ComboFix Log:
ComboFix 11-04-27.02 - HP_Administrator 04/27/2011 23:31:11.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3006.2472 [GMT -4:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\Malware Removal\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Administrator\Desktop\Malware Removal\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"C:\Delme.bat"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Delme.bat
.
.
((((((((((((((((((((((((( Files Created from 2011-03-28 to 2011-04-28 )))))))))))))))))))))))))))))))
.
.
2011-04-28 00:20 . 2011-04-28 00:20 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E04AC74D-0277-4349-AE08-06240249C2F6}\MpKslf768cddd.sys
2011-04-28 00:18 . 2011-04-11 07:04 7071056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E04AC74D-0277-4349-AE08-06240249C2F6}\mpengine.dll
2011-04-26 06:04 . 2011-04-26 06:04 -------- d--h--r- c:\documents and settings\Administrator\Application Data\SecuROM
2011-04-26 03:14 . 2011-04-26 03:14 -------- d-----w- c:\program files\ESET
2011-04-25 00:30 . 2011-04-25 00:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\MSNInstaller
2011-04-25 00:29 . 2011-04-25 00:29 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2011-04-24 01:17 . 2011-04-24 01:17 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\MSNInstaller
2011-04-24 01:15 . 2004-08-10 04:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2011-04-24 01:15 . 2004-08-10 04:00 18944 ----a-w- c:\windows\system32\dllcache\simptcp.dll
2011-04-23 20:15 . 2011-04-23 20:15 -------- d-----w- c:\documents and settings\HP_Administrator\log
2011-04-23 20:15 . 2011-04-23 20:15 190032 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-04-23 20:14 . 2011-04-23 20:14 -------- d-----w- c:\program files\Sophos
2011-04-22 22:45 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-22 22:45 . 2011-04-22 22:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-22 22:45 . 2010-12-20 22:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-22 18:51 . 2011-04-22 18:51 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
2011-04-22 18:51 . 2011-04-22 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-04-18 19:57 . 2011-04-18 19:57 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Ilivid Player
2011-04-18 19:57 . 2011-04-18 19:57 -------- d-----w- c:\program files\iLivid
2011-04-18 19:56 . 2011-04-18 19:56 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\PackageAware
2011-04-17 19:16 . 2011-04-28 03:14 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Dropbox
2011-04-17 04:50 . 2011-04-17 04:50 -------- d-----w- c:\program files\Common Files\Simple Star Shared
2011-04-17 04:50 . 2011-04-17 04:50 -------- d-----w- c:\program files\Simple Star
2011-04-17 04:49 . 2011-04-18 20:46 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Simple Star
2011-04-09 16:50 . 2011-04-09 16:50 -------- d-----w- c:\documents and settings\Tim\Application Data\Search Settings
2011-04-01 18:57 . 2011-04-04 01:46 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2011-04-01 18:57 . 2011-04-01 18:57 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Search Settings
2011-04-01 18:57 . 2011-04-26 03:42 -------- d-----w- c:\program files\Application Updater
2011-04-01 18:57 . 2011-04-01 18:57 -------- d-----w- c:\program files\Common Files\Spigot
2011-04-01 18:56 . 2011-04-22 22:37 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 07:04 . 2010-09-19 12:38 7071056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-07 05:33 . 2004-08-10 11:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2004-08-10 11:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2004-08-10 11:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06 . 2004-08-10 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2004-08-10 11:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2004-08-10 11:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2004-08-10 11:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2004-08-10 11:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-10 11:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-14 19:30 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-08-10 11:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-08 13:33 . 2004-08-10 11:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2004-08-10 11:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-04 22:48 . 2004-08-10 11:00 456192 ----a-w- c:\windows\system32\encdec.dll
2011-02-04 22:48 . 2004-08-10 11:00 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 07:58 . 2004-08-10 11:00 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-27_00.26.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-28 00:20 . 2011-04-28 00:20 16384 c:\windows\Temp\Perflib_Perfdata_728.dat
+ 2011-04-28 00:20 . 2011-04-28 00:20 16384 c:\windows\Temp\Perflib_Perfdata_3d8.dat
- 2005-08-31 11:07 . 2011-04-24 01:20 73624 c:\windows\system32\perfc009.dat
+ 2005-08-31 11:07 . 2011-04-28 00:14 73624 c:\windows\system32\perfc009.dat
+ 2011-04-27 01:20 . 2011-04-27 01:20 21504 c:\windows\Installer\12554ab.msi
- 2009-02-01 17:00 . 2011-03-09 12:42 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-08 17:21 . 2011-04-28 00:16 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2011-01-08 17:21 . 2011-03-08 20:53 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-04-28 00:28 . 2011-04-28 00:28 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-04-28 00:16 . 2011-04-28 00:16 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-04-28 00:25 . 2011-04-28 00:25 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-10-12 04:57 . 2010-10-12 04:57 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2005-08-31 11:07 . 2011-04-24 01:20 448604 c:\windows\system32\perfh009.dat
+ 2005-08-31 11:07 . 2011-04-28 00:14 448604 c:\windows\system32\perfh009.dat
+ 2011-01-18 08:39 . 2011-01-18 08:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 08:39 . 2011-01-18 08:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-01-18 08:39 . 2011-01-18 08:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2009-02-01 17:00 . 2011-04-28 00:17 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-04-28 00:26 . 2011-04-28 00:26 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-04-28 00:18 . 2011-04-28 00:18 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-04-28 00:28 . 2011-04-28 00:28 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-04-28 00:25 . 2011-04-28 00:25 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-04-28 00:25 . 2011-04-28 00:25 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-04-28 00:26 . 2011-04-28 00:26 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-04-28 00:17 . 2011-04-28 00:17 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-04-28 00:26 . 2011-04-28 00:26 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-04-28 00:25 . 2011-04-28 00:25 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-12 04:56 . 2010-10-12 04:56 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-01-18 08:39 . 2011-01-18 08:39 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-01-18 08:39 . 2011-01-18 08:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-03-18 00:05 . 2011-03-18 00:05 4989440 c:\windows\Installer\27f5b.msp
+ 2011-01-11 21:49 . 2011-01-11 21:49 9003008 c:\windows\Installer\27f44.msp
+ 2010-11-21 03:32 . 2010-11-21 03:32 4165120 c:\windows\Installer\27f22.msp
+ 2011-03-18 00:01 . 2011-03-18 00:01 9563648 c:\windows\Installer\27efe.msp
+ 2011-01-11 21:50 . 2011-01-11 21:50 8177152 c:\windows\Installer\27ee7.msp
+ 2010-11-21 03:33 . 2010-11-21 03:33 1980928 c:\windows\Installer\27ed0.msp
+ 2009-02-01 17:00 . 2011-04-28 00:17 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-02-01 17:00 . 2011-04-28 00:17 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2009-02-01 17:00 . 2011-03-09 12:42 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-04-28 00:17 . 2011-04-28 00:17 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2011-04-28 00:16 . 2011-04-28 00:16 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-04-28 00:28 . 2011-04-28 00:28 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-04-28 00:28 . 2011-04-28 00:28 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-04-28 00:28 . 2011-04-28 00:28 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-04-28 00:28 . 2011-04-28 00:28 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-04-28 00:28 . 2011-04-28 00:28 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-04-28 00:25 . 2011-04-28 00:25 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-04-28 00:25 . 2011-04-28 00:25 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c91e83e85c030bc914ecc302fa9b2c60\System.Data.Entity.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-04-28 00:16 . 2011-04-28 00:16 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b117bf63daa7e587f1bb2d975dccb4af\PresentationBuildTasks.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-12 04:56 . 2010-10-12 04:56 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-12 04:56 . 2010-10-12 04:56 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-12 04:57 . 2010-10-12 04:57 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-04-28 00:14 . 2011-04-28 00:14 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-04-28 00:15 . 2011-04-28 00:15 20314624 c:\windows\Installer\27f2e.msp
+ 2011-02-12 00:47 . 2011-02-12 00:47 12028928 c:\windows\Installer\27f0a.msp
+ 2011-04-28 00:18 . 2011-04-28 00:18 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-04-28 00:27 . 2011-04-28 00:27 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-04-28 00:26 . 2011-04-28 00:26 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-04-28 00:18 . 2011-04-28 00:18 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-04-28 00:17 . 2011-04-28 00:17 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-04-28 00:15 . 2011-04-28 00:15 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\HP_Administrator\Application Data\Dropbox\bin\Dropbox.exe [2011-4-15 25351696]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-2-12 27136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-04-23 04:36 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
backup=c:\windows\pss\Updates From HP.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Yahoo! Widgets.lnk]
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
files\common files\lightscribe\lightscribecontrolpanel.exe -hidden [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 05:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-04 08:43 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
2005-08-03 07:19 77312 ----a-w- c:\windows\arpwrmsg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMAScheduler]
2005-11-01 17:01 90112 ----a-w- c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-06 04:56 64512 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-17 20:08 136176 ----atw- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-12 14:12 49152 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
2005-06-02 13:35 49152 -c--a-w- c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
1998-05-07 23:04 52736 ----a-w- c:\windows\system\hpsysdrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-11-26 19:54 1057064 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-18 01:59 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-01-25 08:15 7311360 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-01-25 08:15 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 16:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-03-15 02:01 71216 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-01-24 00:53 15969280 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-11-26 19:54 1629480 ----a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 20:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-04-23 04:36 2423752 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-11-21 20:21 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Documents and Settings\\HP_Administrator\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 MpKslf768cddd;MpKslf768cddd;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E04AC74D-0277-4349-AE08-06240249C2F6}\MpKslf768cddd.sys [4/27/2011 8:20 PM 28752]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [5/28/2008 10:33 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/28/2008 10:33 AM 67656]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/10/2004 7:00 AM 14336]
R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/10/2004 7:00 AM 14336]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [12/16/2009 11:11 AM 65856]
S0 nielprt;Nielsen Patch Service;c:\windows\system32\DRIVERS\nielprt.sys --> c:\windows\system32\DRIVERS\nielprt.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/28/2010 5:52 PM 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/28/2010 5:52 PM 135664]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\E3.tmp --> c:\windows\system32\E3.tmp [?]
S3 NielGfx;Nielsen USB GFX;c:\windows\system32\drivers\nielgfx.sys --> c:\windows\system32\drivers\nielgfx.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/28/2008 10:33 AM 12872]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLF768CDDD
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-12-05 17:27 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 21:52]
.
2011-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 21:52]
.
2011-04-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-485449437-1823949288-755308761-1008Core.job
- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-24 20:08]
.
2011-04-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-485449437-1823949288-755308761-1008UA.job
- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-24 20:08]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://cnn.com/uDefault_Search_URL =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopuSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopuInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
DPF: vzTCPConfig -
hxxp://my.verizon.com/micro/speedoptimi ... Config.CAB.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-04-27 23:35
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\E3.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@DACL=(02 0010)
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@DACL=(02 0010)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@DACL=(02 0010)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(864)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2011-04-27 23:38:05
ComboFix-quarantined-files.txt 2011-04-28 03:37
ComboFix2.txt 2011-04-27 00:29
.
Pre-Run: 124,402,397,184 bytes free
Post-Run: 124,400,345,088 bytes free
.
- - End Of File - - 3C50C3A78ABDA6CE66C4E24C70A0C887