Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SpyWare! Please Help [CLOSED]

Started by pablo86 , May 22 2008 04:28 PM

  • This topic is locked This topic is locked

#1
pablo86
Posted 22 May 2008 - 04:28 PM

pablo86

    New Member

  • Member
  • Pip
  • 9 posts
It says Warning! spyware detected on your computer. can u please help..thanks



ComboFix 08-05-11.1 - tamara 2008-05-22 15:12:34.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.226 [GMT -7:00]
Running from: C:\Documents and Settings\tamara\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-04-22 to 2008-05-22 )))))))))))))))))))))))))))))))
.

2008-05-22 15:09 . 2008-05-22 15:09 84 --a------ C:\WINDOWS\SYSTEM32\ikhcore.cfg
2008-05-22 13:42 . 2008-05-22 13:42 <DIR> d-------- C:\Documents and Settings\tamara\Application Data\AXPFixer
2008-05-22 13:22 . 2008-05-22 13:22 <DIR> d-------- C:\Program Files\Motorola Tools
2008-05-22 12:21 . 2008-05-22 15:07 160,256 --a------ C:\WINDOWS\SYSTEM32\blackster.scr
2008-05-22 12:20 . 2008-05-22 15:07 269,334 --a------ C:\WINDOWS\SYSTEM32\ctfmonb.bmp
2008-05-22 10:40 . 2008-05-22 10:40 92,064 --a------ C:\Documents and Settings\tamara\mqdmmdm.sys
2008-05-22 10:40 . 2008-05-22 10:40 79,328 --a------ C:\Documents and Settings\tamara\mqdmserd.sys
2008-05-22 10:40 . 2008-05-22 10:40 66,656 --a------ C:\Documents and Settings\tamara\mqdmbus.sys
2008-05-22 10:40 . 2008-05-22 10:40 9,232 --a------ C:\Documents and Settings\tamara\mqdmmdfl.sys
2008-05-22 10:40 . 2008-05-22 10:40 6,208 --a------ C:\Documents and Settings\tamara\mqdmcmnt.sys
2008-05-22 10:40 . 2008-05-22 10:40 5,936 --a------ C:\Documents and Settings\tamara\mqdmwhnt.sys
2008-05-22 10:40 . 2008-05-22 10:40 4,048 --a------ C:\Documents and Settings\tamara\mqdmcr.sys
2008-05-22 10:35 . 2008-05-22 10:35 <DIR> d-------- C:\Documents and Settings\tamara\Application Data\InstallShield
2008-05-22 10:28 . 2008-05-22 10:35 <DIR> d-------- C:\Program Files\Avanquest update
2008-05-22 10:27 . 2004-08-03 23:08 25,600 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbser.sys
2008-05-22 10:27 . 2004-08-03 23:08 25,600 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\usbser.sys
2008-05-22 10:26 . 2008-05-22 10:42 <DIR> d-------- C:\Program Files\Motorola Phone Tools
2008-05-22 10:26 . 2008-05-22 10:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-05-22 10:26 . 2008-05-22 10:40 25,600 --a------ C:\Documents and Settings\tamara\usbsermptxp.sys
2008-05-22 10:26 . 2008-05-22 10:40 22,768 --a------ C:\Documents and Settings\tamara\usbsermpt.sys
2008-05-22 09:27 . 2008-05-22 09:27 <DIR> d-------- C:\Program Files\iZotope
2008-05-21 10:01 . 2008-05-21 10:01 0 --ah----- C:\WINDOWS\SYSTEM32\DRIVERS\Msft_Kernel_motccgpfl_01005.Wdf
2008-05-21 10:01 . 2008-05-21 10:01 0 --ah----- C:\WINDOWS\SYSTEM32\DRIVERS\Msft_Kernel_motccgp_01005.Wdf
2008-05-21 09:58 . 2008-05-21 09:58 <DIR> d-------- C:\Program Files\Motorola
2008-05-21 09:28 . 2008-05-21 09:28 0 --ah----- C:\WINDOWS\SYSTEM32\DRIVERS\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-05-21 09:28 . 2008-05-21 09:28 0 --ah----- C:\WINDOWS\SYSTEM32\DRIVERS\Msft_Kernel_motmodem_01005.Wdf
2008-05-21 09:27 . 2008-05-21 09:27 <DIR> d-------- C:\Program Files\Common Files\Motorola Shared
2008-05-21 09:27 . 2006-11-13 15:45 1,419,232 --a------ C:\WINDOWS\SYSTEM32\wdfcoinstaller01005.dll
2008-05-21 09:27 . 2007-10-10 17:41 42,112 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\motodrv.sys
2008-05-21 09:27 . 2007-06-18 15:18 23,680 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys
2008-05-21 09:27 . 2007-11-02 15:36 18,176 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\motccgp.sys
2008-05-21 09:27 . 2007-01-22 19:33 7,680 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\motccgpfl.sys
2008-05-21 09:27 . 2007-11-02 15:51 6,400 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\motswch.sys
2008-05-21 08:56 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
2008-05-21 08:56 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\usbccgp.sys
2008-05-20 15:55 . 2008-05-20 15:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SRS Labs
2008-05-20 15:55 . 2007-07-26 09:25 47,360 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\Surroundhp_kern_i386.sys
2008-05-20 15:55 . 2007-07-26 09:25 47,104 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\tshd4_kern_i386.sys
2008-05-20 15:55 . 2007-07-26 09:25 42,112 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\csiidecoder_kern_i386.sys
2008-05-20 15:55 . 2007-07-26 09:25 39,808 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\SRS_SSCFilter_i386.sys
2008-05-20 15:55 . 2007-07-26 09:25 32,000 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\wowhd_kern_i386.sys
2008-05-20 15:29 . 2008-05-20 15:29 <DIR> d-------- C:\Program Files\Photo Sketch Maker
2008-05-20 15:29 . 2008-05-20 15:32 <DIR> d-------- C:\Documents and Settings\tamara\Application Data\Photo2Sketch
2008-05-20 13:32 . 2008-05-20 13:32 <DIR> d-------- C:\Program Files\DFX
2008-05-20 13:31 . 2008-05-20 13:31 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-20 10:36 . 2008-05-20 10:36 <DIR> d-------- C:\Program Files\GoldWave
2008-05-20 09:14 . 2008-05-20 09:24 <DIR> d-------- C:\Documents and Settings\tamara\.ultramixer
2008-05-20 09:13 . 2008-05-20 09:25 <DIR> d-------- C:\Program Files\UltraMixer
2008-05-09 11:27 . 2008-05-09 11:27 0 --ah----- C:\WINDOWS\SwSys2.bmp
2008-05-09 11:27 . 2008-05-09 11:27 0 --ah----- C:\WINDOWS\SwSys1.bmp
2008-05-09 08:49 . 2008-05-22 08:35 <DIR> d-------- C:\Documents and Settings\tamara\Shared
2008-05-06 13:59 . 2008-05-06 14:01 <DIR> d-------- C:\Program Files\VirtualDJ
2008-05-01 11:16 . 2008-05-01 11:16 <DIR> d-------- C:\Documents and Settings\tamara\DoctorWeb
2008-04-28 09:20 . 2008-04-28 09:20 0 --ahs---- C:\Documents and Settings\tamara\Application Data\004815eb83f768afd8b499638152ef758d369fe5092690df6a.dat
2008-04-24 09:18 . 2008-04-24 09:18 <DIR> d-------- C:\Documents and Settings\tamara\Application Data\Malwarebytes
2008-04-24 09:17 . 2008-04-24 09:18 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-24 09:17 . 2008-04-24 09:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-22 14:14 . 2008-05-14 13:09 <DIR> d--h----- C:\$AVG8.VAULT$
2008-04-22 13:18 . 2008-04-22 13:21 <DIR> d-------- C:\Documents and Settings\tamara\Application Data\AVGTOOLBAR
2008-04-22 13:18 . 2008-05-15 13:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-22 11:20 . 2008-04-22 11:20 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-22 10:40 . 2008-04-22 12:32 <DIR> d-------- C:\Documents and Settings\tamara\.housecall6.6
2008-04-22 09:46 . 2008-04-22 15:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-22 22:09 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-22 17:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-20 21:28 --------- d-----w C:\Documents and Settings\tamara\Application Data\LimeWire
2008-05-20 16:30 --------- d-----w C:\Program Files\Sony Setup
2008-05-20 15:43 --------- d-----w C:\Program Files\VSTplugins
2008-05-15 23:22 --------- d-----w C:\Documents and Settings\tamara\Application Data\AdobeUM
2008-05-01 22:15 --------- d-----w C:\Program Files\NCH Swift Sound
2008-04-30 17:14 --------- d-----w C:\Program Files\LimeWire
2008-04-25 18:39 --------- d-----w C:\Program Files\Viewpoint
2008-04-25 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-04-10 22:06 --------- d-----w C:\Documents and Settings\tamara\Application Data\Apple Computer
2008-04-09 22:45 --------- d-----w C:\Program Files\iTunes
2008-04-09 22:44 --------- d-----w C:\Program Files\iPod
2008-04-09 22:41 --------- d-----w C:\Program Files\QuickTime
2008-04-09 20:03 --------- d-----w C:\Program Files\SopCast
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\SYSTEM32\msjint40.dll
2008-03-27 08:12 151,583 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjint40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\win32k.sys
2008-03-02 01:36 3,591,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2008-02-29 08:55 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-02-29 08:55 625,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
.

((((((((((((((((((((((((((((( snapshot@2008-04-23_14.43.07.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-20 16:04:24 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-05-20 16:04:42 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-05-20 16:03:52 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-05-20 16:04:46 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-05-20 16:04:10 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-05-20 16:04:54 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-05-20 16:04:55 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-05-20 16:04:43 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-05-20 16:04:03 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-05-20 16:04:20 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-05-20 16:04:05 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-05-20 16:04:23 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-05-20 16:04:32 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-05-20 16:04:35 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-05-20 16:04:36 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-05-20 16:04:57 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-05-20 16:04:59 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-05-20 16:05:04 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-05-20 16:05:06 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-05-20 16:04:37 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-05-20 16:04:34 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-05-20 16:04:31 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-05-20 16:04:48 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-05-20 16:04:29 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-05-20 16:03:58 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-05-20 16:04:53 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-05-20 16:04:28 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-05-20 16:04:27 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-05-20 16:04:39 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-05-20 16:04:41 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-05-20 16:04:07 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-05-20 16:04:11 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-05-20 16:04:13 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-05-20 16:05:11 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-05-20 16:05:01 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-05-20 16:04:21 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-05-20 16:04:51 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-05-20 16:03:59 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-05-20 16:04:54 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-05-20 16:04:50 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-05-20 16:04:45 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-05-20 16:04:44 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-05-20 16:04:00 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-05-20 16:04:01 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-05-20 16:04:18 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-05-20 16:04:19 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-05-20 16:04:17 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-05-20 16:04:22 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-05-20 16:04:02 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-05-20 16:04:15 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-05-20 17:04:51 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll
+ 2008-05-20 17:04:57 884,736 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll
+ 2008-05-20 17:04:59 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll
+ 2008-05-20 17:04:58 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe
+ 2008-05-20 17:05:01 876,544 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll
+ 2008-05-20 17:05:02 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll
+ 2008-05-20 17:05:07 1,695,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll
+ 2008-05-20 17:05:08 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll
+ 2008-05-20 17:05:12 1,740,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
+ 2008-05-20 16:07:45 11,722,752 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
+ 2008-05-20 17:05:15 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
+ 2008-05-20 16:08:24 7,049,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll
+ 2008-05-20 17:05:17 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll
+ 2008-05-20 16:08:50 10,969,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll
+ 2008-05-20 17:05:20 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll
+ 2008-05-20 17:05:21 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll
+ 2008-05-20 16:08:55 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll
+ 2008-05-20 16:08:54 1,667,072 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
+ 2008-05-20 17:18:46 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll
+ 2008-05-20 17:18:46 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll
+ 2008-05-20 17:18:47 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll
+ 2008-05-20 17:18:49 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
+ 2008-05-20 17:18:50 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll
+ 2008-05-20 17:31:56 2,342,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll
+ 2008-05-20 17:31:58 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll
+ 2008-05-20 17:32:02 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll
+ 2008-05-20 17:31:51 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
+ 2008-05-20 16:09:18 13,193,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
+ 2008-05-20 16:09:30 5,771,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
+ 2008-05-20 16:08:07 8,265,728 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
- 2008-04-23 01:12:42 2,048 --s-a-w C:\WINDOWS\BOOTSTAT.DAT
+ 2008-05-22 22:11:05 2,048 --s-a-w C:\WINDOWS\BOOTSTAT.DAT
+ 2008-05-21 16:58:53 22,486 ----a-r C:\WINDOWS\Installer\{922D9CCA-4317-425F-9AA5-94829DF8BA6D}\_6FEFF9B68218417F98F549.exe
+ 2008-05-21 16:58:53 22,486 ----a-r C:\WINDOWS\Installer\{922D9CCA-4317-425F-9AA5-94829DF8BA6D}\_768193AF48B27FC9C5F817.exe
+ 2008-05-21 16:58:53 22,486 ----a-r C:\WINDOWS\Installer\{922D9CCA-4317-425F-9AA5-94829DF8BA6D}\_C8733E494AEB6988C093CB.exe
- 2003-02-21 01:09:46 57,344 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2007-10-24 08:47:38 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2003-02-21 01:09:32 5,120 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2007-10-24 08:47:38 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2007-10-24 08:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2007-10-24 08:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2007-10-24 08:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2003-02-21 00:43:50 131,072 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2007-10-24 08:47:38 97,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2007-10-24 08:47:26 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2007-10-24 08:47:30 145,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2007-10-24 08:47:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2007-10-24 08:47:48 193,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2007-10-24 08:47:20 218,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2007-10-24 08:47:40 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2007-10-24 08:47:42 147,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2007-10-24 08:47:26 99,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2007-10-24 08:47:42 59,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-10-24 08:47:22 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2007-10-24 08:47:22 22,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-10-24 08:47:22 17,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-10-24 08:47:22 33,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-10-24 08:47:22 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-10-24 08:47:22 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2007-10-24 08:47:22 32,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-10-24 08:47:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2007-10-24 08:47:22 33,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-10-24 08:47:22 33,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-10-24 08:47:22 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-10-24 08:47:40 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2007-10-24 08:47:40 101,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-10-24 08:47:30 80,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2007-10-24 08:47:30 1,162,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2007-10-24 08:47:30 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2007-10-24 08:47:42 27,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2007-10-24 08:47:40 69,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2007-10-24 08:47:30 35,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2007-10-24 08:47:28 66,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2007-10-24 08:47:28 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-10-24 08:47:54 572,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2007-10-24 08:47:40 798,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2007-10-24 08:47:36 18,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2007-10-24 08:47:40 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-10-24 08:47:40 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2007-10-24 08:47:40 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2007-10-24 08:47:40 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2007-10-24 08:47:40 230,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-10-24 08:47:40 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-10-24 08:47:40 65,032 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2007-10-24 08:47:40 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2007-10-24 08:47:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2007-10-24 08:47:36 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-10-24 08:47:36 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2007-10-24 08:47:36 655,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-10-24 08:47:36 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2007-10-24 08:47:34 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-10-24 08:47:52 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2007-10-24 08:47:52 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2007-10-24 08:47:50 671,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2007-10-24 08:47:20 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2007-10-24 08:47:52 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2007-10-24 08:47:20 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2007-10-24 08:47:20 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2007-10-24 08:47:20 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2007-10-24 08:47:22 97,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-10-24 08:47:36 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2007-10-24 08:47:40 822,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-10-24 08:47:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2007-10-24 08:47:40 308,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2007-10-24 08:47:40 47,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-10-24 08:47:40 348,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-10-24 08:47:40 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2007-10-24 08:47:40 4,444,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-10-24 08:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-10-24 08:47:44 340,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2007-10-24 08:47:40 77,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2007-10-24 08:47:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2007-10-24 08:47:40 242,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-10-24 08:47:40 70,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-10-24 08:47:40 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2007-10-24 08:47:36 5,814,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-10-24 08:47:44 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2007-10-24 08:47:40 101,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-10-24 08:47:40 24,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-10-24 08:47:40 89,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2007-10-24 08:47:36 144,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-10-24 08:47:40 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2007-10-24 08:47:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2007-10-24 08:47:46 61,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2007-10-24 08:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2007-10-24 08:47:40 119,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2007-10-24 08:47:44 95,232 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2007-10-24 08:47:40 392,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-10-24 08:47:40 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-10-24 08:47:42 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-10-24 08:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2007-10-24 08:47:40 3,036,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-10-24 08:47:40 483,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-10-24 08:47:40 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-10-24 08:47:28 933,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-10-24 08:47:40 5,070,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-10-24 08:47:40 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2007-10-24 08:47:40 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-10-24 08:47:40 3,076,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-10-24 08:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2007-10-24 08:47:40 630,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-10-24 08:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-10-24 08:47:40 57,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-10-24 08:47:40 113,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-10-24 08:47:40 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-10-24 08:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2007-10-24 08:47:40 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-10-24 08:47:40 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-10-24 08:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2007-10-24 08:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2007-10-24 08:47:40 261,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-10-24 08:47:40 5,431,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-10-24 08:47:40 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2007-10-24 08:47:40 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2007-10-24 08:47:40 839,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2007-10-24 08:47:40 5,013,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-10-24 08:47:40 2,068,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-10-24 08:47:40 81,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2007-10-24 08:47:48 1,172,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-10-24 08:47:20 1,344,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-10-24 08:47:22 434,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-10-24 08:47:40 37,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2008-03-29 18:45:49 1,146,232 ----a-w C:\WINDOWS\SYSTEM32\aswBoot.exe
+ 2007-12-04 12:04:28 837,496 ----a-w C:\WINDOWS\SYSTEM32\aswBoot.exe
- 2008-03-29 18:23:22 95,608 ----a-w C:\WINDOWS\SYSTEM32\AvastSS.scr
+ 2007-12-04 11:54:04 95,608 ----a-w C:\WINDOWS\SYSTEM32\AvastSS.scr
+ 2008-05-20 22:55:32 34,308 ----a-w C:\WINDOWS\SYSTEM32\BASSMOD.dll
+ 2007-04-13 18:04:42 796,152 ----a-w C:\WINDOWS\SYSTEM32\CDDBControl.dll
+ 2007-04-13 18:05:00 103,928 ----a-w C:\WINDOWS\SYSTEM32\CddbLangDE.dll
+ 2007-04-13 18:05:02 103,928 ----a-w C:\WINDOWS\SYSTEM32\CddbLangES.dll
+ 2007-04-13 18:05:04 103,928 ----a-w C:\WINDOWS\SYSTEM32\CddbLangFR.dll
+ 2007-04-13 18:05:06 108,024 ----a-w C:\WINDOWS\SYSTEM32\CddbLangIT.dll
+ 2007-04-13 18:05:06 83,448 ----a-w C:\WINDOWS\SYSTEM32\CddbLangJA.dll
+ 2007-04-13 18:05:10 103,928 ----a-w C:\WINDOWS\SYSTEM32\CddbLangNL.dll
+ 2007-04-13 18:04:44 808,440 ----a-w C:\WINDOWS\SYSTEM32\CDDBUI.dll
+ 2007-10-24 08:47:28 96,760 ----a-w C:\WINDOWS\SYSTEM32\dfshim.dll
- 2004-08-04 07:56:42 561,179 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dao360.dll
+ 2008-03-25 04:50:25 554,008 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dao360.dll
+ 2004-08-04 06:07:58 60,288 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\drmk.sys
+ 2004-08-04 06:15:22 140,928 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ks.sys
+ 2004-08-04 07:56:42 4,096 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ksuser.dll
- 2004-08-04 07:56:43 512,029 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msexch40.dll
- 2004-08-04 07:56:43 319,517 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msexcl40.dll
+ 2008-03-25 04:50:34 1,516,568 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjet40.dll
+ 2008-03-25 04:50:40 355,112 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjetol1.dll
+ 2008-03-25 04:50:42 60,192 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjter40.dll
+ 2008-03-25 04:50:42 248,608 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjtes40.dll
- 2004-08-04 07:56:43 213,023 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msltus40.dll
- 2004-08-04 07:56:43 348,189 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mspbde40.dll
- 2004-08-04 07:56:43 421,919 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrd2x40.dll
- 2004-08-04 07:56:43 315,423 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrd3x40.dll
- 2004-08-04 07:56:43 552,989 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrepl40.dll
- 2004-08-04 07:56:43 258,077 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstext40.dll
- 2004-08-04 07:56:44 831,519 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mswdat10.dll
+ 2008-03-25 04:50:58 621,344 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mswstr10.dll
- 2004-08-04 07:56:44 348,189 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msxbde40.dll
+ 2004-08-04 06:15:50 145,792 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\portcls.sys
- 2008-03-29 18:26:52 26,944 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aavmker4.sys
+ 2007-12-04 13:49:02 26,624 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aavmker4.sys
- 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswmon.sys
+ 2007-12-04 13:56:02 93,264 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswmon.sys
- 2008-03-29 18:35:21 94,544 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswmon2.sys
+ 2007-12-04 13:55:46 94,544 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswmon2.sys
- 2008-03-29 18:29:08 23,152 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswRdr.sys
+ 2007-12-04 13:53:39 23,152 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswRdr.sys
- 2008-03-29 18:27:33 42,912 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswTdi.sys
+ 2007-12-04 13:51:52 42,912 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\aswTdi.sys
- 2004-08-04 06:15:21 140,928 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\ks.sys
+ 2004-08-04 06:15:22 140,928 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\ks.sys
- 2004-08-04 06:15:49 145,792 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\portcls.sys
+ 2004-08-04 06:15:50 145,792 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\portcls.sys
+ 2006-11-02 14:22:54 492,000 ------w C:\WINDOWS\SYSTEM32\DRIVERS\wdf01000.sys
+ 2006-11-02 14:22:52 32,224 ------w C:\WINDOWS\SYSTEM32\DRIVERS\wdfldr.sys
+ 2007-11-02 22:36:10 18,176 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motccgp_C44BD27554FC39921B7092EFB543B90AF6DFE9E6\motccgp.sys
+ 2007-01-23 02:33:00 7,680 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motccgp_C44BD27554FC39921B7092EFB543B90AF6DFE9E6\motccgpfl.sys
+ 2007-11-02 22:51:28 6,400 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motccgp_C44BD27554FC39921B7092EFB543B90AF6DFE9E6\motswch.sys
+ 2006-11-13 22:45:54 1,419,232 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motccgp_C44BD27554FC39921B7092EFB543B90AF6DFE9E6\wdfcoinstaller01005.dll
+ 2007-06-18 22:18:26 23,680 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motmodem_1773A9D77CA457C58EA444F15EB0DD1D3A4BD531\motmodem.sys
+ 2006-11-13 22:45:54 1,419,232 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motmodem_1773A9D77CA457C58EA444F15EB0DD1D3A4BD531\wdfcoinstaller01005.dll
+ 2006-07-28 15:10:08 6,144 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motodrv_00BA6D2CC9FA3D92B1F7A501D8C2342DBC5171A4\mot_ci.dll
+ 2007-10-11 00:41:50 42,112 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motodrv_00BA6D2CC9FA3D92B1F7A501D8C2342DBC5171A4\motodrv.sys
+ 2007-01-24 05:36:20 6,016 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motousbnet_45605EBE166919E5AE82CE7DE5B7BB04045B4427\motfilt.sys
+ 2008-03-03 23:03:10 23,296 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motousbnet_45605EBE166919E5AE82CE7DE5B7BB04045B4427\Motousbnet.sys
+ 2007-11-02 22:51:28 6,400 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motousbnet_45605EBE166919E5AE82CE7DE5B7BB04045B4427\motswch.sys
+ 2006-11-13 22:45:54 1,419,232 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motousbnet_45605EBE166919E5AE82CE7DE5B7BB04045B4427\wdfcoinstaller01005.dll
+ 2007-06-18 22:18:26 23,680 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motport_48526F1C0031F7FEF3D21901B32B4ECC2BB837F6\motport.sys
+ 2006-11-13 22:45:54 1,419,232 -c--a-w C:\WINDOWS\SYSTEM32\DRVSTORE\motport_48526F1C0031F7FEF3D21901B32B4ECC2BB837F6\wdfcoinstaller01005.dll
- 2008-04-09 15:11:18 297,256 ----a-w C:\WINDOWS\SYSTEM32\FNTCACHE.DAT
+ 2008-05-02 15:03:57 299,640 ----a-w C:\WINDOWS\SYSTEM32\FNTCACHE.DAT
+ 2006-07-28 15:10:08 6,144 ----a-w C:\WINDOWS\SYSTEM32\mot_ci.dll
- 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\SYSTEM32\MRT.exe
+ 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\SYSTEM32\MRT.exe
- 2006-12-22 19:28:14 271,360 ----a-w C:\WINDOWS\SYSTEM32\mscoree.dll
+ 2007-10-24 08:47:38 282,112 ----a-w C:\WINDOWS\SYSTEM32\mscoree.dll
- 2004-07-15 06:34:06 16,896 -c--a-w C:\WINDOWS\SYSTEM32\mscorier.dll
+ 2007-10-24 08:47:38 158,720 ----a-w C:\WINDOWS\SYSTEM32\mscorier.dll
- 2003-02-21 01:09:14 106,496 ----a-w C:\WINDOWS\SYSTEM32\mscories.dll
+ 2007-10-24 08:47:38 84,480 ----a-w C:\WINDOWS\SYSTEM32\mscories.dll
- 2004-08-04 07:56:43 512,029 -c--a-w C:\WINDOWS\SYSTEM32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\SYSTEM32\msexch40.dll
- 2004-08-04 07:56:43 319,517 -c--a-w C:\WINDOWS\SYSTEM32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\SYSTEM32\msexcl40.dll
- 2004-08-04 07:56:43 1,507,356 ----a-w C:\WINDOWS\SYSTEM32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\SYSTEM32\msjet40.dll
- 2004-07-17 18:34:46 358,976 ----a-w C:\WINDOWS\SYSTEM32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\SYSTEM32\msjetoledb40.dll
- 2004-08-04 07:56:43 53,279 ----a-w C:\WINDOWS\SYSTEM32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\SYSTEM32\msjter40.dll
- 2004-08-04 07:56:43 241,693 ----a-w C:\WINDOWS\SYSTEM32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\SYSTEM32\msjtes40.dll
- 2004-08-04 07:56:43 213,023 -c--a-w C:\WINDOWS\SYSTEM32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\SYSTEM32\msltus40.dll
- 2004-08-04 07:56:43 348,189 -c--a-w C:\WINDOWS\SYSTEM32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\SYSTEM32\mspbde40.dll
- 2004-08-04 07:56:43 421,919 -c--a-w C:\WINDOWS\SYSTEM32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\SYSTEM32\msrd2x40.dll
- 2004-08-04 07:56:43 315,423 -c--a-w C:\WINDOWS\SYSTEM32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\SYSTEM32\msrd3x40.dll
- 2004-08-04 07:56:43 552,989 -c--a-w C:\WINDOWS\SYSTEM32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\SYSTEM32\msrepl40.dll
- 2004-08-04 07:56:43 258,077 -c--a-w C:\WINDOWS\SYSTEM32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\SYSTEM32\mstext40.dll
- 2004-08-04 07:56:44 831,519 -c--a-w C:\WINDOWS\SYSTEM32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\SYSTEM32\mswdat10.dll
- 2004-08-04 07:56:44 614,429 ----a-w C:\WINDOWS\SYSTEM32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w C:\WINDOWS\SYSTEM32\mswstr10.dll
- 2004-08-04 07:56:44 348,189 -c--a-w C:\WINDOWS\SYSTEM32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\SYSTEM32\msxbde40.dll
- 2006-12-22 20:02:36 6,144 ----a-w C:\WINDOWS\SYSTEM32\MUI\0409\mscorees.dll
+ 2007-10-24 08:47:44 15,360 ----a-w C:\WINDOWS\SYSTEM32\MUI\0409\mscorees.dll
- 2008-04-22 16:35:30 60,414 ----a-w C:\WINDOWS\SYSTEM32\PERFC009.DAT
+ 2008-05-20 16:05:25 71,178 ----a-w C:\WINDOWS\SYSTEM32\PERFC009.DAT
- 2008-04-22 16:35:30 398,180 ----a-w C:\WINDOWS\SYSTEM32\PERFH009.DAT
+ 2008-05-20 16:05:25 424,158 ----a-w C:\WINDOWS\SYSTEM32\PERFH009.DAT
- 2007-10-08 22:46:18 14,640 ------w C:\WINDOWS\SYSTEM32\spmsg.dll
+ 2006-10-09 04:51:14 14,640 ------w C:\WINDOWS\SYSTEM32\spmsg.dll
- 2006-09-26 01:58:48 23,856 ----a-w C:\WINDOWS\SYSTEM32\spupdsvc.exe
+ 2006-10-09 04:51:14 23,856 ----a-w C:\WINDOWS\SYSTEM32\spupdsvc.exe
+ 2008-05-22 15:08:16 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_540.dat
+ 2008-05-22 22:11:20 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_79c.dat
+ 2008-05-20 16:04:32 8,192 ----a-w C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-05-21 16:58:43 1,230,336 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2007-10-24 08:47:56 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll
+ 2007-10-24 08:47:56 558,080 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
+ 2007-10-24 08:47:56 635,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
+ 2008-05-20 16:04:54 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-05-20 16:04:55 113,664 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 20:44 1200128]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"SRS Audio Sandbox"="C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2003-08-06 00:04 114741]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 18:47 204800]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 02:01 110592]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"NoticeP.exe"="C:\Program Files\Impact Software LLC\iSync 2.1\NoticeP.exe" [2006-06-07 19:57 16384]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-04-06 23:19 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-06 23:07 114688]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 05:00 79224]

C:\Documents and Settings\tamara\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [2008-02-11 13:46:40 225280]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.fraunhoferacm"= l3codecp.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"19625:TCP"= 19625:TCP:BitComet 19625 TCP
"19625:UDP"= 19625:UDP:BitComet 19625 UDP

R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2007-07-11 13:12]
S3 {DEF85C80-216A-43ab-AF70-1665EDBE2780};{DEF85C80-216A-43ab-AF70-1665EDBE2780};C:\WINDOWS\TEMP\1C9.tmp []
S3 motccgp;Motorola USB Composite Device Driver;C:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-11-02 15:36]
S3 motccgpfl;MotCcgpFlService;C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-22 19:33]
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 17:41]

.
Contents of the 'Scheduled Tasks' folder
"2008-04-23 03:31:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-22 15:16:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{DEF85C80-216A-43ab-AF70-1665EDBE2780}]
"ImagePath"="\??\C:\WINDOWS\TEMP\1C9.tmp"
.
Completion time: 2008-05-22 15:20:01
ComboFix-quarantined-files.txt 2008-05-22 22:19:30
ComboFix2.txt 2008-05-12 17:55:42
ComboFix3.txt 2008-05-01 15:49:23
ComboFix4.txt 2008-04-25 15:25:49
ComboFix5.txt 2008-04-24 17:14:53

Pre-Run: 57,601,712,128 bytes free
Post-Run: 58,373,255,168 bytes free

524 --- E O F --- 2008-05-20 16:07:20
  • 0

Advertisements

#2
sarahw
Posted 23 May 2008 - 03:28 PM

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Hi,
Welcome to the site

I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

I want you to show hidden files. There are instructions HERE to help you do this.
You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time.
Please dont use any of the tools without specific instructions. Some of them are dangerous (and could leave your computer in worse condition that it is when infected) if used incorrectly.
These instructions should be read first, then followed. If you do not understand something, don't be afraid to ask, or see if I'm on chat.

Please go to this link and install Hijack This:
http://www.geekstogo...-Log-t2852.html
Reply with a Hijack This log.

:)
  • 0

#3
sarahw
Posted 28 May 2008 - 10:43 AM

sarahw

    Malware Staff

  • Member
  • PipPipPipPipPip
  • 2,781 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP