Созданные ответы форума
-
Сообщения
-
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2004-08-17 1667584]
«EDLauncher»=»c:program filesPRMT6PRMTEDEDLauncher.exe» [2002-03-28 81920]
«Skype»=»c:program filesSkypePhoneSkype.exe» [2008-11-07 21633320]
«H/PC Connection Agent»=»c:program filesMicrosoft ActiveSyncwcescomm.exe» [2006-11-13 1289000]
«AlcoholAutomount»=»c:program filesAlcohol 120axcmd.exe» [2007-12-22 221568][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2006-11-10 90112]
«PCMService»=»c:program filesCyberLinkPowerCinemaPCMService.exe» [2005-05-23 127118]
«VX1000″=»c:windowsvVX1000.exe» [2007-04-10 709992]
«LifeCam»=»c:program filesMicrosoft LifeCamLifeExp.exe» [2007-05-17 279912]
«RemoteControl»=»c:program filesASUSTekASUSDVDPDVDServ.exe» [2003-10-31 32768]
«C-Media Mixer»=»Mixer.exe» — c:windowsmixer.exe [2004-08-11 1228800][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-10-21 15360]c:documents and settings пѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Adobe Gamma.lnk — c:program filesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [2005-3-16 113664][HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringKasperskyAntiVirus]
«DisableMonitoring»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:program filesMicrosoft ActiveSyncrapimgr.exe»= c:program filesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
«c:program filesMicrosoft ActiveSyncwcescomm.exe»= c:program filesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
«c:program filesMicrosoft ActiveSyncWCESMgr.exe»= c:program filesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
«c:\Program Files\Microsoft LifeCam\LifeCam.exe»=
«c:\Program Files\Microsoft LifeCam\LifeExp.exe»=
«c:\Program Files\CyberLink\PowerCinema\PowerCinema.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Program Files\Autodesk\Backburner\monitor.exe»=
«c:\Program Files\Autodesk\Backburner\manager.exe»=
«c:\Program Files\Autodesk\Backburner\server.exe»=
«c:\Program Files\OperaAC\Opera.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«14522:TCP»= 14522:TCP:*:Disabled:NortonAV
«12591:TCP»= 12591:TCP:*:Disabled:NortonAV
«12698:TCP»= 12698:TCP:*:Disabled:NortonAV
«26675:TCP»= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync ServiceR0 HFXP2;HFXP2;c:windowsSYSTEM32DRIVERShfxp2.sys [07.04.2009 19:33 17264]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:windowsSYSTEM32DRIVERSklbg.sys [29.01.2008 18:29 33808]
R0 ps6ajtsb;Stalker (Pro) Synchronization Driver (ps6ajtsb);c:windowsSYSTEM32DRIVERSps6ajtsb.sys [05.03.2007 20:57 52104]
R0 UP55bus;UP55bus;c:windowsSYSTEM32DRIVERSUP55bus.sys [29.08.2008 16:53 155136]
R0 UP55prt;UP55prt;c:windowsSYSTEM32DRIVERSUP55prt.sys [29.08.2008 16:53 5248]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:windowsSYSTEM32DRIVERSklim5.sys [30.04.2008 18:06 24592]
S2 pr2ajtsb;Stalker (Pro) Drivers Auto Removal (pr2ajtsb);c:windowssystem32pr2ajtsb.exe svc —> c:windowssystem32pr2ajtsb.exe svc [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:windowsSYSTEM32DRIVERSmbamswissarmy.sys [03.11.2009 16:35 38224]— Other Services/Drivers In Memory —
*Deregistered* — mbr
*Deregistered* — PROCEXP113
.
.
Supplementary Scan
.
uStart Page = http://www.nevosoft.ru
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — c:program filesPRMT6PRMTIEprmtie5.htm
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — c:program filesPRMT6PRMTIEoptions.htm
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-13 07:36
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x836A0530]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
Driveratapi -> 0x836a0530
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use «Recovery Console» command «fixmbr» to clear infection !**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(904)
c:windowssystem32Ati2evxx.dll— — — — — — — > ‘explorer.exe'(3308)
c:program filesPRMT6PRMTEDEDSel.dll
c:windowssystem32msi.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
Completion time: 2009-11-13 07:42
ComboFix-quarantined-files.txt 2009-11-13 01:42
ComboFix2.txt 2009-11-06 02:09Pre-Run: 22 035 189 760 байт свободно
Post-Run: 22 065 982 976 байт свободно— — End Of File — — B93C05535E2D3FAB9B3C1E2C0395BD05
ComboFix 09-11-13.04 — дом 13.11.2009 7:18.2.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.767.377 [GMT 6:00]
Running from: c:documents and settingsдомРабочий столComboFix.exe
Command switches used :: c:documents and settingsдомРабочий столCFScript.txt
AV: Антивирус Касперского *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:windowsSYSTEM32winlogon.exe . . . is infected!!
.
((((((((((((((((((((((((( Files Created from 2009-10-13 to 2009-11-13 )))))))))))))))))))))))))))))))
.2009-11-06 15:20 . 2009-11-06 15:20
d
w- c:documents and settingsAll Users.WINDOWSApplication DataGogii
2009-10-25 05:18 . 2009-10-25 05:28
d
w- c:program filesAirXonix
2009-10-25 05:15 . 2009-11-03 01:20
d
w- c:documents and settingsдомApplication DataYandex
2009-10-25 05:15 . 2009-10-25 05:15
d
w- c:documents and settingsдомLocal SettingsApplication DataYandex
2009-10-25 05:15 . 2009-10-25 05:15
d
w- c:program filesYandex
2009-10-25 05:15 . 2009-10-28 13:29
d
w- C:Игры от NevoSoft
2009-10-25 03:36 . 2009-10-25 03:36
d
w- c:program filesTryMedia
2009-10-23 06:02 . 2009-10-23 06:02 4096 —-a-w- c:windowsd3dx.dat
2009-10-19 12:07 . 2009-10-19 12:07
d
w- c:documents and settingsдомApplication DataPlayrix Entertainment
2009-10-18 11:20 . 2009-11-06 02:58
d
w- c:documents and settingsAll Users.WINDOWSApplication DataAutodesk
2009-10-18 11:14 . 2009-11-06 03:08
d
w- c:program filesAutodesk
2009-10-18 11:14 . 2009-11-06 03:08
d
w- c:documents and settingsдомLocal SettingsApplication DataAutodesk
2009-10-18 04:55 . 2009-10-18 04:55
d
w- c:program filesMicrosoft.NET
2009-10-16 14:34 . 2009-10-16 14:34 1024 —-a-w- c:documents and settingsAll Users.WINDOWSApplication DataBVRP SoftwareMotorola Phone Toolsfaxres.cmd.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-13 01:34 . 2009-01-02 08:23
d
w- c:documents and settingsдомApplication DataSkype
2009-11-13 01:03 . 2009-03-22 08:25
d
w- c:documents and settingsAll Users.WINDOWSApplication DataKaspersky Lab
2009-11-12 21:21 . 2009-01-02 08:26
d
w- c:documents and settingsдомApplication DataskypePM
2009-11-12 21:20 . 2009-03-22 08:25 901152 —sha-w- c:windowssystem32driversfidbox2.dat
2009-11-12 21:20 . 2009-03-22 08:25 4160 —sha-w- c:windowssystem32driversfidbox2.idx
2009-11-12 21:19 . 2009-03-22 08:25 4361760 —sha-w- c:windowssystem32driversfidbox.dat
2009-11-12 21:19 . 2009-03-22 08:25 35156 —sha-w- c:windowssystem32driversfidbox.idx
2009-11-11 13:16 . 2009-03-29 11:47
d
w- c:program filesBuka
2009-11-07 21:41 . 2004-10-21 10:52 79748 —-a-w- c:windowssystem32perfc019.dat
2009-11-07 21:41 . 2004-10-21 10:52 474826 —-a-w- c:windowssystem32perfh019.dat
2009-11-03 11:31 . 2009-11-03 01:43
d
w- c:program filestrend micro
2009-11-03 10:36 . 2009-11-03 10:35
d
w- c:program filesMalwarebytes’ Anti-Malware
2009-11-03 02:17 . 2008-06-13 18:57 102400 —-a-w- c:windowsDUMP9a6b.tmp
2009-11-03 01:58 . 2009-11-03 01:58
d
w- c:documents and settingsдомApplication DataMalwarebytes
2009-11-03 01:58 . 2009-11-03 01:58
d
w- c:documents and settingsAll Users.WINDOWSApplication DataMalwarebytes
2009-11-02 14:24 . 2009-08-26 14:19
d—a-w- c:documents and settingsAll Users.WINDOWSApplication DataTEMP
2009-10-27 15:01 . 2009-09-23 10:10
d
w- c:documents and settingsдомApplication DataShopping Blocks
2009-10-18 13:57 . 2008-06-13 16:44 44432 —-a-w- c:documents and settingsдомLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-10-13 08:07 . 2009-10-10 09:03 25 —-a-w- c:windowspopcinfot.dat
2009-10-07 14:34 . 2009-10-07 14:34
d
w- c:program filesMSXML 6.0
2009-09-30 09:59 . 2009-09-30 08:55
d
w- c:program filesMotorola Phone Tools
2009-09-30 09:56 . 2009-09-30 09:56 9232 —-a-w- c:documents and settingsдомmqdmmdfl.sys
2009-09-30 09:56 . 2009-09-30 09:56 92064 —-a-w- c:documents and settingsдомmqdmmdm.sys
2009-09-30 09:56 . 2009-09-30 09:56 79328 —-a-w- c:documents and settingsдомmqdmserd.sys
2009-09-30 09:56 . 2009-09-30 09:56 66656 —-a-w- c:documents and settingsдомmqdmbus.sys
2009-09-30 09:56 . 2009-09-30 09:56 6208 —-a-w- c:documents and settingsдомmqdmcmnt.sys
2009-09-30 09:56 . 2009-09-30 09:56 5936 —-a-w- c:documents and settingsдомmqdmwhnt.sys
2009-09-30 09:56 . 2009-09-30 09:56 4048 —-a-w- c:documents and settingsдомmqdmcr.sys
2009-09-30 09:56 . 2009-09-29 11:06 25600 —-a-w- c:documents and settingsдомusbsermptxp.sys
2009-09-30 09:56 . 2009-09-29 11:06 22768 —-a-w- c:documents and settingsдомusbsermpt.sys
2009-09-30 09:04 . 2009-09-30 08:58
d
w- c:program filesAvanquest update
2009-09-30 08:58 . 2008-05-19 03:54
d—h—w- c:program filesInstallShield Installation Information
2009-09-30 08:55 . 2008-08-07 11:41
d
w- c:documents and settingsAll Users.WINDOWSApplication DataBVRP Software
2009-09-30 06:54 . 2009-07-23 14:42
d
w- c:program filesPivim Multibar
2009-09-29 11:06 . 2009-09-29 11:06 22768 —-a-w- c:windowssystem32driversusbsermpt.sys
2009-09-25 10:53 . 2009-05-04 14:28
d
w- c:program filesGames
2009-09-25 05:57 . 2004-10-21 10:52 662528 —-a-w- c:windowssystem32wininet.dll
2009-09-25 05:57 . 2004-10-21 10:52 81920 —-a-w- c:windowssystem32ieencode.dll
2009-09-24 13:56 . 2009-09-24 13:56
d
w- c:program filesAlcohol 120
2009-09-23 10:12 . 2009-09-23 10:12
d
w- c:documents and settingsдомApplication DataBoolat Games
2009-09-23 10:12 . 2009-09-23 10:12
d
w- c:documents and settingsдомApplication DataAlterLab
2009-09-23 09:38 . 2009-09-23 09:38
d
w- c:documents and settingsдомApplication DataCasualForge
2009-09-23 09:38 . 2009-09-23 09:38
d
w- c:documents and settingsAll Users.WINDOWSApplication DataCasualForge
2009-09-23 09:05 . 2009-09-23 09:04
d
w- c:documents and settingsдомApplication DataBeachPartyCraze
2009-09-23 08:41 . 2009-09-23 08:41
d
w- c:documents and settingsAll Users.WINDOWSApplication DataPopCap Games
2009-09-16 00:37 . 2009-09-16 00:37
d
w- c:documents and settingsдомApplication DataOberon Games
2009-09-16 00:37 . 2009-09-16 00:37
d
w- c:documents and settingsAll Users.WINDOWSApplication DataOberon Games
2009-09-14 09:21 . 2009-04-08 16:45
d
w- c:program filesMicrosoft ActiveSync
2009-09-11 14:35 . 2004-10-21 10:52 133632 —-a-w- c:windowssystem32msv1_0.dll
2009-09-10 08:54 . 2009-11-03 10:35 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2009-09-10 08:53 . 2009-11-03 10:35 19160 —-a-w- c:windowssystem32driversmbam.sys
2009-09-04 20:47 . 2004-10-21 10:52 58880 —-a-w- c:windowssystem32msasn1.dll
2009-08-26 08:16 . 2004-10-21 10:52 247326 —-a-w- c:windowssystem32strmdll.dll
2008-05-19 03:03 . 2008-05-19 03:03 11196 —ha-w- c:program filesfolder.htt
.
Sigcheck
[-] 2008-06-13 . BC260ED748748149DB05B29B256A0500 . 503808 . . [5.1.2600.2180] . . c:windowsSYSTEM32winlogon.exe
[-] 2008-04-14 . B3B5D5855127E240C88451030AAEE76E . 509440 . . [5.1.2600.5512] . . c:windowsSoftwareDistributionDownloadeced8b5ea8e636fb8bff2b719fa62647winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-11-06_02.02.57 )))))))))))))))))))))))))))))))))))))))))
.
— 2008-06-23 03:56 . 2007-11-30 11:18 26488 c:windowsSYSTEM32spupdsvc.exe
+ 2008-06-23 03:56 . 2008-07-09 07:58 26488 c:windowsSYSTEM32spupdsvc.exe
— 2009-04-08 16:46 . 2007-11-30 12:40 17784 c:windowsSYSTEM32spmsg.dll
+ 2009-04-08 16:46 . 2008-07-08 13:21 17784 c:windowsSYSTEM32spmsg.dll
+ 2009-11-07 21:21 . 2009-11-07 21:21 60928 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationProviderb4a9e413d5cd6d6ec2d50aa05381e293UIAutomationProvider.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 37888 c:windowsassemblyNativeImages_v2.0.50727_32System.Windows.Pres#8acb476a0d4ee17a12881e17ae74a6afSystem.Windows.Presentation.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 36864 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.DynamicD#4b87ca3482a3c0ee733e028ecee7de65System.Web.DynamicData.Design.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 94208 c:windowsassemblyNativeImages_v2.0.50727_32System.ComponentMod#a0c71055364bd356971791284c3fb910System.ComponentModel.DataAnnotations.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 82944 c:windowsassemblyNativeImages_v2.0.50727_32System.AddIn.Contra#f9a75bbdc2ce7db578b5977766a09b99System.AddIn.Contract.ni.dll
+ 2009-11-07 21:22 . 2009-11-07 21:22 47104 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFontCac#3dd0f86c966c75755d62eab8ddf0634cPresentationFontCache.ni.exe
+ 2009-11-07 21:20 . 2009-11-07 21:20 39424 c:windowsassemblyNativeImages_v2.0.50727_32PresentationCFFRast#34d081fe294bab1ee1ecc98c1181424PresentationCFFRasterizer.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 55296 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Vsaf2673aec397c52796aef05bb9d2668dfMicrosoft.Vsa.ni.dll
+ 2009-11-07 21:21 . 2009-11-07 21:21 15872 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.VisualC1ded203bd27031c3a5e3441f94b528c0Microsoft.VisualC.ni.dll
+ 2009-11-07 21:20 . 2009-11-07 21:20 65024 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Fra#d513fe1a81c441e7656a9b062cff4e9fMicrosoft.Build.Framework.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 74752 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Fra#c5d504724d7f351b1d034615dbb72a2aMicrosoft.Build.Framework.ni.dll
+ 2009-11-07 21:28 . 2009-11-07 21:28 14336 c:windowsassemblyNativeImages_v2.0.50727_32dfsvca664ccab020f93f1d533919f57131190dfsvc.ni.exe
+ 2009-11-07 21:21 . 2009-11-07 21:21 25600 c:windowsassemblyNativeImages_v2.0.50727_32Accessibilitye63d6d26b8a664cfdfbd4ad75e03c14dAccessibility.ni.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 77824 c:windowsassemblyGAC_MSILSystem.Web.RegularExpressions2.0.0.0__b03f5f7f11d50a3aSystem.Web.RegularExpressions.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 77824 c:windowsassemblyGAC_MSILSystem.Web.RegularExpressions2.0.0.0__b03f5f7f11d50a3aSystem.Web.RegularExpressions.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 81920 c:windowsassemblyGAC_MSILSystem.Drawing.Design2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.Design.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 81920 c:windowsassemblyGAC_MSILSystem.Drawing.Design2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.Design.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 81920 c:windowsassemblyGAC_MSILSystem.Configuration.Install2.0.0.0__b03f5f7f11d50a3aSystem.Configuration.Install.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 81920 c:windowsassemblyGAC_MSILSystem.Configuration.Install2.0.0.0__b03f5f7f11d50a3aSystem.Configuration.Install.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 32768 c:windowsassemblyGAC_MSILMicrosoft.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 32768 c:windowsassemblyGAC_MSILMicrosoft.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 12800 c:windowsassemblyGAC_MSILMicrosoft.Vsa.Vb.CodeDOMProcessor8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 12800 c:windowsassemblyGAC_MSILMicrosoft.Vsa.Vb.CodeDOMProcessor8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.Vb.CodeDOMProcessor.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 28672 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Vsa.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 28672 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Vsa.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 77824 c:windowsassemblyGAC_MSILMicrosoft.Build.Utilities2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Utilities.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 77824 c:windowsassemblyGAC_MSILMicrosoft.Build.Utilities2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Utilities.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 36864 c:windowsassemblyGAC_MSILMicrosoft.Build.Framework2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Framework.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 36864 c:windowsassemblyGAC_MSILMicrosoft.Build.Framework2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Framework.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 77824 c:windowsassemblyGAC_MSILIEHost2.0.0.0__b03f5f7f11d50a3aIEHost.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 77824 c:windowsassemblyGAC_MSILIEHost2.0.0.0__b03f5f7f11d50a3aIEHost.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 13312 c:windowsassemblyGAC_MSILcscompmgd8.0.0.0__b03f5f7f11d50a3acscompmgd.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 13312 c:windowsassemblyGAC_MSILcscompmgd8.0.0.0__b03f5f7f11d50a3acscompmgd.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 10752 c:windowsassemblyGAC_MSILAccessibility2.0.0.0__b03f5f7f11d50a3aAccessibility.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 10752 c:windowsassemblyGAC_MSILAccessibility2.0.0.0__b03f5f7f11d50a3aAccessibility.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 72192 c:windowsassemblyGAC_32ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 72192 c:windowsassemblyGAC_32ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 69120 c:windowsassemblyGAC_32CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 69120 c:windowsassemblyGAC_32CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
+ 2009-11-07 02:17 . 2009-05-26 11:43 26488 c:windows$hf_mig$KB973815updatespcustom.dll
+ 2009-11-07 02:17 . 2009-05-26 11:43 17784 c:windows$hf_mig$KB973815spmsg.dll
+ 2009-11-07 21:02 . 2008-07-08 13:21 26488 c:windows$hf_mig$KB971633updatespcustom.dll
+ 2009-11-07 21:02 . 2008-07-08 13:21 17784 c:windows$hf_mig$KB971633spmsg.dll
+ 2009-11-07 02:16 . 2007-03-06 03:35 22752 c:windows$hf_mig$KB971032updatespcustom.dll
+ 2009-11-07 02:16 . 2007-03-06 03:35 14560 c:windows$hf_mig$KB971032spmsg.dll
+ 2009-06-25 18:28 . 2009-06-25 18:28 48640 c:windows$hf_mig$KB971032SP2QFEmqupgrd.dll
+ 2009-06-25 18:28 . 2009-06-25 18:28 95744 c:windows$hf_mig$KB971032SP2QFEmqsec.dll
+ 2009-06-25 18:27 . 2009-06-25 18:27 16896 c:windows$hf_mig$KB971032SP2QFEmqise.dll
+ 2009-06-25 18:27 . 2009-06-25 18:27 47104 c:windows$hf_mig$KB971032SP2QFEmqdscli.dll
+ 2009-06-22 11:30 . 2009-06-22 11:30 19968 c:windows$hf_mig$KB971032SP2QFEmqbkup.exe
+ 2009-06-22 11:30 . 2009-06-22 11:30 91776 c:windows$hf_mig$KB971032SP2QFEmqac.sys
+ 2009-11-07 02:18 . 2007-11-30 12:40 26488 c:windows$hf_mig$KB970238updatespcustom.dll
+ 2009-11-07 02:18 . 2007-11-30 12:40 17784 c:windows$hf_mig$KB970238spmsg.dll
+ 2009-11-07 02:17 . 2008-07-09 07:58 26488 c:windows$hf_mig$KB968537updatespcustom.dll
+ 2009-11-07 02:17 . 2008-07-09 07:58 17784 c:windows$hf_mig$KB968537spmsg.dll
+ 2009-11-07 21:03 . 2008-07-09 07:58 26488 c:windows$hf_mig$KB961501updatespcustom.dll
+ 2009-11-07 21:03 . 2008-07-09 07:58 17784 c:windows$hf_mig$KB961501spmsg.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 8192 c:windowsWinSxSMSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34eIEExecRemote.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 8192 c:windowsWinSxSMSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34eIEExecRemote.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 7168 c:windowsassemblyGAC_MSILMicrosoft_VsaVb8.0.0.0__b03f5f7f11d50a3aMicrosoft_VsaVb.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 7168 c:windowsassemblyGAC_MSILMicrosoft_VsaVb8.0.0.0__b03f5f7f11d50a3aMicrosoft_VsaVb.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 5632 c:windowsassemblyGAC_MSILMicrosoft.VisualC8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualC.Dll
— 2009-10-10 04:17 . 2009-10-10 04:17 5632 c:windowsassemblyGAC_MSILMicrosoft.VisualC8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualC.Dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 6656 c:windowsassemblyGAC_MSILIIEHost2.0.0.0__b03f5f7f11d50a3aIIEHost.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 6656 c:windowsassemblyGAC_MSILIIEHost2.0.0.0__b03f5f7f11d50a3aIIEHost.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 8192 c:windowsassemblyGAC_MSILIEExecRemote2.0.0.0__b03f5f7f11d50a3aIEExecRemote.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 8192 c:windowsassemblyGAC_MSILIEExecRemote2.0.0.0__b03f5f7f11d50a3aIEExecRemote.dll
+ 2009-06-22 11:30 . 2009-06-22 11:30 4608 c:windows$hf_mig$KB971032SP2QFEmqsvc.exe
— 2009-10-10 04:17 . 2009-10-10 04:17 113664 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.Wrapper.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 113664 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.Wrapper.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 258048 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 258048 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.dll
+ 2008-08-19 09:51 . 2009-09-18 10:05 361984 c:windowsSYSTEM32xpsp3res.dll
— 2008-08-19 09:51 . 2009-06-23 00:23 361984 c:windowsSYSTEM32xpsp3res.dll
— 2008-06-13 19:03 . 2009-10-18 13:56 212080 c:windowsSYSTEM32FNTCACHE.DAT
+ 2008-06-13 19:03 . 2009-11-12 21:21 212080 c:windowsSYSTEM32FNTCACHE.DAT
+ 2009-08-07 17:51 . 2009-08-07 17:51 989016 c:windowsMicrosoft.NETFrameworkv2.0.50727mscordacwks.dll
+ 2009-11-07 21:02 . 2009-11-07 21:02 972800 c:windowsInstaller23fbefd.msi
+ 2009-03-20 05:48 . 2009-03-20 05:48 183808 c:windowsInstaller23fbef6.msp
+ 2009-11-07 21:29 . 2009-11-07 21:29 321536 c:windowsassemblyNativeImages_v2.0.50727_32WsatConfige2098e43d115155d6ba91ba3a7e577cfWsatConfig.ni.exe
+ 2009-11-07 21:26 . 2009-11-07 21:26 240128 c:windowsassemblyNativeImages_v2.0.50727_32WindowsFormsIntegra#bf92bc207f927cbbd6dfc9dc0c3eae68WindowsFormsIntegration.ni.dll
+ 2009-11-07 21:21 . 2009-11-07 21:21 187904 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationTypes6f488b7644dc50a083868e91a4014466UIAutomationTypes.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 447488 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationClientc2fbf25609b704061a93500efa6f241dUIAutomationClient.ni.dll
+ 2009-11-07 21:34 . 2009-11-07 21:34 400896 c:windowsassemblyNativeImages_v2.0.50727_32System.Xml.Linqeb23b78564687badff1bd1f1d0a0ec97System.Xml.Linq.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 129536 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Routinge7666364bf9f3ba5f4833c9efedd8218System.Web.Routing.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 202240 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.RegularE#b5f1b8791e6c47e5bd5e7018c346c586System.Web.RegularExpressions.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 859648 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Extensio#884eacddf339b8b342f66aedff5f8ef9System.Web.Extensions.Design.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 328704 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Entity9e199645bd26f1afe58ebe185d1e7f0fSystem.Web.Entity.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 301056 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Entity.D#652017ebe962ab2eb271c2524f31cd61System.Web.Entity.Design.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 547328 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.DynamicD#d0070c1c1a642ae30394e00bc0d82336System.Web.DynamicData.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 141312 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Abstract#1896753d02d146be1988d32241300f51System.Web.Abstractions.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 627200 c:windowsassemblyNativeImages_v2.0.50727_32System.Transactions408e637346ef628a3f54fb1b9b83ac9fSystem.Transactions.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 212992 c:windowsassemblyNativeImages_v2.0.50727_32System.ServiceProce#1f61bccb700d687775cf778dd77752e9System.ServiceProcess.ni.dll
+ 2009-11-07 21:20 . 2009-11-07 21:20 676352 c:windowsassemblyNativeImages_v2.0.50727_32System.Securitya9e9b885a6601469c4058375cc74d856System.Security.ni.dll
+ 2009-11-07 21:22 . 2009-11-07 21:22 311296 c:windowsassemblyNativeImages_v2.0.50727_32System.Runtime.Seri#9bc34a79af9c3ed2cf17a0226c769b4cSystem.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 771584 c:windowsassemblyNativeImages_v2.0.50727_32System.Runtime.Remo#af21e3011fb4e107b13ea5c40c351ec4System.Runtime.Remoting.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 621056 c:windowsassemblyNativeImages_v2.0.50727_32System.Net5f74a84e9d28c2332c51f6e30da0e125System.Net.ni.dll
+ 2009-11-07 21:34 . 2009-11-07 21:34 593408 c:windowsassemblyNativeImages_v2.0.50727_32System.Messaging8ad38ebb07c0d5b5bbf15f8f3c11c6beSystem.Messaging.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 998400 c:windowsassemblyNativeImages_v2.0.50727_32System.Management2c208e4c5521f31057ea7d6e93c6a567System.Management.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 330752 c:windowsassemblyNativeImages_v2.0.50727_32System.Management.I#818b20a7c6f3b2fe97bf008ca24080c1System.Management.Instrumentation.ni.dll
+ 2009-11-07 21:27 . 2009-11-07 21:27 381440 c:windowsassemblyNativeImages_v2.0.50727_32System.IO.Log6c273eb9d1ee8b66b5ecb073de4b785dSystem.IO.Log.ni.dll
+ 2009-11-07 21:27 . 2009-11-07 21:27 212992 c:windowsassemblyNativeImages_v2.0.50727_32System.IdentityMode#7222db518afb4eaaa138824278249bc7System.IdentityModel.Selectors.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 280064 c:windowsassemblyNativeImages_v2.0.50727_32System.EnterpriseSe#8a7d0bd0057a8ed38291d5662248f7a1System.EnterpriseServices.Wrapper.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 627712 c:windowsassemblyNativeImages_v2.0.50727_32System.EnterpriseSe#8a7d0bd0057a8ed38291d5662248f7a1System.EnterpriseServices.ni.dll
+ 2009-11-07 21:24 . 2009-11-07 21:24 208384 c:windowsassemblyNativeImages_v2.0.50727_32System.Drawing.Desi#ca6d7208c0fb72ff97429f2636ced321System.Drawing.Design.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 881152 c:windowsassemblyNativeImages_v2.0.50727_32System.DirectorySer#c92fc19800e701c90f90ab7a2ab44c47System.DirectoryServices.AccountManagement.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 455680 c:windowsassemblyNativeImages_v2.0.50727_32System.DirectorySer#a601f47a98ee67df424685c9a66ea449System.DirectoryServices.Protocols.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 939008 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Service#b91b44015859163646f210d284f7166aSystem.Data.Services.Client.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 354816 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Service#1b35297e07b85071daecdb06f96750a1System.Data.Services.Design.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 756736 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Entity.#cf906bf9146d1f0013451ec63b58e064System.Data.Entity.Design.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 135680 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.DataSet#4ff4134b0d490c090e03d74e104517c4System.Data.DataSetExtensions.ni.dll
+ 2009-11-07 21:19 . 2009-11-07 21:19 971264 c:windowsassemblyNativeImages_v2.0.50727_32System.Configuration7c743462baccf29b3567b0e3ec9ac134System.Configuration.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 141312 c:windowsassemblyNativeImages_v2.0.50727_32System.Configuratio#443e3a85c491b2de4a2ac654cb957484System.Configuration.Install.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 633856 c:windowsassemblyNativeImages_v2.0.50727_32System.AddIncba35f47925431a54d0e6ae147a292f1System.AddIn.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 232448 c:windowsassemblyNativeImages_v2.0.50727_32sysglobl3677b81a93d21c46cbac72c051f8c986sysglobl.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 366080 c:windowsassemblyNativeImages_v2.0.50727_32SMSvcHost6af32fe5cbec0aa54e2efa6910c73651SMSvcHost.ni.exe
+ 2009-11-07 21:29 . 2009-11-07 21:29 256000 c:windowsassemblyNativeImages_v2.0.50727_32SMDiagnostics7602d7687fb9bd21cd9ae60d2b187c99SMDiagnostics.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 320512 c:windowsassemblyNativeImages_v2.0.50727_32ServiceModelRega23dc25782df04533a13e348203e4dc5ServiceModelReg.ni.exe
+ 2009-11-07 21:25 . 2009-11-07 21:25 258048 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#96f74da5fc40b92f09069230bc0df4f0PresentationFramework.Royale.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 539648 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#3bb4d16b042b72c2c85a0f8ac9d48f28PresentationFramework.Luna.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 368128 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#30c5c2682d3c5bdaa83bb9a36ee48afaPresentationFramework.Aero.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 224768 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#7e952efd70f5608e221a008e6231acePresentationFramework.Classic.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 133632 c:windowsassemblyNativeImages_v2.0.50727_32MSBuildeade8c1c9c1e8e5ffb50e6c9b9af0f6aMSBuild.ni.exe
+ 2009-11-07 21:29 . 2009-11-07 21:29 386560 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Transacti#fc4d66e0a92b3767006a84f2519d2457Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-11-07 21:20 . 2009-11-07 21:20 144384 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Uti#58ca3ecc52b7246b448c109817198a0bMicrosoft.Build.Utilities.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 175104 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Uti#4dd43724dd92026577c6f588270137a0Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 839680 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Eng#8c651f75bb741330370986dcad8e9e5bMicrosoft.Build.Engine.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 222720 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Con#a6dcbae619ccd938bfe808c54d6d3ae0Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 220672 c:windowsassemblyNativeImages_v2.0.50727_32CustomMarshalers77688ce14f221ed94a9f442ae4736123CustomMarshalers.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 410112 c:windowsassemblyNativeImages_v2.0.50727_32ComSvcConfiga17c65f0cffaa4f792dd38d50df9d526ComSvcConfig.ni.exe
+ 2009-11-07 21:27 . 2009-11-07 21:27 842240 c:windowsassemblyNativeImages_v2.0.50727_32AspNetMMCExt85d7c111956b478766d90625b35d963fAspNetMMCExt.ni.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 839680 c:windowsassemblyGAC_MSILSystem.Web.Services2.0.0.0__b03f5f7f11d50a3aSystem.Web.Services.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 839680 c:windowsassemblyGAC_MSILSystem.Web.Services2.0.0.0__b03f5f7f11d50a3aSystem.Web.Services.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 835584 c:windowsassemblyGAC_MSILSystem.Web.Mobile2.0.0.0__b03f5f7f11d50a3aSystem.Web.Mobile.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 835584 c:windowsassemblyGAC_MSILSystem.Web.Mobile2.0.0.0__b03f5f7f11d50a3aSystem.Web.Mobile.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 114688 c:windowsassemblyGAC_MSILSystem.ServiceProcess2.0.0.0__b03f5f7f11d50a3aSystem.ServiceProcess.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 114688 c:windowsassemblyGAC_MSILSystem.ServiceProcess2.0.0.0__b03f5f7f11d50a3aSystem.ServiceProcess.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 258048 c:windowsassemblyGAC_MSILSystem.Security2.0.0.0__b03f5f7f11d50a3aSystem.Security.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 258048 c:windowsassemblyGAC_MSILSystem.Security2.0.0.0__b03f5f7f11d50a3aSystem.Security.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 131072 c:windowsassemblyGAC_MSILSystem.Runtime.Serialization.Formatters.Soap2.0.0.0__b03f5f7f11d50a3aSystem.Runtime.Serialization.Formatters.Soap.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 131072 c:windowsassemblyGAC_MSILSystem.Runtime.Serialization.Formatters.Soap2.0.0.0__b03f5f7f11d50a3aSystem.Runtime.Serialization.Formatters.Soap.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 303104 c:windowsassemblyGAC_MSILSystem.Runtime.Remoting2.0.0.0__b77a5c561934e089System.Runtime.Remoting.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 303104 c:windowsassemblyGAC_MSILSystem.Runtime.Remoting2.0.0.0__b77a5c561934e089System.Runtime.Remoting.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 258048 c:windowsassemblyGAC_MSILSystem.Messaging2.0.0.0__b03f5f7f11d50a3aSystem.Messaging.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 258048 c:windowsassemblyGAC_MSILSystem.Messaging2.0.0.0__b03f5f7f11d50a3aSystem.Messaging.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 372736 c:windowsassemblyGAC_MSILSystem.Management2.0.0.0__b03f5f7f11d50a3aSystem.Management.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 372736 c:windowsassemblyGAC_MSILSystem.Management2.0.0.0__b03f5f7f11d50a3aSystem.Management.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 626688 c:windowsassemblyGAC_MSILSystem.Drawing2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 626688 c:windowsassemblyGAC_MSILSystem.Drawing2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 401408 c:windowsassemblyGAC_MSILSystem.DirectoryServices2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 401408 c:windowsassemblyGAC_MSILSystem.DirectoryServices2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 188416 c:windowsassemblyGAC_MSILSystem.DirectoryServices.Protocols2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.Protocols.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 188416 c:windowsassemblyGAC_MSILSystem.DirectoryServices.Protocols2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.Protocols.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 970752 c:windowsassemblyGAC_MSILSystem.Deployment2.0.0.0__b03f5f7f11d50a3aSystem.Deployment.dll
— 2009-10-10 04:18 . 2009-10-10 04:18 970752 c:windowsassemblyGAC_MSILSystem.Deployment2.0.0.0__b03f5f7f11d50a3aSystem.Deployment.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 745472 c:windowsassemblyGAC_MSILSystem.Data.SqlXml2.0.0.0__b77a5c561934e089System.Data.SqlXml.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 745472 c:windowsassemblyGAC_MSILSystem.Data.SqlXml2.0.0.0__b77a5c561934e089System.Data.SqlXml.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 425984 c:windowsassemblyGAC_MSILSystem.Configuration2.0.0.0__b03f5f7f11d50a3aSystem.configuration.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 425984 c:windowsassemblyGAC_MSILSystem.Configuration2.0.0.0__b03f5f7f11d50a3aSystem.configuration.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 110592 c:windowsassemblyGAC_MSILsysglobl2.0.0.0__b03f5f7f11d50a3asysglobl.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 110592 c:windowsassemblyGAC_MSILsysglobl2.0.0.0__b03f5f7f11d50a3asysglobl.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 659456 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 659456 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 372736 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 372736 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 110592 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility.Data8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.Data.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 110592 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility.Data8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.Data.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 749568 c:windowsassemblyGAC_MSILMicrosoft.JScript8.0.0.0__b03f5f7f11d50a3aMicrosoft.JScript.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 749568 c:windowsassemblyGAC_MSILMicrosoft.JScript8.0.0.0__b03f5f7f11d50a3aMicrosoft.JScript.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 655360 c:windowsassemblyGAC_MSILMicrosoft.Build.Tasks2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Tasks.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 655360 c:windowsassemblyGAC_MSILMicrosoft.Build.Tasks2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Tasks.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 348160 c:windowsassemblyGAC_MSILMicrosoft.Build.Engine2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Engine.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 348160 c:windowsassemblyGAC_MSILMicrosoft.Build.Engine2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Engine.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 507904 c:windowsassemblyGAC_MSILAspNetMMCExt2.0.0.0__b03f5f7f11d50a3aAspNetMMCExt.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 507904 c:windowsassemblyGAC_MSILAspNetMMCExt2.0.0.0__b03f5f7f11d50a3aAspNetMMCExt.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 261632 c:windowsassemblyGAC_32System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 261632 c:windowsassemblyGAC_32System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 113664 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 113664 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 258048 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 258048 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 486400 c:windowsassemblyGAC_32System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 486400 c:windowsassemblyGAC_32System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
+ 2009-11-07 02:17 . 2009-05-26 11:43 391032 c:windows$hf_mig$KB973815updateupdspapi.dll
+ 2009-11-07 02:17 . 2009-05-26 11:43 760184 c:windows$hf_mig$KB973815updateupdate.exe
+ 2009-11-07 02:17 . 2009-05-26 11:43 232824 c:windows$hf_mig$KB973815spuninst.exe
+ 2009-08-05 08:53 . 2009-08-05 08:53 204800 c:windows$hf_mig$KB973815SP3QFEmswebdvd.dll
+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:windows$hf_mig$KB973815SP3GDRmswebdvd.dll
+ 2009-08-05 08:51 . 2009-08-05 08:51 204800 c:windows$hf_mig$KB973815SP2QFEmswebdvd.dll
+ 2009-11-07 21:02 . 2008-07-09 07:58 391032 c:windows$hf_mig$KB971633updateupdspapi.dll
+ 2009-11-07 21:02 . 2008-07-09 07:58 760184 c:windows$hf_mig$KB971633updateupdate.exe
+ 2009-11-07 21:02 . 2008-07-08 13:21 232824 c:windows$hf_mig$KB971633spuninst.exe
+ 2009-11-07 02:16 . 2007-03-06 03:36 379616 c:windows$hf_mig$KB971032updateupdspapi.dll
+ 2009-11-07 02:16 . 2007-03-06 03:35 720608 c:windows$hf_mig$KB971032updateupdate.exe
+ 2009-11-07 02:16 . 2007-03-06 03:35 214752 c:windows$hf_mig$KB971032spuninst.exe
+ 2009-06-25 18:28 . 2009-06-25 18:28 169472 c:windows$hf_mig$KB971032SP2QFEmsmqocm.dll
+ 2009-06-25 18:28 . 2009-06-25 18:28 486400 c:windows$hf_mig$KB971032SP2QFEmqutil.dll
+ 2009-06-25 18:28 . 2009-06-25 18:28 186880 c:windows$hf_mig$KB971032SP2QFEmqtrig.dll
+ 2009-06-22 11:30 . 2009-06-22 11:30 117248 c:windows$hf_mig$KB971032SP2QFEmqtgsvc.exe
+ 2009-06-25 18:28 . 2009-06-25 18:28 517120 c:windows$hf_mig$KB971032SP2QFEmqsnap.dll
+ 2009-06-25 18:28 . 2009-06-25 18:28 123392 c:windows$hf_mig$KB971032SP2QFEmqrtdep.dll
+ 2009-06-25 18:28 . 2009-06-25 18:28 177152 c:windows$hf_mig$KB971032SP2QFEmqrt.dll
+ 2009-06-25 18:28 . 2009-06-25 18:28 661504 c:windows$hf_mig$KB971032SP2QFEmqqm.dll
+ 2009-06-25 18:27 . 2009-06-25 18:27 225280 c:windows$hf_mig$KB971032SP2QFEmqoa.dll
+ 2009-06-25 18:27 . 2009-06-25 18:27 138240 c:windows$hf_mig$KB971032SP2QFEmqad.dll
+ 2009-11-07 02:18 . 2007-11-30 12:40 391032 c:windows$hf_mig$KB970238updateupdspapi.dll
+ 2009-11-07 02:18 . 2007-11-30 12:40 760184 c:windows$hf_mig$KB970238updateupdate.exe
+ 2009-11-07 02:18 . 2007-11-30 12:40 232824 c:windows$hf_mig$KB970238spuninst.exe
+ 2009-04-15 15:25 . 2009-04-15 15:25 585216 c:windows$hf_mig$KB970238SP3QFErpcrt4.dll
+ 2009-04-15 14:53 . 2009-04-15 14:53 585216 c:windows$hf_mig$KB970238SP3GDRrpcrt4.dll
+ 2009-04-15 09:56 . 2009-04-15 09:56 360448 c:windows$hf_mig$KB970238SP2QFEspru0419.dll
+ 2009-04-15 15:31 . 2009-04-15 15:31 583168 c:windows$hf_mig$KB970238SP2QFErpcrt4.dll
+ 2009-11-07 02:17 . 2008-07-09 07:58 391032 c:windows$hf_mig$KB968537updateupdspapi.dll
+ 2009-11-07 02:17 . 2008-07-09 07:58 760184 c:windows$hf_mig$KB968537updateupdate.exe
+ 2009-11-07 02:17 . 2008-07-09 07:58 232824 c:windows$hf_mig$KB968537spuninst.exe
+ 2009-11-07 21:03 . 2008-07-09 07:58 391032 c:windows$hf_mig$KB961501updateupdspapi.dll
+ 2009-11-07 21:03 . 2008-07-09 07:58 760184 c:windows$hf_mig$KB961501updateupdate.exe
+ 2009-11-07 21:03 . 2008-07-09 07:58 232824 c:windows$hf_mig$KB961501spuninst.exe
+ 2009-05-07 15:16 . 2009-05-07 15:16 347136 c:windows$hf_mig$KB961501SP3QFElocalspl.dll
+ 2009-05-07 15:33 . 2009-05-07 15:33 346624 c:windows$hf_mig$KB961501SP3GDRlocalspl.dll
+ 2009-05-07 15:31 . 2009-05-07 15:31 347136 c:windows$hf_mig$KB961501SP2QFElocalspl.dll
+ 2009-11-07 03:18 . 2009-08-13 13:56 1748992 c:windowsWinSxSx86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2dfGdiPlus.dll
+ 2008-08-29 14:06 . 2008-08-29 14:06 1350664 c:windowsSYSTEM32msxml6.dll
— 2008-10-30 06:08 . 2008-08-14 13:47 2182144 c:windowsSYSTEM32dllcachentoskrnl.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2182144 c:windowsSYSTEM32dllcachentoskrnl.exe
— 2008-10-30 06:08 . 2008-08-14 13:47 2017792 c:windowsSYSTEM32dllcachentkrpamp.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2017792 c:windowsSYSTEM32dllcachentkrpamp.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2059520 c:windowsSYSTEM32dllcachentkrnlpa.exe
— 2008-10-30 06:08 . 2008-08-14 13:47 2059520 c:windowsSYSTEM32dllcachentkrnlpa.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2138112 c:windowsSYSTEM32dllcachentkrnlmp.exe
— 2008-10-30 06:08 . 2008-08-14 13:47 2138112 c:windowsSYSTEM32dllcachentkrnlmp.exe
+ 2009-08-07 17:51 . 2009-08-07 17:51 5812560 c:windowsMicrosoft.NETFrameworkv2.0.50727mscorwks.dll
+ 2009-08-07 17:51 . 2009-08-07 17:51 4546560 c:windowsMicrosoft.NETFrameworkv2.0.50727mscorlib.dll
— 2008-11-24 21:59 . 2008-11-24 21:59 4546560 c:windowsMicrosoft.NETFrameworkv2.0.50727mscorlib.dll
— 2008-10-30 06:08 . 2008-08-14 13:47 2182144 c:windowsDriver Cachei386ntoskrnl.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2182144 c:windowsDriver Cachei386ntoskrnl.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2017792 c:windowsDriver Cachei386ntkrpamp.exe
— 2008-10-30 06:08 . 2008-08-14 13:47 2017792 c:windowsDriver Cachei386ntkrpamp.exe
— 2008-10-30 06:08 . 2008-08-14 13:47 2059520 c:windowsDriver Cachei386ntkrnlpa.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2059520 c:windowsDriver Cachei386ntkrnlpa.exe
— 2008-10-30 06:08 . 2008-08-14 13:47 2138112 c:windowsDriver Cachei386ntkrnlmp.exe
+ 2008-10-30 06:08 . 2009-08-04 17:06 2138112 c:windowsDriver Cachei386ntkrnlmp.exe
+ 2009-11-07 21:20 . 2009-11-07 21:20 3313664 c:windowsassemblyNativeImages_v2.0.50727_32WindowsBase204d6e5b335134f23ca37638b9227ecfWindowsBase.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 1049600 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationClients#f2ed6a204eb13841e99b77025464afcUIAutomationClientsideProviders.ni.dll
+ 2009-11-07 21:19 . 2009-11-07 21:19 7868416 c:windowsassemblyNativeImages_v2.0.50727_32System3de5bd01124463d7862bd173af90bc83System.ni.dll
+ 2009-11-07 21:20 . 2009-11-07 21:20 5450752 c:windowsassemblyNativeImages_v2.0.50727_32System.Xml5913d3f81e77194ec833991b1047a532System.Xml.ni.dll
+ 2009-11-07 21:34 . 2009-11-07 21:34 1356288 c:windowsassemblyNativeImages_v2.0.50727_32System.WorkflowServ#fa48917b13629d8effa80dd4a2f2973dSystem.WorkflowServices.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 1908224 c:windowsassemblyNativeImages_v2.0.50727_32System.Workflow.Run#6fe66ee6f3c81996bc148f1ebe7ec030System.Workflow.Runtime.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 4514304 c:windowsassemblyNativeImages_v2.0.50727_32System.Workflow.Com#9d0b61f2f1ebdc300bd970f594c422efSystem.Workflow.ComponentModel.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 2992640 c:windowsassemblyNativeImages_v2.0.50727_32System.Workflow.Act#65328898148a720d394f802f192fc2a0System.Workflow.Activities.ni.dll
+ 2009-11-07 21:24 . 2009-11-07 21:24 1840640 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Servicesea07ac791bb5cb9f83679e3dd1a0c0ccSystem.Web.Services.ni.dll
+ 2009-11-07 21:33 . 2009-11-07 21:33 2209280 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Mobile29e2f8b1fb691ced973acf49fcee6ec1System.Web.Mobile.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 2403328 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Extensio#981dea02bc63c0c083e335adf9018788System.Web.Extensions.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 1917440 c:windowsassemblyNativeImages_v2.0.50727_32System.Speech99594bae1d022502925f5b9dfcdaae9aSystem.Speech.ni.dll
+ 2009-11-07 21:27 . 2009-11-07 21:27 2338304 c:windowsassemblyNativeImages_v2.0.50727_32System.Runtime.Seri#67ad55827f2542552b576170f0a7dc56System.Runtime.Serialization.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 1035264 c:windowsassemblyNativeImages_v2.0.50727_32System.Printinge5313735a40c0800f116e27fba4754dbSystem.Printing.ni.dll
+ 2009-11-07 21:27 . 2009-11-07 21:27 1056768 c:windowsassemblyNativeImages_v2.0.50727_32System.IdentityModelc3b18fef5c6dc3bcdbe5df699fd21a55System.IdentityModel.ni.dll
+ 2009-11-07 21:21 . 2009-11-07 21:21 1587200 c:windowsassemblyNativeImages_v2.0.50727_32System.Drawingabb2ac7e08bee026f857d8fa36f9fe6fSystem.Drawing.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 1116672 c:windowsassemblyNativeImages_v2.0.50727_32System.DirectorySer#f47ebb9db460874b1bcbfc391dc970b1System.DirectoryServices.ni.dll
+ 2009-11-07 21:21 . 2009-11-07 21:21 1801216 c:windowsassemblyNativeImages_v2.0.50727_32System.Deploymentc94a427baa7683f4221b91f90c18461bSystem.Deployment.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 6616576 c:windowsassemblyNativeImages_v2.0.50727_32System.Data694c07365e0fd6bba0bc304d4d2404a7System.Data.ni.dll
+ 2009-11-07 21:20 . 2009-11-07 21:20 2510336 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.SqlXml272152f0cc139490729e215611a4b244System.Data.SqlXml.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 1328128 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Services112a48e34620a0210eb850040da8a31bSystem.Data.Services.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 1115136 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.OracleC#ffa1018e8022964eb51025c2c6d8727aSystem.Data.OracleClient.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 2516480 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Linq32788c58ff9f8324460604cf1fe7681bSystem.Data.Linq.ni.dll
+ 2009-11-07 21:31 . 2009-11-07 21:31 9924096 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Entity9012cac7819660f61f1c69cf8e4f2ccfSystem.Data.Entity.ni.dll
+ 2009-11-07 21:25 . 2009-11-07 21:25 2295296 c:windowsassemblyNativeImages_v2.0.50727_32System.Corec0a42d2ad8a4078040b334f6770ea11fSystem.Core.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 2128896 c:windowsassemblyNativeImages_v2.0.50727_32ReachFramework954685c29689d2a6126ceca1fd55e904ReachFramework.ni.dll
+ 2009-11-07 21:23 . 2009-11-07 21:23 1657856 c:windowsassemblyNativeImages_v2.0.50727_32PresentationUIa3a6f52ce1d09a7bdccc8e7fc664792dPresentationUI.ni.dll
+ 2009-11-07 21:19 . 2009-11-07 21:19 1451008 c:windowsassemblyNativeImages_v2.0.50727_32PresentationBuildTa#f906701365083c1473db31519147e263PresentationBuildTasks.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 1712128 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.VisualBas#6eee9b772b6d12d3dbd82f118c2ab2e5Microsoft.VisualBasic.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 1093120 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Transacti#f19e9b439636d0744597fff1331cad04Microsoft.Transactions.Bridge.ni.dll
+ 2009-11-07 21:32 . 2009-11-07 21:32 2332160 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.JScript5b1af7b5be24c7ace065fe1c81c2b650Microsoft.JScript.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 1620992 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Tas#9eec1cc7ac37e0c7f3205e8156149c5aMicrosoft.Build.Tasks.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 1966080 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Tas#28c0730288453d57d5dcd62903c4d31bMicrosoft.Build.Tasks.v3.5.ni.dll
+ 2009-11-07 21:29 . 2009-11-07 21:29 1888768 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Eng#5dd4f58999eed37c12aee7ea9f9863acMicrosoft.Build.Engine.ni.dll
— 2009-10-10 04:18 . 2009-10-10 04:18 3149824 c:windowsassemblyGAC_MSILSystem2.0.0.0__b77a5c561934e089System.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 3149824 c:windowsassemblyGAC_MSILSystem2.0.0.0__b77a5c561934e089System.dll
— 2009-10-10 04:18 . 2009-10-10 04:18 2048000 c:windowsassemblyGAC_MSILSystem.Xml2.0.0.0__b77a5c561934e089System.XML.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 2048000 c:windowsassemblyGAC_MSILSystem.Xml2.0.0.0__b77a5c561934e089System.XML.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 5025792 c:windowsassemblyGAC_MSILSystem.Windows.Forms2.0.0.0__b77a5c561934e089System.Windows.Forms.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 5025792 c:windowsassemblyGAC_MSILSystem.Windows.Forms2.0.0.0__b77a5c561934e089System.Windows.Forms.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 5062656 c:windowsassemblyGAC_MSILSystem.Design2.0.0.0__b03f5f7f11d50a3aSystem.Design.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 5062656 c:windowsassemblyGAC_MSILSystem.Design2.0.0.0__b03f5f7f11d50a3aSystem.Design.dll
+ 2009-11-07 21:14 . 2009-11-07 21:14 5242880 c:windowsassemblyGAC_32System.Web2.0.0.0__b03f5f7f11d50a3aSystem.Web.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 5242880 c:windowsassemblyGAC_32System.Web2.0.0.0__b03f5f7f11d50a3aSystem.Web.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 2933248 c:windowsassemblyGAC_32System.Data2.0.0.0__b77a5c561934e089System.Data.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 2933248 c:windowsassemblyGAC_32System.Data2.0.0.0__b77a5c561934e089System.Data.dll
— 2009-10-10 04:17 . 2009-10-10 04:17 4546560 c:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
+ 2009-11-07 21:15 . 2009-11-07 21:15 4546560 c:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
+ 2009-06-03 19:12 . 2009-06-03 19:12 1292800 c:windows$hf_mig$KB971633SP3QFEquartz.dll
+ 2009-06-03 19:11 . 2009-06-03 19:11 1292800 c:windows$hf_mig$KB971633SP3GDRquartz.dll
+ 2009-06-03 19:24 . 2009-06-03 19:24 1292800 c:windows$hf_mig$KB971633SP2QFEquartz.dll
+ 2009-04-19 19:44 . 2009-04-19 19:44 1847936 c:windows$hf_mig$KB968537SP3QFEwin32k.sys
+ 2009-04-19 19:51 . 2009-04-19 19:51 1847296 c:windows$hf_mig$KB968537SP3GDRwin32k.sys
+ 2009-04-19 19:58 . 2009-04-19 19:58 1848064 c:windows$hf_mig$KB968537SP2QFEwin32k.sys
+ 2008-11-20 03:05 . 2009-11-05 17:36 26768832 c:windowsSYSTEM32MRT.exe
+ 2009-08-14 14:32 . 2009-08-14 14:32 11110912 c:windowsInstaller23fbf08.msp
+ 2009-11-07 21:21 . 2009-11-07 21:21 12430848 c:windowsassemblyNativeImages_v2.0.50727_32System.Windows.Formsd2ea8d76f015817db1607075812b555fSystem.Windows.Forms.ni.dll
+ 2009-11-07 21:24 . 2009-11-07 21:24 11796992 c:windowsassemblyNativeImages_v2.0.50727_32System.Web5cea03cfb008f2eac1439a9905467f37System.Web.ni.dll
+ 2009-11-07 21:28 . 2009-11-07 21:28 17317888 c:windowsassemblyNativeImages_v2.0.50727_32System.ServiceModel6d6eab93282d2b136a377bd50b7c5a9System.ServiceModel.ni.dll
+ 2009-11-07 21:24 . 2009-11-07 21:24 10683392 c:windowsassemblyNativeImages_v2.0.50727_32System.Design8b82e08c008924d51833cb0884bcbfc5System.Design.ni.dll
+ 2009-11-07 21:22 . 2009-11-07 21:22 14327808 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#58c7ac6b6054038dc9346d7ec8e32b4cPresentationFramework.ni.dll
+ 2009-11-07 21:21 . 2009-11-07 21:21 12216320 c:windowsassemblyNativeImages_v2.0.50727_32PresentationCore94badbd64df59de7da249f71da38b1c2PresentationCore.ni.dll
+ 2009-11-07 21:19 . 2009-11-07 21:19 11486720 c:windowsassemblyNativeImages_v2.0.50727_32mscorlib7124a40b9998f7b63c86bd1a2125ce26mscorlib.ni.dll
.
— Snapshot reset to current date —
.Здраствуйте Валерий! Следуя вашим инструкциям, при работе Combofix была рамка «PEV.cfxxe-обнаружена ошибка,приложение будет закрыто» и » Preparing Log Report Do not run any programs until Combofix has finished»
Что это значит,мне не понятмо,может так надо,но я в этом профан,поэтому пишу на всякий случай.Дальше установила GMER -запускаю-в ответ -приложение будет зпкрыто,так как обнаружена ошибка. Ну а рамка «ошибка загрузки не установлено ни одной игры»-изчезла. Спасибо огромное за ваш труд!!!Дополняю. Сразу после перезагрузки появляется окно «ошибка загрузки не установлено ни одной игры» и что это за бред? Игрушки есть и все запускаются.
Проследовала вашим инструкциям. Спайваре исчез!!! Спасибо огромное!!! Нужно ещё что то сделать? Может посоветуете чем защищать комп, у меня стои только касперский.
ComboFix 09-11-04.05 — дом 06.11.2009 7:16.1.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.767.435 [GMT 6:00]
Running from: c:documents and settingsдомРабочий столComboFix.exe
Command switches used :: c:documents and settingsдомРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
AV: Антивирус Касперского *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:docume~1F185~1LOCALS~1Temp.EXE
c:docume~1F185~1LOCALS~1Tempa6.exe
c:documents and settingsAll Users.WINDOWSApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll Users.WINDOWSApplication DataMicrosoftNetworkDownloaderqmgr1.dat
c:recycledDc107
c:recycledDc108
c:recycledDc109
c:recycledDc110
c:recycledDc71
c:recyclerS-1-5-21-0020273565-6615990036-342079037-2331
c:recyclerS-1-5-21-0032495922-8044646181-128118480-1859
c:recyclerS-1-5-21-0053025454-3994219437-090039502-3098
c:recyclerS-1-5-21-0197856461-0585367731-976108570-1902
c:recyclerS-1-5-21-0302085058-8107586229-705817149-9692
c:recyclerS-1-5-21-0397333507-8461559554-243402866-7321
c:recyclerS-1-5-21-0502042885-8970373868-641631199-8353
c:recyclerS-1-5-21-0640709112-5184080139-425224766-3091
c:recyclerS-1-5-21-0648501036-4761606392-315426614-7690
c:recyclerS-1-5-21-0670690144-4691709162-408101994-1921
c:recyclerS-1-5-21-0900382720-3810865875-512567403-9410
c:recyclerS-1-5-21-0941217894-4752175431-568087229-2659
c:recyclerS-1-5-21-0981995614-8499226951-831949026-8404
c:recyclerS-1-5-21-1018695032-3811987153-229134863-6129
c:recyclerS-1-5-21-1043561398-9330893350-819566133-3691
c:recyclerS-1-5-21-1051426007-1430085214-348442319-2862
c:recyclerS-1-5-21-1075637266-6279282549-438410383-0468
c:recyclerS-1-5-21-1124614200-4027814802-385861666-9360
c:recyclerS-1-5-21-1315822059-2864066349-548187224-7343
c:recyclerS-1-5-21-1355706585-0691887458-841312035-7927
c:recyclerS-1-5-21-1380227599-8979860204-816258265-2842
c:recyclerS-1-5-21-1486842098-9438417722-202275444-2354
c:recyclerS-1-5-21-1528120146-7522851138-311718913-0407
c:recyclerS-1-5-21-1555707681-4134044301-265803345-0680
c:recyclerS-1-5-21-1645522239-602609370-839522115-1003
c:recyclerS-1-5-21-1654405939-5737254062-127699602-2266
c:recyclerS-1-5-21-1660547309-5558711565-867538778-5192
c:recyclerS-1-5-21-1712784980-9864599638-384416001-2411
c:recyclerS-1-5-21-1731716111-9568698455-429102927-1268
c:recyclerS-1-5-21-1757259340-6729358878-145218873-1411
c:recyclerS-1-5-21-1776092484-2910987003-688149859-9152
c:recyclerS-1-5-21-1841670156-7659813229-072800541-4369
c:recyclerS-1-5-21-1860245103-1585747632-395675451-9400
c:recyclerS-1-5-21-1911204447-4995808017-947284286-1222
c:recyclerS-1-5-21-1927289120-9624793562-291900853-3081
c:recyclerS-1-5-21-1941647395-7631559789-076591445-6247
c:recyclerS-1-5-21-1967825570-1407825705-123393025-2523
c:recyclerS-1-5-21-1993901713-5742300309-317512515-1707
c:recyclerS-1-5-21-2023031161-4655809973-955043434-0653
c:recyclerS-1-5-21-2068180390-1535578630-223457823-1239
c:recyclerS-1-5-21-2226603008-4420358513-779051367-1770
c:recyclerS-1-5-21-2464015693-4798255387-006885846-2111
c:recyclerS-1-5-21-2503027905-3738266738-494619703-6264
c:recyclerS-1-5-21-2571481543-1852572203-542992491-5691
c:recyclerS-1-5-21-2601127575-0849331927-328682082-6391
c:recyclerS-1-5-21-2610398141-2469042256-988877972-8213
c:recyclerS-1-5-21-2612450583-3571943663-075536146-5709
c:recyclerS-1-5-21-2894382651-8199890996-647596282-3555
c:recyclerS-1-5-21-2911096579-6282989373-396414853-7650
c:recyclerS-1-5-21-2963187809-3977908524-711087951-6146
c:recyclerS-1-5-21-3016670512-9620059193-614155100-2939
c:recyclerS-1-5-21-3183539963-6317650237-836481802-1227
c:recyclerS-1-5-21-3224273233-0557084464-390808778-0317
c:recyclerS-1-5-21-3326233404-0619675349-916957986-2504
c:recyclerS-1-5-21-3362769530-3916344240-318975160-7423
c:recyclerS-1-5-21-3755553856-9845170782-312683750-5477
c:recyclerS-1-5-21-3792550437-8183194544-231052033-0634
c:recyclerS-1-5-21-3886834022-8326556694-806439224-6264
c:recyclerS-1-5-21-3913377784-7340615223-754815997-4118
c:recyclerS-1-5-21-4011831836-9673305450-950169164-2505
c:recyclerS-1-5-21-4062496222-9336345353-854665062-0652
c:recyclerS-1-5-21-4113022540-8498509052-036576294-2392
c:recyclerS-1-5-21-4129539516-2729231286-203323043-9820
c:recyclerS-1-5-21-4237234283-7527440754-102953924-4040
c:recyclerS-1-5-21-4250986752-1886152195-974974021-3550
c:recyclerS-1-5-21-4412699606-6096326351-750397099-9223
c:recyclerS-1-5-21-4481843290-9047453860-145804371-0023
c:recyclerS-1-5-21-4609831810-5603128842-906288056-8164
c:recyclerS-1-5-21-4609836435-1921567074-783246032-8739
c:recyclerS-1-5-21-4703726279-1125903603-291498874-0024
c:recyclerS-1-5-21-4750680856-1963151529-439157817-2419
c:recyclerS-1-5-21-4750970914-3095414319-496123893-0007
c:recyclerS-1-5-21-5015252556-4712522723-717705559-5661
c:recyclerS-1-5-21-5049513166-4733742068-890406148-7451
c:recyclerS-1-5-21-5052321873-0358696489-090768106-4774
c:recyclerS-1-5-21-5220904898-9393821864-239814154-3859
c:recyclerS-1-5-21-5290316193-5169015030-518385464-1115
c:recyclerS-1-5-21-5319312810-0830365901-408260157-6883
c:recyclerS-1-5-21-5394178279-6937392695-775595490-5152
c:recyclerS-1-5-21-5394932486-8431581314-962671926-3358
c:recyclerS-1-5-21-5458961719-0562673687-827136796-1736
c:recyclerS-1-5-21-5473928230-5030399198-052068896-4386
c:recyclerS-1-5-21-5537563830-9532016241-888746401-9620
c:recyclerS-1-5-21-5565288072-6744157109-536099252-5405
c:recyclerS-1-5-21-5612414554-1728893917-924053562-7863
c:recyclerS-1-5-21-5638909483-0514496453-401263703-8730
c:recyclerS-1-5-21-5657907879-4692003926-745924742-0697
c:recyclerS-1-5-21-6090323828-3121924719-263591283-7893
c:recyclerS-1-5-21-6224154686-1918654371-833598166-0443
c:recyclerS-1-5-21-6239806942-4137227393-316051827-7817
c:recyclerS-1-5-21-6330351047-3170944657-582989610-5386
c:recyclerS-1-5-21-6441229943-9501275608-630496011-6827
c:recyclerS-1-5-21-6452518297-7387615585-989320046-3208
c:recyclerS-1-5-21-6563562821-1273823207-028267055-9237
c:recyclerS-1-5-21-6572404828-1526432512-820440784-9522
c:recyclerS-1-5-21-6578107036-2383606068-629151799-7133
c:recyclerS-1-5-21-6606080039-9420843132-138737178-2755
c:recyclerS-1-5-21-6634957956-4900480730-268905506-4155
c:recyclerS-1-5-21-6847740557-9314466444-870164018-2723
c:recyclerS-1-5-21-6869347927-3457757496-549003984-5819
c:recyclerS-1-5-21-6937311025-8885251683-527138382-2598
c:recyclerS-1-5-21-6995625655-1392361751-084715813-9814
c:recyclerS-1-5-21-7125289929-5550772644-863711053-4813
c:recyclerS-1-5-21-7190291633-8293449998-478469530-8756
c:recyclerS-1-5-21-7521247892-6501567073-611923593-4076
c:recyclerS-1-5-21-7539115003-6086590361-947716458-4343
c:recyclerS-1-5-21-7614770993-8971997169-507407805-5863
c:recyclerS-1-5-21-7619575642-7774854843-605459463-7301
c:recyclerS-1-5-21-7672428219-6033128478-411740546-2863
c:recyclerS-1-5-21-7703016792-5427437249-888255195-4911
c:recyclerS-1-5-21-7750801890-1344227644-115544292-9672
c:recyclerS-1-5-21-7769618789-0029743533-498712308-7537
c:recyclerS-1-5-21-7802477577-9040803715-430309671-0229
c:recyclerS-1-5-21-7840295509-3827485571-979773741-7810
c:recyclerS-1-5-21-7981336399-9216902271-090540468-2767
c:recyclerS-1-5-21-8022402985-7062201625-966659826-5311
c:recyclerS-1-5-21-8065517155-8345694805-926473788-4197
c:recyclerS-1-5-21-8246288587-0904442545-029258745-0112
c:recyclerS-1-5-21-8302595704-1854688621-232514236-5385
c:recyclerS-1-5-21-8321075573-3999763302-184609503-3775
c:recyclerS-1-5-21-8330981792-4836788577-366627187-3482
c:recyclerS-1-5-21-8381636259-4339989003-402534901-3197
c:recyclerS-1-5-21-8432868669-5218687363-836800628-7629
c:recyclerS-1-5-21-8628628399-9950865060-021139161-6923
c:recyclerS-1-5-21-8648166442-9976812818-466715124-1313
c:recyclerS-1-5-21-8677593955-1791893155-090973675-8741
c:recyclerS-1-5-21-8699957721-0249855711-954062037-0033
c:recyclerS-1-5-21-8819504119-0506655441-191976187-5178
c:recyclerS-1-5-21-8828797153-5346979149-776435811-8192
c:recyclerS-1-5-21-8846786297-4669266568-812502606-3373
c:recyclerS-1-5-21-8887104774-5255771990-669091551-7005
c:recyclerS-1-5-21-8936030449-0840134743-886121380-2655
c:recyclerS-1-5-21-9080386773-9229749839-020378244-7903
c:recyclerS-1-5-21-9101840155-1325596290-389077405-7736
c:recyclerS-1-5-21-9133990067-7696908538-597268923-7625
c:recyclerS-1-5-21-9169541997-7350284833-701182389-6538
c:recyclerS-1-5-21-9279727489-6095588397-136979282-6527
c:recyclerS-1-5-21-9347717341-0796929365-296485353-1644
c:recyclerS-1-5-21-9362472045-4504318651-703345268-3392
c:recyclerS-1-5-21-9383894915-4035640719-332123616-0350
c:recyclerS-1-5-21-9388167994-0281110945-675398613-4136
c:recyclerS-1-5-21-9413539329-3640727902-092249380-0293
c:recyclerS-1-5-21-9429046966-2271865610-779945449-2245
c:recyclerS-1-5-21-9493384448-7778372553-158817845-9227
c:recyclerS-1-5-21-9504694285-3042851636-825377680-5736
c:recyclerS-1-5-21-9519163870-9322609702-705898565-3483
c:recyclerS-1-5-21-9591494451-6701542562-231385319-4190
c:recyclerS-1-5-21-9664190639-0462843410-653771424-0337
c:recyclerS-1-5-21-9711566720-5086971360-740581834-0356
c:recyclerS-1-5-21-9714215706-9626053595-923639837-4913
c:recyclerS-1-5-21-9739788395-1094918832-205699978-3212
c:recyclerS-1-5-21-9836632968-9164886148-259931776-7487
c:recyclerS-1-5-21-9889789002-2032664306-751371054-5231
c:windowscommand
c:windowsSYSTEM3210249.exe
c:windowsSYSTEM3210262.exe
c:windowsSYSTEM3210269.exe
c:windowsSYSTEM3210346.exe
c:windowssystem3210868.exe
c:windowsSYSTEM3210909.exe
c:windowsSYSTEM3211478.exe
c:windowsSYSTEM3212407.exe
c:windowsSYSTEM3212705.exe
c:windowsSYSTEM3212719.exe
c:windowsSYSTEM3212758.exe
c:windowssystem3212829.exe
c:windowsSYSTEM3212857.exe
c:windowsSYSTEM3213139.exe
c:windowsSYSTEM3213212.exe
c:windowssystem3213247.exe
c:windowsSYSTEM3213268.exe
c:windowsSYSTEM3213557.exe
c:windowssystem3213803.exe
c:windowssystem3213817.exe
c:windowsSYSTEM3213932.exe
c:windowsSYSTEM3213933.exe
c:windowssystem3214213.exe
c:windowsSYSTEM3214533.exe
c:windowsSYSTEM3214850.exe
c:windowssystem3214926.exe
c:windowsSYSTEM3215013.exe
c:windowsSYSTEM3215724.exe
c:windowsSYSTEM3216147.exe
c:windowsSYSTEM3217488.exe
c:windowssystem3218048.exe
c:windowsSYSTEM321814.exe
c:windowsSYSTEM3218210.exe
c:windowsSYSTEM3218454.exe
c:windowsSYSTEM3218467.exe
c:windowsSYSTEM3218617.exe
c:windowssystem3218775.exe
c:windowsSYSTEM3219169.exe
c:windowssystem3219226.exe
c:windowssystem3219237.exe
c:windowssystem3219433.exe
c:windowssystem3219622.exe
c:windowsSYSTEM3220066.exe
c:windowsSYSTEM3220078.exe
c:windowsSYSTEM3220293.exe
c:windowssystem3220531.exe
c:windowsSYSTEM3220791.exe
c:windowssystem3220859.exe
c:windowssystem3221079.exe
c:windowssystem3221236.exe
c:windowssystem3221598.exe
c:windowssystem322167.exe
c:windowssystem3221995.exe
c:windowssystem3222264.exe
c:windowsSYSTEM3222752.exe
c:windowssystem3222814.exe
c:windowssystem3222892.exe
c:windowssystem3223207.exe
c:windowsSYSTEM3223375.exe
c:windowsSYSTEM3223621.exe
c:windowsSYSTEM3223753.exe
c:windowssystem3224130.exe
c:windowsSYSTEM322433.exe
c:windowsSYSTEM3224464.exe
c:windowssystem3224668.exe
c:windowsSYSTEM3224863.exe
c:windowssystem3224965.exe
c:windowsSYSTEM3225166.exe
c:windowssystem3225233.exe
c:windowssystem3225493.exe
c:windowssystem3225620.exe
c:windowssystem3225726.exe
c:windowsSYSTEM3225877.exe
c:windowssystem3225979.exe
c:windowsSYSTEM3226289.exe
c:windowssystem3226384.exe
c:windowsSYSTEM3226401.exe
c:windowsSYSTEM3226500.exe
c:windowssystem3226638.exe
c:windowsSYSTEM3226696.exe
c:windowssystem3226740.exe
c:windowsSYSTEM3226842.exe
c:windowssystem322695.exe
c:windowssystem3226962.exe
c:windowssystem3227129.exe
c:windowssystem3227536.exe
c:windowsSYSTEM322763.exe
c:windowssystem3228058.exe
c:windowssystem3228145.exe
c:windowssystem3228337.exe
c:windowsSYSTEM3228625.exe
c:windowssystem3228647.exe
c:windowssystem3228762.exe
c:windowsSYSTEM3228786.exe
c:windowsSYSTEM3228872.exe
c:windowssystem3228904.exe
c:windowssystem3229127.exe
c:windowsSYSTEM3229358.exe
c:windowsSYSTEM3229604.exe
c:windowsSYSTEM322969.exe
c:windowssystem3229742.exe
c:windowssystem3229901.exe
c:windowssystem3229910.exe
c:windowssystem323018.exe
c:windowssystem3230312.exe
c:windowssystem3230619.exe
c:windowssystem3231093.exe
c:windowssystem3231121.exe
c:windowssystem3231263.exe
c:windowsSYSTEM3231278.exe
c:windowsSYSTEM3231561.exe
c:windowssystem3231927.exe
c:windowssystem323204.exe
c:windowssystem3232077.exe
c:windowssystem3232209.exe
c:windowsSYSTEM323631.exe
c:windowsSYSTEM323932.exe
c:windowsSYSTEM3241.exe
c:windowsSYSTEM324275.exe
c:windowsSYSTEM324357.exe
c:windowsSYSTEM324383.exe
c:windowssystem324386.exe
c:windowsSYSTEM324462.exe
c:windowssystem324884.exe
c:windowsSYSTEM324921.exe
c:windowsSYSTEM324930.exe
c:windowsSYSTEM325196.exe
c:windowsSYSTEM325320.exe
c:windowsSYSTEM32552.exe
c:windowsSYSTEM325524.exe
c:windowsSYSTEM325623.exe
c:windowsSYSTEM325705.exe
c:windowsSYSTEM326323.exe
c:windowsSYSTEM326334.exe
c:windowssystem326367.exe
c:windowsSYSTEM326449.exe
c:windowsSYSTEM32647.exe
c:windowsSYSTEM326582.exe
c:windowsSYSTEM326625.exe
c:windowsSYSTEM326911.exe
c:windowsSYSTEM326944.exe
c:windowssystem326953.exe
c:windowssystem326972.exe
c:windowssystem32703.exe
c:windowssystem327040.exe
c:windowsSYSTEM327293.exe
c:windowsSYSTEM327404.exe
c:windowsSYSTEM32755.exe
c:windowssystem327648.exe
c:windowsSYSTEM327763.exe
c:windowssystem328004.exe
c:windowssystem328062.exe
c:windowssystem328308.exe
c:windowssystem328424.exe
c:windowsSYSTEM328435.exe
c:windowssystem329032.exe
c:windowssystem329167.exe
c:windowsSYSTEM329240.exe
c:windowssystem329266.exe
c:windowssystem329288.exe
c:windowssystem329560.exe
c:windowsSYSTEM329648.exe
c:windowssystem329684.exe
c:windowssystem329742.exe
c:windowssystem329834.exe
c:windowsSYSTEM329903.exe
c:windowssystem32AVR09.exe
c:windowssystem32ieuinit.inf
c:windowssystem32msxml71.dll
c:windowssystem32winhelper.dll
c:windowssystem32winupdate.exe
BITS: Possible infected sites
hxxp://soft.export.yandex.ru
hxxp://download.yandex.ru
c:windowsSYSTEM32winlogon.exe . . . is infected!!.
((((((((((((((((((((((((( Files Created from 2009-10-06 to 2009-11-06 )))))))))))))))))))))))))))))))
.2009-10-25 05:18 . 2009-10-25 05:28
d
w- c:program filesAirXonix
2009-10-25 05:15 . 2009-11-03 01:20
d
w- c:documents and settingsдомApplication DataYandex
2009-10-25 05:15 . 2009-10-25 05:15
d
w- c:documents and settingsдомLocal SettingsApplication DataYandex
2009-10-25 05:15 . 2009-10-25 05:15
d
w- c:program filesYandex
2009-10-25 05:15 . 2009-10-28 13:29
d
w- C:Игры от NevoSoft
2009-10-25 03:36 . 2009-10-25 03:36
d
w- c:program filesTryMedia
2009-10-23 06:02 . 2009-10-23 06:02 4096 —-a-w- c:windowsd3dx.dat
2009-10-19 12:07 . 2009-10-19 12:07
d
w- c:documents and settingsдомApplication DataPlayrix Entertainment
2009-10-18 11:20 . 2009-10-18 11:54
d
w- c:documents and settingsAll Users.WINDOWSApplication DataAutodesk
2009-10-18 11:14 . 2009-10-18 11:54
d
w- c:documents and settingsдомLocal SettingsApplication DataAutodesk
2009-10-18 11:14 . 2009-10-18 11:27
d
w- c:program filesAutodesk
2009-10-18 11:14 . 2009-10-18 11:27
d
w- c:program filesCommon FilesAutodesk Shared
2009-10-18 04:55 . 2009-10-18 04:55
d
w- c:program filesMicrosoft.NET
2009-10-16 14:34 . 2009-10-16 14:34 1024 —-a-w- c:documents and settingsAll Users.WINDOWSApplication DataBVRP SoftwareMotorola Phone Toolsfaxres.cmd
2009-10-10 09:03 . 2009-10-13 08:07 25 —-a-w- c:windowspopcinfot.dat
2009-10-10 04:19 . 2009-10-10 04:19
d
w- C:a339455374a96e69a58c7
2009-10-07 14:45 . 2009-10-07 14:45
d
w- C:a071c562233aa40893
2009-10-07 14:41 . 2009-10-07 14:41
d
w- C:86728c43730eb751699f59ce570d5f
2009-10-07 14:34 . 2009-10-07 14:34
d
w- c:program filesMSXML 6.0.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-06 02:03 . 2009-01-02 08:26
d
w- c:documents and settingsдомApplication DataskypePM
2009-11-06 02:01 . 2009-03-22 08:25 901152 —sha-w- c:windowssystem32driversfidbox2.dat
2009-11-06 02:01 . 2009-03-22 08:25 4361760 —sha-w- c:windowssystem32driversfidbox.dat
2009-11-06 02:01 . 2009-03-22 08:25 4160 —sha-w- c:windowssystem32driversfidbox2.idx
2009-11-06 02:01 . 2009-03-22 08:25 35156 —sha-w- c:windowssystem32driversfidbox.idx
2009-11-06 01:10 . 2009-03-22 08:25
d
w- c:documents and settingsAll Users.WINDOWSApplication DataKaspersky Lab
2009-11-04 16:14 . 2009-01-02 08:23
d
w- c:documents and settingsдомApplication DataSkype
2009-11-03 11:31 . 2009-11-03 01:43
d
w- c:program filestrend micro
2009-11-03 10:36 . 2009-11-03 10:35
d
w- c:program filesMalwarebytes’ Anti-Malware
2009-11-03 02:17 . 2008-06-13 18:57 102400 —-a-w- c:windowsDUMP9a6b.tmp
2009-11-03 01:58 . 2009-11-03 01:58
d
w- c:documents and settingsдомApplication DataMalwarebytes
2009-11-03 01:58 . 2009-11-03 01:58
d
w- c:documents and settingsAll Users.WINDOWSApplication DataMalwarebytes
2009-11-02 14:24 . 2009-08-26 14:19
d—a-w- c:documents and settingsAll Users.WINDOWSApplication DataTEMP
2009-10-27 15:01 . 2009-09-23 10:10
d
w- c:documents and settingsдомApplication DataShopping Blocks
2009-10-25 03:34 . 2004-10-21 10:52 79748 —-a-w- c:windowssystem32perfc019.dat
2009-10-25 03:34 . 2004-10-21 10:52 474826 —-a-w- c:windowssystem32perfh019.dat
2009-10-18 13:57 . 2008-06-13 16:44 44432 —-a-w- c:documents and settingsдомLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-09-30 09:59 . 2009-09-30 08:55
d
w- c:program filesMotorola Phone Tools
2009-09-30 09:56 . 2009-09-30 09:56 9232 —-a-w- c:documents and settingsдомmqdmmdfl.sys
2009-09-30 09:56 . 2009-09-30 09:56 92064 —-a-w- c:documents and settingsдомmqdmmdm.sys
2009-09-30 09:56 . 2009-09-30 09:56 79328 —-a-w- c:documents and settingsдомmqdmserd.sys
2009-09-30 09:56 . 2009-09-30 09:56 66656 —-a-w- c:documents and settingsдомmqdmbus.sys
2009-09-30 09:56 . 2009-09-30 09:56 6208 —-a-w- c:documents and settingsдомmqdmcmnt.sys
2009-09-30 09:56 . 2009-09-30 09:56 5936 —-a-w- c:documents and settingsдомmqdmwhnt.sys
2009-09-30 09:56 . 2009-09-30 09:56 4048 —-a-w- c:documents and settingsдомmqdmcr.sys
2009-09-30 09:56 . 2009-09-29 11:06 25600 —-a-w- c:documents and settingsдомusbsermptxp.sys
2009-09-30 09:56 . 2009-09-29 11:06 22768 —-a-w- c:documents and settingsдомusbsermpt.sys
2009-09-30 09:04 . 2009-09-30 08:58
d
w- c:program filesAvanquest update
2009-09-30 08:58 . 2008-05-19 03:54
d—h—w- c:program filesInstallShield Installation Information
2009-09-30 08:55 . 2008-08-07 11:41
d
w- c:documents and settingsAll Users.WINDOWSApplication DataBVRP Software
2009-09-30 06:54 . 2009-07-23 14:42
d
w- c:program filesPivim Multibar
2009-09-29 11:06 . 2009-09-29 11:06 22768 —-a-w- c:windowssystem32driversusbsermpt.sys
2009-09-25 10:53 . 2009-05-04 14:28
d
w- c:program filesGames
2009-09-24 13:56 . 2009-09-24 13:56
d
w- c:program filesAlcohol 120
2009-09-23 10:12 . 2009-09-23 10:12
d
w- c:documents and settingsдомApplication DataBoolat Games
2009-09-23 10:12 . 2009-09-23 10:12
d
w- c:documents and settingsдомApplication DataAlterLab
2009-09-23 09:38 . 2009-09-23 09:38
d
w- c:documents and settingsдомApplication DataCasualForge
2009-09-23 09:38 . 2009-09-23 09:38
d
w- c:documents and settingsAll Users.WINDOWSApplication DataCasualForge
2009-09-23 09:05 . 2009-09-23 09:04
d
w- c:documents and settingsдомApplication DataBeachPartyCraze
2009-09-23 09:04 . 2009-09-23 09:03
d
w- c:program filesПляжный переполох
2009-09-23 08:41 . 2009-09-23 08:41
d
w- c:documents and settingsAll Users.WINDOWSApplication DataPopCap Games
2009-09-16 00:37 . 2009-09-16 00:37
d
w- c:documents and settingsдомApplication DataOberon Games
2009-09-16 00:37 . 2009-09-16 00:37
d
w- c:documents and settingsAll Users.WINDOWSApplication DataOberon Games
2009-09-14 09:21 . 2009-04-08 16:45
d
w- c:program filesMicrosoft ActiveSync
2009-09-13 04:39 . 2009-05-04 15:29
d
w- c:documents and settingsAll Users.WINDOWSApplication DataAlawarWrapper
2009-09-10 08:54 . 2009-11-03 10:35 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2009-09-10 08:53 . 2009-11-03 10:35 19160 —-a-w- c:windowssystem32driversmbam.sys
2009-08-15 01:16 . 2008-08-18 15:23 721904 —-a-w- c:windowssystem32driverssptd.sys
2008-05-19 03:03 . 2008-05-19 03:03 11196 —ha-w- c:program filesfolder.htt
.
Sigcheck
[-] 2008-06-13 . BC260ED748748149DB05B29B256A0500 . 503808 . . [5.1.2600.2180] . . c:windowsSYSTEM32winlogon.exe
[-] 2008-04-14 . B3B5D5855127E240C88451030AAEE76E . 509440 . . [5.1.2600.5512] . . c:windowsSoftwareDistributionDownloadeced8b5ea8e636fb8bff2b719fa62647winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2004-08-17 1667584]
«EDLauncher»=»c:program filesPRMT6PRMTEDEDLauncher.exe» [2002-03-28 81920]
«Skype»=»c:program filesSkypePhoneSkype.exe» [2008-11-07 21633320]
«H/PC Connection Agent»=»c:program filesMicrosoft ActiveSyncwcescomm.exe» [2006-11-13 1289000]
«AlcoholAutomount»=»c:program filesAlcohol 120axcmd.exe» [2007-12-22 221568][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2006-11-10 90112]
«PCMService»=»c:program filesCyberLinkPowerCinemaPCMService.exe» [2005-05-23 127118]
«VX1000″=»c:windowsvVX1000.exe» [2007-04-10 709992]
«LifeCam»=»c:program filesMicrosoft LifeCamLifeExp.exe» [2007-05-17 279912]
«RemoteControl»=»c:program filesASUSTekASUSDVDPDVDServ.exe» [2003-10-31 32768]
«NevoDRM»=»c:игры от nevosoftNevoDRMNevoDRM.exe» [2008-12-11 41984]
«C-Media Mixer»=»Mixer.exe» — c:windowsmixer.exe [2004-08-11 1228800][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-10-21 15360]c:documents and settings пѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Adobe Gamma.lnk — c:program filesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [2005-3-16 113664][HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringKasperskyAntiVirus]
«DisableMonitoring»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:program filesMicrosoft ActiveSyncrapimgr.exe»= c:program filesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
«c:program filesMicrosoft ActiveSyncwcescomm.exe»= c:program filesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
«c:program filesMicrosoft ActiveSyncWCESMgr.exe»= c:program filesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
«c:\Program Files\Microsoft LifeCam\LifeCam.exe»=
«c:\Program Files\Microsoft LifeCam\LifeExp.exe»=
«c:\Program Files\CyberLink\PowerCinema\PowerCinema.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Program Files\Autodesk\3ds Max 9\3dsmax.exe»=
«c:\Program Files\Autodesk\Backburner\monitor.exe»=
«c:\Program Files\Autodesk\Backburner\manager.exe»=
«c:\Program Files\Autodesk\Backburner\server.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«14522:TCP»= 14522:TCP:*:Disabled:NortonAV
«12591:TCP»= 12591:TCP:*:Disabled:NortonAV
«12698:TCP»= 12698:TCP:*:Disabled:NortonAV
«26675:TCP»= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync ServiceR0 HFXP2;HFXP2;c:windowsSYSTEM32DRIVERShfxp2.sys [07.04.2009 19:33 17264]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:windowsSYSTEM32DRIVERSklbg.sys [29.01.2008 18:29 33808]
R0 ps6ajtsb;Stalker (Pro) Synchronization Driver (ps6ajtsb);c:windowsSYSTEM32DRIVERSps6ajtsb.sys [05.03.2007 20:57 52104]
R0 UP55bus;UP55bus;c:windowsSYSTEM32DRIVERSUP55bus.sys [29.08.2008 16:53 155136]
R0 UP55prt;UP55prt;c:windowsSYSTEM32DRIVERSUP55prt.sys [29.08.2008 16:53 5248]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:windowsSYSTEM32DRIVERSklim5.sys [30.04.2008 18:06 24592]
S2 pr2ajtsb;Stalker (Pro) Drivers Auto Removal (pr2ajtsb);c:windowssystem32pr2ajtsb.exe svc —> c:windowssystem32pr2ajtsb.exe svc [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:windowsSYSTEM32DRIVERSmbamswissarmy.sys [03.11.2009 16:35 38224]— Other Services/Drivers In Memory —
*NewlyCreated* — MBR
*Deregistered* — mbr
.
Contents of the ‘Scheduled Tasks’ folder
.
.
Supplementary Scan
.
uStart Page = http://www.nevosoft.ru
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — c:program filesPRMT6PRMTIEprmtie5.htm
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — c:program filesPRMT6PRMTIEoptions.htm
.
— — — — ORPHANS REMOVED — — — —URLSearchHooks-{dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — blank
BHO-{500BCA15-57A7-4eaf-8143-8C619470B13D} — c:windowssystem32msxml71.dll
BHO-{dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — blank
Toolbar-{dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — blank
WebBrowser-{DFBEB35B-444D-4F25-8D7D-EB2683C206EC} — blank
HKLM-Run-WinampAgent — c:program filesWinampwinampa.exe
AddRemove-DAEMON Tools Toolbar — c:program filesDAEMON Tools Toolbaruninst.exe
AddRemove-MyPlayCityRU Toolbar — c:progra~1MYPLAY~1UNWISE.EXE**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-06 08:03
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x837E9D68]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
Driveratapi -> 0x837e9d68
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use «Recovery Console» command «fixmbr» to clear infection !**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(912)
c:windowssystem32Ati2evxx.dll— — — — — — — > ‘explorer.exe'(2384)
c:program filesPRMT6PRMTEDEDSel.dll
c:windowssystem32msi.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
Other Running Processes
.
c:windowssystem32Ati2evxx.exe
c:windowssystem32Ati2evxx.exe
c:program filesATI TechnologiesATI.ACECore-StaticMOM.EXE
c:progra~1PRMT6PRMTEDprmedsvr.exe
c:progra~1MICROS~4rapimgr.exe
c:program filesATI TechnologiesATI.ACECore-Staticccc.exe
c:program filesSkypePlugin ManagerskypePM.exe
c:program filesCommon FilesAutodesk SharedServiceAdskScSrv.exe
c:program filesCyberLinkPowerCinemaKernelTVCLCapSvc.exe
c:program filesCyberLinkShared FilesCLML_NTServiceCLMLServer.exe
c:program filesCyberLinkShared FilesCLML_NTServiceCLMLService.exe
c:program filesMicrosoft LifeCamMSCamS32.exe
c:program filesAlcohol 120StarWindStarWindServiceAE.exe
c:program filesCyberLinkPowerCinemaKernelTVCLSched.exe
c:windowssystem32wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-11-06 8:09 — machine was rebooted
ComboFix-quarantined-files.txt 2009-11-06 02:09Pre-Run: 19 224 237 056 байт свободно
Post-Run: 19 394 543 104 байт свободно
