Author Topic: badly infected (Read 19899 times)

nikis360 · « **on:** December 31, 2011, 12:58:09 PM »

I really need help. I'm using windows xp sp3. My desktop icons are gone and my startup menu is empty. I have a red circle with an x in it near my clock along with a system check icon. A message box opens about 20 times that say windows- delayed write failed. also a box pops up that saysfiles indexing process failed. I have gone through the malware removal steps as best I could. I am unable to download and open spybot.
An error occured while trying to install avast antivirus.
installed online armor and 2 things needed attention, exploring startup menu and checking autoruns.
My add or remove programs list is empty.
cleared cookie with ccleaner.
I cannot open superantispyware or malwarebytes.
I tried to open javaRa and got runtime error.

here are the dds logs:
please help. Thanks
dds.text
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_26
Run by HP_Administrator at 14:40:34 on 2011-12-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.45 [GMT -5:00]
.
AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\All Users\Application Data\gfhYdHclcK.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\All Users\Application Data\kn5KXoCPJI5FDa.exe
C:\PROGRA~1\MICROS~4\Office12\OUTLOOK.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Online Armor\OAcat.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\internet explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = localhost;*.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\documents and settings\hp_administrator\application data\complitly\Complitly.dll
BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\mediai~1\ArcURLRecord.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Norton Safe Web Lite BHO: {f0da78e9-6b60-42fb-bc26-ef2cfb8c8ff3} - c:\program files\norton safe web lite\engine\1.2.0.6\coIEPlg.dll
TB: Norton Safe Web Lite: {30ceeea2-3742-40e4-85dd-812bf1cbb83d} - c:\program files\norton safe web lite\engine\1.2.0.6\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [gfhYdHclcK.exe] c:\documents and settings\all users\application data\gfhYdHclcK.exe
mRun: [@OnlineArmor GUI] "c:\program files\online armor\OAui.exe"
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\autoru~1\imvu.lnk - c:\program files\imvu\IMVUClient.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\autoru~1\pictur~1.lnk - c:\program files\sony\sony picture utility\volumewatcher\SPUVolumeWatcher.exe
uPolicies-explorer: NoDesktop = 1 (0x1)
mPolicies-system: DisableTaskMgr = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: Add to Video Converter... - c:\program files\media player utilities 5.15\aviconverter\grab.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: motive.com\patttbc.att
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {068BFA33-99F4-4BA9-887D-182386FA2931} - hxxp://www.playfirst.com/play/game/spongebobdash/SpongeBobDinerDashWeb.1.0.0.17.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
DPF: {6262E38D-C782-4403-A333-8E1AB70E0CAC} - hxxp://download.playfirst.com/play/game/weddingdash2/WeddingDash2Web.1.0.0.10.cab
DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.playfirst.com/play/game/dinerdash2/DinerDash2.1.0.0.67.cab
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://download.playfirst.com/play/game/doggiedash/DoggieDash.1.0.0.9.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258039847000
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://www.shockwave.com/content/burgershop/sis/GoBitGamesPlayer_v4.cab
DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} - hxxp://www.playfirst.com/play/game/dinerdashfloonthego/ddfotg.1.0.0.32.cab
DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} - hxxp://download.games.yahoo.com/games/web_games/sony/bewitched/main.cab
DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} - hxxp://simcity.ea.com/play/classic/SimCityX.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://download.playfirst.com/play/game/petshophop/petshophopweb.1.0.0.15.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://www.playfirst.com/play/game/dinerdash/DinerDash.1.0.0.93.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} - hxxp://www.playfirst.com/play/game/weddingdash/WeddingDash.1.0.0.44.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{64350433-0B8C-4430-B41F-01651DBC4E13} : NameServer = 205.152.37.23,205.152.132.23
TCP: Interfaces\{76EEE69F-8BFC-4FA6-9A55-D65D43369804} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
TCP: Interfaces\{F54960EF-F293-4D1C-97F5-CF0959A8511F} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} -
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~1\oaevent.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\x3yb1sl8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp:// www.google.com
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&affID=8346&mntrId=10046a430000000000000018f34bb4f7&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
.
============= SERVICES / DRIVERS ===============
.
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2011-12-31 205864]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2011-12-31 40296]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2011-12-31 25192]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2011-12-31 29464]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-9-3 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-9-3 67656]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 96256]
R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2011-12-31 207936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-19 22712]
R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [2006-9-9 468768]
S0 Partizan;Partizan;c:\windows\system32\drivers\partizan.sys --> c:\windows\system32\drivers\Partizan.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\googleupdate.exe /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-19 366640]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2004-8-9 3584]
S2 NSL;Norton Safe Web Lite;"c:\program files\norton safe web lite\engine\1.2.0.6\ccsvchst.exe" /s "nsl" /m "c:\program files\norton safe web lite\engine\1.2.0.6\dimaster.dll" /prefetch:1 --> c:\program files\norton safe web lite\engine\1.2.0.6\ccSvcHst.exe [?]
S2 SvcOnlineArmor;Online Armor;c:\program files\online armor\oasrv.exe [2011-12-31 4363040]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [2006-9-9 82048]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-30 102448]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-6-19 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\googleupdate.exe /medsvc --> c:\program files\google\update\GoogleUpdate.exe [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-9-3 12872]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-31 19:12:22   --------   d-----w-   c:\program files\CCleaner
2011-12-31 17:25:13   --------   dc----w-   c:\documents and settings\hp_administrator\application data\OnlineArmor
2011-12-31 17:25:13   --------   dc----w-   c:\documents and settings\all users\application data\OnlineArmor
2011-12-31 17:23:58   40296   ----a-w-   c:\windows\system32\drivers\oahlp32.sys
2011-12-31 17:23:58   25192   ----a-w-   c:\windows\system32\drivers\OAmon.sys
2011-12-31 17:23:57   29464   ----a-w-   c:\windows\system32\drivers\OAnet.sys
2011-12-31 17:23:57   205864   ----a-w-   c:\windows\system32\drivers\OADriver.sys
2011-12-31 17:23:33   --------   d-----w-   c:\program files\Online Armor
2011-12-31 17:13:15   --------   dc----w-   c:\documents and settings\all users\application data\AVAST Software
2011-12-31 17:13:15   --------   d-----w-   c:\program files\AVAST Software
2011-12-31 16:55:01   357112   -c--a-w-   c:\documents and settings\all users\application data\kn5KXoCPJI5FDa.exe
2011-12-31 16:33:08   452856   -c-ha-w-   c:\documents and settings\all users\application data\gfhYdHclcK.exe
2011-12-27 16:05:29   --------   dc-h--w-   c:\documents and settings\all users\application data\MicrosoftProvisioning
2011-12-13 20:04:29   --------   dc-h--w-   c:\documents and settings\all users\application data\Provisioning
.
==================== Find3M ====================
.
2011-12-02 04:09:40   414368   ---ha-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 01:41:07   7084   ---ha-w-   c:\windows\system32\0.02632581296426817.exe
2011-11-21 05:02:49   432896   -c-ha-w-   c:\documents and settings\all users\application data\NJKgUKkjfTHNlDI.exe
2011-11-20 18:28:48   7206   ---ha-w-   c:\windows\system32\PerfStringBackup.TMP
.
============= FINISH: 14:43:41.66 ===============

dds.attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/15/2006 6:22:18 PM
System Uptime: 12/31/2011 11:36:09 AM (3 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Basswood
Processor: Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz | Socket 775 | 1599/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 1.067 GiB free.
D: is FIXED (NTFS) - 186 GiB total, 182.77 GiB free.
E: is FIXED (FAT32) - 9 GiB total, 0.435 GiB free.
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP865: 12/31/2011 12:11:37 PM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
1300
1300_Help
1300Tour
1300Trb
32 Bit HP CIO Components Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 7.1.0
Adobe Shockwave Player 11.5
AiO_Scan
AiOSoftware
Alien Skin Blow Up
Alien Skin Image Doctor
Alien Skin Image Doctor 2
Alien Skin Snap Art
ALSee
ALTools Update
ALZip
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression Downloader
ArcSoft Panorama Maker 3.5
Audacity 1.3.12 (Unicode)
Auslogics Disk Defrag
Azureus
Bonjour
BufferChm
CCleaner
CityVilleBot
Clone2Go Video Converter Professional 1.9.1
Complitly
ConvertXtoDVD 3.3.4.106e
Copy
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Customer Experience Enhancement
Data Fax SoftModem with SmartCP
Destinations
DeviceManagementQFolder
Director
DivxToDVD 0.5.2b
DJ_AIO_06_F2400_SW_Min
DocProc
DocumentViewer
F2400
Fax
ffdshow [rev 610] [2006-12-01]
FrostWire 4.21.8
FullDPAppQFolder
GemMaster Mystic
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB895961-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6
HP Diagnostic Assistant
HP Image Zone 4.2
HP Photo Creations
HP PSC & OfficeJet 4.2
hp psc 1300 series
HP Software Update
HP Unload DLL Patch
hpmdtab
HpSdpAppCoreApp
HPSystemDiagnostics
ImgBurn
InstantShare
InstantShareDevices
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel(R) Quick Resume Technology Drivers
Intel® Viiv™ Software
InterActual Player
iTunes
IZArc 3.81
Jasc Paint Shop Pro 9
Jasc Paint Shop Pro 9 GDI+ Patch
Java Auto Updater
Java(TM) 6 Update 26
jZip
LightScribe 1.4.124.1
Malwarebytes' Anti-Malware version 1.51.1.1800
Media Player Utilities 5.15
Memories Disc Creator 2.0
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft WinUsb 1.0
Microsoft Works
MobileMe Control Panel
Mozilla Firefox 8.0 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
muvee autoProducer 5.0
muvee autoProducer unPlugged 2.0
My HP Games
Nero 7 Ultra Edition
Nero PhotoShow Express 4
NVIDIA Drivers
Online Armor 5.1
OptionalContentQFolder
OTOY
Otto
Overland
Paint.NET v3.0
PC-Doctor 5 for Windows
PhotoGallery
PopCap Browser Plugin
Portrait Professional 10.6 Trial
PowerISO
PrintScreen
ProductContext
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickProjects
QuickTime
RandMap
Readme
Realtek High Definition Audio Driver
Roxio Easy Media Creator 7 Basic VCD Edition
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
SkinsHP2
SlideShow
SlideShowMusic
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Sony Picture Utility
Sony USB Driver
Spybot - Search & Destroy
SpywareBlaster 4.2
SUPERAntiSpyware Free Edition
Toolbox
TrayApp
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Vertus Fluid Mask 3 3.0.8
VideoLAN VLC media player 0.8.6c
Vuze
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
12/29/2011 3:22:25 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
12/29/2011 3:22:24 PM, error: WMPNetworkSvc [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x80040154'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
12/29/2011 3:21:57 PM, error: Print [23] - Printer Fax failed to initialize because a suitable Microsoft Shared Fax Driver driver could not be found.
12/27/2011 9:57:56 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep ftsata2 Partizan
12/27/2011 9:57:56 AM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:56 AM, error: DCOM [10005] - DCOM got error "%2" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
12/27/2011 9:57:54 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Eset Nod32 Boot service to connect.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The SQL Server VSS Writer service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The Norton Safe Web Lite service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The McciCMService service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: Access is denied.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The Intel(R) Quick Resume technology service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The Intel(R) Matrix Storage Event Monitor service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The Eset Nod32 Boot service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/27/2011 9:57:54 AM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The system cannot find the file specified.
12/25/2011 10:52:20 AM, error: DCOM [10000] - Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}. The error: "%2" Happened while starting this command: "C:\Program Files\Google\Update\1.3.21.53\GoogleUpdateOnDemand.exe" -Embedding
.
==== End Of File ===========================

SuperDave · « **Reply #1 on:** December 31, 2011, 01:41:31 PM »

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
The log shows that you only have 1.06Gb of free space on your C drive. Windows requires at least 15% (27 Gb) in order to function properly. You will need to free up some space on that drive. You can do this by transferring some pictures, videos, music and other important files to your D drive. You can also uninstall any programs you're no longer using. You need to do this before we continue because you have no more space to run these scans.
*********************************************
P2P - I see you have P2P software installed on your machine. (Azureus and FrostWire 4.21.8) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
**********************************************

Please download Unhide by Grinler from here and save it to your desktop.
Double click unhide.exe to run the tool.
It will take some time to go through all your files, so please be patient.
If this tool doesn´t fix the problem, please let me know.

********************************************
Download OTL to your desktop.

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\documents and settings\hp_administrator\application data\complitly\Complitly.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [gfhYdHclcK.exe] c:\documents and settings\all users\application data\gfhYdHclcK.exe
Trusted Zone: motive.com\patttbc.att

:Files
c:\documents and settings\all users\application data\gfhYdHclcK.exe

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
********************************************************
Boot your computer in Safe Mode and try to run MBAM. Reboot in Normal mode and try to run it again and post the log
Here's how to get into Safe Mode.

nikis360 · « **Reply #2 on:** December 31, 2011, 09:08:00 PM »

ran unhide and got my icons and programs back, but some are showing empty. I have about 45gb of free space now.
ran otl and here's the report:
Error: Unable to interpret <BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File> in the current context!
Error: Unable to interpret <BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\documents and settings\hp_administrator\application data\complitly\Complitly.dll> in the current context!
Error: Unable to interpret <TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File> in the current context!
Error: Unable to interpret <TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File> in the current context!
Error: Unable to interpret <TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No File> in the current context!
Error: Unable to interpret <EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File> in the current context!
Error: Unable to interpret <mRun: [gfhYdHclcK.exe] c:\documents and settings\all users\application data\gfhYdHclcK.exe> in the current context!
Error: Unable to interpret <Trusted Zone: motive.com\patttbc.att> in the current context!
========== FILES ==========
File\Folder c:\documents and settings\all users\application data\gfhYdHclcK.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 12312011_230443

Now I'm about to reboot in safe mode and run mbam

nikis360 · « **Reply #3 on:** December 31, 2011, 09:35:45 PM »

tried to run mbam in safe mode and it would not open. I tried to run as... current user and the message said a device attached to the system is not functioning.
rebooted in normal mode and got this message about mbam,
[openEvent] failed to perform desired action. Error code 2.
Forgot to mention that once I restarted, my desktop icons are gone again and me add remove programs list won't come up.

SuperDave · « **Reply #4 on:** January 01, 2012, 11:57:28 AM »

Please run Unhide again then try to run this:

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
Save Rkill to your desktop.

There are 7 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.exe
* Rkill.com
* Rkill.scr
* WiNlOgOn.exe
* uSeRiNiT.exe
* iExplore.exe
* eXplorer.exe
Once you've gotten one of them to run then try to immediately run MBAM again.

nikis360 · « **Reply #5 on:** January 01, 2012, 05:57:56 PM »

ran rkill.exe
computer got stuck, so I had to reboot.

rebooted and desktop icons are back.

ran rkill.exe again,

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 01/01/2012 at 19:52:03.
Operating System: Microsoft Windows XP

Processes terminated by Rkill or while it was running:

Rkill completed on 01/01/2012 at 19:52:22.

tried to run mbam immediately and nothing happened. I double clicked it and right clicked to get it to run, but nothing happened.

SuperDave · « **Reply #6 on:** January 01, 2012, 07:28:33 PM »

Please download ComboFix

from BleepingComputer.com

Alternate link: GeeksToGo.com

and save it to your Desktop.
It would be easiest to download using Internet Explorer.
If you want to use Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
Double click ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

If you have problems with ComboFix usage, see How to use ComboFix

nikis360 · « **Reply #7 on:** January 02, 2012, 11:08:19 PM »

I ran comboFix and was asked to disable avg antivirus before continuing. I did a search and could not find the avg antivirus anywhere. I even did a google search on how to disable it, but the program is not showing on my computer at all. I continued on with comboFix and here is the log.

ComboFix 12-01-02.02 - HP_Administrator 01/03/2012 0:02.7.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.666 [GMT -5:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Online Armor Firewall *Disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\~kn5KXoCPJI5FDa
c:\documents and settings\All Users\Application Data\~kn5KXoCPJI5FDar
c:\documents and settings\All Users\Application Data\kn5KXoCPJI5FDa
c:\documents and settings\All Users\Application Data\kn5KXoCPJI5FDa.exe
c:\documents and settings\All Users\Application Data\NJKgUKkjfTHNlDI.exe
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\x3yb1sl8.
default\searchplugins\bing-zugo.xml
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe\@
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe\U\80000000.@
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe\X
c:\windows\system32\0.02632581296426817.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-03 to 2012-01-03 )))))))))))))))))))))))))))))))
.
.
2012-01-01 04:03 . 2012-01-01 04:03   --------   dc----w-   C:\_OTL
2011-12-31 19:56 . 2011-11-10 08:27   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2011-12-31 19:12 . 2011-12-31 19:13   --------   d-----w-   c:\program files\CCleaner
2011-12-31 17:25 . 2012-01-01 04:25   --------   dc----w-   c:\documents and settings\All Users\Application Data\OnlineArmor
2011-12-31 17:25 . 2011-12-31 17:25   --------   dc----w-   c:\documents and settings\HP_Administrator\Application Data\OnlineArmor
2011-12-31 17:23 . 2011-11-01 16:34   40296   ----a-w-   c:\windows\system32\drivers\oahlp32.sys
2011-12-31 17:23 . 2011-11-01 16:34   25192   ----a-w-   c:\windows\system32\drivers\OAmon.sys
2011-12-31 17:23 . 2011-11-01 16:34   29464   ----a-w-   c:\windows\system32\drivers\OAnet.sys
2011-12-31 17:23 . 2011-11-01 16:34   205864   ----a-w-   c:\windows\system32\drivers\OADriver.sys
2011-12-31 17:23 . 2012-01-03 04:24   --------   d-----w-   c:\program files\Online Armor
2011-12-31 17:13 . 2011-12-31 17:19   --------   dc----w-   c:\documents and settings\All Users\Application Data\AVAST Software
2011-12-31 17:13 . 2011-12-31 17:19   --------   d-----w-   c:\program files\AVAST Software
2011-12-27 16:05 . 2011-12-27 16:05   --------   dc----w-   c:\documents and settings\All Users\Application Data\MicrosoftProvisioning
2011-12-13 20:04 . 2011-12-13 20:04   --------   dc----w-   c:\documents and settings\All Users\Application Data\Provisioning
2011-12-10 00:28 . 2011-12-10 00:28   --------   d-----w-   c:\documents and settings\LocalService\Local Settings\Application Data\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-02 04:09 . 2011-05-19 06:53   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-20 18:28 . 2011-11-20 18:28   7206   ----a-w-   c:\windows\system32\PerfStringBackup.TMP
2011-11-10 10:54 . 2011-05-28 06:36   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-11-11 23:00 . 2011-05-01 14:40   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-23 20:08 . 2009-12-12 06:34   119808   -c--a-w-   c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-09 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-09 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-10-14_00.52.06 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-04-12 19:11 . 2011-04-12 19:11   56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__
b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__
31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__
31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__
31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__
31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-13 07:15 . 2011-10-13 07:15   97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\6f4a1ba24dffa86dd2a2ab8127e0b16d\UIAutomationProvider.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   54784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\bceea12ce16311f31b0f1cd8cadd4d75\System.Xaml.Hosting.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\f45abd2caa9f93bb60ce92de6a885d6e\System.Windows.Presentation.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\3447b1ea4537dd7a1b7796efb935f4b0\System.Web.Routing.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\56b89939136999a2d8de62d8ac3334a7\System.Web.DynamicData.Design.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\c15f4190f96acf9b328fa3645c2063ea\System.Web.ApplicationServices.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\5dd4316500d6e940dfed628463fe4595\System.Web.Abstractions.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e97547ed8d34e96b9d5836ea04b28c26\System.ServiceModel.Channels.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6ab752f8ab98f09615768a90d50593c1\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\b811cdf42feaf9a32408b03ab1c4e2d5\System.AddIn.Contract.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\cfba497fc860b32b8d895f57bf148aa7\Microsoft.VisualC.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\1f368300314889ee35325be9f80ef1c3\Accessibility.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fed35fa53f20bd75214f2eca0cde1ece\dfsvc.ni.exe
+ 2011-10-15 07:03 . 2011-10-15 07:03   109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2005-08-30 21:07 . 2011-11-20 18:28   556980 c:\windows\system32\perfh009.dat
+ 2005-08-30 21:07 . 2011-11-20 18:28   109504 c:\windows\system32\perfc009.dat
+ 2011-12-02 04:09 . 2011-12-02 04:09   247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
- 2011-06-12 14:47 . 2011-05-04 08:52   157472 c:\windows\system32\javaws.exe
+ 2011-12-31 19:56 . 2011-11-10 10:54   157472 c:\windows\system32\javaws.exe
+ 2011-12-31 19:56 . 2011-11-10 10:54   149280 c:\windows\system32\javaw.exe
+ 2011-12-31 19:56 . 2011-11-10 10:54   149280 c:\windows\system32\java.exe
- 2011-04-12 19:11 . 2011-04-12 19:11   517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationClient.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationClient.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__
b77a5c561934e089\System.Xml.Linq.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__
b77a5c561934e089\System.Xml.Linq.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__
b77a5c561934e089\System.Xaml.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__
b77a5c561934e089\System.Xaml.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__
31bf3856ad364e35\System.Speech.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__
31bf3856ad364e35\System.Speech.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__
b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__
b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__
b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__
b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__
b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__
b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__
b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__
b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__

b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__
b77a5c561934e089\System.Transactions.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__
b77a5c561934e089\System.Transactions.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Printing.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Printing.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   404480 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\ecb0328b918c4a5adfbd83c946e0e196\XamlBuildTask.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\040df73a6631957668b3d538e70ff7a0\WsatConfig.ni.exe
+ 2011-10-15 07:14 . 2011-10-15 07:14   252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\b18816abd9dd59ca3f1d682a756e5745\WindowsFormsIntegration.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c170b431f43ab80000d31bcc58acd1a5\UIAutomationTypes.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ee096062554a6344a49083910c0af16e\UIAutomationClient.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\1faca3f09472860e010689b67c68a327\System.Xml.Linq.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\eeb9b49d8598c6f5926f494074af2d69\System.Windows.Input.Manipulations.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\a863e081c9bcbaec568abe127fb1dbe3\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\386e276cb95b2116d2662d4684126895\System.Web.RegularExpressions.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   861696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\e327cf8e04773318e4b8b0059a6fbd6b\System.Web.Extensions.Design.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   332800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\1f27b86bb9c2a32f7571b0c86341d73f\System.Web.Entity.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   297472 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\67fc91b4eac9e54781bc50dcb36945d4\System.Web.Entity.Design.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   705536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\965eb0ae99683ff79685abe9323a6cfa\System.Web.DynamicData.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   259072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\da89b1d421f29db531ee997029e03b72\System.Web.DataVisualization.Design.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\344c1e000e4158cc37a5e9068e095d40\System.Transactions.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\a0e090647c856fe52e1f1e5d2a25b1ac\System.ServiceProcess.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   422912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8f7ddde9561a2cc64c9a9377ef645f71\System.ServiceModel.Activation.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1cce5f9cad92a8ba3deb833291637b95\System.ServiceModel.Routing.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   729088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\c12a8284683ba6b400a4562da310ce59\System.Security.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\137a2ae391d89577ad63db08303a5158\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   770560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4188dcf65867be8c772c2e44082e51ca\System.Runtime.Remoting.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   241664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\69686330b905615bdbc5a43d159ed335\System.Runtime.Caching.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\d038332bf07a163f855200919ee678cc\System.Numerics.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\8410db646e037bab93d66ef9d17a3ce5\System.Net.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\7cdd3b54c476345732c735ea253d95d5\System.Messaging.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\fe11b4a9c8067184aff54b627b0e046b\System.Management.Instrumentation.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\7970b94c1582f58c8f79f531f104c754\System.IO.Log.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\26bdff3178be53810cb7bac268f7af08\System.IdentityModel.Selectors.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\a2baf116d3055aadb99b77e327a74907\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\a2baf116d3055aadb99b77e327a74907\System.EnterpriseServices.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   377344 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\d8131e4810c207d23b977603fdad6e33\System.Dynamic.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   224768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\fcc666923b1ee799fa03c87082249868\System.Drawing.Design.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\86db06eb0e133c3c2042cd6abcfff399\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\2f7f2d7c549c23373541e052c8364755\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\ecae7de1b9e1cf0d6d3bc7f01b891a1a\System.Device.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   507904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\923c3591d29f5671472728bf1a55f308\System.Data.Services.Design.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\e6c62a3b06ae5f2f9de5164117dd6ba6\System.Data.DataSetExtensions.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   980480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb7cfe8f0e8532f6381c22bf719a95dc\System.Configuration.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\96907044ee8b845f05d72805d100fb7e\System.Configuration.Install.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\d5f97e0367e37f9aead033b54f40a895\System.ComponentModel.Composition.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\c11789fd2d4aeb3a41b8a925975ebd96\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\53e0aa766368680b3785a0867d632f0c\System.AddIn.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\aef6e32f096486514002cee2bd716b0b\System.Activities.DurableInstancing.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\eee8be5d9f06c6d32cb1eeca8cfbfe38\SMSvcHost.ni.exe
+ 2011-10-15 07:10 . 2011-10-15 07:10   142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\c60bbf982563abd181e673c1d5e92006\SMDiagnostics.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   450560 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d2ad394c477fc1c71c900c892d7fce0b\PresentationFramework.Aero.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   284160 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\63f98ea6df6a734c122348fa32296df0\PresentationFramework.Classic.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\61aa640996b77695572adefea8fd36b7\PresentationFramework.Luna.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   327680 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\30d7b48c6018eb8d7db378908568130f\PresentationFramework.Royale.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\50ef00afe8174ef7b9ca3577a301b02b\MSBuild.ni.exe
+ 2011-10-15 07:10 . 2011-10-15 07:10   303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\9f9e5b077347f8f318b1959555be1031\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\54c59931e1860675710f19c7c3ba4cc8\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   631808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\503994046462b53944ed2915dfb43cb0\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\1bf86eecca78429158f8e8b8910f3e6e\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\1b119eca340bea3a2489017f8f4e9aac\Microsoft.Build.Conversion.v4.0.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\04226f317855c555a957f4c2d0dc240d\CustomMarshalers.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   474624 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\4da03695fc54c2e2b57b034ae772d189\ComSvcConfig.ni.exe
+ 2011-10-15 07:09 . 2011-10-15 07:09   846336 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\98447bb42f564716029c1751c88ae134\AspNetMMCExt.ni.dll
+ 2011-09-29 23:55 . 2011-12-02 04:09   8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-04-12 19:11 . 2011-04-12 19:11   5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   1142616 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   6724424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__
31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__
31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   3798016 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6e1c62ce679c8157560c7593c066cd85\WindowsBase.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   1057792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\
0d8b512be71d0a491131dac4bada85cf\UIAutomationClientsideProviders.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   9085952 c:\windows\assembly\NativeImages_v4.0.30319_32\System\af709611f9ffff0544b1d750303c4afa\System.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   5618176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a401952384c24581989cdc85270f3d9d\System.Xml.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   1781760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4185130eda1d7a5e0e0474e72343570b\System.Xaml.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   1208320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#
\5c480c2ae81637815590203c76bb990b\System.WorkflowServices.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   1968640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\
d2b498cc263a76465654318cbc8a8aa4\System.Workflow.Runtime.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   4461568 c:\windows\assembly\NativeImages_v4.

SuperDave · « **Reply #8 on:** January 03, 2012, 12:12:34 PM »

This is not the entire ComboFix log. Please look in C:/ComboFix for the log. If you cannot find it, please run it again and post the full log.

nikis360 · « **Reply #9 on:** January 03, 2012, 05:55:37 PM »

ComboFix 12-01-02.02 - HP_Administrator 01/03/2012 0:02.7.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.666 [GMT -5:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Online Armor Firewall *Disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\~kn5KXoCPJI5FDa
c:\documents and settings\All Users\Application Data\~kn5KXoCPJI5FDar
c:\documents and settings\All Users\Application Data\kn5KXoCPJI5FDa
c:\documents and settings\All Users\Application Data\kn5KXoCPJI5FDa.exe
c:\documents and settings\All Users\Application Data\NJKgUKkjfTHNlDI.exe
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\x3yb1sl8.default\searchplugins\bing-zugo.xml
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe\@
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe\U\80000000.@
c:\documents and settings\HP_Administrator\Local Settings\Application Data\1cf6efbe\X
c:\windows\system32\0.02632581296426817.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-03 to 2012-01-03 )))))))))))))))))))))))))))))))
.
.
2012-01-01 04:03 . 2012-01-01 04:03   --------   dc----w-   C:\_OTL
2011-12-31 19:56 . 2011-11-10 08:27   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2011-12-31 19:12 . 2011-12-31 19:13   --------   d-----w-   c:\program files\CCleaner
2011-12-31 17:25 . 2012-01-01 04:25   --------   dc----w-   c:\documents and settings\All Users\Application Data\OnlineArmor
2011-12-31 17:25 . 2011-12-31 17:25   --------   dc----w-   c:\documents and settings\HP_Administrator\Application Data\OnlineArmor
2011-12-31 17:23 . 2011-11-01 16:34   40296   ----a-w-   c:\windows\system32\drivers\oahlp32.sys
2011-12-31 17:23 . 2011-11-01 16:34   25192   ----a-w-   c:\windows\system32\drivers\OAmon.sys
2011-12-31 17:23 . 2011-11-01 16:34   29464   ----a-w-   c:\windows\system32\drivers\OAnet.sys
2011-12-31 17:23 . 2011-11-01 16:34   205864   ----a-w-   c:\windows\system32\drivers\OADriver.sys
2011-12-31 17:23 . 2012-01-03 04:24   --------   d-----w-   c:\program files\Online Armor
2011-12-31 17:13 . 2011-12-31 17:19   --------   dc----w-   c:\documents and settings\All Users\Application Data\AVAST Software
2011-12-31 17:13 . 2011-12-31 17:19   --------   d-----w-   c:\program files\AVAST Software
2011-12-27 16:05 . 2011-12-27 16:05   --------   dc----w-   c:\documents and settings\All Users\Application Data\MicrosoftProvisioning
2011-12-13 20:04 . 2011-12-13 20:04   --------   dc----w-   c:\documents and settings\All Users\Application Data\Provisioning
2011-12-10 00:28 . 2011-12-10 00:28   --------   d-----w-   c:\documents and settings\LocalService\Local Settings\Application Data\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-02 04:09 . 2011-05-19 06:53   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-20 18:28 . 2011-11-20 18:28   7206   ----a-w-   c:\windows\system32\PerfStringBackup.TMP
2011-11-10 10:54 . 2011-05-28 06:36   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-11-11 23:00 . 2011-05-01 14:40   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-23 20:08 . 2009-12-12 06:34   119808   -c--a-w-   c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-09 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-09 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-10-14_00.52.06 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-04-12 19:11 . 2011-04-12 19:11   56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__
31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__
31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationProvider.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__
b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__
b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__
b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__
b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__
31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__
31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__
b77a5c561934e089\System.Numerics.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__
b77a5c561934e089\System.Numerics.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__
b77a5c561934e089\System.Device.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__
b77a5c561934e089\System.Device.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__
31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__
31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__
b77a5c561934e089\SMDiagnostics.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__
b77a5c561934e089\SMDiagnostics.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-13 07:15 . 2011-10-13 07:15   97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__
b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__
b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__
b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__
b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\
6f4a1ba24dffa86dd2a2ab8127e0b16d\UIAutomationProvider.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   54784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\
bceea12ce16311f31b0f1cd8cadd4d75\System.Xaml.Hosting.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\
f45abd2caa9f93bb60ce92de6a885d6e\System.Windows.Presentation.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\
3447b1ea4537dd7a1b7796efb935f4b0\System.Web.Routing.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\
56b89939136999a2d8de62d8ac3334a7\System.Web.DynamicData.Design.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\
c15f4190f96acf9b328fa3645c2063ea\System.Web.ApplicationServices.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\
5dd4316500d6e940dfed628463fe4595\System.Web.Abstractions.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\
e97547ed8d34e96b9d5836ea04b28c26\System.ServiceModel.Channels.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\
6ab752f8ab98f09615768a90d50593c1\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\
b811cdf42feaf9a32408b03ab1c4e2d5\System.AddIn.Contract.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\
cfba497fc860b32b8d895f57bf148aa7\Microsoft.VisualC.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\
1f368300314889ee35325be9f80ef1c3\Accessibility.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   9728 c:\windows\assembly\NativeImages_v4.0.30319_32\
dfsvc\fed35fa53f20bd75214f2eca0cde1ece\dfsvc.ni.exe
+ 2011-10-15 07:03 . 2011-10-15 07:03   109568 c:\windows\WinSxS\x86_System.EnterpriseServices_
b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   109568 c:\windows\WinSxS\x86_System.EnterpriseServices_
b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   246128 c:\windows\WinSxS\x86_System.EnterpriseServices_
b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   246128 c:\windows\WinSxS\x86_System.EnterpriseServices_
b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2005-08-30 21:07 . 2011-11-20 18:28   556980 c:\windows\system32\perfh009.dat
+ 2005-08-30 21:07 . 2011-11-20 18:28   109504 c:\windows\system32\perfc009.dat
+ 2011-12-02 04:09 . 2011-12-02 04:09   247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
- 2011-06-12 14:47 . 2011-05-04 08:52   157472 c:\windows\system32\javaws.exe
+ 2011-12-31 19:56 . 2011-11-10 10:54   157472 c:\windows\system32\javaws.exe
+ 2011-12-31 19:56 . 2011-11-10 10:54   149280 c:\windows\system32\javaw.exe
+ 2011-12-31 19:56 . 2011-11-10 10:54   149280 c:\windows\system32\java.exe
- 2011-04-12 19:11 . 2011-04-12 19:11   517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationClient.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__
31bf3856ad364e35\UIAutomationClient.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__
b77a5c561934e089\System.Xml.Linq.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__
b77a5c561934e089\System.Xml.Linq.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__
b77a5c561934e089\System.Xaml.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__
b77a5c561934e089\System.Xaml.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4
.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__
31bf3856ad364e35\System.Speech.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__
31bf3856ad364e35\System.Speech.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__
31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__
b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__
b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__
b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__
b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.IO.Log.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__
b77a5c561934e089\System.IdentityModel.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__
b77a5c561934e089\System.IdentityModel.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__
b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__
b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_
4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__
b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.Services.Client.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.Services.Client.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.Linq.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.Linq.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.configuration.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__
b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__
b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__
31bf3856ad364e35\ReachFramework.dll
- 2011-08-11 07:03 . 2011-08-11 07:03   581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__
31bf3856ad364e35\ReachFramework.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationUI.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationUI.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__
b77a5c561934e089\System.Transactions.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__
b77a5c561934e089\System.Transactions.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Printing.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__
31bf3856ad364e35\System.Printing.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__
b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__
b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   404480 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\ecb0328b918c4a5adfbd83c946e0e196\XamlBuildTask.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\040df73a6631957668b3d538e70ff7a0\WsatConfig.ni.exe
+ 2011-10-15 07:14 . 2011-10-15 07:14   252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\b18816abd9dd59ca3f1d682a756e5745\WindowsFormsIntegration.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c170b431f43ab80000d31bcc58acd1a5\UIAutomationTypes.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ee096062554a6344a49083910c0af16e\UIAutomationClient.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\1faca3f09472860e010689b67c68a327\System.Xml.Linq.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\eeb9b49d8598c6f5926f494074af2d69\
System.Windows.Input.Manipulations.ni.d ll
+ 2011-10-15 07:14 . 2011-10-15 07:14   194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\a863e081c9bcbaec568abe127fb1dbe3\
System.Windows.Forms.DataVisualization. Design.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\386e276cb95b2116d2662d4684126895
\System.Web.RegularExpressions.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   861696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\e327cf8e04773318e4b8b0059a6fbd6b\
System.Web.Extensions.Design.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   332800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\
1f27b86bb9c2a32f7571b0c86341d73f\System.Web.Entity.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   297472 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\
67fc91b4eac9e54781bc50dcb36945d4\System.Web.Entity.Design.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   705536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\
965eb0ae99683ff79685abe9323a6cfa\System.Web.DynamicData.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   259072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\
da89b1d421f29db531ee997029e03b72\System.Web.DataVisualization.Design.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\
344c1e000e4158cc37a5e9068e095d40\System.Transactions.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\
a0e090647c856fe52e1f1e5d2a25b1ac\System.ServiceProcess.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   422912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\
8f7ddde9561a2cc64c9a9377ef645f71\System.ServiceModel.Activation.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\
1cce5f9cad92a8ba3deb833291637b95\System.ServiceModel.Routing.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   729088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\
c12a8284683ba6b400a4562da310ce59\System.Security.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\
137a2ae391d89577ad63db08303a5158\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   770560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\
4188dcf65867be8c772c2e44082e51ca\System.Runtime.Remoting.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   241664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\
69686330b905615bdbc5a43d159ed335\System.Runtime.Caching.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\
d038332bf07a163f855200919ee678cc\System.Numerics.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\
8410db646e037bab93d66ef9d17a3ce5\System.Net.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\
7cdd3b54c476345732c735ea253d95d5\System.Messaging.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\
fe11b4a9c8067184aff54b627b0e046b\System.Management.Instrumentation.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\
7970b94c1582f58c8f79f531f104c754\System.IO.Log.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\
26bdff3178be53810cb7bac268f7af08\System.IdentityModel.Selectors.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\
a2baf116d3055aadb99b77e327a74907\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\
a2baf116d3055aadb99b77e327a74907\System.EnterpriseServices.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   377344 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\
d8131e4810c207d23b977603fdad6e33\System.Dynamic.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   224768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\
fcc666923b1ee799fa03c87082249868\System.Drawing.Design.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\
86db06eb0e133c3c2042cd6abcfff399\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\
2f7f2d7c549c23373541e052c8364755\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\
ecae7de1b9e1cf0d6d3bc7f01b891a1a\System.Device.ni.dll
+ 2011-10-15 07:13 . 2011-10-15 07:13   507904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\
923c3591d29f5671472728bf1a55f308\System.Data.Services.Design.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\
e6c62a3b06ae5f2f9de5164117dd6ba6\System.Data.DataSetExtensions.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   980480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\
cb7cfe8f0e8532f6381c22bf719a95dc\System.Configuration.ni.dll
+ 2011-10-15 07:10 . 2011-10-15 07:10   148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\
96907044ee8b845f05d72805d100fb7e\System.Configuration.Install.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\
d5f97e0367e37f9aead033b54f40a895\System.ComponentModel.Composition.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\
c11789fd2d4aeb3a41b8a925975ebd96\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\
53e0aa766368680b3785a0867d632f0c\System.AddIn.ni.dll
+ 2011-10-15 07:11 . 2011-10-15 07:11   404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\
aef6e32f096486514002cee2bd716b0b\System.Activities.DurableInstancing.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\
eee8be5d9f06c6d32cb1eeca8cfbfe38\SMSvcHost.ni.exe
+ 2011-10-15 07:10 . 2011-10-15 07:10   142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\
c60bbf982563abd181e673c1d5e92006\SMDiagnostics.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   450560 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\
d2ad394c477fc1c71c900c892d7fce0b\PresentationFramework.Aero.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   284160 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\
63f98ea6df6a734c122348fa32296df0\PresentationFramework.Classic.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\
61aa640996b77695572adefea8fd36b7\PresentationFramework.Luna.ni.dll
+ 2011-10-15 07:06 . 2011-10-15 07:06   327680 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\
30d7b48c6018eb8d7db378908568130f\PresentationFramework.Royale.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\
50ef00afe8174ef7b9ca3577a301b02b\MSBuild.ni.exe
+ 2011-10-15 07:10 . 2011-10-15 07:10   303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\
9f9e5b077347f8f318b1959555be1031\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\
54c59931e1860675710f19c7c3ba4cc8\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   631808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\
503994046462b53944ed2915dfb43cb0\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\
1bf86eecca78429158f8e8b8910f3e6e\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\
1b119eca340bea3a2489017f8f4e9aac\Microsoft.Build.Conversion.v4.0.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\
04226f317855c555a957f4c2d0dc240d\CustomMarshalers.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   474624 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\
4da03695fc54c2e2b57b034ae772d189\ComSvcConfig.ni.exe
+ 2011-10-15 07:09 . 2011-10-15 07:09   846336 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\
98447bb42f564716029c1751c88ae134\AspNetMMCExt.ni.dll
+ 2011-09-29 23:55 . 2011-12-02 04:09   8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-04-12 19:11 . 2011-04-12 19:11   5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   1142616 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-07-09 13:30 . 2011-07-09 13:30   6724424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__
31bf3856ad364e35\WindowsBase.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__
31bf3856ad364e35\WindowsBase.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__
b77a5c561934e089\System.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__
b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__
b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__
31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__3
1bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__
b77a5c561934e089\System.ServiceModel.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__
b77a5c561934e089\System.ServiceModel.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__
b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__
b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.Entity.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.Entity.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__
b77a5c561934e089\System.Core.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__
b77a5c561934e089\System.Core.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__
31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationFramework.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__
b77a5c561934e089\System.Data.dll
- 2011-10-13 07:14 . 2011-10-13 07:14   3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationCore.dll
+ 2011-10-15 07:04 . 2011-10-15 07:04   3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__
31bf3856ad364e35\PresentationCore.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__
b77a5c561934e089\mscorlib.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__
b77a5c561934e089\mscorlib.dll
- 2011-10-13 07:15 . 2011-10-13 07:15   2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-10-15 07:03 . 2011-10-15 07:03   2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__
b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   3798016 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\
6e1c62ce679c8157560c7593c066cd85\WindowsBase.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   1057792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\0
d8b512be71d0a491131dac4bada85cf\UIAutomationClientsideProviders.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   9085952 c:\windows\assembly\NativeImages_v4.0.30319_32\System\
af709611f9ffff0544b1d750303c4afa\System.ni.dll
+ 2011-10-15 07:05 . 2011-10-15 07:05   5618176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\
a401952384c24581989cdc85270f3d9d\System.Xml.ni.dll
+ 2011-10-15 07:09 . 2011-10-15 07:09   1781760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\
4185130eda1d7a5e0e0474e72343570b\System.Xaml.ni.dll
+ 2011-10-15 07:14 . 2011-10-15 07:14   1

nikis360 · « **Reply #10 on:** January 03, 2012, 07:08:58 PM »

sorry, didn't realize it was cut off. I have attached it.

[year+ old attachment deleted by admin]

SuperDave · « **Reply #11 on:** January 04, 2012, 01:15:24 PM »

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

Double click Sysprot.exe to start the program.
Click on the Log tab.
In the Write to log box select the following items.

Process << Selected
Kernel Modules << Selected
SSDT << Selected
Kernel Hooks << Selected
IRP Hooks << NOT Selected
Ports << NOT Selected
Hidden Files << Selected

At the bottom of the page

Hidden Objects Only << Selected

Click on the Create Log button on the bottom right.
After a few seconds a new window should appear.
Select Scan Root Drive. Click on the Start button.
When it is complete a new window will appear to indicate that the scan is finished.
The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

nikis360 · « **Reply #12 on:** January 10, 2012, 08:14:41 AM »

I cannot get this to work.

"Click on the Create Log button on the bottom right.
After a few seconds a new window should appear."

The window never appears, it just freezes.

nikis360 · « **Reply #13 on:** January 10, 2012, 10:02:13 AM »

finally got it to run and then it said error writing to log file.
this is what was in the sysprotlog-notepad

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: sphf.sys
Service Name: ---
Module Base: B9EA7000
Module End: B9FA7000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_iaStor.sys
Service Name: ---
Module Base: A896A000
Module End: A8A21000
Hidden: Yes

Module Name: C:\WINDOWS\system32\drivers\kmixer.sys
Service Name: kmixer
Module Base: 9965D000
Module End: 99688000
Hidden: Yes

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAllocateVirtualMemory
Address: B039242C
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwAssignProcessToJobObject
Address: B0391928
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwConnectPort
Address: B039064C
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwCreateFile
Address: B0397316
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwCreateKey
Address: B0399242
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwCreatePort
Address: B039046A
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwCreateProcess
Address: B0391EE8
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwCreateProcessEx
Address: B038E978
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwCreateSection
Address: B038E4F2
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwCreateThread
Address: B038F634
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwDebugActiveProcess
Address: B038FD22
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwDuplicateObject
Address: B039032C
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwEnumerateKey
Address: B9EC6CA2
Driver Base: B9EA7000
Driver End: B9FA7000
Driver Name: sphf.sys

Function Name: ZwEnumerateValueKey
Address: B9EC7030
Driver Base: B9EA7000
Driver End: B9FA7000
Driver Name: sphf.sys

Function Name: ZwLoadDriver
Address: B0391350
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwOpenFile
Address: B0397694
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwOpenKey
Address: B9EA80C0
Driver Base: B9EA7000
Driver End: B9FA7000
Driver Name: sphf.sys

Function Name: ZwOpenProcess
Address: B038F308
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwOpenSection
Address: B038E7B4
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwOpenThread
Address: B038F8B0
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwProtectVirtualMemory
Address: B03916DA
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwQueryKey
Address: B9EC7108
Driver Base: B9EA7000
Driver End: B9FA7000
Driver Name: sphf.sys

Function Name: ZwQueryValueKey
Address: B9EC6F88
Driver Base: B9EA7000
Driver End: B9FA7000
Driver Name: sphf.sys

Function Name: ZwQueueApcThread
Address: B0391A44
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwRequestPort
Address: B0390CB0
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwRequestWaitReplyPort
Address: B0391018
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwRestoreKey
Address: B039710E
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwResumeThread
Address: B03900CE
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwSecureConnectPort
Address: B039086E
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwSetContextThread
Address: B038FBCC
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwSetSystemInformation
Address: B03920E0
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwSetValueKey
Address: B9EC719A
Driver Base: B9EA7000
Driver End: B9FA7000
Driver Name: sphf.sys

Function Name: ZwShutdownSystem
Address: B039128A
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwSuspendProcess
Address: B03901FE
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwSuspendThread
Address: B038FF7A
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwSystemDebugControl
Address: B038FE40
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwTerminateProcess
Address: B038F472
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwTerminateThread
Address: B038FA66
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwUnloadDriver
Address: B0391518
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

Function Name: ZwWriteVirtualMemory
Address: B0391804
Driver Base: B038E000
Driver End: B03BF000
Driver Name: \??\C:\WINDOWS\system32\drivers\OADriver.sys

******************************************************************************************
******************************************************************************************

SuperDave · « **Reply #14 on:** January 10, 2012, 12:27:51 PM »

How's the computer working now?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the

button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

•Check

•Click the

button.
•Accept any security warnings from your browser.
•Check

•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push

•Push

, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the

button.
•Push

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Computer Hope Forum

News:

Author Topic: badly infected (Read 19899 times)

nikis360

badly infected

SuperDave

Re: badly infected

nikis360

Re: badly infected

nikis360

Re: badly infected

SuperDave

Re: badly infected

nikis360

Re: badly infected

SuperDave

Re: badly infected

nikis360

Re: badly infected

SuperDave

Re: badly infected

nikis360

Re: badly infected

nikis360

Re: badly infected

SuperDave

Re: badly infected

nikis360

Re: badly infected

nikis360

Re: badly infected

SuperDave

Re: badly infected