Trojan horse Agent_r.XJ help

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Wed 20 Apr 2011, 3:13 am

First topic message reminder :

I have AVG 10 (Free edition) and everytime I scan, it never gets rid of the Trojan horse Agent_r.XJ viruses on my computer. I've tried installing TDDSkiller but the virus messed up the installer so I can't install it. Can anyone help me with how to get rid of the virus?

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down


Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Tue 26 Apr 2011, 7:23 am

Nope, not every viruses were deleted, i'm just waiting for a scan to finish and so far it detected 29 infections and 35 password-protected files which weren't scanned. I'll post again when the anti-virus scan is complete.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Tue 26 Apr 2011, 8:37 am

I finished my scan, the results say that i had 29 infections and 35 password protected files. Just to let you know, you've been very helpful and i really appreciate it. I doubt that the viruses were killed off this easily however, i think there is still some hidden somewhere on my machine. But thanks for all your help.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Tue 26 Apr 2011, 12:52 pm

I definitely still do have viruses. Because all of my anti virus softwares are going crazy and popping up "Virus detected on launch" etc. My AVG says i have Trojan horse Generic 13.BWSA, my BitDefender says I have loads of Trojan.Generic.IS.510054. My SuperAntiSpyware keeps popping up that home page changed.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by Belahzur on Wed 27 Apr 2011, 8:28 am

I did warn you.

Did you do the fixmbr command in the recovery console?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Wed 27 Apr 2011, 10:37 am

Yes you did =P, It did get rid of the Generic Host for Win32 errors and losing internet connection randomly. I did follow every instruction of the forum. It solved the problems I just mentioned but All i have left is the Trojan viruses. But different and new ones. I have no idea how I'm suddenly getting them. It's like the hacker is sending random viruses to my I.P. address or the viruses are spreading.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Wed 27 Apr 2011, 11:00 am

I got a problem, SUPERAntiSpyware keeps popping up saying, "Home Page Change Detected, Allow Change or Block Change", I never even changed it from Google to about:blank so i clicked block change, but every time i click block change it pops back up even after the 50th time.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by Belahzur on Thu 28 Apr 2011, 3:35 am

Okay, try running Combofix now please.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Fri 29 Apr 2011, 3:34 am

ComboFix 11-04-27.03 - Stefan 28.04.2011 16:38:52.3.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2206 [GMT 1:00]
Running from: c:\documents and settings\Stefan\Desktop\ComboFix.exe
AV: BitDefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: BitDefender Firewall *Enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
* Resident AV is active
.
.
PEV Error: ProfilesFile
PEV Error: ProfilesFolder
.
((((((((((((((((((((((((( Files Created from 2011-03-28 to 2011-04-28 )))))))))))))))))))))))))))))))
.
.
2011-04-27 02:06 . 2011-04-27 02:07 -------- d-----w- C:\fb387bda1ec2fe8400d6f9e0
2011-04-27 01:15 . 2011-04-27 01:15 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\PCHealth
2011-04-26 02:05 . 2011-04-26 02:08 -------- d-----w- C:\79896a2e0be1c349243a
2011-04-26 02:04 . 2011-04-26 02:04 -------- d-----w- C:\f04b1beb7790ecff94
2011-04-25 19:21 . 2011-04-25 19:21 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan
2011-04-25 17:58 . 2011-04-25 17:58 -------- d-----w- c:\documents and settings\LocalService\Application Data\QuickScan
2011-04-25 17:55 . 2011-04-25 17:55 -------- d-----w- c:\documents and settings\Stefan\Application Data\BitDefender
2011-04-25 17:54 . 2011-04-25 17:54 -------- d-----w- c:\program files\MSSOAP
2011-04-25 17:51 . 2011-04-25 17:55 -------- d-----w- c:\program files\BitDefender
2011-04-25 17:47 . 2011-04-25 17:47 -------- d-----w- c:\documents and settings\Stefan\Application Data\QuickScan
2011-04-25 17:46 . 2011-04-25 17:57 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2011-04-25 17:46 . 2011-04-25 17:51 -------- d-----w- c:\program files\Common Files\BitDefender
2011-04-23 22:03 . 2011-04-23 22:03 -------- d-----w- C:\$AVG
2011-04-23 20:39 . 2011-04-28 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2011-04-22 20:13 . 2011-04-22 20:13 -------- d-----w- c:\documents and settings\Stefan\Application Data\AVS4YOU
2011-04-22 20:13 . 2011-04-22 20:31 -------- d-----w- c:\program files\AVS4YOU
2011-04-22 20:12 . 2011-04-22 20:15 -------- d-----w- c:\program files\Common Files\AVSMedia
2011-04-22 20:12 . 2011-04-22 20:13 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2011-04-22 20:12 . 2010-12-02 09:12 24576 ----a-w- c:\windows\system32\msxml3a.dll
2011-04-22 20:12 . 2010-12-02 09:12 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2011-04-21 15:11 . 2011-04-21 15:11 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-04-21 12:03 . 2011-04-21 12:04 -------- d-----w- C:\Combo-Fix
2011-04-20 23:19 . 2009-12-14 11:44 39352 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2011-04-20 23:19 . 2009-12-14 11:44 88632 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2011-04-19 22:51 . 2011-04-19 22:51 -------- d-----w- c:\documents and settings\Stefan\Application Data\SUPERAntiSpyware.com
2011-04-19 22:51 . 2011-04-19 22:51 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-19 22:51 . 2011-04-22 12:12 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-04-18 17:24 . 2011-04-18 17:24 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2011-04-18 17:24 . 2011-04-18 17:24 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ESET
2011-04-18 13:26 . 2011-04-18 13:26 388096 ----a-r- c:\documents and settings\Stefan\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-18 13:26 . 2011-04-18 13:26 -------- d-----w- c:\program files\Trend Micro
2011-04-17 16:18 . 2011-04-25 18:29 307784 ----a-w- c:\windows\system32\drivers\trufos.sys
2011-04-17 16:18 . 2011-03-24 14:36 353096 ------w- c:\windows\system32\drivers\bdfsfltr.sys
2011-04-17 16:18 . 2010-05-13 16:02 12960 ------w- c:\windows\system32\drivers\bdrawpr.sys
2011-04-17 16:18 . 2011-04-25 17:57 97045 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin
2011-04-17 15:23 . 2011-04-17 15:23 319488 ----a-w- c:\windows\HideWin.exe
2011-04-15 16:56 . 2011-04-15 16:56 -------- d-----w- c:\program files\Activision
2011-04-09 17:11 . 2011-04-25 16:44 -------- d-----w- c:\windows\SxsCaPendDel
2011-04-04 19:08 . 2011-04-04 19:08 -------- d-----w- c:\program files\iPod
2011-04-04 19:08 . 2011-04-04 19:08 -------- d-----w- c:\program files\iTunes
2011-04-04 19:03 . 2011-04-04 19:03 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2011-04-01 17:49 . 2011-04-01 17:49 -------- d-----w- c:\program files\CPUID
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-24 19:59 . 2010-04-18 19:07 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-24 19:59 . 2010-04-18 19:07 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-24 19:59 . 2010-04-18 18:51 271200 ------w- c:\windows\system32\PnkBstrB.exe
2011-04-23 19:54 . 2010-04-18 18:51 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-04-15 17:51 . 2010-04-18 18:51 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-04-15 17:09 . 2010-10-02 16:05 22328 ----a-w- c:\documents and settings\Stefan\Application Data\PnkBstrK.sys
2011-03-07 05:31 . 2010-03-11 15:44 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2008-05-09 10:45 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:27 . 2009-08-14 22:49 1866880 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06 . 2009-12-22 05:05 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2009-12-21 14:55 385024 ----a-w- c:\windows\system32\html.iec
2011-02-18 15:36 . 2010-04-18 18:59 41984 ------w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2010-04-18 18:59 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 13:19 . 2009-12-04 17:25 457472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:19 . 2010-01-01 07:58 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-05-18 12:15 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2008-04-14 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 18:03 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-08 13:33 . 2008-04-14 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2010-07-08 09:37 . 2010-07-08 09:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Fri 29 Apr 2011, 3:35 am

+ 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2011-04-25 17:54 . 2011-04-25 17:54 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2011-04-28 15:28 . 2011-04-28 15:28 16384 c:\windows\Temp\Perflib_Perfdata_494.dat
+ 2008-04-14 12:00 . 2011-04-26 02:28 87082 c:\windows\system32\perfc009.dat
+ 2007-10-24 00:47 . 2007-10-24 00:47 41984 c:\windows\system32\netfxperf.dll
+ 2010-01-19 18:32 . 2010-01-19 18:32 85128 c:\windows\system32\drivers\bdvedisk.sys
+ 2007-10-24 00:47 . 2007-10-24 00:47 96760 c:\windows\system32\dfshim.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2007-10-24 00:47 . 2007-10-24 00:47 90112 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 89096 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 70144 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 47104 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2011-04-27 02:11 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Web.RegularExpressions.dll
+ 2011-04-27 02:12 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Drawing.Design.dll
+ 2011-04-27 02:18 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Configuration.Install.dll
+ 2011-04-27 02:17 . 2008-07-25 10:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-27 02:15 . 2008-07-25 10:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.Vsa.dll
+ 2011-04-27 02:18 . 2008-07-25 10:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-27 02:17 . 2008-07-25 10:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.Build.Utilities.dll
+ 2011-04-27 02:17 . 2008-07-25 10:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.Build.Framework.dll
+ 2011-04-27 02:18 . 2008-07-25 10:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\ISymWrapper.dll
+ 2011-04-27 02:18 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\IEHost.dll
+ 2011-04-27 02:16 . 2008-07-25 10:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\CustomMarshalers.dll
+ 2011-04-27 02:16 . 2008-07-25 10:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\cscompmgd.dll
+ 2011-04-27 02:16 . 2008-07-25 10:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Accessibility.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 66552 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 33280 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 32776 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 17928 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 59392 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 99320 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14352 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14344 c:\windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14376 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14352 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14384 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14344 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14344 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14344 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14904 c:\windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14360 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14336 c:\windows\Microsoft.NET\Framework\sbs_iehost.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 14352 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2011-04-25 17:53 . 2011-04-25 17:53 86528 c:\windows\Installer\cdfb4.msi
+ 2008-07-29 16:27 . 2008-07-29 16:27 93184 c:\windows\Installer\2495e7.msi
+ 2011-04-25 17:56 . 2011-04-25 17:56 57344 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\texticon.exe
+ 2011-04-25 17:56 . 2011-04-25 17:56 32768 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\maintenance_icon.exe
+ 2011-04-25 17:56 . 2011-04-25 17:56 61440 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\helpicon.exe
+ 2011-04-27 01:28 . 2011-04-27 01:28 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\de1803120f782d4af41cf9636b8ac3e9\UIAutomationProvider.ni.dll
+ 2011-04-27 01:25 . 2011-04-27 01:25 40960 c:\windows\assembly\NativeImages_v2.0.50727_32\SqlToolsMailUtiliti#\974bd6cd51ba5697e7fe504583dd686c\SqlToolsMailUtilities.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 53248 c:\windows\assembly\NativeImages_v2.0.50727_32\SQLPS\9f36b6a665835ce69fe0c2179bf5f621\SQLPS.ni.exe
+ 2011-04-27 01:25 . 2011-04-27 01:25 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\08b5071ceba1af718dfa7fda216cbba6\PresentationFontCache.ni.exe
+ 2011-04-27 01:28 . 2011-04-27 01:28 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\22cb25616cf3ca9ac01246d0d8701c8e\PresentationCFFRasterizer.ni.dll
+ 2011-04-27 01:25 . 2011-04-27 01:25 24064 c:\windows\assembly\NativeImages_v2.0.50727_32\PerformanceCounter\f44a0fd919ff35bd357cb29527bd759b\PerformanceCounter.ni.dll
+ 2011-04-27 00:46 . 2011-04-27 00:46 56832 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\30d2dfb578e3d33885ef0cae85a626d8\Microsoft.Vsa.ni.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f0e9a97ade4529d4caeccd467aa8e7db\Microsoft.VisualC.ni.dll
+ 2011-04-27 01:21 . 2011-04-27 01:21 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\f05558e8e5eb7083392d1d270a0b1530\Microsoft.SqlServer.SString.ni.dll
+ 2011-04-27 01:22 . 2011-04-27 01:22 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\e81712ff94e56ffd1241ac58073be228\Microsoft.SqlServer.TransferJobsTask.ni.dll
+ 2011-04-27 01:29 . 2011-04-27 01:29 66048 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\e7d49c4a3477cf545cd43ba022af70b5\Microsoft.SqlServer.DlgGrid.ni.dll
+ 2011-04-27 01:19 . 2011-04-27 01:19 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\e0abf50603cd2a4f5e9d737c141ba554\Microsoft.SqlServer.ForEachNodeListEnumerator.ni.dll
+ 2011-04-27 00:46 . 2011-04-27 00:46 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\db9b88b850f695224a16706f8f5fdc72\Microsoft.SqlServer.ServiceBrokerEnum.ni.dll
+ 2011-04-27 00:46 . 2011-04-27 00:46 34304 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\bde52edb0e39398cc4fa2fda02c28c0d\Microsoft.SqlServer.SQLTaskConnectionsWrap.ni.dll
+ 2011-04-27 01:15 . 2011-04-27 01:15 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b3a8bf150e3163b03618ec748ffb2836\Microsoft.SqlServer.ForEachFileEnumeratorWrap.ni.dll
+ 2011-04-27 01:18 . 2011-04-27 01:19 52736 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b26063f3c59c172b20639f665e326697\Microsoft.SqlServer.ForEachADOEnumerator.ni.dll
+ 2011-04-27 01:22 . 2011-04-27 01:22 94720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\abe6938fcbf6002959294f1844a24477\Microsoft.SqlServer.TransferLoginsTask.ni.dll
+ 2011-04-27 01:22 . 2011-04-27 01:22 83968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\aaa6a82f045f580e1f23c1c59426e549\Microsoft.SqlServer.TransferDatabasesTask.ni.dll
+ 2011-04-27 00:47 . 2011-04-27 00:47 22016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a54877c73b6a98d025e458e46206a89c\Microsoft.SqlServer.DTSUtilities.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 66048 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\9c491208865eaed162c713fce6be195e\Microsoft.SqlServer.WmiEnum.ni.dll
+ 2011-04-27 01:04 . 2011-04-27 01:04 26112 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\97803db951cdbf1bd6e0927042a8ef9e\Microsoft.SqlServer.SqlClrProvider.ni.dll
+ 2011-04-27 01:19 . 2011-04-27 01:19 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\95f1c528c0d844f1ca31e34181cdb133\Microsoft.SqlServer.ForEachFromVarEnumerator.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\849c5ca86650d9ccb6245534a8e6fd30\Microsoft.SqlServer.Management.PowerShellTasks.ni.dll
+ 2011-04-27 00:50 . 2011-04-27 00:50 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\7f8afb09aa0fa042c0dea2f935556352\Microsoft.SqlServer.DTEnum.ni.dll
+ 2011-04-27 01:30 . 2011-04-27 01:30 73216 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\7a74d9a7a243b98fffd58c89a710a49f\Microsoft.SqlServer.BatchParserClient.ni.dll
+ 2011-04-27 01:22 . 2011-04-27 01:22 88064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\757efe62b054c66336651e9b2f76b4b0\Microsoft.SqlServer.TransferErrorMessagesTask.ni.dll
+ 2011-04-27 01:31 . 2011-04-27 01:31 35840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\74d21edad243f85f03361e59ee621ff0\Microsoft.SqlServer.PolicyEnum.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 73728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\6fab3dc3ca3c13efe476c86506797816\Microsoft.SqlServer.Management.PSSnapins.ni.dll
+ 2011-04-27 01:22 . 2011-04-27 01:22 89088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\645b4932bed82658a90f4f6d8c28cd53\Microsoft.SqlServer.TransferStoredProceduresTask.ni.dll
+ 2011-04-27 01:20 . 2011-04-27 01:20 52224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5209e6212425486c9ba949af4836a964\Microsoft.SqlServer.SqlCEDest.ni.dll
+ 2011-04-27 01:13 . 2011-04-27 01:13 41472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\49810d8f4ec770041e7f1943ab93c713\Microsoft.SqlServer.SqlTDiagM.ni.dll
+ 2011-04-27 01:23 . 2011-04-27 01:23 69632 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\489ea4572ffee0587dc72f9f922c7642\Microsoft.SqlServer.WMIDRTask.ni.dll
+ 2011-04-27 01:17 . 2011-04-27 01:17 55808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\480b21bdcf69ad33fffebf9b7ac739b1\Microsoft.SqlServer.ManagedConnections.ni.dll
+ 2011-04-27 01:21 . 2011-04-27 01:21 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\46a3448b8d258fb8492fb2af216a9522\Microsoft.SqlServer.TableTransferGeneratorTask.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 65536 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\43c837b05b1c10f047f68e5dec5372e9\Microsoft.SqlServer.Instapi.ni.dll
+ 2011-04-27 01:21 . 2011-04-27 01:21 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2aec94ce8547f97eca980509bfeafcbb\Microsoft.SqlServer.FileSystemTask.ni.dll
+ 2011-04-27 01:23 . 2011-04-27 01:23 69120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2a625f5cbb7f0190db9b76b4fe838f86\Microsoft.SqlServer.WMIEWTask.ni.dll
+ 2011-04-27 01:19 . 2011-04-27 01:19 52224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1ce4c77a33ebc5fb74a71b38f34791e0\Microsoft.SqlServer.ForEachSMOEnumerator.ni.dll
+ 2011-04-27 01:31 . 2011-04-27 01:31 96256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\11cab2dcdaf68a37a3b722153f6c3650\Microsoft.SqlServer.OlapEnum.ni.dll
+ 2011-04-27 00:44 . 2011-04-27 00:44 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\0face9b302156ea238e907aaa4348b86\Microsoft.SqlServer.Dts.Design.ni.dll
+ 2011-04-27 01:30 . 2011-04-27 01:30 53248 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataWareh#\d4b495a2d432bad2e71c3c19e63b2348\Microsoft.DataWarehouse.Interfaces.ni.dll
+ 2011-04-27 01:29 . 2011-04-27 01:29 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\36dbc4689f7c51e393504230004c9dec\Microsoft.Build.Framework.ni.dll
+ 2011-04-27 00:47 . 2011-04-27 00:47 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.msdasc\edbdaf69afcf488ac94d4dbe78c181bc\interop.msdasc.ni.dll
+ 2011-04-27 01:25 . 2011-04-27 01:25 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a2865dcec9c5d3cc9c55f026cbad6fcc\dfsvc.ni.exe
+ 2011-04-27 01:02 . 2011-04-27 01:02 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-04-27 02:23 . 2011-04-27 02:23 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-04-27 02:23 . 2011-04-27 02:23 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-27 02:26 . 2011-04-27 02:27 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2011-04-27 02:13 . 2008-07-25 10:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft_VsaVb.dll
+ 2011-04-27 02:16 . 2008-07-25 10:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.VisualC.Dll
+ 2011-04-27 02:17 . 2008-07-25 10:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\IIEHost.dll
+ 2011-04-27 02:18 . 2008-07-25 10:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\IEExecRemote.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2011-04-27 02:24 . 2011-04-27 02:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-10-06 14:52 . 2010-10-06 14:52 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2007-01-31 13:50 . 2007-01-31 13:50 913408 c:\windows\system32\xreglib.dll
+ 2001-09-07 10:41 . 2001-09-07 10:41 290816 c:\windows\system32\WINHTTP5.DLL
+ 2008-04-14 12:00 . 2011-04-26 02:28 467914 c:\windows\system32\perfh009.dat
+ 2007-10-24 00:47 . 2007-10-24 00:47 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 10:16 . 2007-10-24 00:47 282112 c:\windows\system32\mscoree.dll
+ 2011-04-25 13:30 . 2011-04-25 13:30 235168 c:\windows\system32\Macromed\Flash\FlashUtil10p_Plugin.exe
+ 2010-05-13 15:52 . 2010-05-13 15:52 105808 c:\windows\system32\drivers\bdhv.sys
+ 2010-08-20 14:41 . 2010-08-20 14:41 111696 c:\windows\system32\drivers\bdfndisf.sys
+ 2010-04-22 12:19 . 2010-04-22 12:19 149520 c:\windows\system32\drivers\bdfm.sys
+ 2010-11-29 13:12 . 2010-11-29 13:12 535824 c:\windows\system32\drivers\avc3.sys
+ 2007-04-11 10:11 . 2007-04-11 10:11 511328 c:\windows\system32\capicom.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 434688 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 884736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 261120 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 299008 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 933888 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 741376 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 483840 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 392696 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 119296 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 144896 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 101880 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 242688 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 340992 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 348672 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2009-08-08 01:35 . 2009-08-08 01:35 819016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 671744 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2011-04-27 02:11 . 2008-07-25 10:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Web.Services.dll
+ 2011-04-27 02:12 . 2008-07-25 10:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Web.Mobile.dll
+ 2011-04-27 02:14 . 2008-07-25 10:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Transactions.dll
+ 2011-04-27 02:20 . 2008-07-25 10:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.ServiceProcess.dll
+ 2011-04-27 02:19 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Security.dll
+ 2011-04-27 02:14 . 2008-07-25 10:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-27 02:14 . 2008-07-25 10:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Runtime.Remoting.dll
+ 2011-04-27 02:14 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Messaging.dll
+ 2011-04-27 02:15 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Management.dll
+ 2011-04-27 02:15 . 2008-07-25 10:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.EnterpriseServices.Wrapper.dll
+ 2011-04-27 02:15 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.EnterpriseServices.dll
+ 2011-04-27 02:19 . 2008-07-25 10:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Drawing.dll
+ 2011-04-27 02:15 . 2008-07-25 10:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.DirectoryServices.Protocols.dll
+ 2011-04-27 02:16 . 2008-07-25 10:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.DirectoryServices.dll
+ 2011-04-27 02:20 . 2008-07-25 10:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Deployment.dll
+ 2011-04-27 02:19 . 2008-07-25 10:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Data.SqlXml.dll
+ 2011-04-27 02:11 . 2008-07-25 10:17 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Data.OracleClient.dll
+ 2011-04-27 02:20 . 2008-07-25 10:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.configuration.dll
+ 2011-04-27 02:17 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\sysglobl.dll
+ 2011-04-27 02:14 . 2008-07-25 10:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.VisualBasic.dll
+ 2011-04-27 02:15 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-27 02:15 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-04-27 02:13 . 2008-07-25 10:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.JScript.dll
+ 2011-04-27 02:17 . 2008-07-25 10:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.Build.Tasks.dll
+ 2011-04-27 02:17 . 2008-07-25 10:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\Microsoft.Build.Engine.dll
+ 2011-04-27 02:11 . 2008-07-25 10:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\AspNetMMCExt.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 572936 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 101896 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2007-11-07 14:07 . 2007-11-07 14:07 999936 c:\windows\Installer\cdfbd.msp
+ 2007-11-07 13:56 . 2007-11-07 13:56 553472 c:\windows\Installer\cdfba.msp
+ 2007-11-07 13:58 . 2007-11-07 13:58 908800 c:\windows\Installer\cdfb6.msp
+ 2007-11-07 13:54 . 2007-11-07 13:54 507392 c:\windows\Installer\cdfb5.msp
+ 2011-04-25 22:48 . 2011-04-25 22:48 195584 c:\windows\Installer\c1e940.msi
+ 2011-04-25 17:47 . 2011-04-25 17:47 228352 c:\windows\Installer\84766.msi
+ 2010-02-24 23:14 . 2010-02-24 23:14 543232 c:\windows\Installer\70444b.msp
+ 2008-07-29 16:37 . 2008-07-29 16:37 911360 c:\windows\Installer\2495ef.msp
+ 2008-07-29 16:33 . 2008-07-29 16:33 506368 c:\windows\Installer\2495ee.msp
+ 2008-07-29 16:35 . 2008-07-29 16:35 553472 c:\windows\Installer\2495ec.msp
+ 2011-04-25 17:56 . 2011-04-25 17:56 336782 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\register_icon.exe
+ 2011-04-27 02:27 . 2011-04-27 02:27 524288 c:\windows\assembly\tmp\1MVOH6R8\System.Drawing.dll
+ 2011-04-27 01:28 . 2011-04-27 01:28 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\dbb2fcd246efaf3df823410597cd1677\UIAutomationTypes.ni.dll
+ 2011-04-26 02:08 . 2011-04-26 02:08 167936 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A8.tmp\Microsoft.SqlServer.PipelineHost.dll
+ 2011-04-27 01:04 . 2011-04-27 01:04 414208 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP114.tmp\Microsoft.SqlServer.DTSRuntimeWrap.dll
+ 2011-04-27 01:03 . 2011-04-27 01:03 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\70764208219715962d310336b5959dfa\System.Web.RegularExpressions.ni.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll
+ 2011-04-27 01:03 . 2011-04-27 01:03 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
+ 2011-04-27 01:02 . 2011-04-27 01:02 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\01dc643b54310ebc5ab7e4696df426bc\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-27 00:53 . 2011-04-27 00:53 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3736ba3ecac186f9c5d85f01bda2be98\System.Runtime.Remoting.ni.dll
+ 2011-04-27 01:17 . 2011-04-27 01:17 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\643e95098a9ce99a598d3419b5ce157f\System.Messaging.ni.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.Wrapper.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll
+ 2011-04-27 01:03 . 2011-04-27 01:03 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\5f5d64dd0e7991aaaad2d98ee52afe42\System.Drawing.Design.ni.dll
+ 2011-04-27 01:03 . 2011-04-27 01:03 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\44de75caba2b9711b3d9030a30767f8b\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 970752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
+ 2011-04-27 01:03 . 2011-04-27 01:03 140800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\22a1629a4dcdd493bbd8be40cc122e94\System.Configuration.Install.ni.dll
+ 2011-04-27 01:30 . 2011-04-27 01:30 137216 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\f4be12aba79e5857bc38b65ab0ce0f98\Microsoft.SqlServer.ConnectionInfoExtended.ni.dll
+ 2011-04-27 00:43 . 2011-04-27 00:43 140800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\e6faaf946d7b4a76205332b71cc2db8c\Microsoft.SqlServer.PipelineHost.ni.dll
+ 2011-04-27 01:13 . 2011-04-27 01:13 531456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\d1cdd68e630bc36402f85df3c2c09ae6\Microsoft.SqlServer.Diagnostics.STrace.ni.dll
+ 2011-04-27 01:29 . 2011-04-27 01:30 172032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\d174d4101c2afceaa41e0f0dcb97f7ee\Microsoft.SqlServer.DataStorage.ni.dll
+ 2011-04-27 01:32 . 2011-04-27 01:32 102912 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a99b0b0effbf9269fe7ce6a0b809c09e\Microsoft.SqlServer.VSTAScriptingLib.ni.dll
+ 2011-04-27 01:23 . 2011-04-27 01:23 337920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a2dbc78a8f8fa5ee63c3ecbbc9cb7888\Microsoft.SqlServer.XMLTask.ni.dll
+ 2011-04-27 01:21 . 2011-04-27 01:21 288768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a0432daf7569e26e432afec7b54af69f\Microsoft.SqlServer.Management.CollectorTasks.ni.dll
+ 2011-04-27 01:16 . 2011-04-27 01:16 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\8a6e949658f2aee1e552b31e6b0a7f75\Microsoft.SqlServer.PipelineXML.ni.dll
+ 2011-04-27 01:20 . 2011-04-27 01:20 144896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\8a474990a79aa6785b89cf4f16f402b2\Microsoft.SqlServer.ADONETDest.ni.dll
+ 2011-04-27 01:20 . 2011-04-27 01:20 482816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\7710ea285d8023e5b4994994dea365d9\Microsoft.SqlServer.XmlSrc.ni.dll
+ 2011-04-27 00:43 . 2011-04-27 00:43 158208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\6c62731941c1a00bc3032d821987ab5f\Microsoft.SqlServer.DtsMsg.ni.dll
+ 2011-04-27 01:16 . 2011-04-27 01:16 221184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\6a307c9ab0489f63583ccb58e492036e\Microsoft.SqlServer.PackageFormatUpdate.ni.dll
+ 2011-04-27 01:22 . 2011-04-27 01:22 346624 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\676504ccc9d6a9315b0504d5f54db569\Microsoft.SqlServer.TransferObjectsTask.ni.dll
+ 2011-04-27 00:47 . 2011-04-27 00:47 642560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\666fdf7dea0c0ce02b48e8ca7ed0ed1e\Microsoft.SqlServer.BatchParser.ni.dll
+ 2011-04-27 01:22 . 2011-04-27 01:22 183296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\65a2f35d68d4577df2bfd734b2da4355\Microsoft.SqlServer.WebServiceTask.ni.dll
+ 2011-04-27 00:46 . 2011-04-27 00:46 183296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4e46e0b75c67159c218a829d5b21e0e3\Microsoft.SqlServer.Management.SmoMetadataProvider.ni.dll
+ 2011-04-27 01:21 . 2011-04-27 01:21 404480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4e19b997db865c1b9935a4f7104d1d84\Microsoft.SqlServer.SmoExtended.ni.dll
+ 2011-04-27 01:30 . 2011-04-27 01:30 189440 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4616f7d217ebc994b032042956d5323d\Microsoft.SqlServer.Management.MultiServerConnection.ni.dll
+ 2011-04-27 01:13 . 2011-04-27 01:13 485888 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\45c9fdfef4a0641fe658313130e6e522\Microsoft.SqlServer.Msxml6_interop.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 252416 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\3d68e29000af73b1c8ea525f8b4a8c01\Microsoft.SqlServer.SqlWmiManagement.ni.dll
+ 2011-04-27 01:14 . 2011-04-27 01:14 165376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\3b27706cb8f60ae7adc219cfd8a37b32\Microsoft.SqlServer.DtsTransferProvider.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 150528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\33096f3c3ee4c4d5b4e5ab97f4e04a1f\Microsoft.SqlServer.Management.PSProvider.ni.dll
+ 2011-04-27 01:13 . 2011-04-27 01:13 414208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2da9286fe701df43bcc40172240c4c09\Microsoft.SqlServer.DTSRuntimeWrap.ni.dll
+ 2011-04-27 00:43 . 2011-04-27 00:43 128000 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2b67196a321621c826c68e203728ecd5\Microsoft.SqlServer.DTSPipelineWrap.ni.dll
+ 2011-04-27 01:24 . 2011-04-27 01:24 205824 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2787d164508ed1e748cb6d6864ac93d8\Microsoft.SqlServer.Management.RegisteredServers.ni.dll
+ 2011-04-27 01:20 . 2011-04-27 01:20 103424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\196af4c717082772333947efdbabe8b2\Microsoft.SqlServer.ADONETSrc.ni.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 272384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\18880dd920187fda7d22b46a28872e0d\Microsoft.SqlServer.ConnectionInfo.ni.dll
+ 2011-04-27 01:04 . 2011-04-27 01:04 751104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\15c2967558fa608cb4076ef60f88727a\Microsoft.SqlServer.ManagedDTS.ni.dll
+ 2011-04-27 00:46 . 2011-04-27 00:46 136704 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1221e07e3a8cf2ade78303a0fa1b727d\Microsoft.SqlServer.SQLTask.ni.dll
+ 2011-04-27 01:21 . 2011-04-27 01:21 128000 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\0613441d43a0a8e6fdfa100049664fa0\Microsoft.SqlServer.RegSvrEnum.ni.dll
+ 2011-04-27 01:21 . 2011-04-27 01:21 535552 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\041b0d13c2400396e147a46ce92b7530\Microsoft.SqlServer.MaintenancePlanTasks.ni.dll
+ 2011-04-27 01:25 . 2011-04-27 01:25 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Exception#\3fb6317b263b854d64ff8c448b577bf4\Microsoft.ExceptionMessageBox.ni.dll
+ 2011-04-27 01:29 . 2011-04-27 01:29 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\43dceeb2d0601d79af40752fb20283c2\Microsoft.Build.Utilities.ni.dll
+ 2011-04-27 01:28 . 2011-04-27 01:29 838656 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\daf5ff5e06c80eefa80c6fcc79aec963\Microsoft.Build.Engine.ni.dll
+ 2011-04-27 01:31 . 2011-04-27 01:31 511488 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.AnalysisS#\cff9a81cf92a5f97ae481bc562243aa3\Microsoft.AnalysisServices.Xmla.ni.dll
+ 2011-04-27 01:28 . 2011-04-27 01:28 170496 c:\windows\assembly\NativeImages_v2.0.50727_32\DTEParseMgd\33718d8fa49aa77383af508dde474fd2\DTEParseMgd.ni.dll
+ 2011-04-27 01:28 . 2011-04-27 01:28 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-27 02:23 . 2011-04-27 02:23 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-27 02:23 . 2011-04-27 02:23 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-26 02:25 . 2011-04-26 02:25 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-26 02:23 . 2011-04-26 02:23 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-27 02:24 . 2011-04-27 02:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-27 02:24 . 2011-04-27 02:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-27 02:24 . 2011-04-27 02:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-26 02:27 . 2011-04-26 02:27 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-04-26 02:27 . 2011-04-26 02:27 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-26 02:27 . 2011-04-26 02:27 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-26 02:28 . 2011-04-26 02:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-27 02:24 . 2011-04-27 02:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-27 02:23 . 2011-04-27 02:23 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-04-27 02:22 . 2011-04-27 02:22 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-27 02:24 . 2011-04-27 02:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-27 02:25 . 2011-04-27 02:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-27 02:22 . 2011-04-27 02:22 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2011-04-25 17:54 . 2011-04-25 17:54 1230336 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2010-01-27 01:07 . 2011-04-25 13:30 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2010-01-27 01:07 . 2011-03-13 14:24 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-11-29 13:12 . 2010-11-29 13:12 1066232 c:\windows\system32\drivers\avckf.sys

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Fri 29 Apr 2011, 3:35 am

+ 2007-10-24 00:47 . 2007-10-24 00:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-10-24 00:47 . 2007-10-24 00:47 2068480 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 5013504 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 5431296 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 3076096 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 5070848 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 3036160 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2009-08-08 01:35 . 2009-08-08 01:35 5849920 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-08 01:35 . 2009-08-08 01:35 4345856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-04-27 02:19 . 2008-07-25 10:17 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.XML.dll
+ 2011-04-27 02:12 . 2008-07-25 10:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Windows.Forms.dll
+ 2011-04-27 02:11 . 2008-07-25 10:17 5238784 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Web.dll
+ 2011-04-27 02:18 . 2008-07-25 10:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.dll
+ 2011-04-27 02:12 . 2008-07-25 10:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Design.dll
+ 2011-04-27 02:19 . 2008-07-25 10:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\System.Data.dll
+ 2011-04-27 02:16 . 2008-07-25 10:17 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC27482\mscorlib.dll
+ 2007-10-24 00:47 . 2007-10-24 00:47 1162744 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2011-04-25 17:56 . 2011-04-25 17:56 2640896 c:\windows\Installer\eb144.msi
+ 2011-04-25 17:54 . 2011-04-25 17:54 1470464 c:\windows\Installer\eb13f.msi
+ 2007-11-07 13:50 . 2007-11-07 13:50 6055936 c:\windows\Installer\cdfbc.msp
+ 2007-11-07 14:00 . 2007-11-07 14:00 3407360 c:\windows\Installer\cdfbb.msp
+ 2007-11-07 13:46 . 2007-11-07 13:46 3010560 c:\windows\Installer\cdfb9.msp
+ 2007-11-07 14:02 . 2007-11-07 14:02 6473216 c:\windows\Installer\cdfb8.msp
+ 2007-11-07 14:12 . 2007-11-07 14:12 2533376 c:\windows\Installer\cdfb7.msp
+ 2009-08-09 22:32 . 2009-08-09 22:32 5288960 c:\windows\Installer\c1e948.msp
+ 2008-07-29 16:31 . 2008-07-29 16:31 6083072 c:\windows\Installer\2495f0.msp
+ 2008-07-29 16:43 . 2008-07-29 16:43 1013248 c:\windows\Installer\2495ed.msp
+ 2008-07-29 16:39 . 2008-07-29 16:39 3403264 c:\windows\Installer\2495eb.msp
+ 2008-07-29 16:41 . 2008-07-29 16:41 6487040 c:\windows\Installer\2495ea.msp
+ 2008-07-29 16:29 . 2008-07-29 16:29 2926080 c:\windows\Installer\2495e9.msp
+ 2008-07-29 16:45 . 2008-07-29 16:45 2543616 c:\windows\Installer\2495e8.msp
+ 2011-04-27 01:26 . 2011-04-27 01:26 3322880 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b898d9a7e44654df0724075a2269a7b7\WindowsBase.ni.dll
+ 2011-04-27 00:51 . 2011-04-27 00:52 5449728 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFA.tmp\System.Xml.dll
+ 2011-04-25 23:07 . 2011-04-25 23:07 8310784 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP463.tmp\System.dll
+ 2011-04-27 00:50 . 2011-04-27 00:50 7867392 c:\windows\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
+ 2011-04-27 01:15 . 2011-04-27 01:15 5449728 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
+ 2011-04-27 00:54 . 2011-04-27 00:54 1840128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll
+ 2011-04-27 01:33 . 2011-04-27 01:33 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\e5995a34d44ad5af7d9f335075bded4d\System.Web.Mobile.ni.dll
+ 2011-04-27 00:46 . 2011-04-27 00:46 1034752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\e7b010109a8b793dd538bd5ba3771018\System.Management.ni.dll
+ 2011-04-27 00:54 . 2011-04-27 00:54 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll
+ 2011-04-27 00:53 . 2011-04-27 00:53 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6bcc481030a56c24d5990d199812c594\System.DirectoryServices.ni.dll
+ 2011-04-27 01:02 . 2011-04-27 01:02 1800704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\df1efcbac5973454c608890f72eb994d\System.Deployment.ni.dll
+ 2011-04-27 00:52 . 2011-04-27 00:52 6614016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll
+ 2011-04-27 01:13 . 2011-04-27 01:13 2531328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\4f39da58ab7cf8d8df7cb1644b0f7ec0\System.Data.SqlXml.ni.dll
+ 2011-04-27 01:03 . 2011-04-27 01:03 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\57f7cf02ea17b36bc3d9c75c22d0f551\System.Data.OracleClient.ni.dll
+ 2011-04-27 01:32 . 2011-04-27 01:32 1711104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll
+ 2011-04-27 00:51 . 2011-04-27 00:51 1388544 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\d752490f758c2402dc8a8170ce987881\Microsoft.SqlServer.Management.Sdk.Sfc.ni.dll
+ 2011-04-27 00:45 . 2011-04-27 00:45 1610752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a0abc7bb71a396ab345a6588d3fd9c3d\Microsoft.SqlServer.SqlEnum.ni.dll
+ 2011-04-27 01:18 . 2011-04-27 01:18 6710784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\9079ccbb572ae946799c9927dca3f510\Microsoft.SqlServer.Smo.ni.dll
+ 2011-04-27 00:45 . 2011-04-27 00:45 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\31ad6622864d4e2061c24af610177d9c\Microsoft.SqlServer.Dmf.ni.dll
+ 2011-04-27 00:46 . 2011-04-27 00:46 2401792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\1566e767f8e800d0298bb015a776d35c\Microsoft.JScript.ni.dll
+ 2011-04-27 01:29 . 2011-04-27 01:29 1511424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataTrans#\d089a3adf94b938c932a25343ec302e6\Microsoft.DataTransformationServices.Controls.ni.dll
+ 2011-04-27 01:29 . 2011-04-27 01:29 1620480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\152cf75db013f0523933ac45177b4217\Microsoft.Build.Tasks.ni.dll
+ 2011-04-27 01:28 . 2011-04-27 01:28 2950144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.AnalysisS#\3a6db0ec332b4033f8a54e8fd1a522fe\Microsoft.AnalysisServices.ni.dll
+ 2011-04-27 02:27 . 2011-04-27 02:27 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-26 02:26 . 2011-04-26 02:27 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-27 02:23 . 2011-04-27 02:23 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-27 02:23 . 2011-04-27 02:23 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-10-06 14:51 . 2010-10-06 14:51 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-27 02:22 . 2011-04-27 02:22 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-06 14:52 . 2010-10-06 14:52 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-04-26 02:27 . 2011-04-26 02:28 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-04-27 02:26 . 2011-04-27 02:26 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-04-27 01:01 . 2011-04-27 01:01 12428800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll
+ 2011-04-27 00:53 . 2011-04-27 00:53 11791360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
+ 2011-04-27 00:54 . 2011-04-27 00:54 10681344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\204db7071fb26343b0fd3f3d140c0bf8\System.Design.ni.dll
+ 2011-04-27 01:26 . 2011-04-27 01:27 12213248 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\284c7b8a0f122a1461fbf0f58e2a6cdf\PresentationCore.ni.dll
+ 2011-04-27 00:48 . 2011-04-27 00:48 11485184 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Fri 29 Apr 2011, 3:35 am

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-04-22 2423752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2009-12-01 7275008]
"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-11-19 5665280]
"Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-11-18 1874432]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2010-05-05 251392]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-29 18790432]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2011-01-11 71216]
"BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2011-03-31 1443712]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"Midi1"=ma_cmidn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 14:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 05:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 22:12 3872080 ------w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 16:24 13923432 ------w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 16:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
2003-07-07 08:29 729088 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
2009-10-14 15:43 3217368 ----a-w- c:\program files\Registry Mechanic\RegMech.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-04-20 12:14 26192680 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-03-13 22:53 1242448 ------w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 10:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Quake III Arena\\Quake3\\quake3.exe"=
"c:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Quake III Arena\\Quake3\\dfengine.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Game.exe"=
"c:\\Quake III Arena\\quake3.exe"=
"c:\\Documents and Settings\\Stefan\\Desktop\\utorrent.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2011\\pes2011.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2011\\Copy of pes2011.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2011\\Pro Evolution Soccer 2011.exe"=
"c:\\Program Files\\r.u.s.e\\UPlayBrowser\\UPlayBrowser.exe"=
"c:\\Program Files\\r.u.s.e\\Ruse.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty black ops\\BlackOps.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty black ops\\BlackOpsMP.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
.
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [17.4.2011 17:18 12960]
R1 Bdvedisk;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [19.1.2010 19:32 85128]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [29.8.2010 22:09 90112]
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [26.10.2009 13:16 223464]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [16.10.2009 10:42 319488]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [20.2.2011 19:36 583640]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [29.8.2010 22:05 2320920]
R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [24.3.2011 19:46 43936]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [22.4.2010 13:19 149520]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [20.8.2010 15:41 111696]
R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [8.1.2011 13:11 11136]
R3 vHidDev;Razer Gaming Device;c:\windows\system32\drivers\vHidDev.sys [8.1.2011 13:11 5760]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Stefan\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Stefan\LOCALS~1\Temp\ALSysIO.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.8.2010 22:02 1691480]
S3 cpuz130;cpuz130;\??\c:\docume~1\Stefan\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Stefan\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\drivers\CYUSB.sys [8.1.2011 13:11 38528]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [19.11.2010 23:55 112640]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [1.12.2010 0:54 129440]
S3 Normandy;Normandy SR2; [x]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [18.4.2010 17:52 182784]
S3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [30.11.2010 7:19 307544]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [29.11.2010 14:12 535824]
S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [29.11.2010 14:12 1066232]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [23.7.2009 4:08 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30.3.2009 4:09 239336]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.12.2010 20:31 691696]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [30.3.2009 4:23 366936]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
FF - ProfilePath - c:\documents and settings\Stefan\Application Data\Mozilla\Firefox\Profiles\ldfk4t2y.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Battlefield Heroes Updater: [You must be registered and logged in to see this link.] - %profile%\extensions\battlefieldheroespatcher@ea.com
FF - Ext: vShare Plugin: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG10\Firefox4
FF - Ext: BitDefender Antiphishing Toolbar: [You must be registered and logged in to see this link.] - c:\program files\BitDefender\BitDefender 2011\bdaphffext
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{5F194F8F-5DD1-4726-90DA-7A0B2BEBE842}}_is1 - c:\documents and settings\Stefan\Desktop\Aneesoft HD Video Converter\unins000.exe
AddRemove-{E1E502E2-C006-49DB-9C0C-F2196E51826F}_is1 - c:\documents and settings\Stefan\Desktop\GaubitsasPlamya\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-04-28 16:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-515967899-1500820517-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:60,e7,3a,34,7f,c4,0e,fe,01,e9,fc,4d,59,b7,c0,77,c8,63,85,d6,28,
f8,ee,44,3e,52,47,b0,32,bb,39,06,74,49,5e,28,77,df,46,5f,a1,b0,a0,f4,f2,b5,\
"rkeysecu"=hex:53,61,b5,f4,71,78,5a,83,8c,18,ed,ad,a4,4a,25,df
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
@=""
"Installed"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
@=""
"Installed"="1"
"NoChange"="1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
@=""
"Installed"="1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(4060)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\program files\BitDefender\BitDefender 2011\pchook32.dll
c:\program files\Microsoft Office\Office12\GrooveSystemServices.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-04-28 16:55:27
ComboFix-quarantined-files.txt 2011-04-28 15:55
ComboFix2.txt 2011-04-21 12:26
ComboFix3.txt 2011-04-20 23:04
.
Pre-Run: 321.631.301.632 bytes free
Post-Run: 322.101.325.824 bytes free
.
- - End Of File - - 0E506DF57946697F4757638CCEE0E060

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by Belahzur on Fri 29 Apr 2011, 3:42 am

Hello.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Sun 01 May 2011, 8:12 am

Scan was stuck at 99 %, after 9 hours of scanning, it was unfinished. But it never detected any infected files.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by Belahzur on Mon 02 May 2011, 3:51 am

Okay good, I want to get an update list from OTL, so please re-run OTL and post both sets of new logs.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Mon 02 May 2011, 9:17 am

OTL logfile created on: 1.5.2011 23:11:30 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Stefan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C1A | Country: Serbia and Montenegro | Language: SRB | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 268,35 Gb Free Space | 57,62% Space Free | Partition Type: NTFS
Drive D: | 7,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: STEFAN-61F48E75 | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.05.01 23:11:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Stefan\Desktop\OTL.exe
PRC - [2011.04.30 21:02:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.04.22 13:12:09 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011.03.31 14:27:40 | 001,443,712 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2011.03.31 14:27:34 | 002,084,848 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
PRC - [2011.03.24 19:47:02 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
PRC - [2011.03.24 19:46:02 | 000,043,936 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
PRC - [2010.11.30 07:19:06 | 000,101,104 | ---- | M] (BitDefender) -- C:\Program Files\BitDefender\BitDefender 2011\downloader.exe
PRC - [2010.05.05 17:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
PRC - [2010.04.27 15:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
PRC - [2009.12.01 21:24:52 | 007,275,008 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2009.11.19 17:54:46 | 005,665,280 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\TurboV\TurboV.exe
PRC - [2009.11.18 15:25:02 | 001,874,432 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe
PRC - [2009.11.04 13:39:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.11.04 13:39:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.10.26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.26 13:15:56 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.10.16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.10.14 16:42:38 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2009.08.19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2008.08.08 13:11:12 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Documents and Settings\Stefan\Desktop\DAEMON Tools Lite\daemon.exe
PRC - [2008.07.03 12:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.19 12:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\DeathAdder\razerofa.exe


========== Modules (SafeList) ==========

MOD - [2011.05.01 23:11:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Stefan\Desktop\OTL.exe
MOD - [2011.04.25 19:30:55 | 000,276,992 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00090_002\plugin_nt.m32
MOD - [2011.03.14 20:36:16 | 000,166,912 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00090_002\plugin_extra.m32
MOD - [2011.03.14 20:35:18 | 000,089,600 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00090_002\plugin_net.m32
MOD - [2011.03.14 20:35:00 | 000,657,408 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00090_002\plugin_fragments.m32
MOD - [2011.03.14 20:34:32 | 000,120,832 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00090_002\plugin_registry.m32
MOD - [2011.03.14 20:34:16 | 000,136,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00090_002\plugin_base.m32
MOD - [2011.03.14 20:29:50 | 000,232,968 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00090_002\midas32.dll
MOD - [2010.11.30 07:34:58 | 000,015,624 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchook32.dll
MOD - [2010.08.23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.07.29 08:05:08 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - [2011.03.31 14:27:34 | 002,084,848 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011.03.24 19:46:02 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2011.03.07 20:18:16 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.01.13 19:23:02 | 000,129,440 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.11.30 07:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010.09.10 17:50:28 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.11.04 13:39:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.11.04 13:39:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.10.26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.10.16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.10.14 16:42:38 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2009.08.19 12:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.01.07 18:21:00 | 000,026,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2007.03.20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)


========== Driver Services (SafeList) ==========

DRV - [2011.05.01 11:54:50 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.04.25 19:29:48 | 000,307,784 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (Trufos)
DRV - [2011.03.24 15:36:18 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010.11.29 14:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2010.11.29 14:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avc3.sys -- (avc3)
DRV - [2010.08.20 18:41:52 | 000,126,800 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (Bdftdif)
DRV - [2010.08.20 15:41:56 | 000,111,696 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys -- (Bdfndisf)
DRV - [2010.05.13 17:02:31 | 000,012,960 | ---- | M] (BITDEFENDER LLC) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\bdrawpr.sys -- (BdRawPr)
DRV - [2010.05.10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.04.22 13:19:50 | 000,149,520 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)
DRV - [2010.02.17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010.01.29 07:31:44 | 005,884,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.01.19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bdvedisk.sys -- (Bdvedisk)
DRV - [2009.12.21 22:50:16 | 000,005,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vHidDev.sys -- (vHidDev)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009.08.10 16:25:40 | 000,038,528 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CYUSB.sys -- (CYUSB)
DRV - [2009.08.04 03:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.23 13:57:22 | 000,112,640 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 13:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.06.05 08:16:32 | 000,142,336 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.04.21 18:58:42 | 000,011,136 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\danew.sys -- (danewFltr)
DRV - [2009.03.30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2006.11.20 15:48:46 | 000,182,784 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2004.08.13 03:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:5.0.31.0
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:2.0
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.04.23 21:39:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011.04.25 18:55:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 21:02:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 21:02:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2011.04.25 18:55:10 | 000,000,000 | ---D | M]

[2010.04.18 18:12:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stefan\Application Data\Mozilla\Extensions
[2011.05.01 20:52:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stefan\Application Data\Mozilla\Firefox\Profiles\ldfk4t2y.default\extensions
[2010.09.06 19:05:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Stefan\Application Data\Mozilla\Firefox\Profiles\ldfk4t2y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.21 17:32:50 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Stefan\Application Data\Mozilla\Firefox\Profiles\ldfk4t2y.default\extensions\battlefieldheroespatcher@ea.com
[2010.09.15 19:21:54 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Stefan\Application Data\Mozilla\Firefox\Profiles\ldfk4t2y.default\extensions\vshare@toolbar
[2011.05.01 20:52:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.23 15:45:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.23 21:39:36 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.04.25 18:55:02 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDAPHFFEXT
[2010.04.23 15:45:43 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

Hosts file not found
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [Turbo Key] C:\Program Files\ASUS\Turbo Key\TurboKey.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Documents and Settings\Stefan\Desktop\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RGSC] File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Stefan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Stefan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.11 16:46:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.02.28 17:42:54 | 000,467,168 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 17:58:30 | 000,000,000 | R--D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 17:58:24 | 003,582,976 | R--- | M] () - D:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 17:58:24 | 000,000,152 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\Stefan\My Documents\Stefan.
[2011.05.01 23:11:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Stefan\Desktop\OTL.exe
[2011.05.01 23:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Desktop\GTAIV_1.0.7.0_Patch
[2011.05.01 22:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2011.05.01 22:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\My Documents\Games for Windows - LIVE Demos
[2011.05.01 22:54:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2011.05.01 22:47:20 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011.05.01 22:47:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.05.01 22:47:04 | 000,000,000 | ---D | C] -- C:\6272d900c03b8171e9c795
[2011.05.01 22:03:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rockstar Games
[2011.05.01 22:02:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Stefan\Recent
[2011.05.01 21:31:23 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2011.05.01 12:37:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Local Settings\Application Data\Rockstar Games
[2011.05.01 12:34:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\SecuROM
[2011.05.01 11:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Desktop\DAEMON Tools Lite
[2011.05.01 11:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Application Data\DAEMON Tools
[2011.04.28 19:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.04.28 18:50:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.04.28 18:25:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Stefan\IECompatCache
[2011.04.28 16:53:24 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.04.28 16:36:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.04.28 16:36:43 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.04.28 16:36:43 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.04.28 16:36:43 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.04.27 03:06:12 | 000,000,000 | ---D | C] -- C:\fb387bda1ec2fe8400d6f9e0
[2011.04.27 02:15:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Local Settings\Application Data\PCHealth
[2011.04.26 03:05:00 | 000,000,000 | ---D | C] -- C:\79896a2e0be1c349243a
[2011.04.26 03:04:25 | 000,000,000 | ---D | C] -- C:\f04b1beb7790ecff94
[2011.04.25 20:21:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\QuickScan
[2011.04.25 18:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\QuickScan
[2011.04.25 18:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitDefender 2011
[2011.04.25 18:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Application Data\BitDefender
[2011.04.25 18:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2011.04.25 18:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2011.04.25 18:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Application Data\QuickScan
[2011.04.25 18:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2011.04.25 18:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2011.04.25 17:08:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Stefan\My Documents\Passwords Database
[2011.04.25 16:32:36 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Stefan\Desktop\tdsskiller.exe
[2011.04.24 14:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rootkit Unhooker LE
[2011.04.23 23:03:06 | 000,000,000 | ---D | C] -- C:\$AVG
[2011.04.23 21:55:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011.04.23 21:39:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011.04.22 21:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\My Documents\VideoConverter
[2011.04.22 21:44:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Aneesoft
[2011.04.22 21:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Application Data\AVS4YOU
[2011.04.22 21:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011.04.22 21:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2011.04.22 21:12:12 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2011.04.22 21:12:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2011.04.22 21:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2011.04.22 01:01:29 | 000,566,272 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Stefan\Desktop\aswMBR.exe
[2011.04.21 13:03:19 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2011.04.21 00:19:29 | 000,039,352 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSVirtualDiskDrv.sys
[2011.04.21 00:19:28 | 000,088,632 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSCrySec.sys
[2011.04.20 23:50:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.04.20 23:47:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.04.20 23:31:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.04.19 23:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Application Data\SUPERAntiSpyware.com
[2011.04.19 23:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011.04.19 23:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Start Menu\Programs\SUPERAntiSpyware
[2011.04.19 23:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.04.18 18:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stefan\Start Menu\Programs\HiJackThis
[2011.04.18 18:24:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2011.04.18 18:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ESET
[2011.04.18 17:53:03 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.04.18 14:26:10 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.04.17 17:18:42 | 000,307,784 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2011.04.17 17:18:28 | 000,353,096 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2011.04.17 17:18:28 | 000,012,960 | ---- | C] (BITDEFENDER LLC) -- C:\WINDOWS\System32\drivers\bdrawpr.sys
[2011.04.17 16:23:18 | 000,319,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2011.04.17 13:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011.04.17 13:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011.04.15 18:09:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Activision
[2011.04.15 17:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2011.04.09 18:11:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011.04.04 20:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011.04.04 20:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.04.04 20:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.04.04 20:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011.04.04 20:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Stefan\My Documents\Stefan.
[2011.05.01 23:11:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Stefan\Desktop\OTL.exe
[2011.05.01 23:06:06 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.05.01 23:05:20 | 109,388,216 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\GTAIV_1.0.7.0_Patch.zip
[2011.05.01 22:46:45 | 000,503,448 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.05.01 22:46:45 | 000,095,100 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.05.01 22:25:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.05.01 22:17:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.05.01 22:03:14 | 000,001,837 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Grand Theft Auto IV.lnk
[2011.05.01 13:39:07 | 000,138,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.05.01 13:38:59 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.04.30 20:58:27 | 001,555,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.28 18:56:27 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.04.28 18:47:39 | 000,000,415 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2011.04.28 16:35:42 | 004,332,172 | R--- | M] () -- C:\Documents and Settings\Stefan\Desktop\ComboFix1.exe
[2011.04.27 01:16:56 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Stefan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.27 01:04:19 | 183,880,022 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E10.HDTV.XviD-NoTV.avi
[2011.04.25 19:52:57 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\asdict.dat
[2011.04.25 19:29:48 | 000,307,784 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2011.04.25 18:57:45 | 000,097,045 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011.04.25 18:55:26 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2011.lnk
[2011.04.25 18:43:50 | 001,348,960 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\bitdefender_tsecurity_ob.exe
[2011.04.25 16:32:37 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Stefan\Desktop\tdsskiller.exe
[2011.04.24 20:59:34 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011.04.23 21:55:22 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.04.22 22:00:40 | 181,107,304 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\Family Guy - 915 - Brothers & Sisters {C_P}.avi
[2011.04.22 21:34:54 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Stefan\defogger_reenable
[2011.04.22 01:05:33 | 366,276,276 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\MythBusters.S09E03.Running.on.Water.HDTV.XviD-FQM.avi
[2011.04.22 01:01:30 | 000,566,272 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Stefan\Desktop\aswMBR.exe
[2011.04.20 23:50:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.04.20 19:41:23 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Bserinubesi.dat
[2011.04.19 23:51:19 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.04.17 16:23:18 | 000,319,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2011.04.17 10:12:05 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011.04.17 01:04:08 | 183,517,516 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\The.Big.Bang.Theory.S04E20.HDTV.XviD-ASAP.avi
[2011.04.15 18:10:15 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2011.04.15 18:10:15 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2011.04.15 18:09:51 | 000,022,328 | ---- | M] () -- C:\Documents and Settings\Stefan\Application Data\PnkBstrK.sys
[2011.04.15 18:09:23 | 000,000,319 | ---- | M] () -- C:\WINDOWS\game.ini
[2011.04.15 00:20:05 | 367,158,472 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\MythBusters.S09E02.Blue.Ice.HDTV.XviD-FQM.avi
[2011.04.05 22:53:10 | 183,811,026 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E02.HDTV.XviD-NoTV.avi
[2011.04.04 22:28:13 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\Stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011.04.04 21:51:20 | 183,843,256 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E05.HDTV.XviD-NoTV.avi
[2011.04.04 21:51:06 | 244,150,060 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S02E08.HDTV.XviD-SYS.avi
[2011.04.04 21:48:15 | 244,191,658 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S02E11.HDTV.XviD-FEVER.avi
[2011.04.04 21:45:46 | 185,421,824 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E01.HDTV.XviD-SYS.avi
[2011.04.04 20:08:55 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011.04.03 11:12:21 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Stefan\Desktop\Shortcut to Ruse.lnk
[2011.04.02 20:36:33 | 000,012,292 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\.DS_Store
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.01 23:01:22 | 109,388,216 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\GTAIV_1.0.7.0_Patch.zip
[2011.05.01 22:54:27 | 000,001,077 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Live ID.lnk
[2011.05.01 22:24:25 | 000,191,624 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.05.01 22:03:14 | 000,001,837 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Grand Theft Auto IV.lnk
[2011.04.28 18:47:39 | 000,000,415 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2011.04.28 16:36:43 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.04.28 16:36:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.04.28 16:36:43 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.04.28 16:36:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.04.28 16:36:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.04.28 16:35:21 | 004,332,172 | R--- | C] () -- C:\Documents and Settings\Stefan\Desktop\ComboFix1.exe
[2011.04.25 19:52:57 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2011.04.25 18:55:26 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2011.lnk
[2011.04.25 18:43:49 | 001,348,960 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\bitdefender_tsecurity_ob.exe
[2011.04.22 21:56:16 | 181,107,304 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\Family Guy - 915 - Brothers & Sisters {C_P}.avi
[2011.04.22 21:34:47 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Stefan\defogger_reenable
[2011.04.22 01:02:20 | 366,276,276 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\MythBusters.S09E03.Running.on.Water.HDTV.XviD-FQM.avi
[2011.04.20 23:50:57 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.04.20 23:50:54 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.04.19 23:51:19 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.04.17 17:18:22 | 000,097,045 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011.04.17 13:46:02 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Bserinubesi.dat
[2011.04.17 01:02:58 | 183,517,516 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\The.Big.Bang.Theory.S04E20.HDTV.XviD-ASAP.avi
[2011.04.15 18:10:15 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2011.04.15 18:10:15 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2011.04.15 18:09:23 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.04.15 00:17:29 | 367,158,472 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\MythBusters.S09E02.Blue.Ice.HDTV.XviD-FQM.avi
[2011.04.05 22:48:35 | 183,811,026 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E02.HDTV.XviD-NoTV.avi
[2011.04.05 22:48:28 | 183,880,022 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E10.HDTV.XviD-NoTV.avi
[2011.04.04 22:28:13 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\Stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011.04.04 21:45:00 | 244,150,060 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S02E08.HDTV.XviD-SYS.avi
[2011.04.04 21:44:36 | 183,843,256 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E05.HDTV.XviD-NoTV.avi
[2011.04.04 21:43:14 | 244,191,658 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S02E11.HDTV.XviD-FEVER.avi
[2011.04.04 21:42:47 | 185,421,824 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\The.Ricky.Gervais.Show.S01E01.HDTV.XviD-SYS.avi
[2011.04.04 20:08:55 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011.04.03 11:12:21 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Stefan\Desktop\Shortcut to Ruse.lnk
[2011.02.02 03:09:33 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.02.02 03:09:28 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.02.02 03:09:28 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.01.26 17:53:09 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011.01.26 17:26:49 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.05 00:11:37 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.10.18 18:55:59 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7J.DLL
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010.10.02 17:05:53 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Stefan\Application Data\PnkBstrK.sys
[2010.10.02 17:05:30 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2010.09.06 17:55:08 | 000,000,551 | ---- | C] () -- C:\WINDOWS\Qiii.INI
[2010.08.29 22:07:23 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2010.08.29 22:07:23 | 000,011,296 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2010.08.29 22:07:20 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2010.08.29 22:07:20 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2010.08.29 21:59:46 | 000,047,778 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010.08.29 21:57:08 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010.08.29 21:56:57 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2010.08.29 21:56:51 | 000,030,743 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.08.29 21:56:50 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.07.10 06:38:00 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.07.08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010.04.30 15:35:49 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.04.26 18:37:29 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Stefan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.18 21:06:37 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010.04.18 20:07:13 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.18 19:51:11 | 000,271,200 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.04.18 19:51:08 | 002,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010.04.18 19:51:08 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.04.18 19:22:30 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.04.18 18:53:26 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.04.18 18:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.03.11 16:48:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.03.11 16:43:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.03.11 16:36:49 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.03.11 16:35:50 | 001,555,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.13 01:43:43 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.03.05 20:18:34 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\FontReg.exe
[2008.12.01 18:32:32 | 000,362,029 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2008.04.14 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 13:00:00 | 000,503,448 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 13:00:00 | 000,095,100 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007.01.31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2002.10.03 14:42:27 | 000,000,034 | ---- | C] () -- C:\WINDOWS\Q3version.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by Belahzur on Tue 03 May 2011, 4:00 am

Did it produce an extras.txt as well?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by VikhrMalyutka on Tue 03 May 2011, 8:34 am

Nope just the OTL Log.txt.

VikhrMalyutka

Newbie Surfer
Newbie Surfer

Posts : 30
Joined : 2011-04-19
Operating System : Windows XP SP3 Professional

View user profile

Back to top Go down

Re: Trojan horse Agent_r.XJ help

Post by Belahzur on Wed 04 May 2011, 1:28 am

Hello.
Fair enough.

Please download the current version of HijackThis from HERE
    [*] Double click and run the installer.
    [*] It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
    [*] After installing, you should get the user agreement, press accept and Hijack This will run.
    [*] When Hijack This opens, click "Open the Misc Tools section"
    [*] Then select "Open Uninstall Manager"
    [*] Click on "Save List..." (generates uninstall_list.txt)
    [*] Click Save, copy and paste the results in your next post.


    @RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


    Belahzur

    Manager | Tech Officer
    Manager | Tech Officer

    Posts : 34917
    Joined : 2008-08-04
    Operating System : XP SP3 Media Centre

    View user profile

    Back to top Go down

    Re: Trojan horse Agent_r.XJ help

    Post by VikhrMalyutka on Wed 04 May 2011, 9:04 am

    µTorrent
    Add or Remove Adobe Creative Suite 3 Web Premium
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe BridgeTalk Plugin CS3
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Contribute CS3
    Adobe Creative Suite 3 Web Premium
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe Dreamweaver CS3
    Adobe ExtendScript Toolkit 2
    Adobe Extension Manager CS3
    Adobe Fireworks CS3
    Adobe Flash CS3
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Flash Player 9 ActiveX
    Adobe Flash Video Encoder
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Illustrator CS3
    Adobe Linguistics CS3
    Adobe MotionPicture Color Files
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Reader 9.3
    Adobe Setup
    Adobe Shockwave Player 11.5
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe Version Cue CS3 Server
    Adobe WAS CS3
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    AHV content for Acrobat and Flash
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft PhotoStudio 5.5
    ArmA 2 Uninstall
    Battlefield: Bad Company™ 2
    BitDefender Total Security 2011
    BitDefender Total Security 2011
    Bonjour
    Browser Configuration Utility
    Call of Duty(R) 4 - Modern Warfare(TM)
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
    Call of Duty: Black Ops
    Call of Duty: Black Ops - Multiplayer
    Canon MP Navigator 2.0
    Canon MP170
    Canon Utilities Easy-PhotoPrint
    CCleaner
    Crysis® 2
    Easy-WebPrint
    EPU-6 Engine
    ESET Online Scanner v3
    Express Gate
    Futuremark SystemInfo
    GPU Boost Driver
    Grand Theft Auto IV
    Grand Theft Auto IV
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB2443685)
    Intel(R) Management Engine Components
    iTunes
    Java(TM) 6 Update 20
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Choice Guard
    Microsoft Games for Windows - LIVE
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Help Viewer 1.0
    Microsoft Help Viewer 1.0
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft SOAP Toolkit 3.0
    Microsoft SQL Server 2008 Common Files
    Microsoft SQL Server 2008 Common Files
    Microsoft SQL Server 2008 Database Engine Services
    Microsoft SQL Server 2008 Database Engine Services
    Microsoft SQL Server 2008 Database Engine Shared
    Microsoft SQL Server 2008 Database Engine Shared
    Microsoft SQL Server 2008 RsFx Driver
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Mozilla Firefox (3.6.17)
    MSVCRT
    NVIDIA Display Control Panel
    NVIDIA Drivers
    NVIDIA PhysX
    OGA Notifier 2.0.0048.0
    OmniPage SE 2.0
    PDF Settings
    Pro Evolution Soccer 2011
    Quake III Arena Point Release 1.32
    Quake Live Mozilla Plugin
    QuickTime
    Razer DeathAdder(TM) Mouse
    REALTEK GbE & FE Ethernet PCI-E NIC Driver
    Realtek High Definition Audio Driver
    Registry Mechanic 9.0
    Rockstar Games Social Club
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2466156)
    Security Update for 2007 Microsoft Office System (KB2509488)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2464583)
    Security Update for Microsoft Office Groove 2007 (KB2494047)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2483614)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB941569)
    Segoe UI
    Service Pack 1 for SQL Server 2008 (KB968369)
    Skype™ 4.2
    Sql Server Customer Experience Improvement Program
    Steam
    SUPERAntiSpyware
    Turbo Key
    TurboV
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office Outlook 2007 (KB2509470)
    Update for Outlook 2007 Junk Email Filter (KB2522999)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows XP (KB2467659)
    VLC media player 1.1.4
    Windows Driver Package - Cypress (CYUSB) USB (06/05/2009 3.4.1.20)
    Windows Driver Package - Razer (HidUsb) HIDClass (02/02/2007 1.0.5.0)
    Windows Driver Package - Razer (HidUsb) HIDClass (04/04/2009 1.0.5.0)
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Messenger
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Presentation Foundation
    WinRAR archiver


    VikhrMalyutka

    Newbie Surfer
    Newbie Surfer

    Posts : 30
    Joined : 2011-04-19
    Operating System : Windows XP SP3 Professional

    View user profile

    Back to top Go down

    Re: Trojan horse Agent_r.XJ help

    Post by Belahzur on Thu 05 May 2011, 1:31 am

    Hello.

    I see that you are running µTorrent.
    P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
    The removal of these programs is optional, but highly recommended.

    Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

      µTorrent
      Java(TM) 6 Update 20

    Just need to update a few programs now.

    Updating Java:

    • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 25.
    • Click the "Download JRE" button to the right.
    • In the Window that opens, select your platform, check the "agree" box, and click Continue.
    • Click on the link to download Windows Offline Installation and save to your desktop.
    • Close any programs you may have running - especially your web browser.
    • Then from your desktop double-click on jre-6u25-windows-i586.exe that you downloaded to install the newest version.


    I see you have Firefox and VLC player installed. Both of these you are running are old versions and need updating.

    Please download Firefox 4.0.1 and install it. It will install over version 3.6.17 you currently have installed, so you won't lose any bookmarked websites.

    Download and install VLC Player 1.1.9
    When installing, it will ask if you want to uninstall the old version first before it can install the new version, so please select yes and allow it to install.

    How is the machine running now?


    @RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


    Belahzur

    Manager | Tech Officer
    Manager | Tech Officer

    Posts : 34917
    Joined : 2008-08-04
    Operating System : XP SP3 Media Centre

    View user profile

    Back to top Go down

    Re: Trojan horse Agent_r.XJ help

    Post by VikhrMalyutka on Thu 05 May 2011, 2:24 am

    I followed every instructions and my computer is running like it has no viruses. It's a lot faster now and there isn't any suspicious activity on my computer. I guess all the viruses have been removed.

    VikhrMalyutka

    Newbie Surfer
    Newbie Surfer

    Posts : 30
    Joined : 2011-04-19
    Operating System : Windows XP SP3 Professional

    View user profile

    Back to top Go down

    Re: Trojan horse Agent_r.XJ help

    Post by Belahzur on Thu 05 May 2011, 9:04 am

    Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

    Software recommendations

    AntiSpyware

    • SpywareBlaster
      SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
    • Spybot - Search & Destroy.
      Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).

    NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

    Resident Protection help
    A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

    Rogue programs help
    There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
    [You must be registered and logged in to see this link.]

    Securing your computer

    • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
    • hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.

    Please consider using an alternate browser
    Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

    If you are interested:

    • Firefox may be downloaded from here: [You must be registered and logged in to see this link.]
    • Opera is available here: [You must be registered and logged in to see this link.]
    • Google Chrome is available here: Google Chrome
    • SRWare Iron is available here: SRWare Iron

    Thank you for choosing GeekPolice. [You must be registered and logged in to see this link.]


    @RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


    Belahzur

    Manager | Tech Officer
    Manager | Tech Officer

    Posts : 34917
    Joined : 2008-08-04
    Operating System : XP SP3 Media Centre

    View user profile

    Back to top Go down

    Re: Trojan horse Agent_r.XJ help

    Post by VikhrMalyutka on Fri 06 May 2011, 1:42 am

    Thank you for all your help Belahzur, I'll try to prevent infections in the future.

    VikhrMalyutka

    Newbie Surfer
    Newbie Surfer

    Posts : 30
    Joined : 2011-04-19
    Operating System : Windows XP SP3 Professional

    View user profile

    Back to top Go down

    Re: Trojan horse Agent_r.XJ help

    Post by Sponsored content Today at 7:53 am


    Sponsored content


    Back to top Go down

    Page 2 of 2 Previous  1, 2

    View previous topic View next topic Back to top


     
    Permissions in this forum:
    You cannot reply to topics in this forum