IE7\iepeers.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 384512 c:\windows\ie7updates\KB2497640-IE7\iedkcs32.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 380928 c:\windows\ie7updates\KB2497640-IE7\ieapfltr.dll
+ 2011-04-12 18:03 . 2010-12-20 11:23 161792 c:\windows\ie7updates\KB2497640-IE7\ieakui.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 230400 c:\windows\ie7updates\KB2497640-IE7\ieaksie.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 153088 c:\windows\ie7updates\KB2497640-IE7\ieakeng.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 133120 c:\windows\ie7updates\KB2497640-IE7\extmgr.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 214528 c:\windows\ie7updates\KB2497640-IE7\dxtrans.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 347136 c:\windows\ie7updates\KB2497640-IE7\dxtmsft.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 124928 c:\windows\ie7updates\KB2497640-IE7\advpack.dll
+ 2008-11-12 13:34 . 2011-02-17 13:18 455936 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-10-06 15:57 . 2010-10-06 15:57 303104 c:\windows\assembly\temp\Y7ELSZ6DKR\System.Runtime.Remoting.dll
+ 2010-10-06 15:57 . 2010-10-06 15:57 372736 c:\windows\assembly\temp\BJQX3AIPW3\System.Management.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-04-12 18:11 . 2011-04-12 18:11 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-04-12 18:11 . 2011-04-12 18:11 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-04-14 06:06 . 2011-04-14 06:06 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-04-12 18:09 . 2011-04-12 18:09 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-04-14 06:06 . 2011-04-14 06:06 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-04-14 06:05 . 2011-04-14 06:05 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-06 15:57 . 2011-04-12 18:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-06 15:57 . 2011-04-12 18:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-02-25 20:56 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971029$\spuninst\updspapi.dll
+ 2011-02-25 20:56 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971029$\spuninst\spuninst.exe
+ 2011-02-25 20:56 . 2008-04-14 00:12 135168 c:\windows\$NtUninstallKB971029$\shsvcs.dll
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2481109$\spuninst\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2481109$\spuninst\spuninst.exe
+ 2011-03-13 08:13 . 2008-04-14 00:12 677888 c:\windows\$NtUninstallKB2481109$\mstsc.exe
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479943$\spuninst\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479943$\spuninst\spuninst.exe
+ 2011-03-13 08:13 . 2008-04-14 00:12 270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-13 08:13 . 2008-04-14 00:11 186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-02-25 20:56 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-02-25 20:56 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-02-25 20:56 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-04-12 17:57 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2011-01-10 20:50 . 2011-01-10 20:50 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-10 20:50 . 2011-01-10 20:50 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 1168384 c:\windows\system32\urlmon.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 1168384 c:\windows\system32\urlmon.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 3607040 c:\windows\system32\mshtml.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 6075904 c:\windows\system32\ieframe.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 6075904 c:\windows\system32\ieframe.dll
+ 2008-03-14 05:06 . 2011-04-12 18:16 1512200 c:\windows\system32\FNTCACHE.DAT
- 2008-03-14 05:06 . 2011-02-09 19:06 1512200 c:\windows\system32\FNTCACHE.DAT
+ 2008-10-15 12:04 . 2011-03-03 13:21 1857920 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-26 08:15 . 2011-02-17 19:00 1168384 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-26 08:15 . 2010-12-20 23:08 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-21 06:44 . 2011-02-17 19:00 3607040 c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
- 2009-06-13 19:04 . 2010-12-20 23:08 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2009-06-13 19:04 . 2011-02-17 19:00 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-01-27 12:49 . 2011-01-27 12:49 6825472 c:\windows\Installer\dfc80.msp
+ 2011-03-03 09:25 . 2011-03-03 09:25 5051904 c:\windows\Installer\dfc6b.msp
+ 2011-04-05 10:52 . 2011-04-05 10:52 5519872 c:\windows\Installer\dfc56.msp
+ 2011-03-17 18:01 . 2011-03-17 18:01 9563648 c:\windows\Installer\dfc41.msp
+ 2011-01-11 15:50 . 2011-01-11 15:50 8177152 c:\windows\Installer\dfc1d.msp
+ 2010-11-20 21:34 . 2010-11-20 21:34 1198080 c:\windows\Installer\dfc15.msp
+ 2011-02-22 09:32 . 2011-02-22 09:32 5520384 c:\windows\Installer\179a5f.msp
+ 2011-04-12 18:03 . 2010-12-20 23:08 1168384 c:\windows\ie7updates\KB2497640-IE7\urlmon.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 3606528 c:\windows\ie7updates\KB2497640-IE7\mshtml.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 6075904 c:\windows\ie7updates\KB2497640-IE7\ieframe.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-04-12 18:11 . 2011-04-12 18:11 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c91e83e85c030bc914ecc302fa9b2c60\System.Data.Entity.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b117bf63daa7e587f1bb2d975dccb4af\PresentationBuildTasks.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-10-06 15:57 . 2011-04-12 18:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-03-13 08:13 . 2009-06-10 07:19 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2008-03-14 19:39 . 2011-04-12 18:11 39828936 c:\windows\system32\MRT.exe
+ 2011-02-24 07:38 . 2011-02-24 07:38 10984448 c:\windows\Installer\dfc27.msp
+ 2011-02-11 18:47 . 2011-02-11 18:47 12028928 c:\windows\Installer\dfc0d.msp
+ 2011-04-12 18:10 . 2011-04-12 18:10 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:06 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-04-12 18:08 . 2011-04-12 18:08 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE" [2010-11-10 26624]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CnxDslTaskBar"="c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe Microcom\ADSL DeskPorte USB" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"tsnp2std"="c:\windows\tsnp2std.exe" [2005-08-17 90112]
"BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2007-03-15 32768]
"BsMnt"="c:\windows\BisonCam\BsMnt.exe" [2007-03-15 172032]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000]
.
c:\documents and settings\Kristina\Start Menu\Programs\Startup\
Microcom ADSL DeskPorte USB.lnk - [N/A]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2008-7-23 427336]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2010-6-16 44176]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 08:24 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7.4.2010 22:07 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [7.4.2010 22:08 95872]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.2.2009 12:43 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.2.2009 12:43 66632]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [24.10.2010 17:15 51072]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.4.2010 22:07 810120]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.7.2009 15:40 247096]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.12.2010 17:10 136176]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [15.3.2008 20:01 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [15.3.2008 20:01 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\drivers\CnxTgNP.sys [15.3.2008 20:02 60416]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.2.2009 12:43 12872]
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:09]
.
2011-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:09]
.
2011-04-14 c:\windows\Tasks\Norton Security Scan for Kristina.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-01-14 09:04]
.
2011-04-16 c:\windows\Tasks\User_Feed_Synchronization-{A37C3781-FCCD-4293-9579-91EBF1A29702}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 10:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\Kristina\Application Data\Mozilla\Firefox\Profiles\1n0c7dw3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&q=
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-TNOD UP - c:\program files\TNod User & Password Finder\TNODUP.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-16 21:25
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1496)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-04-16 21:27:40
ComboFix-quarantined-files.txt 2011-04-16 19:27
ComboFix2.txt 2011-02-11 20:42
ComboFix3.txt 2010-09-02 19:43
ComboFix4.txt 2009-07-26 09:23
ComboFix5.txt 2011-04-16 19:14
.
Pre-Run: 88 014 114 816 bytes free
Post-Run: 19 adresárov, 88 391 577 600 voľných bajtov
.
- - End Of File - - FDFC0ADA5FE26B8EB5963DEB014E7C85
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1919.1274 [GMT 2:00]
Running from: c:\documents and settings\Kristina\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Kristina\WINDOWS
c:\program files\TNod User & Password Finder\TNODUP.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-16 to 2011-04-16 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2008-03-13 21:25 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45 . 2006-02-28 12:00 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2006-02-28 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 19:00 . 2006-02-28 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 19:00 . 2009-11-02 11:26 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 19:00 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-17 19:00 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2011-02-17 13:18 . 2006-02-28 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-02-28 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-17 07:24 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 11:44 . 2006-02-28 12:00 389120 ----a-w- c:\windows\system32\html.iec
2011-02-15 12:56 . 2006-02-28 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-02-28 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-02-28 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-02-28 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-02-28 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58 . 2008-03-13 21:23 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2008-03-13 21:23 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2006-02-28 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-02-11_20.40.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-10 21:03 . 2011-01-10 21:03 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_189d6662\vcomp.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80KOR.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80JPN.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ITA.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHT.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHS.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80FRA.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ESP.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ENU.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80DEU.dll
+ 2011-01-11 02:05 . 2011-01-11 02:05 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80u.dll
+ 2011-01-11 02:23 . 2011-01-11 02:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80.dll
+ 2011-01-10 19:21 . 2011-01-10 19:21 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_7837863c\ATL80.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 44544 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2011-04-12 18:06 72120 c:\windows\system32\perfc009.dat
+ 2006-11-07 20:03 . 2011-02-17 19:00 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 52224 c:\windows\system32\msfeedsbs.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 27648 c:\windows\system32\jsproxy.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 27648 c:\windows\system32\jsproxy.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\iernonce.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 44544 c:\windows\system32\iernonce.dll
- 2006-02-28 12:00 . 2010-12-20 12:54 70656 c:\windows\system32\ie4uinit.exe
+ 2006-02-28 12:00 . 2011-02-17 11:43 70656 c:\windows\system32\ie4uinit.exe
+ 2006-10-17 10:58 . 2011-02-17 19:00 63488 c:\windows\system32\icardie.dll
- 2006-10-17 10:58 . 2010-12-20 23:08 63488 c:\windows\system32\icardie.dll
+ 2009-08-14 07:19 . 2011-02-11 20:57 35132 c:\windows\system32\epfwdata.bin
+ 2010-04-07 20:08 . 2010-04-07 20:08 95872 c:\windows\system32\drivers\epfwtdir.sys
- 2006-02-28 12:00 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
+ 2006-02-28 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2006-10-17 10:58 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-10-17 10:58 . 2011-02-17 19:00 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-06-13 19:05 . 2011-02-17 11:43 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2009-06-13 19:05 . 2010-12-20 12:54 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2006-11-07 02:26 . 2011-02-17 19:00 44544 c:\windows\system32\dllcache\iernonce.dll
- 2006-11-07 02:26 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\iernonce.dll
- 2009-11-02 11:26 . 2010-12-20 23:08 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2009-11-02 11:26 . 2011-02-17 19:00 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2006-11-07 02:26 . 2011-02-17 11:43 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2006-11-07 02:26 . 2010-12-20 12:54 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-06-13 19:05 . 2011-02-17 19:00 63488 c:\windows\system32\dllcache\icardie.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
- 2006-10-17 11:03 . 2010-12-20 23:08 17408 c:\windows\system32\dllcache\corpol.dll
+ 2006-10-17 11:03 . 2011-02-17 19:00 17408 c:\windows\system32\dllcache\corpol.dll
+ 2011-03-12 17:11 . 2011-03-12 17:11 10134 c:\windows\Installer\{DE7E6DBF-ABEE-43FF-A3A1-4DCF46411736}\callmsi.exe
+ 2011-04-12 18:08 . 2011-04-12 18:08 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2010-11-09 19:38 . 2010-11-09 19:38 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 23040 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 23040 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 61440 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 61440 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 27136 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 27136 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 11264 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 11264 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 86016 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 86016 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 12288 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 12288 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 44544 c:\windows\ie7updates\KB2497640-IE7\pngfilt.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 52224 c:\windows\ie7updates\KB2497640-IE7\msfeedsbs.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 27648 c:\windows\ie7updates\KB2497640-IE7\jsproxy.dll
+ 2011-04-12 18:03 . 2010-12-20 12:54 13824 c:\windows\ie7updates\KB2497640-IE7\ieudinit.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 44544 c:\windows\ie7updates\KB2497640-IE7\iernonce.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 78336 c:\windows\ie7updates\KB2497640-IE7\ieencode.dll
+ 2011-04-12 18:03 . 2010-12-20 12:54 70656 c:\windows\ie7updates\KB2497640-IE7\ie4uinit.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 63488 c:\windows\ie7updates\KB2497640-IE7\icardie.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 17408 c:\windows\ie7updates\KB2497640-IE7\corpol.dll
+ 2011-04-12 18:11 . 2011-04-12 18:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-04-12 18:08 . 2011-04-12 18:08 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-04-12 18:07 . 2011-04-12 18:07 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-04-14 06:05 . 2011-04-14 06:05 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-02-25 20:56 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-02-25 20:56 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2006-09-24 13:28 . 2006-09-24 13:28 5248 c:\windows\system32\speedfan.sys
+ 1996-04-03 19:33 . 1996-04-03 19:33 5248 c:\windows\system32\giveio.sys
+ 2008-08-17 19:39 . 2011-04-12 18:10 4096 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 4096 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2011-04-12 18:06 . 2011-04-12 18:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-01-11 02:27 . 2011-01-11 02:27 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
+ 2011-01-11 02:24 . 2011-01-11 02:24 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll
+ 2011-01-11 02:08 . 2011-01-11 02:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcm80.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 233472 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 233472 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 105984 c:\windows\system32\url.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 105984 c:\windows\system32\url.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
+ 2006-02-28 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
+ 2006-02-28 12:00 . 2011-04-12 18:06 443862 c:\windows\system32\perfh009.dat
+ 2006-02-28 12:00 . 2011-02-17 19:00 102912 c:\windows\system32\occache.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 102912 c:\windows\system32\occache.dll
- 2006-02-28 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2006-02-28 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 671232 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 671232 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 193024 c:\windows\system32\msrating.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 193024 c:\windows\system32\msrating.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 478208 c:\windows\system32\mshtmled.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 478208 c:\windows\system32\mshtmled.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 468480 c:\windows\system32\msfeeds.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 468480 c:\windows\system32\msfeeds.dll
+ 2006-02-28 12:00 . 2011-03-04 06:45 512000 c:\windows\system32\jscript.dll
- 2006-02-28 12:00 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
+ 2006-10-17 10:57 . 2011-02-17 19:00 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 10:57 . 2010-12-20 23:08 268288 c:\windows\system32\iertutil.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 192512 c:\windows\system32\iepeers.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 192512 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 384512 c:\windows\system32\iedkcs32.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 384512 c:\windows\system32\iedkcs32.dll
- 2006-10-17 10:27 . 2010-12-20 23:08 380928 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 10:27 . 2011-02-17 19:00 380928 c:\windows\system32\ieapfltr.dll
+ 2006-02-28 12:00 . 2011-02-14 12:15 161792 c:\windows\system32\ieakui.dll
- 2006-02-28 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\ieakui.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 230400 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 230400 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 153088 c:\windows\system32\ieakeng.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 153088 c:\windows\system32\ieakeng.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 133120 c:\windows\system32\extmgr.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 133120 c:\windows\system32\extmgr.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 214528 c:\windows\system32\dxtrans.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 214528 c:\windows\system32\dxtrans.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 347136 c:\windows\system32\dxtmsft.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 347136 c:\windows\system32\dxtmsft.dll
+ 2010-04-07 20:07 . 2010-04-07 20:07 114984 c:\windows\system32\drivers\ehdrv.sys
+ 2010-04-07 20:03 . 2010-04-07 20:03 139192 c:\windows\system32\drivers\eamon.sys
+ 2006-02-28 12:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
- 2006-02-28 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2006-02-28 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
- 2008-04-21 06:44 . 2010-12-20 23:08 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-21 06:44 . 2011-02-17 19:00 832512 c:\windows\system32\dllcache\wininet.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2008-05-09 10:53 . 2011-03-04 06:45 434176 c:\windows\system32\dllcache\vbscript.dll
- 2006-10-17 11:05 . 2010-12-20 23:08 105984 c:\windows\system32\dllcache\url.dll
+ 2006-10-17 11:05 . 2011-02-17 19:00 105984 c:\windows\system32\dllcache\url.dll
+ 2008-10-15 12:05 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
- 2006-10-17 11:04 . 2010-12-20 23:08 102912 c:\windows\system32\dllcache\occache.dll
+ 2006-10-17 11:04 . 2011-02-17 19:00 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 671232 c:\windows\system32\dllcache\mstime.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-10-17 11:05 . 2010-12-20 23:08 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-10-17 11:05 . 2011-02-17 19:00 193024 c:\windows\system32\dllcache\msrating.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 468480 c:\windows\system32\dllcache\msfeeds.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-11-12 13:34 . 2011-02-17 13:18 455936 c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-02-28 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
- 2006-02-28 12:00 . 2010-09-18 10:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-14 18:12 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2008-05-09 10:53 . 2011-03-04 06:45 512000 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
+ 2008-08-14 07:10 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-14 07:10 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2006-10-17 11:04 . 2010-12-20 11:25 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2006-10-17 11:04 . 2011-02-14 12:17 634648 c:\windows\system32\dllcache\iexplore.exe
- 2009-06-13 19:05 . 2010-12-20 23:08 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 268288 c:\windows\system32\dllcache\iertutil.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 192512 c:\windows\system32\dllcache\iepeers.dll
- 2006-11-07 02:27 . 2010-12-20 23:08 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-11-07 02:27 . 2011-02-17 19:00 384512 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-06-13 19:05 . 2010-12-20 23:08 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2009-06-13 19:05 . 2011-02-17 19:00 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2006-02-28 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2006-02-28 12:00 . 2011-02-14 12:15 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2006-11-07 02:27 . 2011-02-17 19:00 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2006-11-07 02:27 . 2010-12-20 23:08 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2006-11-07 02:26 . 2010-12-20 23:08 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2006-11-07 02:26 . 2011-02-17 19:00 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
- 2006-10-17 10:57 . 2010-12-20 23:08 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-10-17 10:57 . 2011-02-17 19:00 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-10-17 10:58 . 2010-12-20 23:08 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-10-17 10:58 . 2011-02-17 19:00 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2010-04-20 05:30 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2008-06-20 11:40 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2006-11-07 02:26 . 2011-02-17 19:00 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-11-07 02:26 . 2010-12-20 23:08 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 124928 c:\windows\system32\advpack.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 124928 c:\windows\system32\advpack.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-04-12 18:14 . 2011-04-12 18:14 459264 c:\windows\Installer\dfc87.msi
+ 2011-03-12 17:11 . 2011-03-12 17:11 958464 c:\windows\Installer\330c8.msi
+ 2011-03-12 17:11 . 2011-03-12 17:11 101480 c:\windows\Installer\{DE7E6DBF-ABEE-43FF-A3A1-4DCF46411736}\egui.exe
- 2008-08-17 19:24 . 2010-11-09 19:37 135168 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-17 19:24 . 2011-04-12 18:07 135168 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-08-17 19:24 . 2010-11-09 19:37 593920 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-17 19:24 . 2011-04-12 18:07 593920 c:\windows\Installer\{901C0405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 409600 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 409600 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 286720 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 286720 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 249856 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 249856 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 794624 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 794624 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 135168 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 135168 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-17 19:39 . 2011-04-12 18:10 593920 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-08-17 19:39 . 2011-02-08 21:15 593920 c:\windows\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 832512 c:\windows\ie7updates\KB2497640-IE7\wininet.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 233472 c:\windows\ie7updates\KB2497640-IE7\webcheck.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 105984 c:\windows\ie7updates\KB2497640-IE7\url.dll
+ 2011-04-12 18:03 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2497640-IE7\spuninst\updspapi.dll
+ 2011-04-12 18:03 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2497640-IE7\spuninst\spuninst.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 102912 c:\windows\ie7updates\KB2497640-IE7\occache.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 671232 c:\windows\ie7updates\KB2497640-IE7\mstime.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 193024 c:\windows\ie7updates\KB2497640-IE7\msrating.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 478208 c:\windows\ie7updates\KB2497640-IE7\mshtmled.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 468480 c:\windows\ie7updates\KB2497640-IE7\msfeeds.dll
+ 2011-04-12 18:03 . 2010-12-20 11:25 634648 c:\windows\ie7updates\KB2497640-IE7\iexplore.exe
+ 2011-04-12 18:03 . 2010-12-20 23:08 268288 c:\windows\ie7updates\KB2497640-IE7\iertutil.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 192512 c:\windows\ie7updates\KB2497640-IE7\iepeers.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 384512 c:\windows\ie7updates\KB2497640-IE7\iedkcs32.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 380928 c:\windows\ie7updates\KB2497640-IE7\ieapfltr.dll
+ 2011-04-12 18:03 . 2010-12-20 11:23 161792 c:\windows\ie7updates\KB2497640-IE7\ieakui.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 230400 c:\windows\ie7updates\KB2497640-IE7\ieaksie.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 153088 c:\windows\ie7updates\KB2497640-IE7\ieakeng.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 133120 c:\windows\ie7updates\KB2497640-IE7\extmgr.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 214528 c:\windows\ie7updates\KB2497640-IE7\dxtrans.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 347136 c:\windows\ie7updates\KB2497640-IE7\dxtmsft.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 124928 c:\windows\ie7updates\KB2497640-IE7\advpack.dll
+ 2008-11-12 13:34 . 2011-02-17 13:18 455936 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-10-06 15:57 . 2010-10-06 15:57 303104 c:\windows\assembly\temp\Y7ELSZ6DKR\System.Runtime.Remoting.dll
+ 2010-10-06 15:57 . 2010-10-06 15:57 372736 c:\windows\assembly\temp\BJQX3AIPW3\System.Management.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-04-12 18:11 . 2011-04-12 18:11 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-04-12 18:11 . 2011-04-12 18:11 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-04-14 06:06 . 2011-04-14 06:06 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-04-12 18:09 . 2011-04-12 18:09 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-04-14 06:06 . 2011-04-14 06:06 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-04-14 06:05 . 2011-04-14 06:05 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-06 15:57 . 2011-04-12 18:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-06 15:57 . 2011-04-12 18:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-02-25 20:56 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971029$\spuninst\updspapi.dll
+ 2011-02-25 20:56 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971029$\spuninst\spuninst.exe
+ 2011-02-25 20:56 . 2008-04-14 00:12 135168 c:\windows\$NtUninstallKB971029$\shsvcs.dll
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2481109$\spuninst\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2481109$\spuninst\spuninst.exe
+ 2011-03-13 08:13 . 2008-04-14 00:12 677888 c:\windows\$NtUninstallKB2481109$\mstsc.exe
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479943$\spuninst\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479943$\spuninst\spuninst.exe
+ 2011-03-13 08:13 . 2008-04-14 00:12 270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-13 08:13 . 2008-04-14 00:11 186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-02-25 20:56 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-02-25 20:56 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-02-25 20:56 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-13 08:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-13 08:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-13 08:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-04-12 17:57 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2011-01-10 20:50 . 2011-01-10 20:50 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-10 20:50 . 2011-01-10 20:50 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 1168384 c:\windows\system32\urlmon.dll
- 2006-02-28 12:00 . 2010-12-20 23:08 1168384 c:\windows\system32\urlmon.dll
+ 2006-02-28 12:00 . 2011-02-17 19:00 3607040 c:\windows\system32\mshtml.dll
+ 2006-11-07 20:03 . 2011-02-17 19:00 6075904 c:\windows\system32\ieframe.dll
- 2006-11-07 20:03 . 2010-12-20 23:08 6075904 c:\windows\system32\ieframe.dll
+ 2008-03-14 05:06 . 2011-04-12 18:16 1512200 c:\windows\system32\FNTCACHE.DAT
- 2008-03-14 05:06 . 2011-02-09 19:06 1512200 c:\windows\system32\FNTCACHE.DAT
+ 2008-10-15 12:04 . 2011-03-03 13:21 1857920 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-26 08:15 . 2011-02-17 19:00 1168384 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-26 08:15 . 2010-12-20 23:08 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-21 06:44 . 2011-02-17 19:00 3607040 c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
- 2009-06-13 19:04 . 2010-12-20 23:08 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2009-06-13 19:04 . 2011-02-17 19:00 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-01-27 12:49 . 2011-01-27 12:49 6825472 c:\windows\Installer\dfc80.msp
+ 2011-03-03 09:25 . 2011-03-03 09:25 5051904 c:\windows\Installer\dfc6b.msp
+ 2011-04-05 10:52 . 2011-04-05 10:52 5519872 c:\windows\Installer\dfc56.msp
+ 2011-03-17 18:01 . 2011-03-17 18:01 9563648 c:\windows\Installer\dfc41.msp
+ 2011-01-11 15:50 . 2011-01-11 15:50 8177152 c:\windows\Installer\dfc1d.msp
+ 2010-11-20 21:34 . 2010-11-20 21:34 1198080 c:\windows\Installer\dfc15.msp
+ 2011-02-22 09:32 . 2011-02-22 09:32 5520384 c:\windows\Installer\179a5f.msp
+ 2011-04-12 18:03 . 2010-12-20 23:08 1168384 c:\windows\ie7updates\KB2497640-IE7\urlmon.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 3606528 c:\windows\ie7updates\KB2497640-IE7\mshtml.dll
+ 2011-04-12 18:03 . 2010-12-20 23:08 6075904 c:\windows\ie7updates\KB2497640-IE7\ieframe.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-04-12 18:11 . 2011-04-12 18:11 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:05 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c91e83e85c030bc914ecc302fa9b2c60\System.Data.Entity.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b117bf63daa7e587f1bb2d975dccb4af\PresentationBuildTasks.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-14 10:44 . 2011-04-14 10:44 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-04-14 06:06 . 2011-04-14 06:06 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-12 18:05 . 2011-04-12 18:05 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-06 15:56 . 2010-10-06 15:56 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-04-12 18:06 . 2011-04-12 18:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-06 15:57 . 2010-10-06 15:57 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-10-06 15:57 . 2011-04-12 18:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-03-13 08:13 . 2009-06-10 07:19 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2008-03-14 19:39 . 2011-04-12 18:11 39828936 c:\windows\system32\MRT.exe
+ 2011-02-24 07:38 . 2011-02-24 07:38 10984448 c:\windows\Installer\dfc27.msp
+ 2011-02-11 18:47 . 2011-02-11 18:47 12028928 c:\windows\Installer\dfc0d.msp
+ 2011-04-12 18:10 . 2011-04-12 18:10 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-04-14 10:45 . 2011-04-14 10:45 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-04-14 06:05 . 2011-04-14 06:06 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-04-12 18:10 . 2011-04-12 18:10 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-04-12 18:09 . 2011-04-12 18:09 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-04-12 18:08 . 2011-04-12 18:08 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-04-12 18:07 . 2011-04-12 18:07 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE" [2010-11-10 26624]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CnxDslTaskBar"="c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe Microcom\ADSL DeskPorte USB" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"tsnp2std"="c:\windows\tsnp2std.exe" [2005-08-17 90112]
"BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2007-03-15 32768]
"BsMnt"="c:\windows\BisonCam\BsMnt.exe" [2007-03-15 172032]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000]
.
c:\documents and settings\Kristina\Start Menu\Programs\Startup\
Microcom ADSL DeskPorte USB.lnk - [N/A]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2008-7-23 427336]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2010-6-16 44176]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 08:24 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7.4.2010 22:07 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [7.4.2010 22:08 95872]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.2.2009 12:43 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.2.2009 12:43 66632]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [24.10.2010 17:15 51072]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.4.2010 22:07 810120]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.7.2009 15:40 247096]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.12.2010 17:10 136176]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [15.3.2008 20:01 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [15.3.2008 20:01 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\drivers\CnxTgNP.sys [15.3.2008 20:02 60416]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.2.2009 12:43 12872]
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:09]
.
2011-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-26 15:09]
.
2011-04-14 c:\windows\Tasks\Norton Security Scan for Kristina.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-01-14 09:04]
.
2011-04-16 c:\windows\Tasks\User_Feed_Synchronization-{A37C3781-FCCD-4293-9579-91EBF1A29702}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 10:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\Kristina\Application Data\Mozilla\Firefox\Profiles\1n0c7dw3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&q=
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-TNOD UP - c:\program files\TNod User & Password Finder\TNODUP.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-16 21:25
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1496)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-04-16 21:27:40
ComboFix-quarantined-files.txt 2011-04-16 19:27
ComboFix2.txt 2011-02-11 20:42
ComboFix3.txt 2010-09-02 19:43
ComboFix4.txt 2009-07-26 09:23
ComboFix5.txt 2011-04-16 19:14
.
Pre-Run: 88 014 114 816 bytes free
Post-Run: 19 adresárov, 88 391 577 600 voľných bajtov
.
- - End Of File - - FDFC0ADA5FE26B8EB5963DEB014E7C85
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: poprosím o kontrolu, podozrenie na trojana
Zdá se, že ten NOD není legální (napiš mi jak je to s licencí) - zatím nepokračuji. Po odstranění NODa jej nahraď jedním z free programů (Avast, Avira, Microsoft Security Essentials)
Udělej nový RSIT
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: poprosím o kontrolu, podozrenie na trojana
mne to dal kamarát na usb klúči so slovami, že to mám ako normálnu mesačnú verziu, tak neviem, zdalo sa mi to byť klasický nod, ale ak je s tým problém stiahnem si niečo iné
Logfile of random's system information tool 1.06 (written by random/random)
Run by Kristina at 2011-04-17 19:48:05
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 84 GB (55%) free of 153 GB
Total RAM: 1919 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:48:10, on 17.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17096)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\program files\microcom\adsl deskporte usb\CnxDslTb.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\BisonCam\BisonHK.exe
C:\WINDOWS\BisonCam\BsMnt.exe
C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\Kristina\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kristina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] "c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe" "Microcom\ADSL DeskPorte USB"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [BisonHK] C:\WINDOWS\BisonCam\BisonHK.exe
O4 - HKLM\..\Run: [BsMnt] C:\WINDOWS\BisonCam\BsMnt.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Microcom ADSL DeskPorte USB.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5524591843
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 9730 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Kristina.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A37C3781-FCCD-4293-9579-91EBF1A29702}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2010-11-10 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2010-11-10 503808]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-06-29 89541]
"CnxDslTaskBar"=c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe [2004-06-16 233472]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2006-01-07 81920]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2005-08-17 90112]
"BisonHK"=C:\WINDOWS\BisonCam\BisonHK.exe [2007-03-15 32768]
"BsMnt"=C:\WINDOWS\BisonCam\BsMnt.exe [2007-03-15 172032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE [2010-11-10 26624]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PHOTOfunSTUDIO.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Documents and Settings\Kristina\Start Menu\Programs\Startup
Microcom ADSL DeskPorte USB.lnk -
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-05 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-14 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2011-04-16 21:28:22 ----SHD---- C:\RECYCLER
2011-04-16 21:27:42 ----D---- C:\WINDOWS\temp
2011-04-16 21:27:41 ----A---- C:\ComboFix.txt
2011-04-12 20:11:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-12 20:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-12 20:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-12 20:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-12 20:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-12 20:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-12 20:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-12 20:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-12 20:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-12 20:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-12 20:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-03-23 19:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
======List of files/folders modified in the last 1 months======
2011-04-17 19:47:38 ----D---- C:\Documents and Settings\Kristina\Application Data\Skype
2011-04-17 19:47:30 ----D---- C:\WINDOWS
2011-04-17 19:46:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-17 19:37:42 ----D---- C:\Config.Msi
2011-04-17 19:37:34 ----HD---- C:\WINDOWS\inf
2011-04-17 19:37:34 ----D---- C:\WINDOWS\system32\drivers
2011-04-17 19:37:31 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-17 19:37:26 ----SHD---- C:\WINDOWS\Installer
2011-04-17 19:26:17 ----D---- C:\Program Files\SpeedFan
2011-04-16 21:30:23 ----D---- C:\WINDOWS\Debug
2011-04-16 21:27:42 ----D---- C:\Qoobox
2011-04-16 21:25:21 ----A---- C:\WINDOWS\system.ini
2011-04-16 21:23:07 ----D---- C:\Program Files\TNod User & Password Finder
2011-04-16 21:21:59 ----D---- C:\WINDOWS\system32
2011-04-16 21:21:58 ----D---- C:\WINDOWS\AppPatch
2011-04-16 21:21:54 ----D---- C:\Program Files\Common Files
2011-04-16 21:12:42 ----D---- C:\WINDOWS\Prefetch
2011-04-15 08:10:20 ----D---- C:\Program Files\Opera
2011-04-14 12:45:52 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-14 12:45:49 ----RSD---- C:\WINDOWS\assembly
2011-04-12 20:16:01 ----D---- C:\Program Files\Internet Explorer
2011-04-12 20:14:00 ----D---- C:\WINDOWS\WinSxS
2011-04-12 20:14:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-12 20:11:24 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-12 20:11:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-12 20:10:50 ----A---- C:\WINDOWS\win.ini
2011-04-12 20:06:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-12 20:03:18 ----D---- C:\WINDOWS\system32\en-us
2011-04-12 20:02:51 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2009-02-19 63872]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-10-24 51072]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-22 1574112]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-14 2418688]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-09-25 115328]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-09-18 44032]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-08-22 1749760]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 Tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2008-10-06 137984]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2009-03-03 36864]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2009-03-05 74368]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2009-03-12 16128]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2009-03-19 43264]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Kristina\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-06-16 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-06-16 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys [2004-06-16 60416]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
S3 RTL8169;Realtek 8169 NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlh86.sys [2007-06-07 83456]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2009-03-23 54272]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-14 483328]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-03-17 144752]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-11-24 53337]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-11-24 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-11-24 69718]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2006-01-06 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Kristina at 2011-04-17 19:48:05
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 84 GB (55%) free of 153 GB
Total RAM: 1919 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:48:10, on 17.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17096)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\program files\microcom\adsl deskporte usb\CnxDslTb.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\BisonCam\BisonHK.exe
C:\WINDOWS\BisonCam\BsMnt.exe
C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\Kristina\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kristina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] "c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe" "Microcom\ADSL DeskPorte USB"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [BisonHK] C:\WINDOWS\BisonCam\BisonHK.exe
O4 - HKLM\..\Run: [BsMnt] C:\WINDOWS\BisonCam\BsMnt.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Microcom ADSL DeskPorte USB.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5524591843
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 9730 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Kristina.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A37C3781-FCCD-4293-9579-91EBF1A29702}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2010-11-10 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2010-11-10 503808]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\1010292004\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-06-29 89541]
"CnxDslTaskBar"=c:\program files\microcom\adsl deskporte usb\CnxDslTb.exe [2004-06-16 233472]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2006-01-07 81920]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2005-08-17 90112]
"BisonHK"=C:\WINDOWS\BisonCam\BisonHK.exe [2007-03-15 32768]
"BsMnt"=C:\WINDOWS\BisonCam\BsMnt.exe [2007-03-15 172032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE [2010-11-10 26624]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PHOTOfunSTUDIO.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Documents and Settings\Kristina\Start Menu\Programs\Startup
Microcom ADSL DeskPorte USB.lnk -
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-05 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-14 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2011-04-16 21:28:22 ----SHD---- C:\RECYCLER
2011-04-16 21:27:42 ----D---- C:\WINDOWS\temp
2011-04-16 21:27:41 ----A---- C:\ComboFix.txt
2011-04-12 20:11:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-12 20:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-12 20:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-12 20:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-12 20:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-12 20:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-12 20:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-12 20:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-12 20:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-12 20:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-12 20:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-03-23 19:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
======List of files/folders modified in the last 1 months======
2011-04-17 19:47:38 ----D---- C:\Documents and Settings\Kristina\Application Data\Skype
2011-04-17 19:47:30 ----D---- C:\WINDOWS
2011-04-17 19:46:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-17 19:37:42 ----D---- C:\Config.Msi
2011-04-17 19:37:34 ----HD---- C:\WINDOWS\inf
2011-04-17 19:37:34 ----D---- C:\WINDOWS\system32\drivers
2011-04-17 19:37:31 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-17 19:37:26 ----SHD---- C:\WINDOWS\Installer
2011-04-17 19:26:17 ----D---- C:\Program Files\SpeedFan
2011-04-16 21:30:23 ----D---- C:\WINDOWS\Debug
2011-04-16 21:27:42 ----D---- C:\Qoobox
2011-04-16 21:25:21 ----A---- C:\WINDOWS\system.ini
2011-04-16 21:23:07 ----D---- C:\Program Files\TNod User & Password Finder
2011-04-16 21:21:59 ----D---- C:\WINDOWS\system32
2011-04-16 21:21:58 ----D---- C:\WINDOWS\AppPatch
2011-04-16 21:21:54 ----D---- C:\Program Files\Common Files
2011-04-16 21:12:42 ----D---- C:\WINDOWS\Prefetch
2011-04-15 08:10:20 ----D---- C:\Program Files\Opera
2011-04-14 12:45:52 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-14 12:45:49 ----RSD---- C:\WINDOWS\assembly
2011-04-12 20:16:01 ----D---- C:\Program Files\Internet Explorer
2011-04-12 20:14:00 ----D---- C:\WINDOWS\WinSxS
2011-04-12 20:14:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-12 20:11:24 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-12 20:11:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-12 20:10:50 ----A---- C:\WINDOWS\win.ini
2011-04-12 20:06:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-12 20:03:18 ----D---- C:\WINDOWS\system32\en-us
2011-04-12 20:02:51 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2009-02-19 63872]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-10-24 51072]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-22 1574112]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-14 2418688]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-09-25 115328]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-09-18 44032]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-08-22 1749760]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 Tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2008-10-06 137984]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2009-03-03 36864]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2009-03-05 74368]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2009-03-12 16128]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2009-03-19 43264]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Kristina\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-06-16 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-06-16 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys [2004-06-16 60416]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
S3 RTL8169;Realtek 8169 NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlh86.sys [2007-06-07 83456]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2009-03-23 54272]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-14 483328]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-03-17 144752]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-11-24 53337]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-11-24 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-11-24 69718]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2006-01-06 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: poprosím o kontrolu, podozrenie na trojana
Smaž ještě tento adresář - C:\Program Files\TNod User & Password Finder Doinstaluj jeden z navrhovaných AV - máš nechráněný počítač. (info zde: http://www.viry.cz/forum/viewforum.php?f=29)
Stáhni a nainstaluj MBAM zde http://www.download.com/Malwarebytes-An ... tag=button
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: poprosím o kontrolu, podozrenie na trojana
Malwarebytes' Anti-Malware 1.31
Verzia databázy: 1506
Windows 5.1.2600 Service Pack 3
18.4.2011 13:25:01
mbam-log-2011-04-18 (13-25-01).txt
Typ kontroly: Rýchla
Objektov kontrolovaných: 54574
Uplynutý cas: 5 minute(s), 33 second(s)
Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0
Infikovaných procesov pamäte:
(Žiadne škodlivé položky)
Infikovaných modulov pamäte:
(Žiadne škodlivé položky)
Infikovaných registracných klúcov:
(Žiadne škodlivé položky)
Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)
Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)
Infikovaných priecinkov:
(Žiadne škodlivé položky)
Infikovaných súborov:
(Žiadne škodlivé položky)
Verzia databázy: 1506
Windows 5.1.2600 Service Pack 3
18.4.2011 13:25:01
mbam-log-2011-04-18 (13-25-01).txt
Typ kontroly: Rýchla
Objektov kontrolovaných: 54574
Uplynutý cas: 5 minute(s), 33 second(s)
Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0
Infikovaných procesov pamäte:
(Žiadne škodlivé položky)
Infikovaných modulov pamäte:
(Žiadne škodlivé položky)
Infikovaných registracných klúcov:
(Žiadne škodlivé položky)
Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)
Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)
Infikovaných priecinkov:
(Žiadne škodlivé položky)
Infikovaných súborov:
(Žiadne škodlivé položky)
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: poprosím o kontrolu, podozrenie na trojana
dej nový RSIT po nainstalování Antiviru
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: poprosím o kontrolu, podozrenie na trojana
Malwarebytes' Anti-Malware 1.31
Verzia databázy: 1506
Windows 5.1.2600 Service Pack 3
20.4.2011 17:12:23
mbam-log-2011-04-20 (17-12-23).txt
Typ kontroly: Rýchla
Objektov kontrolovaných: 60928
Uplynutý cas: 10 minute(s), 58 second(s)
Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0
Infikovaných procesov pamäte:
(Žiadne škodlivé položky)
Infikovaných modulov pamäte:
(Žiadne škodlivé položky)
Infikovaných registracných klúcov:
(Žiadne škodlivé položky)
Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)
Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)
Infikovaných priecinkov:
(Žiadne škodlivé položky)
Infikovaných súborov:
(Žiadne škodlivé položky)
Verzia databázy: 1506
Windows 5.1.2600 Service Pack 3
20.4.2011 17:12:23
mbam-log-2011-04-20 (17-12-23).txt
Typ kontroly: Rýchla
Objektov kontrolovaných: 60928
Uplynutý cas: 10 minute(s), 58 second(s)
Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0
Infikovaných procesov pamäte:
(Žiadne škodlivé položky)
Infikovaných modulov pamäte:
(Žiadne škodlivé položky)
Infikovaných registracných klúcov:
(Žiadne škodlivé položky)
Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)
Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)
Infikovaných priecinkov:
(Žiadne škodlivé položky)
Infikovaných súborov:
(Žiadne škodlivé položky)
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: poprosím o kontrolu, podozrenie na trojana
MBAM máš starý - dnes verze 1.50.1.1100 databáze 6407cernohous13 píše:dej nový RSIT po nainstalování Antiviru
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: poprosím o kontrolu, podozrenie na trojana
no nejde mi aktualizovať, vyhodí mi tabulku,že nemám prístup na internet alebo niečo v tom zmysle
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: poprosím o kontrolu, podozrenie na trojana
starý MBAM odinstaluj, smaž a stáhni aktuální - http://www.download.com/Malwarebytes-An ... tag=button
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: poprosím o kontrolu, podozrenie na trojana
Klikni na https://www.virustotal.com/cs/
klik "Procházet" > do zadávacího pole "Název souboru" jen zkopíruj:
C:\WINDOWS\system32\sessmgr.exe
"Send file" (pokud byl již testován, nech testovat znovu - Reanalyse)
Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
Do fóra zkopíruj výsledný log. nebo odkaz z adresního řádku na stránku.
Pokud nebude nález stačí jen oznámit
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Přispějete na provoz fóra?