|
|
[ danieltod @ 08.10.2010. 12:08 ] @
|
| Pc j epočeo puno da mi štopa u zadnje vrijeme. Zapravo nojedan video ne mogu da odgledam a da mi ne zablokira skroz, i kad zablokira ništa ne funkicioniše ne pomaže ni Ctrl+alt+delete samo ga mogu restartovat, isto mi se često dešava i sa mozilom. Čitao sam upustva, skenirao komp sa CCleaner sa dr.web i sa super anti spyware u safe modu obrisao sam neke viruse ali opet isto, pokušavao sam i sa kaspersky rescue disk i opet isto. Jedino što mi je malo pomoglo je combofix. on popravi stvar i pc mi radi normalno takodje i recycler učini vidljim(inače ga vidim samo pomuću winrara) ali i dalje ne mogu da ga obrišem ni sa unlockerom ni sa fileassassin. I čim ugasim komp i ponovo upalim opet ista priča sve blokira. Molim da mi neko pomogne ako može. evo log file od hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:07:41, on 8.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda USB Vaccine\USBVaccine.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\WINXPSP3\Bluebirds\BlueBirds.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
C:\Program Files\MCShield\MCShieldTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
D:\My Documents\Downloads\blabla.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [bluebirds] C:\Documents and Settings\WINXPSP3\Bluebirds\BlueBirds.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MCShield] C:\Program Files\MCShield\MCShieldRTM.exe
O4 - HKCU\..\Run: [MCShieldTray] C:\Program Files\MCShield\MCShieldTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
O23 - Service: Roxio UPnP Renderer 11 - Unknown owner - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9095 bytes
|
[ kristi1 @ 08.10.2010. 12:38 ] @
Imas CF log, nalazi se na C\Combofix.txt
Postavi ga.
[ kristi1 @ 08.10.2010. 13:12 ] @
http://www.comss.ru/url.php?ur...ub/drweb/tools/drw_remover.exe
Deinstaliraj DrWeb AV sa ovim alatom. Javi kako se ponasa komp nakon uklanjanja.
[ danieltod @ 08.10.2010. 13:22 ] @
evo ponovo cf log maloprije sam ga obrisao, moj agreška....
ComboFix 10-10-07.01 - WINXPSP3 07.10.2010 23:27:44.3.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.3071.2521 [GMT 2:00]
Running from: c:\documents and settings\WINXPSP3\Desktop\ComboFix.exe
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
.
((((((((((((((((((((((((( Files Created from 2010-09-07 to 2010-10-07 )))))))))))))))))))))))))))))))
.
2010-10-07 05:23 . 2010-10-07 05:23 63488 ----a-w- c:\documents and settings\WINXPSP3\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-10-07 05:23 . 2010-10-07 05:23 52224 ----a-w- c:\documents and settings\WINXPSP3\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-10-07 05:23 . 2010-10-07 05:23 117760 ----a-w- c:\documents and settings\WINXPSP3\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-10-07 05:21 . 2010-10-07 05:21 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\SUPERAntiSpyware.com
2010-10-07 05:21 . 2010-10-07 05:21 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-10-07 05:21 . 2010-10-07 05:21 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-06 23:54 . 2010-10-07 06:39 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2010-10-06 15:43 . 2010-10-06 15:43 -------- d-----w- c:\program files\Blade
2010-10-06 09:48 . 2010-10-06 09:48 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-09-28 15:08 . 2010-09-28 15:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2010-09-28 15:08 . 2010-09-28 15:08 -------- d-----w- c:\program files\Panda USB Vaccine
2010-09-28 15:03 . 2010-10-07 21:13 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\MCShield
2010-09-28 15:03 . 2010-09-28 15:03 -------- d-----w- c:\program files\MCShield
2010-09-28 11:35 . 2010-09-28 11:39 -------- d-----w- c:\program files\Unlocker
2010-09-28 09:45 . 2010-09-28 16:13 -------- d-----w- c:\documents and settings\WINXPSP3\Local Settings\Application Data\NPE
2010-09-28 07:25 . 2010-09-28 07:28 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-09-28 07:25 . 2010-09-28 07:25 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-09-28 07:25 . 2010-09-28 07:25 126512 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-09-28 07:25 . 2010-09-28 07:25 -------- d-----w- c:\program files\Symantec
2010-09-28 07:25 . 2010-09-28 07:25 -------- d-----w- c:\windows\system32\drivers\NAV
2010-09-28 07:25 . 2010-09-28 07:25 -------- d-----w- c:\program files\Norton AntiVirus
2010-09-28 07:25 . 2010-09-28 07:25 -------- d-----w- c:\program files\Windows Sidebar
2010-09-28 07:25 . 2010-09-28 09:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-09-28 07:25 . 2010-09-28 07:25 -------- d-----w- c:\program files\NortonInstaller
2010-09-28 07:25 . 2010-09-28 07:25 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-09-26 17:17 . 2010-10-07 05:20 -------- d-----w- c:\program files\CCleaner
2010-09-26 17:10 . 2010-09-26 17:10 -------- d-----w- c:\program files\FileASSASSIN
2010-09-26 16:27 . 2010-09-26 16:29 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-26 15:46 . 2010-09-26 15:46 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\Registry Mechanic
2010-09-25 07:14 . 2010-09-25 07:23 -------- d-----w- c:\documents and settings\WINXPSP3\DoctorWeb
2010-09-21 18:37 . 2010-09-21 18:37 932288 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\4844\AdobeARM.exe
2010-09-21 18:37 . 2010-09-21 18:37 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\4844\AdobeExtractFiles.dll
2010-09-21 18:37 . 2010-09-21 18:37 338856 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\4844\ReaderUpdater.exe
2010-09-21 18:37 . 2010-09-21 18:37 338856 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\4844\AcrobatUpdater.exe
2010-09-15 07:44 . 2010-08-18 16:18 52224 ----a-w- c:\documents and settings\WINXPSP3\Application Data\Mozilla\Firefox\Profiles\ayi9ddk8.default\extensions\{1755e943-b0af-431b-8ba7-3a74879720dd}\components\FFExternalAlert.dll
2010-09-15 07:44 . 2010-08-18 16:18 101376 ----a-w- c:\documents and settings\WINXPSP3\Application Data\Mozilla\Firefox\Profiles\ayi9ddk8.default\extensions\{1755e943-b0af-431b-8ba7-3a74879720dd}\components\RadioWMPCore.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-07 20:56 . 2010-06-30 05:51 -------- d-----w- c:\program files\Steam
2010-10-07 20:52 . 2009-08-18 09:57 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\Media Player Classic
2010-10-06 20:44 . 2009-09-29 15:11 -------- d-----w- c:\program files\Rockstar Games
2010-10-06 09:43 . 2009-10-01 11:33 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\uTorrent
2010-10-02 17:45 . 2009-10-06 07:07 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\AIMP
2010-09-30 10:35 . 2009-10-01 11:34 -------- d-----w- c:\program files\uTorrent
2010-09-29 12:39 . 2009-11-06 17:11 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-28 07:38 . 2010-04-23 07:39 -------- d-----w- c:\program files\UlisesSoft
2010-09-28 07:25 . 2010-09-28 07:25 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-09-28 07:25 . 2010-09-28 07:25 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-09-26 16:27 . 2009-09-28 07:56 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-26 16:26 . 2009-09-28 07:59 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-09-26 16:24 . 2009-08-13 14:23 -------- d---a-w- c:\documents and settings\All Users\Application Data\Temp
2010-09-26 10:55 . 2009-08-13 14:26 71448 ----a-w- c:\documents and settings\WINXPSP3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-25 06:12 . 2010-02-02 15:47 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\Skype
2010-09-24 07:46 . 2010-02-02 15:52 -------- d-----w- c:\documents and settings\WINXPSP3\Application Data\skypePM
2010-09-22 22:19 . 2009-11-22 22:37 -------- d-----w- c:\program files\JDownloader
2010-09-22 15:13 . 2009-11-30 10:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-09-07 01:24 . 2010-09-02 13:10 343320 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-08-17 13:17 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-23 06:13 . 2009-06-09 18:12 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 05:57 . 2009-06-09 18:11 5120 ----a-w- c:\windows\system32\xpsp4res.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-09-25_06.53.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-07 21:27 . 2010-10-07 21:27 16384 c:\windows\temp\Perflib_Perfdata_754.dat
+ 2010-10-07 17:22 . 2010-10-07 17:22 16384 c:\windows\temp\Perflib_Perfdata_6d8.dat
- 2008-04-14 12:00 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2010-10-07 21:30 68470 c:\windows\system32\perfc009.dat
+ 2010-09-28 07:25 . 2010-07-29 02:54 50096 c:\windows\system32\drivers\NAV\1201000.025\srtspx.sys
+ 2010-10-06 11:48 . 2010-10-06 11:48 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-06 11:48 . 2010-10-06 11:48 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2010-10-06 11:48 . 2010-10-06 11:48 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-09-22 07:43 . 2010-09-22 07:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2010-03-23 03:31 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-06-05 02:07 . 2010-09-29 10:04 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-05 02:07 . 2010-09-07 23:25 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-06 12:15 . 2010-10-06 12:15 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-10-06 15:51 . 2010-10-06 15:51 8854 c:\windows\Installer\{51AA8C3F-B316-44A8-B371-4BB6047E45DF}\UNINST_Uninstall_W_F8456DC0AC9E42C195467F97E4D2E6AE_1.exe
+ 2010-10-06 12:16 . 2010-10-06 12:16 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-08-23 15:45 . 2010-08-23 15:45 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-08-23 15:45 . 2010-08-23 15:45 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-04-14 12:00 . 2010-10-07 21:30 435574 c:\windows\system32\perfh009.dat
+ 2009-08-13 15:54 . 2010-09-26 11:42 282928 c:\windows\system32\FNTCACHE.DAT
+ 2010-09-28 07:25 . 2010-07-13 01:20 331312 c:\windows\system32\drivers\NAV\1201000.025\symtdiv.sys
+ 2010-09-28 07:25 . 2010-07-13 01:20 369072 c:\windows\system32\drivers\NAV\1201000.025\symtdi.sys
+ 2010-09-28 07:25 . 2010-07-13 01:20 294448 c:\windows\system32\drivers\NAV\1201000.025\symnets.sys
+ 2010-09-28 07:25 . 2010-07-29 03:33 666672 c:\windows\system32\drivers\NAV\1201000.025\SymEFA.sys
+ 2010-09-28 07:25 . 2010-06-13 10:50 339504 c:\windows\system32\drivers\NAV\1201000.025\SymDS.sys
+ 2010-09-28 07:25 . 2010-07-29 02:54 489008 c:\windows\system32\drivers\NAV\1201000.025\srtsp.sys
+ 2010-09-28 07:25 . 2010-06-27 04:05 134704 c:\windows\system32\drivers\NAV\1201000.025\Ironx86.sys
+ 2010-09-28 08:25 . 2010-10-02 02:49 262144 c:\windows\system32\config\systemprofile\ntuser.dat
- 2010-03-23 03:31 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-09-22 07:43 . 2010-09-22 07:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-10-06 15:51 . 2010-10-06 15:51 319488 c:\windows\Installer\{51AA8C3F-B316-44A8-B371-4BB6047E45DF}\wpc2007.exe_51AA8C3FB31644A8B3714BB6047E45DF.exe
+ 2010-10-06 15:51 . 2010-10-06 15:51 319488 c:\windows\Installer\{51AA8C3F-B316-44A8-B371-4BB6047E45DF}\ARPPRODUCTICON.exe
+ 2010-10-06 14:56 . 2010-10-06 14:56 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\f39d526b39e8928e719d9ce8a971383e\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d0916f4cf87dafdf941b66056dd0e005\WindowsLive.Writer.BlogClient.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa7ddbdf38e8a7129fb0befd951897f5\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7619247d1c0a0779042423940f5f93de\WindowsLive.Writer.HtmlParser.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\22430f635f78e165adc8df760d54d093\System.Web.Extensions.Design.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\22d1acce74bb263ae91cca82e5dfed94\System.Web.Entity.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\567bc9e7e082dc4c4e0fa235e2f521c6\System.Web.Entity.Design.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\434c74721156d301e15b4e5c360665a4\System.Web.DynamicData.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-10-06 14:43 . 2010-10-06 14:43 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-10-06 14:56 . 2010-10-06 14:56 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-10-06 12:15 . 2010-10-06 12:15 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2010-03-23 03:32 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-22 07:44 . 2010-09-22 07:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-23 05:39 . 2010-09-23 05:39 4265472 c:\windows\Installer\5fa00.msp
+ 2010-10-06 15:51 . 2010-10-06 15:51 4467712 c:\windows\Installer\37f506.msi
+ 2010-06-20 08:01 . 2010-06-20 08:01 8040960 c:\windows\Installer\1bbfa.msp
+ 2010-10-06 14:56 . 2010-10-06 14:56 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d13674449b3ae21327820bddbd7e445f\WindowsLive.Writer.PostEditor.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c266f56473a94ee07c092381c2ff9522\WindowsLive.Writer.CoreServices.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-10-06 14:43 . 2010-10-06 14:43 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\722b203f351322aad7a54efe8622883b\System.Web.Extensions.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\d61908249d680d7c73ba0fead09d3935\System.ServiceModel.Web.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-10-06 14:57 . 2010-10-06 14:57 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-06 12:15 . 2010-10-06 12:15 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-10-06 12:15 . 2010-10-06 12:15 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-06 12:15 . 2010-10-06 12:15 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-08-23 15:45 . 2010-08-23 15:45 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-10-06 12:16 . 2010-10-06 12:16 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-06-30 06:17 . 2010-06-30 06:17 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-10-06 15:43 . 2010-10-06 15:43 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-29 10:04 . 2010-09-29 10:04 20303872 c:\windows\Installer\1ddd8c.msp
+ 2010-08-13 18:09 . 2010-08-13 18:09 12263936 c:\windows\Installer\1bbf9.msp
+ 2010-10-06 14:43 . 2010-10-06 14:43 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-10-06 14:56 . 2010-10-06 14:56 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-10-06 14:43 . 2010-10-06 14:43 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-12-20 09:51 87480 ----a-w- c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2009-12-27 13:30 504248 ----a-w- c:\program files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
2010-01-18 23:31 2074048 ----a-w- c:\program files\Bandoo\Plugins\IE\ieplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bluebirds"="c:\documents and settings\WINXPSP3\Bluebirds\BlueBirds.exe" [2009-04-29 270336]
"Steam"="c:\program files\Steam\Steam.exe" [2010-08-24 1242448]
"MCShield"="c:\program files\MCShield\MCShieldRTM.exe" [2010-09-09 251904]
"MCShieldTray"="c:\program files\MCShield\MCShieldTray.exe" [2010-09-16 65536]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-28 2424560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2008-12-03 75048]
"SkyTel"="SkyTel.EXE" [2007-10-11 1826816]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DataMngr"="c:\program files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe" [2009-12-27 184760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-11 202256]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ubisoft\\Techland\\Call of Juarez - Bound in Blood\\CoJBiBGame_x86.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\My Documents\\l4d\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\WINXPSP3\\Desktop\\usb\\smješko\\emoticon-smileys-v5.4.2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2010\\fm.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1201000.025\SymDS.sys [28.9.2010 9:25 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1201000.025\SymEFA.sys [28.9.2010 9:25 666672]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys [6.10.2010 12:26 692272]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [13.8.2009 16:35 13696]
R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [14.8.2009 9:42 16768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1201000.025\Ironx86.sys [28.9.2010 9:25 134704]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [21.11.2008 21:37 61424]
R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe [28.9.2010 9:25 126904]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28.9.2010 10:18 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101005.005\IDSXpx86.sys [15.9.2010 20:02 341880]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [3.3.2010 12:41 25832]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe" --> c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.9.2009 9:56 691696]
.
Contents of the 'Scheduled Tasks' folder
2010-10-07 c:\windows\Tasks\PandaUSBVaccine.job
- c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2010-09-28 14:45]
2010-10-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1292428093-602162358-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
2010-09-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1292428093-602162358-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
2010-10-07 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-02-04 15:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\WINXPSP3\Application Data\Mozilla\Firefox\Profiles\ayi9ddk8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1592999&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search...
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\documents and settings\WINXPSP3\Application Data\Mozilla\Firefox\Profiles\ayi9ddk8.default\extensions\{1755e943-b0af-431b-8ba7-3a74879720dd}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\WINXPSP3\Application Data\Mozilla\Firefox\Profiles\ayi9ddk8.default\extensions\{1755e943-b0af-431b-8ba7-3a74879720dd}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\WINXPSP3\Application Data\Mozilla\Firefox\Profiles\ayi9ddk8.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\WINXPSP3\Application Data\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - d:\my documents\Downloads\HijackThis.exe
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.1.0.37\diMaster.dll\" /prefetch:1"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1292428093-602162358-1606980848-1003\Software\SecuROM\License information*]
"datasecu"=hex:77,15,ef,01,f3,ff,df,fc,a4,00,65,32,a1,b9,72,73,d2,0b,8f,56,0b,
08,bf,13,4d,ca,3f,b1,2d,27,1b,08,db,47,89,bb,35,76,8d,a7,b8,64,90,95,50,77,\
"rkeysecu"=hex:04,49,78,e4,e8,70,cd,c8,ce,4b,d9,0b,14,8b,1d,76
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(712)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-10-07 23:32:08
ComboFix-quarantined-files.txt 2010-10-07 21:32
ComboFix2.txt 2010-09-26 13:51
ComboFix3.txt 2010-09-25 06:57
Pre-Run: 19.040.301.056 bytes free
Post-Run: 19.372.519.424 bytes free
- - End Of File - - 78622D06431FA598584A3A57C13E8991
[ danieltod @ 08.10.2010. 13:24 ] @
evo deinstalirao sam ga. sad ću da pustim koji video da vidim šta će da se desi........
[ danieltod @ 08.10.2010. 13:49 ] @
zasad nije zablokirao, nadam se i da neće.... Možeš li mi reći koji antivirus da koristim da bih zaštitio pc od virusa, i ima li neki program koji je dobar za čišćenja usb-ova i svega ostalog što se priključuje na pc(kao što je mobilni,mp3,....) ili je dovoljno samo dobar av. hvala ti
[ kristi1 @ 08.10.2010. 14:42 ] @
Taj Norton ti je tezak za sistem, ja bi ti preporucio Avast5. Ukoliko brises Nortona, posle deinstalacije pokreni ovaj alat da obrise ostatke http://us.norton.com/support/k...eb&docurl=20080710133834EN (odaberi verziju).
Za USB imas vec instaliran MCShield, s tim sto moras da obrises Panda USB Vaccine.
Deinstaliraj Combofix:
U run kucaj Combofix /Uninstall ok i sacekaj da se deinstalira.
edit:
Taj recycler folder je legitiman, i ne mozes da ga obrises, ne diraj ga (to je Windows-ov Recycle Bin). [ danieltod @ 08.10.2010. 17:53 ] @
aha, ja sam mislio da je to virus pošto na particiji D imam folder $recycle bin i imam i ovaj recycler. Hvala još jednom. Pozdrav
[ danieltod @ 08.10.2010. 17:56 ] @
e da i u tom folderu recycler ima fajl desktop.ini i još neki info i ima još jedan čini mi se, ne mogu tačno reći pošto nisam sad za svojim komp. Ne znam dal ti to išta znači. pozdrav
Copyright (C) 2001-2024 by www.elitesecurity.org. All rights reserved.
|