hijack homepage

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

hijack homepage

Post by bryanc on Fri Aug 05, 2011 9:31 pm

I have attached the three files aswmber.txt, Extras.txt and OTL.txt
one at a time it seems.

here's aswmbr.txt

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Sat Aug 06, 2011 7:26 am

Hi,

Could you please copy and paste the OTL log into multiple posts?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 06, 2011 10:25 am

Part One

OTL logfile created on: 5/08/2011 6:34:15 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\bryanc\My Documents\Downloads\Kill it
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.49 Gb Total Physical Memory | 2.53 Gb Available Physical Memory | 72.46% Memory free
5.33 Gb Paging File | 4.18 Gb Available in Paging File | 78.49% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.68 Gb Total Space | 19.93 Gb Free Space | 8.56% Space Free | Partition Type: NTFS
Drive D: | 1.97 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: WORKSTATION-N | User Name: BryanC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/05 06:31:23 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bryanc\My Documents\Downloads\Kill it\OTL.com
PRC - [2011/08/04 08:35:42 | 000,123,264 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/08/04 08:35:41 | 004,599,680 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/01/11 09:25:06 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/12/09 07:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/09/22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/06/27 03:09:18 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
PRC - [2010/05/10 11:34:22 | 004,456,448 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2010/05/10 11:33:42 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2010/05/10 11:32:36 | 001,858,048 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010/05/10 11:32:06 | 000,482,304 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/01/30 07:20:26 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/01/27 21:30:16 | 001,312,848 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/01/20 09:39:21 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/01/20 09:39:20 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/01/20 09:39:17 | 001,831,928 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/01/20 09:39:17 | 001,447,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/01/20 09:39:16 | 001,775,344 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/12/10 18:45:21 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/07/30 18:39:12 | 001,216,648 | ---- | M] (Ext2Fsd Group ([You must be registered and logged in to see this link.] -- C:\Program Files\Ext2Fsd\Ext2Mgr.exe
PRC - [2009/05/29 16:58:46 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2009/04/22 17:41:52 | 000,015,360 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2009/04/22 16:15:56 | 000,656,696 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2009/04/22 12:05:34 | 001,703,936 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/04/09 16:05:38 | 001,106,720 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2009/04/09 16:02:50 | 000,447,264 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/03/25 19:58:28 | 003,261,688 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
PRC - [2009/03/19 20:25:06 | 000,667,648 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/03/17 11:57:26 | 000,254,034 | ---- | M] (IDT, Inc.) -- c:\drivers\audio\R213367\stacsv.exe
PRC - [2009/03/17 11:57:14 | 000,729,088 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2009/02/23 07:51:40 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/02/23 07:51:24 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/02/23 07:51:22 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/23 07:51:22 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/02/11 19:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/11 19:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/02/04 23:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/22 12:19:20 | 000,808,296 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2009/01/22 12:19:20 | 000,020,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2008/12/29 13:07:28 | 000,320,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2008/12/22 16:15:44 | 000,145,408 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2008/12/20 07:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/12/20 07:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/10/02 13:26:42 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/02 13:06:56 | 000,905,216 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/10/02 12:56:44 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/19 07:56:36 | 000,133,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe
PRC - [2006/04/10 16:25:54 | 000,950,272 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe


========== Modules (SafeList) ==========

MOD - [2011/08/05 06:31:23 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bryanc\My Documents\Downloads\Kill it\OTL.com
MOD - [2011/08/04 19:26:46 | 000,018,432 | ---- | M] (Applian Technologies, Inc.) -- C:\Documents and Settings\bryanc\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
MOD - [2011/04/18 22:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2010/08/24 02:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/04/09 16:06:08 | 000,041,760 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\dadkeyb.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (tcsd_win32.exe)
SRV - File not found [On_Demand | Stopped] -- -- (Smcinst)
SRV - [2011/08/04 08:35:42 | 000,123,264 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010/05/10 11:33:42 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010/05/10 11:32:36 | 001,858,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/05/10 11:32:06 | 000,482,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/01/30 07:17:14 | 000,292,944 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/01/20 09:39:21 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/01/20 09:39:21 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/01/20 09:39:17 | 001,831,928 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/01/20 09:39:17 | 000,345,416 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/01/20 09:39:16 | 001,775,344 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/10/21 04:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/09/07 22:16:25 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 11:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/04/22 12:05:34 | 001,703,936 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/04/09 16:02:50 | 000,447,264 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2009/03/17 11:57:26 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\drivers\audio\R213367\stacsv.exe -- (STacSV)
SRV - [2009/02/11 19:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/01/22 12:19:20 | 000,808,296 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/01/22 12:19:20 | 000,020,840 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2008/12/29 13:07:28 | 000,320,800 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/12/12 11:54:00 | 000,638,976 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2008/10/02 13:26:42 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/02 13:06:56 | 000,905,216 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/10/02 12:56:44 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2007/04/19 07:56:36 | 000,133,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)


========== Driver Services (SafeList) ==========

DRV - [2011/08/04 12:19:14 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110803.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/04 12:19:14 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110803.019\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/04 08:35:35 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/04 08:35:34 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/07/28 11:00:34 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/28 11:00:34 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/02/19 08:09:13 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/24 14:30:28 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/01/20 09:39:21 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/01/20 09:39:21 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/01/20 09:39:21 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/01/20 09:39:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/20 09:39:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2010/01/20 09:39:09 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010/01/20 09:39:07 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/11/19 14:33:20 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/11/10 21:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/11/10 21:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/10/21 04:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/07/26 15:22:34 | 000,651,264 | ---- | M] ([You must be registered and logged in to see this link.] [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ext2fsd.sys -- (Ext2Fsd)
DRV - [2009/04/22 16:15:58 | 000,208,824 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/04/03 14:25:50 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/03/24 17:33:38 | 000,232,744 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009/03/17 11:57:30 | 001,545,795 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/03/17 11:57:12 | 000,112,512 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/02/23 08:59:26 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel(R)
DRV - [2009/02/23 07:51:20 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/02/13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/02/12 09:10:20 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009/02/12 08:41:54 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2009/02/12 08:41:50 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2009/02/12 08:41:46 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2009/02/12 08:41:42 | 000,991,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/02/12 08:41:40 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009/01/22 12:16:14 | 000,032,808 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/01/20 12:33:16 | 000,985,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2009/01/20 12:33:16 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2009/01/20 12:33:16 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008/12/17 16:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/12/17 16:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/12/16 21:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/10/17 08:30:44 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/09/25 09:22:02 | 003,634,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/08/04 13:32:26 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/07/27 01:26:56 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/07/27 01:26:44 | 004,658,584 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2008/07/23 07:27:04 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/06/04 15:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2008/02/20 23:19:56 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/12/13 17:31:56 | 000,087,040 | ---- | M] (Cmotech Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (cmusbser)
DRV - [2006/11/23 15:03:48 | 000,081,152 | ---- | M] (Cmotech Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbnet.sys -- (cmusbnet) WAN Driver @ 3GPP (6280)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = nexus.*;nexus;10.10.10.1;
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.10.10.254:3128

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://nexus.northrop.com.au/Canberra/default.aspx"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..network.proxy.backup.ftp: "10.10.10.254"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "10.10.10.254"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "10.10.10.254"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "10.10.10.254"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "10.10.10.254"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "10.10.10.254"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "10.10.10.254"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1,"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "10.10.10.254"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "10.10.10.254"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/26 11:09:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/26 11:09:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 22:24:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/25 20:25:25 | 000,000,000 | ---D | M]

[2010/01/02 14:35:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bryanc\Application Data\Mozilla\Extensions
[2011/04/29 20:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\extensions
[2010/04/27 20:12:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/18 20:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/03 14:04:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/07/18 20:21:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2010/07/03 14:04:12 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/23 22:24:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/03/10 09:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2010/01/01 18:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml


bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 06, 2011 10:27 am

Part two


O1 HOSTS File: ([2010/01/03 13:02:56 | 002,442,612 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 0.gvt0.com 00.eatgoogle.345.pl 00.eatgoogle.bee.pl 00.eatgoogle.bij.pl 00.eatgoogle.orge.pl 00.eatgoogle.osa.pl 00.googleeat.345.pl 00.googleeat.bee.pl 00.googleeat.bij.pl
O1 - Hosts: 127.0.0.1 00.googleeat.orge.pl 00.googleeat.osa.pl 00.moregoogle.345.pl 00.moregoogle.bee.pl 00.moregoogle.bij.pl 00.moregoogle.osa.pl 00.w88w8w.cn 000007.ru 0000a-fast-proxy.de
O1 - Hosts: 127.0.0.1 000-101.org 000webhost.com 001.az 001.bladespoon.cn 001107d91124.bourgum.com 00161dcc.linkbucks.com 002b0372.linkbucks.com 002c63f4.linkbucks.com 003f3f9b.linkbucks.com
O1 - Hosts: 127.0.0.1 00451.com 005.free-counter.co.uk 0058f8d6.linkbucks.com 006.free-counter.co.uk 007.free-counter.co.uk 007absolutehardcore.com 007-dvd.com 007freesexnudepornpicturefisting.com 007q-branch.com
O1 - Hosts: 127.0.0.1 008.dyo9.cn 008.free-counter.co.uk 00b6d8f8.linkbucks.com 00bdd35c.linkbucks.com 00c8f8a0.linkbucks.com 00ce8e5675.net 00cf9556.linkbucks.com 00e3fbfd.linkbucks.com 00f831e0.linkbucks.com
O1 - Hosts: 127.0.0.1 00fea7f6.linkbucks.com 00ffabcb.linkbucks.com 00fun.com 00hq.com 00inkjets.com 00kk0.cn 00obo.cn 00pro.com 00web.com
O1 - Hosts: 127.0.0.1 01.eatgoogle.345.pl 01.eatgoogle.bee.pl 01.eatgoogle.orge.pl 01.eatgoogle.osa.pl 01.googleeat.345.pl 01.googleeat.bee.pl 01.googleeat.bij.pl 01.googleeat.orge.pl 01.googleeat.osa.pl
O1 - Hosts: 127.0.0.1 01.moregoogle.bee.pl 01.moregoogle.bij.pl 01.moregoogle.osa.pl 01.sharedsource.org 0100eda5.linkbucks.com 01027846502.kt.io 01064347170.kt.io 0108d9d9.linkbucks.com 010907d91105.burrova.com
O1 - Hosts: 127.0.0.1 011007d91118.agulhal.com 0117a32d.linkbucks.com 0123.org.tw 0123hardcore.com 013057b4.linkbucks.com 013080eb.linkbucks.com 01421e44.linkbucks.com 0190-dialer.com 0190-dialers.com
O1 - Hosts: 127.0.0.1 019b8380.linkbucks.com 01a093f8.linkbucks.com 01computersoftwar.biz 01f17201.linkbucks.com 01k0409-komplettpaket.tagesangebot-heimarbeit.eu 01sexe.com 01smith.com 02.main.ru 021107d91129.antiona.com
O1 - Hosts: 127.0.0.1 02114902.linkbucks.com 02267fbd.linkbucks.com 024061313.kt.io 025ed9eb.linkbucks.com 027541dc.linkbucks.com 0-29.com 02b4b355.linkbucks.com 02f4ca53.linkbucks.com 02kmky1xgzbmsdfx.com
O1 - Hosts: 127.0.0.1 02pmnzy5eo29bfk4.com 02yya.info 03.sharedsource.org 030.com 03108f9f.linkbucks.com 0313367018.kt.io 0313517889.kt.io 0313879956.kt.io 0314918631.kt.io
O1 - Hosts: 127.0.0.1 03235e90.linkbucks.com 03236401.linkbucks.com 032439.com 0364d0c7.linkbucks.com 038ll.cn 03b47261.linkbucks.com 03d28770.linkbucks.com 03e63903.linkbucks.com 03et0gq4posw.info
O1 - Hosts: 127.0.0.1 03fede52.linkbucks.com 03g.net 03l7w.cn 04.fakesoft.345.pl 04150988.linkbucks.com 0420a347.linkbucks.com 042707d90914.agrigid.com 0427be61.linkbucks.com 04301f7e.linkbucks.com
O1 - Hosts: 127.0.0.1 043e0ea4.linkbucks.com 044486.no-ip.biz 047941d4.linkbucks.com 0482e67e.linkbucks.com 048515a7.linkbucks.com 049a87c8.linkbucks.com 04a06907.linkbucks.com 04a6e3c6.linkbucks.com 04a99607.linkbucks.com
O1 - Hosts: 127.0.0.1 04dfba8a.linkbucks.com 05.sharedsource.org 050101.com 050607d91125.lantzel.com 0513eb5d.linkbucks.com 0518a.net 0519qq.cn 0527zp.com 0530efda.linkbucks.com
O1 - Hosts: 127.0.0.1 0533e5bd.linkbucks.com 05514e4a.linkbucks.com 0571ax.com 0571n.cn 0571z.cn 0576sf.com 0595fushi.cn 05bd31f0.linkbucks.com 05e61ce4.linkbucks.com
O1 - Hosts: 127.0.0.1 05f4e120.linkbucks.com 05p.com 06.jacai.com 061b01cf.linkbucks.com 062.sealandweb.de 0623382f.linkbucks.com 062c010b.linkbucks.com 065ad914.linkbucks.com 065afc43.linkbucks.com
O1 - Hosts: 127.0.0.1 067.ru 067bb8a3.linkbucks.com 068587c7.linkbucks.com 068f98cf.linkbucks.com 06c8666d.linkbucks.com 06d.ru 06eb763e.linkbucks.com 06fc5942.linkbucks.com 06hj.com
O1 - Hosts: 127.0.0.1 06j.ru 06u.ru 06v.ru 06w.ru 06y.ru 070.us 071109115221.c.mystat-in.net 07129.com 0716.88mw.com
O1 - Hosts: 127.0.0.1 0730dvd.com 0731ac.com 0731qq.cn 0734sp.com 07389b08.linkbucks.com 073bb0ee.linkbucks.com 0743dvd.com 0750car.net.cn 0755a.net
O1 - Hosts: 127.0.0.1 0757382491.cn 077.us 077734f3.linkbucks.com 079.us 079eaade.linkbucks.com 07e02c36.linkbucks.com 07ffc840.linkbucks.com 07hj.com 07ic5do2myz3vzpk.com
O1 - Hosts: 127.0.0.1 08.185.87.0.liveadvert.com 08.185.87.00.liveadvert.com 08.185.87.01.liveadvert.com 08.185.87.02.liveadvert.com 08.185.87.03.liveadvert.com 08.185.87.04.liveadvert.com 08.185.87.05.liveadvert.com 08.185.87.06.liveadvert.com 08.185.87.07.liveadvert.com
O1 - Hosts: 12417 more lines...
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (DivX Plus Web Player HTML5

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 06, 2011 10:27 am

Part three

2011/08/04 18:22:41 | 3745,406,976 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/04 11:47:15 | 000,019,092 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/04 11:47:10 | 000,000,744 | RHS- | M] () -- C:\Documents and Settings\bryanc\ntuser.pol
[2011/08/04 10:52:26 | 000,000,435 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2011/08/04 09:03:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/30 22:37:06 | 001,553,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/30 20:23:38 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb
[2011/07/30 06:35:13 | 000,001,544 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/29 22:10:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/25 21:29:18 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\bryanc\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/07/15 03:01:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/12 19:36:51 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\bryanc\Desktop\Camper trailer.lnk
[2011/07/12 11:20:54 | 000,178,536 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dnssdX.dll
[2011/07/12 11:20:54 | 000,083,816 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2011/07/12 11:20:54 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2011/07/08 01:26:37 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\bryanc\etsVersions.xml
[2011/07/07 16:25:03 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\bryanc\Local Settings\Application Data\{9A665226-8163-43F3-958D-34DBB0E021B8}
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\bryanc\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\bryanc\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/30 06:35:13 | 000,001,544 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/24 09:20:09 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/12 19:35:51 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\bryanc\Desktop\Camper trailer.lnk
[2011/07/08 01:26:37 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\bryanc\etsVersions.xml
[2011/07/07 16:24:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\bryanc\Local Settings\Application Data\{9A665226-8163-43F3-958D-34DBB0E021B8}
[2011/06/30 08:27:20 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\bryanc\Application Data\setup_ldm.iss
[2011/04/17 09:43:49 | 000,000,017 | -H-- | C] () -- C:\Documents and Settings\bryanc\Local Settings\Application Data\19720201.dat
[2011/04/17 09:43:02 | 000,000,036 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2011/02/05 10:00:21 | 000,000,059 | ---- | C] () -- C:\Documents and Settings\bryanc\Local Settings\Application Data\mm-device-08.ini
[2010/12/07 06:01:31 | 003,056,226 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2822720404-3006480766-3358018635-1149-0.dat
[2010/12/07 06:01:31 | 000,342,346 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/11/16 09:01:05 | 000,081,110 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/07/26 20:58:09 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/07/17 17:32:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/01 18:02:54 | 000,056,708 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/06/28 07:36:44 | 002,416,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/21 20:00:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/05/18 18:14:40 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Frameworks
[2010/05/18 18:14:40 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\bryanc\Application Data\Folder Actions Handlers
[2010/05/18 18:14:40 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/05/18 18:14:40 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Grapher
[2010/05/18 18:08:16 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Fonts
[2010/05/18 18:08:16 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\bryanc\Application Data\Flowers
[2010/05/18 18:08:16 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Galaxy Swirl
[2010/05/18 18:08:15 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/04/03 20:50:25 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/03/21 15:44:33 | 000,000,026 | ---- | C] () -- C:\WINDOWS\VideoPlayer.INI
[2010/03/21 09:49:32 | 000,909,312 | ---- | C] () -- C:\WINDOWS\System32\AVC_AP_H264.dll
[2010/03/21 09:49:23 | 000,909,312 | ---- | C] () -- C:\WINDOWS\System32\AVC_H264.dll
[2010/01/31 19:38:31 | 000,000,023 | ---- | C] () -- C:\WINDOWS\PenPowerTS863.INI
[2010/01/30 17:37:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\AutoSet.dll
[2010/01/30 17:36:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AutoSet.dll
[2010/01/02 14:35:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/21 04:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/10/05 12:25:18 | 000,004,528 | ---- | C] () -- C:\WINDOWS\System32\SETBROWS.EXE
[2009/10/05 12:25:17 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2009/09/18 21:49:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/09/09 18:27:30 | 000,000,060 | ---- | C] () -- C:\WINDOWS\ccolwiz.ini
[2009/09/06 09:44:00 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/09/05 03:32:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2009/09/04 19:18:45 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\IlmImf.dll
[2009/09/04 19:18:45 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\Photomatix_jpg.dll
[2009/09/04 19:18:45 | 000,353,280 | ---- | C] () -- C:\WINDOWS\System32\pmtf2.dll
[2009/09/04 19:18:45 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\Photomatix25Lib.dll
[2009/09/04 19:18:45 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\Photomatix25Lib2.dll
[2009/09/04 19:18:45 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\pmtf1.dll
[2009/09/04 19:18:45 | 000,204,288 | ---- | C] () -- C:\WINDOWS\System32\pmtf3.dll
[2009/09/04 19:18:45 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\Photomatix25Lib3.dll
[2009/09/04 19:18:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pmexr.dll
[2009/09/04 19:18:45 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmbm.dll
[2009/09/03 22:38:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\bryanc\Application Data\$_hpcst$.hpc
[2009/09/03 14:18:56 | 000,172,032 | ---- | C] () -- C:\Documents and Settings\bryanc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/03 09:32:55 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/09/03 09:32:33 | 000,000,435 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/09/03 09:31:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\bryanc\Local Settings\Application Data\WavXMapDrive.bat
[2009/08/27 11:43:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/08/27 11:43:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/08/27 11:43:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/08/27 11:43:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/08/27 11:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/08/27 11:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/08/27 11:42:59 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/08/27 11:42:59 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009/08/27 11:42:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/08/27 11:40:37 | 000,001,200 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/08/26 20:44:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/08/26 20:31:07 | 000,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009/08/26 20:15:49 | 000,279,888 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2009/08/26 20:13:26 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/08/26 19:53:01 | 000,042,206 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/04/22 11:58:30 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\DTMessageLib.dll
[2009/02/26 18:54:52 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_tr.dll
[2009/02/26 18:54:50 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ro.dll
[2009/02/26 18:54:48 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt-BR.dll
[2009/02/26 18:54:48 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_hu.dll
[2009/02/26 18:54:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_he.dll
[2009/02/26 18:54:44 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_el.dll
[2009/02/26 18:54:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fi.dll
[2009/02/26 18:54:42 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_cs.dll
[2009/02/26 18:54:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ar.dll
[2009/02/26 18:54:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2009/02/26 18:54:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2009/02/26 18:54:36 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sv.dll
[2009/02/26 18:54:34 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2009/02/26 18:54:34 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2009/02/26 18:54:32 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pl.dll
[2009/02/26 18:54:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_no.dll
[2009/02/26 18:54:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_nl.dll
[2009/02/26 18:54:28 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2009/02/26 18:54:28 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2009/02/26 18:54:26 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2009/02/26 18:54:24 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2009/02/26 18:54:24 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2009/02/26 18:54:20 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2009/02/26 18:54:20 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_da.dll
[2009/02/17 11:51:28 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2009/02/17 11:51:28 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2009/02/17 11:51:26 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2009/02/17 11:51:24 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2009/02/17 11:51:24 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2009/02/17 11:51:24 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2009/02/17 11:51:22 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2009/02/17 11:51:22 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2009/02/17 11:51:20 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fi.dll
[2009/02/17 11:51:20 | 000,479,232 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2009/02/17 11:51:20 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2009/02/17 11:51:18 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_da.dll
[2009/02/17 11:51:16 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_nl.dll
[2009/02/17 11:51:16 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pl.dll
[2009/02/17 11:51:16 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_no.dll
[2009/02/17 11:51:14 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_sv.dll
[2009/02/17 11:51:04 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_cs.dll
[2009/02/17 11:51:04 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ar.dll
[2009/02/17 11:51:02 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_el.dll
[2009/02/17 11:51:02 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_he.dll
[2009/02/17 11:51:00 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-PT.dll
[2009/02/17 11:51:00 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_hu.dll
[2009/02/17 11:50:58 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ro.dll
[2009/02/17 11:50:58 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_tr.dll
[2009/02/17 10:46:36 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2009/01/06 18:25:36 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\Wavx_ESC_Logging.dll
[2008/12/22 16:13:54 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2008/12/16 21:58:54 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/12/16 21:50:56 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll
[2008/10/06 20:36:56 | 000,839,680 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2008/08/15 10:46:30 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/05/26 23:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 23:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/26 07:31:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/26 07:27:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/26 07:26:32 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/26 02:16:24 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/26 02:16:22 | 000,536,264 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/26 02:16:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/26 02:16:22 | 000,101,654 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/26 02:16:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/26 02:16:22 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/26 02:16:21 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/26 02:16:20 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/26 02:16:18 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/26 02:16:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/26 02:16:13 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/26 02:16:11 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/25 19:22:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 19:21:52 | 001,553,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/03/25 11:46:00 | 000,077,536 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2007/09/27 12:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 12:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 12:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/19 07:52:16 | 000,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/04/19 07:28:10 | 000,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2006/06/30 14:58:44 | 000,176,128 | R--- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 14:58:44 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/06/12 10:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2005/02/17 22:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/02/17 22:31:58 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/02/17 22:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/02/17 22:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/02/17 22:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/02/17 22:31:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/02/17 22:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004/09/10 15:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 15:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2009/12/31 17:12:18 | 000,461,632 | ---- | M] () -- C:\Documents and Settings\bryanc\Desktop\GetSystemInfo.exe
[2010/08/22 21:47:15 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\bryanc\Desktop\mbam-setup.exe
[2009/12/28 15:54:08 | 000,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\bryanc\Desktop\Rooter.exe
[2010/01/01 16:46:54 | 001,339,288 | ---- | M] () -- C:\Documents and Settings\bryanc\Desktop\sar_15_sfx.exe
[2010/01/03 18:19:45 | 000,843,187 | ---- | M] () -- C:\Documents and Settings\bryanc\Desktop\SecurityCheck.exe
[2009/12/19 21:22:20 | 003,012,768 | ---- | M] (Javacool Software LLC ) -- C:\Documents and Settings\bryanc\Desktop\spywareblastersetup42.exe
[2010/01/01 15:32:43 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\bryanc\Desktop\Win32kDiag.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >
[2010/01/31 17:10:45 | 045,285,008 | ---- | M] (Blurb, Inc) -- C:\Documents and Settings\bryanc\My Documents\BookSmart_2.5.1.exe
[2005/04/14 17:48:24 | 007,482,480 | ---- | M] (http://www.codecpack.com) -- C:\Documents and Settings\bryanc\My Documents\Codecs6026_allin1[[You must be registered and logged in to see this link.]
[2006/11/24 01:34:22 | 019,933,315 | ---- | M] () -- C:\Documents and Settings\bryanc\My Documents\MediaCoder-0.5.1-r3.exe
[2006/03/20 15:37:52 | 005,689,344 | ---- | M] (Gabest) -- C:\Documents and Settings\bryanc\My Documents\mplayerc.exe

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/06/23 22:24:57 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/06/23 22:24:54 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/06/23 22:24:54 | 000,265,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/11/03 19:03:58 | 000,000,000 | ---D | M] -- C:\Program Files\1-Click YouTube Downloader
[2010/10/25 07:33:45 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/07/24 09:25:07 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/05/13 18:31:12 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2011/07/30 06:30:52 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/06/10 18:49:57 | 000,000,000 | ---D | M] -- C:\Program Files\BookSmart
[2009/08/26 20:14:17 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom Corporation
[2009/10/05 12:25:13 | 000,000,000 | ---D | M] -- C:\Program Files\Celestron
[2010/04/12 23:02:12 | 000,000,000 | ---D | M] -- C:\Program Files\CeRegEditor
[2009/09/09 21:15:33 | 000,000,000 | ---D | M] -- C:\Program Files\Codec Pack - All In 1
[2011/07/18 20:21:23 | 000,000,000 | R--D | M] -- C:\Program Files\Common Files
[2008/04/26 07:27:07 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/08/27 15:50:41 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/01/17 20:56:56 | 000,000,000 | ---D | M] -- C:\Program Files\Crayon Physics Deluxe
[2009/08/26 20:37:58 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/10/02 08:36:14 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2009/08/27 15:50:19 | 000,000,000 | ---D | M] -- C:\Program Files\DellTPad
[2009/08/26 20:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2009/10/02 08:49:51 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2011/01/26 11:09:07 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2011/05/10 17:40:08 | 000,000,000 | ---D | M] -- C:\Program Files\DxO Labs
[2011/04/17 09:42:52 | 000,000,000 | ---D | M] -- C:\Program Files\Earth Resource Mapping
[2010/02/19 20:38:51 | 000,000,000 | ---D | M] -- C:\Program Files\Easy Photo Recovery
[2009/10/10 11:10:06 | 000,000,000 | ---D | M] -- C:\Program Files\Ext2Fsd
[2010/04/03 20:50:25 | 000,000,000 | ---D | M] -- C:\Program Files\ffdshow
[2010/08/28 14:09:48 | 000,000,000 | ---D | M] -- C:\Program Files\Freecorder
[2011/04/17 09:42:47 | 000,000,000 | ---D | M] -- C:\Program Files\Fugawi
[2011/02/07 07:52:41 | 000,000,000 | ---D | M] -- C:\Program Files\G9
[2011/06/19 06:40:14 | 000,000,000 | ---D | M] -- C:\Program Files\G9 16-in-1
[2010/04/18 16:37:47 | 000,000,000 | ---D | M] -- C:\Program Files\GeoSetter
[2010/11/03 20:06:29 | 000,000,000 | ---D | M] -- C:\Program Files\GetFLV
[2011/07/03 01:06:23 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/06/19 06:39:21 | 000,000,000 | ---D | M] -- C:\Program Files\HamSphere
[2009/08/27 15:50:31 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2010/04/02 17:51:48 | 000,000,000 | ---D | M] -- C:\Program Files\Inobix
[2011/06/19 06:40:18 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/08/26 20:26:21 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/06/17 03:17:06 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/07/30 06:34:09 | 000,000,000 | ---D | M] -- C:\Program Files\iPod

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 06, 2011 10:28 am

Part four

[2010/07/02 19:23:32 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(2)
[2011/04/22 10:08:12 | 000,000,000 | ---D | M] -- C:\Program Files\iTravel-Tech
[2011/07/30 06:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/07/02 19:23:32 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(2)
[2011/07/18 20:20:38 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/04/26 16:51:18 | 000,000,000 | ---D | M] -- C:\Program Files\Lifeware Solutions
[2011/06/30 08:27:48 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/08/22 21:50:31 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/27 16:52:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mazaika
[2010/04/03 20:53:00 | 000,000,000 | ---D | M] -- C:\Program Files\MediaCoder
[2011/02/05 09:53:34 | 000,000,000 | ---D | M] -- C:\Program Files\Memory-Map
[2009/08/26 20:02:36 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/08/26 20:36:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/04/10 13:46:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2008/04/26 07:29:52 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/08/26 20:40:57 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/03/07 17:20:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Pro Photo Tools
[2011/06/17 06:51:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/12/10 11:40:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Small Business
[2009/12/10 11:47:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2009/08/26 20:37:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/08/26 20:33:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/11/24 06:12:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Voice Command
[2009/09/03 09:24:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Windows Small Business Server
[2009/09/05 03:12:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/25 03:01:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2009/08/26 20:18:50 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2010/08/23 19:40:11 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/11/03 19:22:18 | 000,000,000 | ---D | M] -- C:\Program Files\Moyea
[2011/06/23 22:25:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2008/04/26 07:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/04/26 07:26:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2008/04/26 07:26:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/09/05 03:00:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/08/26 20:25:54 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2008/04/26 07:27:56 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/08/26 20:18:56 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2010/05/18 19:51:56 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2011/05/06 19:23:51 | 000,000,000 | ---D | M] -- C:\Program Files\NTRIP
[2008/04/26 07:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/11/28 05:29:02 | 000,000,000 | ---D | M] -- C:\Program Files\Optus Wireless Broadband
[2010/12/16 17:49:19 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/04/30 18:45:51 | 000,000,000 | ---D | M] -- C:\Program Files\OziPhotoTool
[2011/06/12 20:49:19 | 000,000,000 | ---D | M] -- C:\Program Files\Paint Shop Pro 5
[2010/03/05 18:46:16 | 000,000,000 | ---D | M] -- C:\Program Files\Passware
[2010/01/30 17:36:55 | 000,000,000 | ---D | M] -- C:\Program Files\Penpower
[2009/11/18 22:28:50 | 000,000,000 | ---D | M] -- C:\Program Files\Photomatix
[2010/12/28 18:42:41 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/07/02 19:24:03 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime(2)
[2008/04/26 07:39:00 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/08/26 20:33:54 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/09/06 09:37:25 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/01/01 16:47:12 | 000,000,000 | ---D | M] -- C:\Program Files\Sophos
[2009/11/28 05:29:42 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2010/05/15 06:42:48 | 000,000,000 | ---D | M] -- C:\Program Files\SpywareBlaster
[2009/08/26 20:31:03 | 000,000,000 | ---D | M] -- C:\Program Files\SRS Labs
[2011/08/04 11:39:07 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2010/01/24 14:30:28 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2009/09/23 05:57:55 | 000,000,000 | ---D | M] -- C:\Program Files\Telstra
[2011/06/07 09:36:33 | 000,000,000 | ---D | M] -- C:\Program Files\Total Synergy
[2009/12/05 05:27:31 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2008/04/26 07:32:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/09/04 21:16:40 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2011/06/11 09:45:30 | 000,000,000 | ---D | M] -- C:\Program Files\VideoViewer
[2009/08/26 20:23:49 | 000,000,000 | ---D | M] -- C:\Program Files\Wave Systems Corp
[2010/07/26 20:57:33 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2009/12/20 05:57:24 | 000,000,000 | ---D | M] -- C:\Program Files\WhoCrashed
[2009/08/26 20:19:40 | 000,000,000 | ---D | M] -- C:\Program Files\WIDCOMM
[2009/09/05 03:32:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2009/08/26 20:37:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/08/26 20:35:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/09/26 22:24:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/09/05 03:03:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/04/26 07:26:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2008/04/26 07:28:13 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/01/03 08:00:45 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap
[2010/04/12 08:32:47 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2010/05/29 07:24:08 | 000,000,000 | ---D | M] -- C:\Program Files\Wise Registry Cleaner 3
[2010/01/30 17:56:30 | 000,000,000 | ---D | M] -- C:\Program Files\WorldCard
[2010/03/05 18:53:03 | 000,000,000 | ---D | M] -- C:\Program Files\[You must be registered and logged in to see this link.]
[2008/04/26 07:29:52 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/09/18 23:14:16 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2011/06/19 06:42:20 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2008/04/14 22:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:AGP440.sys
[2008/04/14 22:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 22:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2008/04/14 22:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/14 22:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2008/04/14 22:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2008/04/14 22:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/14 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: DISK.SYS >
[2008/04/14 22:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:disk.sys
[2008/04/14 22:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 22:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\dllcache\disk.sys
[2008/04/14 22:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: IASTOR.SYS >
[2009/02/11 19:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/04/28 08:05:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\drivers\storage\R213316\IaStor.sys
[2009/02/11 19:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/04/28 08:05:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/14 22:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 22:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 22:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-14 17:01:54

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/23 22:24:54 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/23 22:24:54 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/23 22:24:54 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 22:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 22:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 22:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/23 22:24:54 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/23 22:24:54 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/23 22:24:54 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 22:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 22:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 22:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 986 bytes -> C:\Program Files\Common Files\Microsoft Shared:T5bzRJhFa9AstKKfoCxLfoCw
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 1175 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:zbqDRczH1hhgMsa2AquFo5svTf4qe0
@Alternate Data Stream - 1096 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:coWfEgLT8SwMu4xy5khpu7pZDcot
@Alternate Data Stream - 1060 bytes -> C:\Program Files\Outlook Express:dJ7sbLKMiycfiBhOYYKCM

< End of report >

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Sun Aug 07, 2011 6:18 am

Hi,

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sun Aug 07, 2011 7:30 am

Combofix log

ComboFix 11-08-06.02 - BryanC 07/08/2011 17:00:32.7.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.3572.1946 [GMT 10:00]
Running from: c:\documents and settings\bryanc\desktop\commy.exe
Command switches used :: /stepdel
AV: Symantec Endpoint Protection *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\bryanc\Application Data\Local
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\(2).ddr
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\.ddr
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\0.ddi
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\1.ddi
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\2.ddi
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\Post_Install_RB_HiQ_en.divx.ddr
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\settings.ddi
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\0.ddi
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\1.ddi
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\2.ddi
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\settings.ddi
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2)
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3)
c:\documents and settings\bryanc\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\Post_Install_RB_HiQ_en.divx
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-07-07 to 2011-08-07 )))))))))))))))))))))))))))))))
.
.
2011-08-03 22:35 . 2011-08-03 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\!SASCORE
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iPod
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iTunes
2011-07-18 10:21 . 2011-07-18 10:21 -------- d-----w- c:\program files\Common Files\Java
2011-07-12 01:20 . 2011-07-12 01:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 01:20 . 2011-07-12 01:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 01:20 . 2011-07-12 01:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-07 07:17 . 2009-09-02 23:31 0 ----a-w- c:\documents and settings\bryanc\Local Settings\Application Data\WavXMapDrive.bat
2011-07-07 06:25 . 2011-07-07 06:25 0 ---ha-w- c:\documents and settings\bryanc\Local Settings\Application Data\BITC.tmp
2011-06-02 14:07 . 2008-04-25 16:16 1867904 ----a-w- c:\windows\system32\win32k.sys
2011-05-09 22:06 . 2010-07-09 10:53 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-05-09 22:06 . 2010-07-09 10:53 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-06-23 12:24 . 2011-04-30 09:31 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-03 4599680]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-25 3261688]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-10 289584]
"HijackThis startup scan"="c:\program files\Trend Micro\HijackThis\HijackThis.exe" [2009-12-04 396288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-28 13537280]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-12-22 145408]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2009-04-22 15360]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-17 483420]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2009-04-22 656696]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-04 128232]
"nwiz"="nwiz.exe" [2008-08-28 1630208]
"NvMediaCenter"="NvMCTray.dll" [2008-08-28 86016]
"NVHotkey"="nvHotkey.dll" [2008-08-28 90112]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2009-04-22 95544]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-03-19 667648]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2009-02-26 184320]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-01-19 115560]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-02-22 200704]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-03-17 729088]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"Ext2 Volume Manager"="c:\program files\Ext2Fsd\Ext2Mgr.exe" [2009-07-30 1216648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-19 2656528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
.
c:\documents and settings\bryanc\Start Menu\Programs\Startup\
LaunchU3.exe.lnk - c:\documents and settings\bryanc\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe [2011-5-6 1078]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-4-9 1106720]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-10-2 50688]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-5-10 4456448]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-27 123904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-03 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-12-04 20:36 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Telstra Turbo Modem Manager.lnk]
backup=c:\windows\pss\Telstra Turbo Modem Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\VideoViewer\\VideoViewer.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 Ext2Fsd;Linux ext2 file system driver;c:\windows\system32\drivers\ext2fsd.sys [10/10/2009 11:10 AM 651264]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [14/05/2009 1:22 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [14/05/2009 1:22 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [5/07/2010 9:02 AM 123264]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [19/04/2007 7:56 AM 133968]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [29/12/2008 1:07 PM 320800]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [22/01/2009 12:19 PM 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [22/01/2009 12:19 PM 20840]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [9/04/2009 4:02 PM 447264]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [22/08/2010 9:50 PM 304464]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [21/10/2009 4:19 AM 50704]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/05/2010 11:33 AM 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [10/05/2010 11:32 AM 1858048]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [10/05/2010 11:32 AM 482304]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [27/08/2009 11:42 AM 112512]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [27/08/2009 11:43 AM 32808]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [27/08/2009 11:42 AM 244368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28/07/2011 11:00 AM 105592]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [22/08/2010 9:50 PM 20952]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [26/08/2009 8:31 PM 232744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 cmusbnet;WAN Driver @ 3GPP (6280);c:\windows\system32\drivers\cmusbnet.sys [23/09/2009 5:57 AM 81152]
S3 cmusbser;%CMUSBSER%;c:\windows\system32\drivers\cmusbser.sys [23/09/2009 5:57 AM 87040]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [20/01/2010 9:39 AM 23888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1C.tmp --> c:\windows\system32\1C.tmp [?]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys --> c:\windows\system32\Drivers\NvtSp50.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [14/05/2009 1:22 PM 12872]
S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe --> c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [26/07/2010 8:56 PM 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 07:57]
.
2011-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-06 c:\windows\Tasks\User_Feed_Synchronization-{FD13B3EA-061B-4977-B7E0-44EEA53537C9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-07 18:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = 10.10.10.254:3128
uInternet Settings,ProxyOverride = nexus.*;nexus;10.10.10.1;
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.ftp - 10.10.10.254
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 10.10.10.254
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 10.10.10.254
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 10.10.10.254
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 10.10.10.254
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-Symantec Antvirus
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-08-07 17:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\1C.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1020)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\NetProvCredMan.dll
.
- - - - - - - > 'explorer.exe'(10444)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\documents and settings\bryanc\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Symantec\Symantec Endpoint Protection\Smc.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\drivers\audio\r213367\stacsv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\sessmgr.exe
c:\program files\Symantec\Symantec Endpoint Protection\SmcGui.exe
c:\windows\system32\RunDLL32.exe
c:\windows\system32\rundll32.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\system32\msiexec.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\documents and settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-08-07 17:25:13 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-07 07:25
ComboFix2.txt 2010-01-08 23:03
ComboFix3.txt 2010-01-03 12:01
ComboFix4.txt 2009-12-19 06:58
.
Pre-Run: 19,738,710,016 bytes free
Post-Run: 36,214,366,208 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2762C75A05FB2DCC8472E12C721B6034

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Mon Aug 08, 2011 4:16 am

Hi,

Re-running ComboFix to remove infections:

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:

    File::
    c:\windows\system32\1C.tmp

    Driver::
    MEMSWEEP2

  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Mon Aug 08, 2011 10:50 am

Combo log


ComboFix 11-08-07.03 - BryanC 08/08/2011 20:23:36.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.3572.2541 [GMT 10:00]
Running from: c:\documents and settings\bryanc\Desktop\COMMY.exe
Command switches used :: c:\documents and settings\bryanc\Desktop\CFScript.txt
AV: Symantec Endpoint Protection *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
FILE ::
"c:\windows\system32\1C.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MEMSWEEP2
-------\Service_MEMSWEEP2
.
.
((((((((((((((((((((((((( Files Created from 2011-07-08 to 2011-08-08 )))))))))))))))))))))))))))))))
.
.
2011-08-03 22:35 . 2011-08-03 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\!SASCORE
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iPod
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iTunes
2011-07-18 10:21 . 2011-07-18 10:21 -------- d-----w- c:\program files\Common Files\Java
2011-07-12 01:20 . 2011-07-12 01:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 01:20 . 2011-07-12 01:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 01:20 . 2011-07-12 01:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-08 10:38 . 2009-09-02 23:31 0 ----a-w- c:\documents and settings\bryanc\Local Settings\Application Data\WavXMapDrive.bat
2011-07-07 06:25 . 2011-07-07 06:25 0 ---ha-w- c:\documents and settings\bryanc\Local Settings\Application Data\BITC.tmp
2011-06-02 14:07 . 2008-04-25 16:16 1867904 ----a-w- c:\windows\system32\win32k.sys
2011-06-23 12:24 . 2011-04-30 09:31 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-08 10:35 . 2011-08-08 10:35 16384 c:\windows\temp\Perflib_Perfdata_784.dat
- 2010-01-10 23:03 . 2011-08-01 02:44 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-10 23:03 . 2011-08-08 06:30 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-09-01 07:29 . 2011-08-08 06:30 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-09-01 07:29 . 2011-08-01 02:44 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-08-08 06:30 . 2011-08-08 06:30 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-10 23:03 . 2011-08-01 02:44 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-04-25 16:16 . 2011-08-07 07:20 536264 c:\windows\system32\perfh009.dat
+ 2008-04-25 16:16 . 2011-08-08 09:39 536264 c:\windows\system32\perfh009.dat
+ 2008-04-25 16:16 . 2011-08-08 09:39 101654 c:\windows\system32\perfc009.dat
- 2008-04-25 16:16 . 2011-08-07 07:20 101654 c:\windows\system32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-03 4599680]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-25 3261688]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-10 289584]
"HijackThis startup scan"="c:\program files\Trend Micro\HijackThis\HijackThis.exe" [2009-12-04 396288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-28 13537280]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-12-22 145408]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2009-04-22 15360]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-17 483420]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2009-04-22 656696]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-04 128232]
"nwiz"="nwiz.exe" [2008-08-28 1630208]
"NvMediaCenter"="NvMCTray.dll" [2008-08-28 86016]
"NVHotkey"="nvHotkey.dll" [2008-08-28 90112]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2009-04-22 95544]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-03-19 667648]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2009-02-26 184320]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-01-19 115560]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-02-22 200704]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-03-17 729088]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"Ext2 Volume Manager"="c:\program files\Ext2Fsd\Ext2Mgr.exe" [2009-07-30 1216648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-19 2656528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
.
c:\documents and settings\bryanc\Start Menu\Programs\Startup\
LaunchU3.exe.lnk - c:\documents and settings\bryanc\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe [2011-5-6 1078]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-4-9 1106720]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-10-2 50688]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-5-10 4456448]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-27 123904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-03 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-12-04 20:36 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Telstra Turbo Modem Manager.lnk]
backup=c:\windows\pss\Telstra Turbo Modem Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\VideoViewer\\VideoViewer.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 Ext2Fsd;Linux ext2 file system driver;c:\windows\system32\drivers\ext2fsd.sys [10/10/2009 11:10 AM 651264]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [14/05/2009 1:22 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [14/05/2009 1:22 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [5/07/2010 9:02 AM 123264]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [19/04/2007 7:56 AM 133968]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [29/12/2008 1:07 PM 320800]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [22/01/2009 12:19 PM 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [22/01/2009 12:19 PM 20840]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [9/04/2009 4:02 PM 447264]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [22/08/2010 9:50 PM 304464]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [21/10/2009 4:19 AM 50704]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/05/2010 11:33 AM 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [10/05/2010 11:32 AM 1858048]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [10/05/2010 11:32 AM 482304]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [27/08/2009 11:42 AM 112512]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [27/08/2009 11:43 AM 32808]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [27/08/2009 11:42 AM 244368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28/07/2011 11:00 AM 105592]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [22/08/2010 9:50 PM 20952]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [26/08/2009 8:31 PM 232744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 cmusbnet;WAN Driver @ 3GPP (6280);c:\windows\system32\drivers\cmusbnet.sys [23/09/2009 5:57 AM 81152]
S3 cmusbser;%CMUSBSER%;c:\windows\system32\drivers\cmusbser.sys [23/09/2009 5:57 AM 87040]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [20/01/2010 9:39 AM 23888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys --> c:\windows\system32\Drivers\NvtSp50.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [14/05/2009 1:22 PM 12872]
S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe --> c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [26/07/2010 8:56 PM 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 07:57]
.
2011-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-08 c:\windows\Tasks\User_Feed_Synchronization-{FD13B3EA-061B-4977-B7E0-44EEA53537C9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-07 18:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = 10.10.10.254:3128
uInternet Settings,ProxyOverride = nexus.*;nexus;10.10.10.1;
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.ftp - 10.10.10.254
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 10.10.10.254
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 10.10.10.254
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 10.10.10.254
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 10.10.10.254
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-08-08 20:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1008)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\NetProvCredMan.dll
.
- - - - - - - > 'explorer.exe'(1808)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\documents and settings\bryanc\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Symantec\Symantec Endpoint Protection\Smc.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\drivers\audio\r213367\stacsv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\sessmgr.exe
c:\program files\Symantec\Symantec Endpoint Protection\SmcGui.exe
c:\windows\system32\RunDLL32.exe
c:\windows\system32\rundll32.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\documents and settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2011-08-08 20:43:52 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-08 10:43
ComboFix2.txt 2011-08-07 07:25
ComboFix3.txt 2010-01-08 23:03
ComboFix4.txt 2010-01-03 12:01
ComboFix5.txt 2011-08-08 10:22
.
Pre-Run: 36,066,889,728 bytes free
Post-Run: 35,986,055,168 bytes free
.
- - End Of File - - B287239A41900649E7880A1176C3E9E9

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Tue Aug 09, 2011 5:22 am

Hi,

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Tue Aug 09, 2011 12:06 pm

mbam log

Malwarebytes' Anti-Malware 1.51.1.1800
[You must be registered and logged in to see this link.]

Database version: 7416

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/08/2011 10:06:15 PM
mbam-log-2011-08-09 (22-06-15).txt

Scan type: Quick scan
Objects scanned: 256668
Time elapsed: 6 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel\HomePage (PUM.Hijack.HomePageControl) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Wed Aug 10, 2011 5:50 am

Hi,

Please run a free online scan with the [You must be registered and logged in to see this link.]
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Wed Aug 10, 2011 9:13 pm

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=d07c70d8e1b85f47b6af20976e7a15cc
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-08-10 03:47:29
# local_time=2011-08-11 01:47:29 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 53026566 53026566 0 0
# compatibility_mode=8192 67108863 100 0 5921 5921 0 0
# scanned=174271
# found=3
# cleaned=3
# scan_time=9832
C:\Documents and Settings\bryanc\Application Data\Sun\Java\Deployment\cache\6.0\27\49c8345b-5982a9ca multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\bryanc\My Documents\Downloads\Torrent stuff\Adobe Photoshop CS4 v.11.0.1 & onOne Plug-suite Pro 4.5 DVD ISO\Adobe-onOne Suite.iso multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\bryanc\My Documents\Movies\MS Office 2007 ULTIMATE [GR420]\MS Office 2007 ULTIMATE.iso probably a variant of Win32/Agent.FGHQVIS trojan (deleted - quarantined) 00000000000000000000000000000000 C

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Fri Aug 12, 2011 3:03 am

Hi,

How's your computer running now?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Fri Aug 12, 2011 4:19 am

I did a Malwarebytes scan this morning and the phum hijackhomepage was found again.

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Sat Aug 13, 2011 1:53 am

Hi,

Could you please re-run OTL and ComboFix?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 13, 2011 3:48 am

yep

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 13, 2011 4:43 am

here's the OTL log


OTL logfile created on: 13/08/2011 1:49:45 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\bryanc\My Documents\Downloads\Kill it
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.49 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 63.66% Memory free
5.33 Gb Paging File | 3.72 Gb Available in Paging File | 69.81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.68 Gb Total Space | 40.42 Gb Free Space | 17.37% Space Free | Partition Type: NTFS
Drive E: | 14.90 Gb Total Space | 14.47 Gb Free Space | 97.08% Space Free | Partition Type: FAT32
Drive F: | 1.95 Gb Total Space | 0.89 Gb Free Space | 45.80% Space Free | Partition Type: FAT

Computer Name: WORKSTATION-N | User Name: BryanC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/12 05:22:41 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/08/12 05:22:37 | 004,600,704 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/08/05 06:31:23 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bryanc\My Documents\Downloads\Kill it\OTL.com
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/23 22:24:57 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/11 09:25:06 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/12/09 07:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/09/22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/06/27 03:09:18 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
PRC - [2010/05/10 11:34:22 | 004,456,448 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2010/05/10 11:33:42 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2010/05/10 11:32:36 | 001,858,048 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010/05/10 11:32:06 | 000,482,304 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2010/01/30 07:20:26 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/01/27 21:30:16 | 001,312,848 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/01/20 09:39:21 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/01/20 09:39:20 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/01/20 09:39:17 | 001,831,928 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/01/20 09:39:17 | 001,447,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/01/20 09:39:16 | 001,775,344 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/12/10 18:45:21 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/07/30 18:39:12 | 001,216,648 | ---- | M] (Ext2Fsd Group ([You must be registered and logged in to see this link.] -- C:\Program Files\Ext2Fsd\Ext2Mgr.exe
PRC - [2009/05/29 16:58:46 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2009/04/22 17:41:52 | 000,015,360 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2009/04/22 16:15:56 | 000,656,696 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2009/04/22 12:05:34 | 001,703,936 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/04/09 16:05:38 | 001,106,720 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2009/04/09 16:02:50 | 000,447,264 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/03/25 19:58:28 | 003,261,688 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
PRC - [2009/03/19 20:25:06 | 000,667,648 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/03/17 11:57:26 | 000,254,034 | ---- | M] (IDT, Inc.) -- c:\drivers\audio\R213367\stacsv.exe
PRC - [2009/03/17 11:57:14 | 000,729,088 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2009/02/23 07:51:40 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/02/23 07:51:24 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/02/23 07:51:22 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/23 07:51:22 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/02/11 19:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/11 19:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/02/04 23:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/22 12:19:20 | 000,808,296 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2009/01/22 12:19:20 | 000,020,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2008/12/29 13:07:28 | 000,320,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2008/12/22 16:15:44 | 000,145,408 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2008/12/20 07:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/12/20 07:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/10/02 13:26:42 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/02 13:06:56 | 000,905,216 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/10/02 12:56:44 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/19 07:56:36 | 000,133,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe
PRC - [2006/04/10 16:25:54 | 000,950,272 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe


========== Modules (SafeList) ==========

MOD - [2011/08/13 10:13:44 | 000,018,432 | ---- | M] (Applian Technologies, Inc.) -- C:\Documents and Settings\bryanc\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
MOD - [2011/08/05 06:31:23 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bryanc\My Documents\Downloads\Kill it\OTL.com
MOD - [2011/04/18 22:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2010/08/24 02:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (tcsd_win32.exe)
SRV - File not found [On_Demand | Stopped] -- -- (Smcinst)
SRV - [2011/08/12 05:22:41 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/05/10 11:33:42 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010/05/10 11:32:36 | 001,858,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/05/10 11:32:06 | 000,482,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010/01/30 07:17:14 | 000,292,944 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/01/20 09:39:21 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/01/20 09:39:21 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/01/20 09:39:17 | 001,831,928 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/01/20 09:39:17 | 000,345,416 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/01/20 09:39:16 | 001,775,344 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/10/21 04:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/09/07 22:16:25 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 11:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/04/22 12:05:34 | 001,703,936 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/04/09 16:02:50 | 000,447,264 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2009/03/17 11:57:26 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\drivers\audio\R213367\stacsv.exe -- (STacSV)
SRV - [2009/02/11 19:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/01/22 12:19:20 | 000,808,296 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/01/22 12:19:20 | 000,020,840 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2008/12/29 13:07:28 | 000,320,800 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/12/12 11:54:00 | 000,638,976 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2008/10/02 13:26:42 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/02 13:06:56 | 000,905,216 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/10/02 12:56:44 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2007/04/19 07:56:36 | 000,133,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)


========== Driver Services (SafeList) ==========

DRV - [2011/08/05 08:44:57 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110811.004\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/05 08:44:56 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110811.004\NAVENG.SYS -- (NAVENG)
DRV - [2011/08/04 08:35:35 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/04 08:35:34 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/07/28 11:00:34 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/28 11:00:34 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/02/19 08:09:13 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/24 14:30:28 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/01/20 09:39:21 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/01/20 09:39:21 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/01/20 09:39:21 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/01/20 09:39:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/20 09:39:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2010/01/20 09:39:09 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010/01/20 09:39:07 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/11/19 14:33:20 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/11/10 21:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/11/10 21:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/10/21 04:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/07/26 15:22:34 | 000,651,264 | ---- | M] ([You must be registered and logged in to see this link.] [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ext2fsd.sys -- (Ext2Fsd)
DRV - [2009/04/22 16:15:58 | 000,208,824 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/04/03 14:25:50 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/03/24 17:33:38 | 000,232,744 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009/03/17 11:57:30 | 001,545,795 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/03/17 11:57:12 | 000,112,512 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/02/23 08:59:26 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel(R)
DRV - [2009/02/23 07:51:20 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/02/13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/02/12 09:10:20 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009/02/12 08:41:54 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2009/02/12 08:41:50 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2009/02/12 08:41:46 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2009/02/12 08:41:42 | 000,991,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/02/12 08:41:40 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009/01/22 12:16:14 | 000,032,808 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/01/20 12:33:16 | 000,985,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2009/01/20 12:33:16 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2009/01/20 12:33:16 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008/12/17 16:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/12/17 16:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/12/16 21:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/10/17 08:30:44 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/09/25 09:22:02 | 003,634,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/08/04 13:32:26 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/07/27 01:26:56 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/07/27 01:26:44 | 004,658,584 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2008/07/23 07:27:04 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/06/04 15:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2008/02/20 23:19:56 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/12/13 17:31:56 | 000,087,040 | ---- | M] (Cmotech Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (cmusbser)
DRV - [2006/11/23 15:03:48 | 000,081,152 | ---- | M] (Cmotech Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbnet.sys -- (cmusbnet) WAN Driver @ 3GPP (6280)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = nexus.*;nexus;10.10.10.1;
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.10.10.254:3128

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://nexus.northrop.com.au/Canberra/default.aspx"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..network.proxy.backup.ftp: "10.10.10.254"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "10.10.10.254"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "10.10.10.254"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "10.10.10.254"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "10.10.10.254"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "10.10.10.254"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "10.10.10.254"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1,"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "10.10.10.254"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "10.10.10.254"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/26 11:09:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/26 11:09:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/13 07:48:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/13 07:47:59 | 000,000,000 | ---D | M]

[2010/01/02 14:35:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bryanc\Application Data\Mozilla\Extensions
[2011/04/29 20:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\extensions
[2010/04/27 20:12:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/18 20:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/03 14:04:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/07/18 20:21:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2010/07/03 14:04:12 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/23 22:24:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/03/10 09:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2010/01/01 18:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/08 20:38:08 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (DivX Plus Web Player HTML5

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 13, 2011 7:45 am

Combo fix log. In a few pieces it is apparently too big. I just clicked on the icon this time. I couldn't find the txt file you gave me last time.

Also Superantispyware is now going berserk over c:\windows\temp\logishrd\lvprcinj01.dll. it calls it a Trojan.agent/gen-nullo(short).process


part 1

ComboFix 11-08-12.01 - BryanC 13/08/2011 16:38:28.9.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.3572.2297 [GMT 10:00]
Running from: c:\documents and settings\bryanc\Desktop\COMMY.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-07-13 to 2011-08-13 )))))))))))))))))))))))))))))))
.
.
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-08-12 21:47 . 2011-08-12 21:47 -------- d-----w- c:\program files\QuickTime
2011-08-10 12:24 . 2011-08-10 12:24 -------- d-----w- c:\program files\ESET
2011-08-08 10:22 . 2011-08-08 10:43 -------- d-----w- C:\COMMY21159C
2011-08-03 22:35 . 2011-08-03 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\!SASCORE
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iPod
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iTunes
2011-07-18 10:21 . 2011-07-18 10:21 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-13 00:13 . 2009-09-02 23:31 0 ----a-w- c:\documents and settings\bryanc\Local Settings\Application Data\WavXMapDrive.bat
2011-07-15 13:29 . 2008-04-25 16:16 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 01:20 . 2011-07-12 01:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 01:20 . 2011-07-12 01:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 01:20 . 2011-07-12 01:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-08 14:02 . 2008-04-25 16:16 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-07 06:25 . 2011-07-07 06:25 0 ---ha-w- c:\documents and settings\bryanc\Local Settings\Application Data\BITC.tmp
2011-07-06 09:52 . 2010-08-22 11:50 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 09:52 . 2010-08-22 11:50 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-05 08:37 . 2011-07-05 08:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 08:37 . 2011-07-05 08:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-06-24 14:10 . 2008-04-25 21:26 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2008-04-25 16:16 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2008-04-25 16:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2008-04-25 16:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2008-04-25 16:16 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2008-04-25 16:16 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-02 14:07 . 2008-04-25 16:16 1867904 ----a-w- c:\windows\system32\win32k.sys
2011-06-23 12:24 . 2011-04-30 09:31 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-11 08:23 . 2011-08-11 08:23 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
- 2010-10-03 16:06 . 2010-10-03 16:06 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2011-08-13 07:02 . 2011-08-13 07:02 16384 c:\windows\temp\Perflib_Perfdata_6ac.dat
+ 2008-04-25 16:16 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 66560 c:\windows\system32\mshtmled.dll
- 2009-03-07 18:31 . 2011-04-25 16:11 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-07 18:31 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 25600 c:\windows\system32\jsproxy.dll
+ 2009-09-04 01:55 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-09-04 01:55 . 2011-04-25 16:11 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2008-04-25 16:16 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2008-04-25 16:16 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-09-04 01:55 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-09-04 01:55 . 2011-04-25 16:11 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-01-10 23:03 . 2011-08-08 06:30 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-10 23:03 . 2011-08-01 02:44 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-01 07:29 . 2011-08-01 02:44 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-09-01 07:29 . 2011-08-08 06:30 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-08-11 08:23 . 2011-08-11 08:23 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 95592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 95592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
+ 2011-08-11 08:23 . 2011-08-11 08:23 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
- 2011-06-16 17:20 . 2011-06-16 17:20 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-10 10:12 . 2011-07-25 10:25 35088 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 35088 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 18704 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-06-10 10:12 . 2011-07-25 10:25 18704 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 20240 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-10 10:12 . 2011-07-25 10:25 20240 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-08-11 08:15 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
- 2011-06-17 04:06 . 2011-06-17 04:06 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a2ef92260effc4f8cef9339a24ba230b\UIAutomationProvider.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a2ef92260effc4f8cef9339a24ba230b\UIAutomationProvider.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 54784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\e6e29d43db9360007e3e4243b0aeb352\System.Xaml.Hosting.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\fd3809e0cf174aaadc13e0b409123fd3\System.Windows.Presentation.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\6f9ac895d7622b95544b031b63d64017\System.Web.Routing.ni.dll
- 2011-06-17 04:10 . 2011-06-17 04:10 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\6f9ac895d7622b95544b031b63d64017\System.Web.Routing.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\e8216f5f09dd77c5aeba6147a88ba368\System.Web.DynamicData.Design.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\6b87fc6f1e65b1bf6df19a9bd5b02f80\System.Web.ApplicationServices.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\3837a04bf4ae78e96fa30405df9b0fbf\System.Web.Abstractions.ni.dll
- 2011-06-17 04:10 . 2011-06-17 04:10 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\3837a04bf4ae78e96fa30405df9b0fbf\System.Web.Abstractions.ni.dll
- 2011-06-17 04:10 . 2011-06-17 04:10 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a52822a9a6ec1104c7f38876a0d5b880\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a52822a9a6ec1104c7f38876a0d5b880\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\49989f9c9f180a49b0953cb47078df77\System.ServiceModel.Channels.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\6c15a9f7fb56275fb9ad22ae306d9d42\System.AddIn.Contract.ni.dll
- 2011-06-17 04:07 . 2011-06-17 04:07 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\6c15a9f7fb56275fb9ad22ae306d9d42\System.AddIn.Contract.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 37888 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\3b033952c66dc1b24154f39f57df2028\Microsoft.Workflow.Compiler.ni.exe
- 2011-06-17 03:44 . 2011-06-17 03:44 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\9cce7d40f80e50a7e43d8e99f039359f\Microsoft.VisualC.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\9cce7d40f80e50a7e43d8e99f039359f\Microsoft.VisualC.ni.dll
- 2011-06-16 21:05 . 2011-06-16 21:05 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\ec6caf1c86ddb8ce9d7a89adb10264e8\Accessibility.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\ec6caf1c86ddb8ce9d7a89adb10264e8\Accessibility.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\ca6513768e7d76a65f4455dceb0ee2c7\WindowsLiveWriter.ni.exe
+ 2011-08-11 09:44 . 2011-08-11 09:44 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d8a29e492f96b5a3f88d79862107314f\WindowsLive.Writer.Api.ni.dll
- 2011-06-16 17:32 . 2011-06-16 17:32 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
+ 2011-08-11 08:17 . 2011-08-11 08:17 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
- 2011-06-16 21:03 . 2011-06-16 21:03 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-08-11 09:37 . 2011-08-11 09:37 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
+ 2011-08-11 09:39 . 2011-08-11 09:39 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\5b8d9854c1eeeeaed165b9ec7952780b\Microsoft.WSMan.Runtime.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
+ 2011-08-11 08:17 . 2011-08-11 08:17 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a96b02abbfcaae424cfb91a198a9e0e9\Microsoft.VisualC.ni.dll
- 2011-06-16 17:32 . 2011-06-16 17:32 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a96b02abbfcaae424cfb91a198a9e0e9\Microsoft.VisualC.ni.dll
+ 2011-08-11 08:17 . 2011-08-11 08:17 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
- 2011-06-16 17:32 . 2011-06-16 17:32 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
- 2011-06-16 17:37 . 2011-06-16 17:37 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\e3cfeca417f9bfb8f28862aa17e2bc54\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
- 2011-06-16 17:36 . 2011-06-16 17:36 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-08-11 09:45 . 2011-08-11 09:45 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-08-11 08:17 . 2011-08-11 08:17 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
- 2011-06-16 17:32 . 2011-06-16 17:32 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\2d01a98c567028c2aa3f58b71581c708\dfsvc.ni.exe
- 2011-06-16 21:06 . 2011-06-16 21:06 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\2d01a98c567028c2aa3f58b71581c708\dfsvc.ni.exe
+ 2011-08-11 08:27 . 2011-08-11 08:27 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-06-16 17:30 . 2011-06-16 17:30 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
- 2008-04-25 16:16 . 2009-03-07 18:34 105984 c:\windows\system32\url.dll
- 2008-04-25 16:16 . 2011-08-07 07:20 536264 c:\windows\system32\perfh009.dat
+ 2008-04-25 16:16 . 2011-08-13 07:07 536264 c:\windows\system32\perfh009.dat
+ 2008-04-25 16:16 . 2011-08-13 07:07 101654 c:\windows\system32\perfc009.dat
- 2008-04-25 16:16 . 2011-08-07 07:20 101654 c:\windows\system32\perfc009.dat
+ 2008-04-25 16:16 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 206848 c:\windows\system32\occache.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 611840 c:\windows\system32\mstime.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
+ 2009-03-07 18:32 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
- 2009-03-07 18:32 . 2011-04-25 16:11 602112 c:\windows\system32\msfeeds.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 184320 c:\windows\system32\iepeers.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 387584 c:\windows\system32\iedkcs32.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
+ 2008-04-25 16:16 . 2011-06-23 12:05 173568 c:\windows\system32\ie4uinit.exe
- 2008-04-25 16:16 . 2011-04-25 12:01 173568 c:\windows\system32\ie4uinit.exe
- 2008-04-25 16:16 . 2011-04-26 11:07 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-25 16:16 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 916480 c:\windows\system32\dllcache\wininet.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 916480 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 105984 c:\windows\system32\dllcache\url.dll
- 2008-04-25 16:16 . 2009-03-07 18:34 105984 c:\windows\system32\dllcache\url.dll
+ 2008-04-25 21:26 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
- 2008-04-25 21:26 . 2008-04-14 12:00 139656 c:\windows\system32\dllcache\rdpwd.sys
- 2008-04-25 16:16 . 2011-04-25 16:11 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-09-04 01:55 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2009-09-04 01:55 . 2011-04-25 16:11 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-04-25 16:16 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
- 2008-04-25 16:16 . 2011-04-29 16:19 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2009-09-04 01:55 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-09-04 01:55 . 2011-04-25 16:11 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-09 22:45 . 2011-04-25 16:11 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-09 22:45 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2008-04-25 16:16 . 2011-04-25 16:11 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2008-04-25 16:16 . 2011-04-25 12:01 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-04-25 16:16 . 2011-06-23 12:05 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2011-06-16 17:21 . 2011-06-16 17:21 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 316272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 316272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 170872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 170872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-11 08

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 13, 2011 7:48 am

Part 2

:19 . 2011-08-11 08:19 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 804720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 804720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2010-06-10 10:12 . 2011-07-25 10:25 888080 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 888080 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-06-10 10:12 . 2011-07-25 10:25 272648 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 272648 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pubs.exe
- 2010-06-10 10:12 . 2011-07-25 10:25 922384 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 922384 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 845584 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\outicon.exe
- 2010-06-10 10:12 . 2011-07-25 10:25 845584 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\outicon.exe
- 2010-06-10 10:12 . 2011-07-25 10:25 217864 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\misc.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 217864 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\misc.exe
+ 2011-08-11 08:15 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-08-11 08:15 . 2009-03-07 18:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-11 08:15 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-11 08:15 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-11 08:15 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-11 08:15 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
- 2009-08-26 10:03 . 2011-04-29 16:19 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-08-26 10:03 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-06-16 17:30 . 2011-06-16 17:30 261632 c:\windows\assembly\temp\HPW39GNU18\System.Transactions.dll
+ 2011-06-16 17:31 . 2011-06-16 17:31 212992 c:\windows\assembly\temp\GQY6EMU08G\System.ServiceProcess.ni.dll
+ 2011-06-16 17:33 . 2011-06-16 17:33 771584 c:\windows\assembly\temp\GOV28FMSZ6\System.Runtime.Remoting.ni.dll
+ 2011-06-16 17:33 . 2011-06-16 17:33 280064 c:\windows\assembly\temp\EMTZ6DKRY5\System.EnterpriseServices.Wrapper.dll
+ 2011-06-16 17:33 . 2011-06-16 17:33 627712 c:\windows\assembly\temp\EMTZ6DKRY5\System.EnterpriseServices.ni.dll
+ 2011-06-16 17:31 . 2011-06-16 17:31 971264 c:\windows\assembly\temp\7GNU18EKRY\System.Configuration.ni.dll
+ 2011-06-16 17:33 . 2011-06-16 17:33 627200 c:\windows\assembly\temp\4CJQY3AHOV\System.Transactions.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 404480 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\9396cfc862a5fc28638efa61218f972b\XamlBuildTask.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\63d0b5684a1e70965da66617de52f3f0\WsatConfig.ni.exe
+ 2011-08-11 09:49 . 2011-08-11 09:49 252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\11f340731d6cd696ae7b8b6351702cbe\WindowsFormsIntegration.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\8d3a679adab2761b52ffbb45c9c3a424\UIAutomationTypes.ni.dll
- 2011-06-17 04:06 . 2011-06-17 04:06 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\8d3a679adab2761b52ffbb45c9c3a424\UIAutomationTypes.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\0335e0194e209f69c3bd7104f3072818\UIAutomationClient.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c829c221dcccf40edbd75a0db8677d8a\System.Xml.Linq.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\004e12aad2006c3e9b30c08d52f8785b\System.Windows.Input.Manipulations.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\1e0b769476914b22615b132ca28c9689\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\e28b0ec860bfa3c0cfc1c5f2e10b4a84\System.Web.RegularExpressions.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 861696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\4512d5e287eb106c87c9776a8dc87f73\System.Web.Extensions.Design.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 332800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\e2ac9f85a353dfceaaf3daebd9f9571a\System.Web.Entity.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 297472 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\0ac8fc60bf1e5de815a7cff89fa083d7\System.Web.Entity.Design.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 705536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\8878068d99d64e3b0d250797d98d98ab\System.Web.DynamicData.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 259072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\75c1897031a2c2362c32ace8c3ee9647\System.Web.DataVisualization.Design.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\801e4d0a25c5afb1288c890f9e71257a\System.Transactions.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0af5485ccb0e43dd200f9e21f5eb60bd\System.ServiceProcess.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 422912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\fb0193a974f5c1a70ad5738ec0e2b9e9\System.ServiceModel.Activation.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\cfb228e35c0876d643008f616a8e132f\System.ServiceModel.Routing.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 729088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\fb35b1630e65c1d381dc193e8eeafd11\System.Security.ni.dll
- 2011-06-16 21:06 . 2011-06-16 21:06 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\dd02eb52dead028e9ca47004a0ef6811\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\dd02eb52dead028e9ca47004a0ef6811\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 770560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\313da93a40e0c6393edc2204ada538ea\System.Runtime.Remoting.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 241664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\5aab2523da0e782d95316097129ad2da\System.Runtime.Caching.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\17c29c52d52ff0b9b348b54037329bd0\System.Numerics.ni.dll
- 2011-06-16 17:09 . 2011-06-16 17:09 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\17c29c52d52ff0b9b348b54037329bd0\System.Numerics.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\772b52e4ac8936b913fe017d909c75e4\System.Net.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\800c19289623b452a4681765004a6593\System.Messaging.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\0d9d8caf2b678f6163062213fbebba79\System.Management.Instrumentation.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\f3dae22180575540ae1cce1dc3310ec8\System.IO.Log.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\29722312a1eb3d003a4b1d13a99ce7a2\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 377344 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\082c3497e9f012c0609b8140d158f472\System.Dynamic.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 224768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\59c929eca4cae0091ba3fe212dae8c26\System.Drawing.Design.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\cf4c1eab5c582c8b3240df27a1571014\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\2bb5db827de2910b7ab3b83b402edbd1\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\eb2b27bc25184cd6878192ce2af5d37a\System.Device.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 507904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\e50195bd80e1c97b70a37211fd3713ee\System.Data.Services.Design.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\0861be947a9873ce65c95ad6306dc4b8\System.Data.DataSetExtensions.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 980480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\671b30d14bd0da4964983a5cf900c3e8\System.Configuration.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\bfcf802a51a71bdb239e504eac1b2343\System.Configuration.Install.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\75be7916fe8bb0db3fa194b8d6ef9d9b\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\17f12751c9580e91ea42f174b10d0720\System.ComponentModel.Composition.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0f1bafb387e3571c1b75bf5f3dbc7d41\System.AddIn.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\742dd858317919b757db0d2222c57e7b\System.Activities.DurableInstancing.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\7a5c39f61b17e969dfc6c6a7068c49c4\SMSvcHost.ni.exe
+ 2011-08-11 09:47 . 2011-08-11 09:47 142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\7b4d732795beab50abf3458fa6a267c9\SMDiagnostics.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 284160 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ad343938f98936b70bc6cd92bbef48ee\PresentationFramework.Classic.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a7480d52a62e983e9cb6edbd8949960a\PresentationFramework.Luna.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 450560 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9fbc5dc82cbdac4526c57eea5d480c03\PresentationFramework.Aero.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 327680 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9542e99f613b7c4b7c28d38ff39b5937\PresentationFramework.Royale.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\a4c090ca30a4442ef8fab1fa42f4ce52\MSBuild.ni.exe
+ 2011-08-11 09:47 . 2011-08-11 09:47 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a41ff633fc02c4f82a653e98263f9684\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\1751b025496942925f09bc6409e3a175\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 631808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\05109657a314e92f90ecab2f88b71689\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\bebcd0b6cabc43e08004fc059b1e02f9\Microsoft.Build.Framework.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\08f69d2dd383c95fa012c774964602c4\Microsoft.Build.Conversion.v4.0.ni.dll
- 2011-06-16 21:06 . 2011-06-16 21:06 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\05cdbb716020bb07505b04593ee0f2b0\CustomMarshalers.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\05cdbb716020bb07505b04593ee0f2b0\CustomMarshalers.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 474624 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\60b49bd9cbd20ab4ea41e7d49748ccd3\ComSvcConfig.ni.exe
+ 2011-08-11 09:46 . 2011-08-11 09:46 846336 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\938bf49bfd78d70308072c351d189077\AspNetMMCExt.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-11 09:45 . 2011-08-11 09:45 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\a49ae56b9f3d657d92e182274709bfc2\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fc729e45986f2ca8ff35d323a343329e\WindowsLive.Writer.Interop.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f27ad9751305d7b7d9c60525d539e4ce\WindowsLive.Writer.Localization.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e8fc2ec833c13ecb0f91f468aebdf7cb\WindowsLive.Writer.BlogClient.ni.dll
- 2011-06-16 17:36 . 2011-06-16 17:36 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d78f83ddd58e30d6b7beb63b7534f092\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-08-11 08:26 . 2011-08-11 08:26 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d78f83ddd58e30d6b7beb63b7534f092\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3c7871d77ead39bfbca748b39e1eef8\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c1b1430c802397d85b2b891433f892a4\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bbfacd97a821838f5b038a60a0153a41\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b5759a00934259ed68551b4e680e5b95\WindowsLive.Writer.Controls.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ae61f71f9bd48da99cc98b67014c116c\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a38d27b408619e1e3d304ba8089b504b\WindowsLive.Writer.SpellChecker.ni.dll
- 2011-06-16 17:36 . 2011-06-16 17:36 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c880551adc6bae9c8ef7491a18f6adc\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-08-11 08:26 . 2011-08-11 08:26 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c880551adc6bae9c8ef7491a18f6adc\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\45088aa4db2dc56f3bef1510e63a00fb\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4053abe3bccc579894d0fc1637f38cce\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\16d239ae41d7acac69ca2beb40d970e7\WindowsLive.Writer.Passport.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\13fcb6f5ff9ccec693fe8d5523aebe9f\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\060b279b447900fd81d60545c25f51d2\WindowsLive.Client.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
- 2011-06-16 17:32 . 2011-06-16 17:32 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-08-11 08:17 . 2011-08-11 08:17 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-08-11 09:38 . 2011-08-11 09:38 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\18a7efd299665b8bfa0d0dc6701343c6\System.Messaging.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-11 09:38 . 2011-08-11 09:38 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\b87b5e03cdda1e29cd412a315c45a9ad\sysglobl.ni.dll
- 2011-06-16 21:04 . 2011-06-16 21:04 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\b87b5e03cdda1e29cd412a315c45a9ad\sysglobl.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-08-11 09:45 . 2011-08-11 09:45 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-11 09:41 . 2011-08-11 09:41 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-11 09:45 . 2011-08-11 09:45 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\f6cf16436722ee50cc59d649ccb1eaa4\Microsoft.WSMan.Management.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dff853661ba7069c76ac4cb6c46848cb\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8d5894ec85509cf78703ea1bee1fc80c\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6d8c4d87787f216de0dad380b900e1aa\Microsoft.PowerShell.Security.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3afddd7d0aa6f1dd5a33388b9dc07f5a\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-11 09:40 . 2011-08-11 09:40 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
- 2011-06-16 17:37 . 2011-06-16 17:37 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-11 09:44 . 2011-08-11 09:44 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-06-16 17:30 . 2011-08-11 08:27 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
+ 2008-04-2

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 13, 2011 7:49 am

Part 3


5 16:16 . 2011-07-25 15:17 5969920 c:\windows\system32\mshtml.dll
+ 2009-03-07 18:32 . 2011-06-23 18:36 1991680 c:\windows\system32\iertutil.dll
- 2009-03-07 18:32 . 2011-04-25 16:11 1991680 c:\windows\system32\iertutil.dll
+ 2008-04-25 16:16 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-25 16:16 . 2011-07-25 15:17 5969920 c:\windows\system32\dllcache\mshtml.dll
+ 2009-09-04 01:55 . 2011-06-23 18:36 1991680 c:\windows\system32\dllcache\iertutil.dll
- 2009-09-04 01:55 . 2011-04-25 16:11 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2011-04-28 01:06 . 2011-04-28 01:06 1749880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DataVisualization.dll
- 2011-03-22 12:01 . 2011-03-22 12:01 3510600 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-04-27 22:48 . 2011-04-27 22:48 3510600 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-04-28 11:50 . 2011-04-28 11:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2011-01-17 18:39 . 2011-01-17 18:39 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 1836904 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 1836904 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 1749880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 5078360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 5078360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 1064816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 1064816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll
- 2010-10-03 16:06 . 2010-10-03 16:06 5176144 c:\windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-08-11 08:23 . 2011-08-11 08:23 5176144 c:\windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-06-16 17:20 . 2011-06-16 17:20 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-08-11 08:19 . 2011-08-11 08:19 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-06-16 17:21 . 2011-06-16 17:21 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-08-11 08:20 . 2011-08-11 08:20 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-08-12 21:49 . 2011-08-12 21:49 1485312 c:\windows\Installer\2b1bc41.msi
+ 2011-08-12 21:47 . 2011-08-12 21:47 9474048 c:\windows\Installer\2b1bb17.msi
+ 2011-05-01 14:06 . 2011-05-01 14:06 2705920 c:\windows\Installer\21f1a56.msp
+ 2011-07-26 21:42 . 2011-07-26 21:42 4985856 c:\windows\Installer\21f1a4f.msp
+ 2011-04-28 07:51 . 2011-04-28 07:51 1375744 c:\windows\Installer\21f1a3e.msp
+ 2011-04-28 00:54 . 2011-04-28 00:54 2720768 c:\windows\Installer\21f1a38.msp
- 2010-06-10 10:12 . 2011-07-25 10:25 1172240 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-06-10 10:12 . 2011-08-11 08:24 1172240 c:\windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-08-11 08:15 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-11 08:15 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-11 08:15 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-06-16 17:30 . 2011-06-16 17:30 2933248 c:\windows\assembly\temp\X6EMU2AHPX\System.Data.dll
+ 2011-06-16 17:32 . 2011-06-16 17:32 1587200 c:\windows\assembly\temp\PX4CJPV18E\System.Drawing.ni.dll
+ 2011-06-16 17:33 . 2011-06-16 17:33 6616576 c:\windows\assembly\temp\MU29FMT07E\System.Data.ni.dll
+ 2011-06-16 17:31 . 2011-06-16 17:31 5450752 c:\windows\assembly\temp\KT08GNV2AI\System.Xml.ni.dll
+ 2011-06-16 17:31 . 2011-06-16 17:31 7950848 c:\windows\assembly\temp\HPY8HRY5CJ\System.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 3798016 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\43b425bb95c5953247de4b4af4234c2a\WindowsBase.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1057792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\0ee6dd0ea68bd0023fb12d34d546b7f0\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 9085952 c:\windows\assembly\NativeImages_v4.0.30319_32\System\609c3e82e5080ebe25679ba4c739ff8c\System.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 5618176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\ef370b35b8ab504b121cc7d642e2db49\System.Xml.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1781760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\75d40b8702403e19cf947062557b1926\System.Xaml.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1208320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\be6b53df69c1892707b9673401d99f8d\System.WorkflowServices.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1968640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\b24a246f88edc10caf3437778a69145e\System.Workflow.Runtime.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 4461568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\89bcf875fc9ca1e836b852f98650e00d\System.Workflow.ComponentModel.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 2870272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\c010556e67f764250e4cba4c724fbfa1\System.Workflow.Activities.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\f15a4db46f1a2e2b99a6b2519612b358\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1895424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\229096cedb60540ba1570cfdfbc6bb2f\System.Web.Services.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 2328576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\1230225b0b9f0549482fb1151ba429b5\System.Web.Mobile.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 3087872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\ed3462e37cce6b850f09067bceeba670\System.Web.Extensions.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 4531712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\d6a374a2387c3940338f22b305969656\System.Web.DataVisualization.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 2011136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\26d93f247c686ef1197e59b7dc9aeed6\System.Speech.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1128960 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c45d1f357899d55a35a01e11c5e5884d\System.ServiceModel.Discovery.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1387520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8b1292c50fb6f1f67a10f133f64964ec\System.ServiceModel.Activities.ni.dll
+ 2011-08-11 09:48 . 2011-08-11 09:48 1050624 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\82f99073a21c1fb830e46f0c1d1aa0f9\System.ServiceModel.Web.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 2637312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\697592d7a5139fd0179ae172dd4f3a61\System.Runtime.Serialization.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1020928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\fd3b1de061baa139b6f863ddd951e06b\System.Runtime.DurableInstancing.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1050112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\282371fbeea0c16b8d75577441fc7136\System.Printing.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\91f218d93a5679fae72c784290bdfe78\System.Management.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1072128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\3679b662f2daf3bb39cef3521473c93e\System.IdentityModel.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 1652736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3bb6244130e84c59f98fbd879f6b48e4\System.Drawing.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\5e49964d0ae8f1d04a4a960bd4744ae1\System.DirectoryServices.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1878016 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\567d29bc3199874f4e5195ddfdff9cdc\System.Deployment.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 6798336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\5c41d9755402187e84925c2945d1a1d1\System.Data.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 2545152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\713d5255f2f8b6b67eb4a09324ff4dfe\System.Data.SqlXml.ni.dll
+ 2011-08-11 09:48 . 2011-08-11 09:48 2018304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\6d6ec99389ba6e737af80cd14bcb9876\System.Data.Services.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 1338880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\bb4d9c8d8243562c8a6c5c089f10c787\System.Data.Services.Client.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1189376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\1cb8081ba56f9542479dd75850dd1cf5\System.Data.OracleClient.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 2512384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\7dfb8acdd3df7f5156c3b1d7b267ff0a\System.Data.Linq.ni.dll
+ 2011-08-11 09:48 . 2011-08-11 09:48 1408000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\e0905786e88e9d5daceb880753c80781\System.Data.Entity.Design.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 7054336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\e77e6e3d3bd3fec83d7941b85286209d\System.Core.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 4121088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\2b771107fbaeebff1d4a0c1d47b40315\System.Activities.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 3713024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\d95c4d0024643b5700b5ab5317fcc162\System.Activities.Presentation.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1518080 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\4c62d936587f507d63211abc0cb7e897\System.Activities.Core.Presentation.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 2859008 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\a08b36fee10fd35b8428aba33ce4ee5b\ReachFramework.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1630208 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\409eefb3a1406ea2bc3f603758e985c1\PresentationUI.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1478144 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationBuildTa#\6eca2ff661e68d7663eae6e0822bdc24\PresentationBuildTasks.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1138688 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\edbb2dc11f2433528b14a1bb2c7e07b1\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\42ac4445fab5ce709d395af714d93ef3\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 1836544 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\12a104a71f1269dd86e388abc981ad39\Microsoft.VisualBasic.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1082368 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9bbc95193a8dc77903fdbbb756f8dfb3\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 09:49 . 2011-08-11 09:49 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\1eeab4edcdfa06150049465854aa6355\Microsoft.JScript.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\126e8884b4ba260621716377e35f3be2\Microsoft.CSharp.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 4243456 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\6d119de6ba5abefa21140c98f82bc3b9\Microsoft.Build.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 2868736 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\cfc445e8599560625a11e26b91595c58\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1929216 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Eng#\72f96248997e8b958c2aa5031317bd11\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9941609d8cd69c96bb84d4c6f8d99653\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 2002944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8730afcee53ec055b34e22b51c0c8d8a\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\434b51a4a49b78836e8bc68d7bab2713\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 09:37 . 2011-08-11 09:37 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-08-11 09:38 . 2011-08-11 09:38 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-08-11 09:40 . 2011-08-11 09:40 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\e6e037f89fa00f6bef019911d8a61e7c\System.Management.Automation.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-08-11 09:40 . 2011-08-11 09:40 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\c729750d54f6e7427230622bcccd4709\System.Data.OracleClient.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\afb4d5e8161d0129ba15c37de2461d8a\System.Data.Entity.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-11 09:40 . 2011-08-11 09:40 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
+ 2011-08-11 09:40 . 2011-08-11 09:40 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
+ 2011-08-11 09:40 . 2011-08-11 09:40 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c523412e6b11e7072f93bdd3ef24a479\PresentationBuildTasks.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fe9fe5f005c3388b746775e37bdd570e\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c4a3531d82739a8d87ff114dd8c414db\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7f20fe401b30d585776df19e2ea04695\Microsoft.PowerShell.Editor.ni.dll
+ 2011-08-11 09:46 . 2011-08-11 09:46 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-08-11 09:45 . 2011-08-11 09:45 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-06-16 17:15 . 2011-06-16 17:30 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-08-11 08:27 . 2011-08-11 08:27 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-06-16 17:30 . 2011-08-11 08:27 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-06-16 17:30 . 2011-08-11 08:27 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-06-16 17:30 . 2011-06-16 17:30 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-03-07 18:39 . 2011-04-26 00:11 11081728 c:\windows\system32\ieframe.dll
+ 2009-03-07 18:39 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
- 2009-07-19 08:48 . 2011-04-26 00:11 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2009-07-19 08:48 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-08-11 08:15 . 2011-04-26 00:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-16 17:31 . 2011-06-16 17:31 11490816 c:\windows\assembly\temp\BQ2DOZ9JU5\mscorlib.ni.dll
+ 2011-06-16 17:32 . 2011-06-16 17:32 12430848 c:\windows\assembly\temp\6GPY7GOW5E\System.Windows.Forms.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 13137920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\506dace1c3373681a11760bfc986b60f\System.Windows.Forms.ni.dll
+ 2011-08-11 09:47 . 2011-08-11 09:47 11993088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\e393d319483e75e6df34f14066634160\System.Web.ni.dll
+ 2011-08-11 09:48 . 2011-08-11 09:48 17996800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\18d8c49bf080b7e4f0614e01ad090954\System.ServiceModel.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 10969088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Design\af8fddf4f06e30f416fc6d955ae18600\System.Design.ni.dll
+ 2011-08-11 09:48 . 2011-08-11 09:48 13325312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\dd205d6f7dd50a72002b928202ca3818\System.Data.Entity.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 17671168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e2d9b72401987ca611ac20f35ab3456e\PresentationFramework.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 11106816 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\71e63834f6d1ff3f4be5b83807901efd\PresentationCore.ni.dll
+ 2011-08-11 08:21 . 2011-08-11 08:21 14408704 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dc0b188b244ec4a4ccec59ac6f1620ad\mscorlib.ni.dll
- 2011-06-16 17:09 . 2011-06-16 17:09 14408704 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dc0b188b244ec4a4ccec59ac6f1620ad\mscorlib.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
+ 2011-08-11 09:44 . 2011-08-11 09:44 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-11 09:40 . 2011-08-11 09:40 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
- 2011-06-16 17:31 . 2011-06-16 17:31 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
+ 2011-08-11 08:16 . 2011-08-11 08:16 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-11 4600704]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-25 3261688]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-10 289584]
"HijackThis startup scan"="c:\program files\Trend Micro\HijackThis\HijackThis.exe" [2009-12-04 396288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-28 13537280]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-12-22 145408]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2009-04-22 15360]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-17 483420]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2009-04-22 656696]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-04 128232]
"nwiz"="nwiz.exe" [2008-08-28 1630208]
"NvMediaCenter"="NvMCTray.dll" [2008-08-28 86016]
"NVHotkey"="nvHotkey.dll" [2008-08-28 90112]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2009-04-22 95544]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-03-19 667648]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2009-02-26 184320]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-01-19 115560]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-02-22 200704]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-03-17 729088]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"Ext2 Volume Manager"="c:\program files\Ext2Fsd\Ext2Mgr.exe" [2009-07-30 1216648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-19 2656528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
.
c:\documents and settings\bryanc\Start Menu\Programs\Startup\
LaunchU3.exe.lnk - c:\documents and settings\bryanc\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe [2011-5-6 1078]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-4-9 1106720]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-10-2 50688]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-5-10 4456448]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-27 123904]

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 13, 2011 7:50 am

Part 4

.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-03 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-12-04 20:36 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Telstra Turbo Modem Manager.lnk]
backup=c:\windows\pss\Telstra Turbo Modem Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\VideoViewer\\VideoViewer.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 Ext2Fsd;Linux ext2 file system driver;c:\windows\system32\drivers\ext2fsd.sys [10/10/2009 11:10 AM 651264]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [14/05/2009 1:22 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [14/05/2009 1:22 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [5/07/2010 9:02 AM 116608]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [19/04/2007 7:56 AM 133968]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [29/12/2008 1:07 PM 320800]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [22/01/2009 12:19 PM 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [22/01/2009 12:19 PM 20840]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [9/04/2009 4:02 PM 447264]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [22/08/2010 9:50 PM 366640]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [21/10/2009 4:19 AM 50704]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/05/2010 11:33 AM 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [10/05/2010 11:32 AM 1858048]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [10/05/2010 11:32 AM 482304]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [27/08/2009 11:42 AM 112512]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [27/08/2009 11:43 AM 32808]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [27/08/2009 11:42 AM 244368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28/07/2011 11:00 AM 105592]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [22/08/2010 9:50 PM 22712]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [26/08/2009 8:31 PM 232744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 cmusbnet;WAN Driver @ 3GPP (6280);c:\windows\system32\drivers\cmusbnet.sys [23/09/2009 5:57 AM 81152]
S3 cmusbser;%CMUSBSER%;c:\windows\system32\drivers\cmusbser.sys [23/09/2009 5:57 AM 87040]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [20/01/2010 9:39 AM 23888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys --> c:\windows\system32\Drivers\NvtSp50.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [14/05/2009 1:22 PM 12872]
S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe --> c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [26/07/2010 8:56 PM 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 07:57]
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-13 c:\windows\Tasks\User_Feed_Synchronization-{FD13B3EA-061B-4977-B7E0-44EEA53537C9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-07 18:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = 10.10.10.254:3128
uInternet Settings,ProxyOverride = nexus.*;nexus;10.10.10.1;
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.ftp - 10.10.10.254
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 10.10.10.254
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 10.10.10.254
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 10.10.10.254
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 10.10.10.254
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-08-13 17:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1016)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\NetProvCredMan.dll
.
- - - - - - - > 'explorer.exe'(9856)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\documents and settings\bryanc\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NetProvCredMan.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Symantec\Symantec Endpoint Protection\Smc.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\drivers\audio\r213367\stacsv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Symantec\Symantec Endpoint Protection\SmcGui.exe
c:\windows\system32\RunDLL32.exe
c:\windows\system32\rundll32.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\system32\msiexec.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\documents and settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-08-13 17:27:32 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-13 07:27
ComboFix2.txt 2011-08-08 10:43
ComboFix3.txt 2011-08-07 07:25
ComboFix4.txt 2010-01-08 23:03
ComboFix5.txt 2011-08-13 06:37
.
Pre-Run: 43,143,614,464 bytes free
Post-Run: 43,686,420,480 bytes free
.
- - End Of File - - 96C08AD46B7BAB6E4CD15496FB53D606

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Sun Aug 14, 2011 4:21 am

Hi,

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sun Aug 14, 2011 7:22 am

I had done this already :-) but here is the latest log.

Malwarebytes' Anti-Malware 1.51.1.1800
[You must be registered and logged in to see this link.]

Database version: 7416

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

14/08/2011 5:22:00 PM
mbam-log-2011-08-14 (17-22-00).txt

Scan type: Quick scan
Objects scanned: 257362
Time elapsed: 9 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Mon Aug 15, 2011 3:50 am

Hi,

Please run a free online scan with the [You must be registered and logged in to see this link.]
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Mon Aug 15, 2011 9:43 pm

looks like it found nothing :-)

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=d07c70d8e1b85f47b6af20976e7a15cc
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-08-10 03:47:29
# local_time=2011-08-11 01:47:29 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 53026566 53026566 0 0
# compatibility_mode=8192 67108863 100 0 5921 5921 0 0
# scanned=174271
# found=3
# cleaned=3
# scan_time=9832
C:\Documents and Settings\bryanc\Application Data\Sun\Java\Deployment\cache\6.0\27\49c8345b-5982a9ca multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\bryanc\My Documents\Downloads\Torrent stuff\Adobe Photoshop CS4 v.11.0.1 & onOne Plug-suite Pro 4.5 DVD ISO\Adobe-onOne Suite.iso multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\bryanc\My Documents\Movies\MS Office 2007 ULTIMATE [GR420]\MS Office 2007 ULTIMATE.iso probably a variant of Win32/Agent.FGHQVIS trojan (deleted - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=d07c70d8e1b85f47b6af20976e7a15cc
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-15 12:50:33
# local_time=2011-08-15 10:50:33 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 53452044 53452044 0 0
# compatibility_mode=8192 67108863 100 0 431399 431399 0 0
# scanned=176922
# found=0
# cleaned=0
# scan_time=5737

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Tue Aug 16, 2011 2:14 am

Hi,

How's your computer running now?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Tue Aug 16, 2011 12:15 pm

I just did a Malwarebytes scan and found phum.hijack homepage again.

here is the scan. I will reboot after I upload this.

Malwarebytes' Anti-Malware 1.51.1.1800
[You must be registered and logged in to see this link.]

Database version: 7477

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16/08/2011 10:13:37 PM
mbam-log-2011-08-16 (22-13-37).txt

Scan type: Quick scan
Objects scanned: 258808
Time elapsed: 8 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel\HomePage (PUM.Hijack.HomePageControl) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Sneakyone on Wed Aug 17, 2011 10:16 pm

Hi,

Could you please re-run ComboFix?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Status :
Online
Offline

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 2:07 am

can you please give me the link again. It seems to have gone from my computer?

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 6:58 am

sorry I'm a dope!! I just went back to the first page of this topic. Will download and run.
get back to you shortly.

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Dr Jay on Sat Aug 20, 2011 5:28 pm

Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 8:54 pm

part one


ComboFix 11-08-19.02 - BryanC 20/08/2011 17:08:39.10.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.3572.2174 [GMT 10:00]
Running from: c:\documents and settings\bryanc\desktop\commy.exe
Command switches used :: /stepdel
AV: Symantec Endpoint Protection *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-07-20 to 2011-08-20 )))))))))))))))))))))))))))))))
.
.
2011-08-13 10:35 . 2001-08-17 12:37 244224 ----a-w- c:\windows\system32\camext20.ax
2011-08-13 10:35 . 2001-08-17 12:36 236032 -c--a-w- c:\windows\system32\dllcache\camext20.dll
2011-08-13 10:35 . 2001-08-17 12:36 236032 ----a-w- c:\windows\system\camext20.dll
2011-08-13 10:35 . 2001-08-17 04:04 223232 -c--a-w- c:\windows\system32\dllcache\camdrv21.sys
2011-08-13 10:35 . 2001-08-17 04:04 223232 ----a-w- c:\windows\system32\drivers\camdrv21.sys
2011-08-13 06:37 . 2011-08-13 07:27 -------- d-----w- C:\COMMY8408C
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-12 21:48 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-12 21:47 . 2011-08-12 21:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-08-12 21:47 . 2011-08-12 21:47 -------- d-----w- c:\program files\QuickTime
2011-08-10 12:24 . 2011-08-10 12:24 -------- d-----w- c:\program files\ESET
2011-08-08 10:22 . 2011-08-08 10:43 -------- d-----w- C:\COMMY21159C
2011-08-03 22:35 . 2011-08-03 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\!SASCORE
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iPod
2011-07-29 20:34 . 2011-07-29 20:34 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-20 07:27 . 2009-09-02 23:31 0 ----a-w- c:\documents and settings\bryanc\Local Settings\Application Data\WavXMapDrive.bat
2011-07-15 13:29 . 2008-04-25 16:16 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 01:20 . 2011-07-12 01:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 01:20 . 2011-07-12 01:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 01:20 . 2011-07-12 01:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-08 14:02 . 2008-04-25 16:16 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-07 06:25 . 2011-07-07 06:25 0 ---ha-w- c:\documents and settings\bryanc\Local Settings\Application Data\BITC.tmp
2011-07-06 09:52 . 2010-08-22 11:50 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 09:52 . 2010-08-22 11:50 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-05 08:37 . 2011-07-05 08:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 08:37 . 2011-07-05 08:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-06-24 14:10 . 2008-04-25 21:26 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2008-04-25 16:16 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2008-04-25 16:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2008-04-25 16:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2008-04-25 16:16 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2008-04-25 16:16 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-02 14:07 . 2008-04-25 16:16 1867904 ----a-w- c:\windows\system32\win32k.sys
2011-08-18 09:59 . 2011-04-30 09:31 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-13_07.21.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-08-11 08:23 . 2011-08-11 08:23 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2011-08-16 09:18 . 2011-08-16 09:18 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2011-08-20 07:24 . 2011-08-20 07:24 16384 c:\windows\temp\Perflib_Perfdata_710.dat
- 2010-01-10 23:03 . 2011-08-08 06:30 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-10 23:03 . 2011-08-15 02:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-09-01 07:29 . 2011-08-15 02:33 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-09-01 07:29 . 2011-08-08 06:30 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-08-15 02:33 . 2011-08-15 02:33 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-05-16 22:44 . 2011-05-16 22:44 14160 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
- 2010-03-18 06:47 . 2010-03-18 06:47 14160 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 11120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
+ 2011-05-16 22:44 . 2011-05-16 22:44 98152 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Caching.dll
- 2011-04-12 05:11 . 2011-04-12 05:11 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-04-06 06:16 . 2011-04-06 06:16 39808 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Data.Entity.Build.Tasks.dll
- 2010-03-18 03:16 . 2010-03-18 03:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
- 2010-03-18 06:47 . 2010-03-18 06:47 32592 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
+ 2011-05-16 22:44 . 2011-05-16 22:44 32592 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
- 2010-03-18 06:47 . 2010-03-18 06:47 30048 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
+ 2011-04-06 06:16 . 2011-04-06 06:16 30048 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
+ 2011-08-16 09:18 . 2011-08-16 09:18 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 98152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
- 2011-08-11 08:23 . 2011-08-11 08:23 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
+ 2011-08-16 09:21 . 2011-08-16 09:21 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-08-11 08:19 . 2011-08-11 08:19 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-08-11 08:23 . 2011-08-11 08:23 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c6b3db0c20b5084c5faa4de93ed30217\UIAutomationProvider.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 55808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\6ad9e087b2eff1cd4ab972ce50ca6f54\System.Xaml.Hosting.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\e9272ea6a64cd812c8320c7b87814fb1\System.Windows.Presentation.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\4fcc392798738a6a00c73c2848c83a1c\System.Web.Routing.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\9e4f1c2880f6796bee116489801c40e6\System.Web.DynamicData.Design.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\cd5644f2280e5c2a1749e0ce6fae0537\System.Web.ApplicationServices.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\70d376b949ddc6fb862a2ac9798670ac\System.Web.Abstractions.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ffa7cab4b54d142b9cbe70b2a95752ac\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\cdbb7fd4b5c595b7dc682af5e4166ac4\System.ServiceModel.Channels.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\da33e7954f3ae1ea50f0b0b5e59db38d\System.AddIn.Contract.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 37888 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\e3e36ce923d4a8666eb3279e08d12f9d\Microsoft.Workflow.Compiler.ni.exe
+ 2011-08-16 11:28 . 2011-08-16 11:28 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\d994eb0d6fb4f664d1ec9cb4898417e6\Microsoft.VisualC.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\67fbebb14b4302bc29b24aa914c4587c\Accessibility.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\ca6513768e7d76a65f4455dceb0ee2c7\WindowsLiveWriter.ni.exe
+ 2011-08-16 11:23 . 2011-08-16 11:23 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\ca6513768e7d76a65f4455dceb0ee2c7\WindowsLiveWriter.ni.exe
- 2011-08-11 09:44 . 2011-08-11 09:44 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d8a29e492f96b5a3f88d79862107314f\WindowsLive.Writer.Api.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d8a29e492f96b5a3f88d79862107314f\WindowsLive.Writer.Api.ni.dll
- 2011-08-11 08:17 . 2011-08-11 08:17 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
- 2011-08-11 09:37 . 2011-08-11 09:37 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
+ 2011-08-16 09:17 . 2011-08-16 09:17 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\5b8d9854c1eeeeaed165b9ec7952780b\Microsoft.WSMan.Runtime.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\5b8d9854c1eeeeaed165b9ec7952780b\Microsoft.WSMan.Runtime.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
- 2011-08-11 08:17 . 2011-08-11 08:17 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a96b02abbfcaae424cfb91a198a9e0e9\Microsoft.VisualC.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a96b02abbfcaae424cfb91a198a9e0e9\Microsoft.VisualC.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
- 2011-08-11 08:17 . 2011-08-11 08:17 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\e3cfeca417f9bfb8f28862aa17e2bc54\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\e3cfeca417f9bfb8f28862aa17e2bc54\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-08-16 11:24 . 2011-08-16 11:24 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-08-16 09:16 . 2011-08-16 09:16 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
- 2011-08-11 08:17 . 2011-08-11 08:17 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\ae9328346705878ddce9806a617e22fb\System.Xml.Serialization.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\6e92d6acd61891c52bb02c5fc21d9c73\dfsvc.ni.exe
- 2011-08-11 08:19 . 2011-08-11 08:19 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2008-04-25 16:16 . 2011-08-13 07:07 536264 c:\windows\system32\perfh009.dat
+ 2008-04-25 16:16 . 2011-08-20 07:29 536264 c:\windows\system32\perfh009.dat
- 2008-04-25 16:16 . 2011-08-13 07:07 101654 c:\windows\system32\perfc009.dat
+ 2008-04-25 16:16 . 2011-08-20 07:29 101654 c:\windows\system32\perfc009.dat
+ 2011-04-06 06:48 . 2011-04-06 06:48 916312 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
+ 2011-05-16 22:44 . 2011-05-16 22:44 495440 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine4.dll
+ 2011-04-06 06:16 . 2011-04-06 06:16 326000 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Web.dll
+ 2011-04-06 06:16 . 2011-04-06 06:16 175992 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activation.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 236880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
+ 2011-04-06 06:16 . 2011-04-06 06:16 810352 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.Design.dll
- 2011-04-12 05:11 . 2011-04-12 05:11 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 191840 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
- 2010-03-18 06:47 . 2010-03-18 06:47 181584 c:\windows\Microsoft.NET\Framework\v4.0.30319\peverify.dll
+ 2011-05-16 22:44 . 2011-05-16 22:44 181584 c:\windows\Microsoft.NET\Framework\v4.0.30319\peverify.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 413520 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2011-04-12 05:11 . 2011-04-12 05:11 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 326000 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 175992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 810352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 8:55 pm

part two:

+ 2011-08-16 09:21 . 2011-08-16 09:21 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-03-18 03:16 . 2010-03-18 03:16 915800 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\wpftxt_x86.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 771584 c:\windows\assembly\temp\V3AHOV28FL\System.Runtime.Remoting.ni.dll
+ 2011-08-11 09:38 . 2011-08-11 09:38 212992 c:\windows\assembly\temp\JRY4AHOV29\System.ServiceProcess.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 627200 c:\windows\assembly\temp\FNU07ELSZ6\System.Transactions.ni.dll
+ 2011-08-11 09:38 . 2011-08-11 09:38 971264 c:\windows\assembly\temp\9KT3DKRY4A\System.Configuration.ni.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 280064 c:\windows\assembly\temp\08FMSY5CJQ\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 627712 c:\windows\assembly\temp\08FMSY5CJQ\System.EnterpriseServices.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\2ce510c409bf5fab10d1962ef09804e0\XamlBuildTask.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\7b678f964e3fa4c406916aed22b9fd07\WsatConfig.ni.exe
+ 2011-08-16 11:31 . 2011-08-16 11:31 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\e1a1ca8e083319c2aecdf2cea7d5489d\WindowsFormsIntegration.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\4561769ac12ff5a3eef12e03a95207be\UIAutomationTypes.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\83e11b45798a2c1bf78cb7504a1b8943\UIAutomationClient.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\45606586b386ad899defae108f79f48c\System.Xml.Linq.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\97feafa7af5c3964731c0f4e06d0de81\System.Windows.Input.Manipulations.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\1ceae2d1a636d6d089dd53b820cbf4d0\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\10e2c9309e662c435b7336854be034d7\System.Web.RegularExpressions.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\cf1fcebef79ef3af7c10b5e46a0cdb11\System.Web.Extensions.Design.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\288ac8d581aef7501ebe3bb371e1052f\System.Web.Entity.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\e67aa7ffb25dd09fd98c41cd74d495d8\System.Web.Entity.Design.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\056cb018da1043e26793a9eb53f83a44\System.Web.DynamicData.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\274efa19c86a83bd8f979dbcd233f8ab\System.Web.DataVisualization.Design.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\171f57730eadc9ac70d359ab70329a16\System.Transactions.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\3315cff0da494162b30990d1cbd9f145\System.ServiceProcess.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\79980f4c7acee7162024585533155c90\System.ServiceModel.Routing.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 432640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\2688881586596cbf2287d91f0efb7bbc\System.ServiceModel.Activation.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\278d0d903e2e8929854db6061ac36942\System.Security.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\174e6e590cfa6c69048fb6ef3e3aa55f\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 771584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9fcf0487b086318872f6aba21db68a9f\System.Runtime.Remoting.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 244736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\505b6394b98a13e7a806b749b0381f55\System.Runtime.Caching.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\8d5d39481098677e8ffba634fac84c3a\System.Numerics.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\b1b73e12266b2c96ca3d3792c752bb63\System.Net.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\44e32c4e91e0ac6f08031476dd49d385\System.Messaging.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\96ea071001fc589a8c3f886445b6fd72\System.Management.Instrumentation.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\37faa9c9b586663715b69d15e8efedb7\System.IO.Log.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e6956069857d9b47bbd31b3bc918663e\System.IdentityModel.Selectors.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\a5d048b7980407a6101b93c279cf01a6\System.EnterpriseServices.Wrapper.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\a5d048b7980407a6101b93c279cf01a6\System.EnterpriseServices.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\29a7f397f73ec051f1f7deab3275477b\System.Dynamic.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 224768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\51e82f89848e49f386bac60a3e0bd3d0\System.Drawing.Design.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8eefd2f82a8b639fe0574d1ce1224a25\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\00852705d7ed3c9ec62653d5e3a26ed3\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\53877d1b7a8de883074e389c9508c021\System.Device.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 508928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\e9c27e489c78833e0bd4ced0756af3dd\System.Data.Services.Design.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\47a330a8310304919b713a0beb040b2b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0f863d009e87f9e16127be2e955886ac\System.Configuration.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\546b1900e6b71ca617c54c7588ad2862\System.Configuration.Install.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\421882bc08f057805080fca14cf13e48\System.ComponentModel.Composition.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\28a1ad4ad64ceffbeb050fb94c6df196\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\ce2f90be69c41e1388cbcaff66faad0c\System.AddIn.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\49a6f51454795768aec4f53a54c974b5\System.Activities.DurableInstancing.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\0d6c1b09d7f0c9444e115dd2b0818b7d\SMSvcHost.ni.exe
+ 2011-08-16 11:28 . 2011-08-16 11:28 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\f8ff5d1ec407e8f63905912daf855d55\SMDiagnostics.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c04fd165343304183e59cabdf1eb1b5e\PresentationFramework.Classic.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\937b2e6fd469e6d2c665b3d3f522de9a\PresentationFramework.Luna.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\898b7d9daec6d78d419165b269e7a27a\PresentationFramework.Royale.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\5535319538d60d40a9533dc0d1ef38f7\PresentationFramework.Aero.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\530769ddb192c6cfd8b66865e15fc477\MSBuild.ni.exe
+ 2011-08-16 11:28 . 2011-08-16 11:28 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e99454ace463ea09e9eb114d5723c880\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\382b33fb3ba8376f4e7b89c63222aa75\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 631808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\25ce684e36c1167c5563d280de1f39d7\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\f2d68b532351ec22b25dbc17f41cfd2a\Microsoft.Build.Framework.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 136192 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\d736feb56fef22f8ad746f3ad137bc97\Microsoft.Build.Conversion.v4.0.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\edc8d8d8eba69cdf5dd90207a5c68c68\CustomMarshalers.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 475136 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\361488a233c32ded92950f93e944c438\ComSvcConfig.ni.exe
+ 2011-08-16 11:27 . 2011-08-16 11:27 851968 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\83c84218b6be8dec83bfbeb491c1ab16\AspNetMMCExt.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-16 11:24 . 2011-08-16 11:24 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-16 11:24 . 2011-08-16 11:24 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\a49ae56b9f3d657d92e182274709bfc2\WindowsLiveLocal.WriterPlugin.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\a49ae56b9f3d657d92e182274709bfc2\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fc729e45986f2ca8ff35d323a343329e\WindowsLive.Writer.Interop.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fc729e45986f2ca8ff35d323a343329e\WindowsLive.Writer.Interop.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f27ad9751305d7b7d9c60525d539e4ce\WindowsLive.Writer.Localization.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f27ad9751305d7b7d9c60525d539e4ce\WindowsLive.Writer.Localization.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e8fc2ec833c13ecb0f91f468aebdf7cb\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e8fc2ec833c13ecb0f91f468aebdf7cb\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d78f83ddd58e30d6b7beb63b7534f092\WindowsLive.Writer.Interop.SHDocVw.ni.dll
- 2011-08-11 08:26 . 2011-08-11 08:26 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d78f83ddd58e30d6b7beb63b7534f092\WindowsLive.Writer.Interop.SHDocVw.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3c7871d77ead39bfbca748b39e1eef8\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3c7871d77ead39bfbca748b39e1eef8\WindowsLive.Writer.Instrumentation.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c1b1430c802397d85b2b891433f892a4\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c1b1430c802397d85b2b891433f892a4\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bbfacd97a821838f5b038a60a0153a41\WindowsLive.Writer.Extensibility.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bbfacd97a821838f5b038a60a0153a41\WindowsLive.Writer.Extensibility.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b5759a00934259ed68551b4e680e5b95\WindowsLive.Writer.Controls.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b5759a00934259ed68551b4e680e5b95\WindowsLive.Writer.Controls.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ae61f71f9bd48da99cc98b67014c116c\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ae61f71f9bd48da99cc98b67014c116c\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a38d27b408619e1e3d304ba8089b504b\WindowsLive.Writer.SpellChecker.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a38d27b408619e1e3d304ba8089b504b\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c880551adc6bae9c8ef7491a18f6adc\WindowsLive.Writer.Interop.Mshtml.ni.dll
- 2011-08-11 08:26 . 2011-08-11 08:26 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c880551adc6bae9c8ef7491a18f6adc\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\45088aa4db2dc56f3bef1510e63a00fb\WindowsLive.Writer.FileDestinations.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\45088aa4db2dc56f3bef1510e63a00fb\WindowsLive.Writer.FileDestinations.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4053abe3bccc579894d0fc1637f38cce\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4053abe3bccc579894d0fc1637f38cce\WindowsLive.Writer.BrowserControl.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\16d239ae41d7acac69ca2beb40d970e7\WindowsLive.Writer.Passport.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\16d239ae41d7acac69ca2beb40d970e7\WindowsLive.Writer.Passport.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\13fcb6f5ff9ccec693fe8d5523aebe9f\WindowsLive.Writer.HtmlEditor.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\13fcb6f5ff9ccec693fe8d5523aebe9f\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\060b279b447900fd81d60545c25f51d2\WindowsLive.Client.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\060b279b447900fd81d60545c25f51d2\WindowsLive.Client.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
- 2011-08-11 08:17 . 2011-08-11 08:17 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
- 2011-08-11 09:38 . 2011-08-11 09:38 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\18a7efd299665b8bfa0d0dc6701343c6\System.Messaging.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\18a7efd299665b8bfa0d0dc6701343c6\System.Messaging.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-16 11:23 . 2011-08-16 11:23 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-08-16 11:23 . 2011-08-16 11:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
- 2011-08-11 09:38 . 2011-08-11 09:38 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\b87b5e03cdda1e29cd412a315c45a9ad\sysglobl.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\b87b5e03cdda1e29cd412a315c45a9ad\sysglobl.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-08-16 11:24 . 2011-08-16 11:24 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
- 2011-08-11 09:45 . 2011-08-11 09:45 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-16 11:24 . 2011-08-16 11:24 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-16 09:17 . 2011-08-16 09:17 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-16 11:24 . 2011-08-16 11:24 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-16 11:25 . 2011-08-16 11:25 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\f6cf16436722ee50cc59d649ccb1eaa4\Microsoft.WSMan.Management.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\f6cf16436722ee50cc59d649ccb1eaa4\Microsoft.WSMan.Management.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dff853661ba7069c76ac4cb6c46848cb

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 8:56 pm

part three:

\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dff853661ba7069c76ac4cb6c46848cb\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8d5894ec85509cf78703ea1bee1fc80c\Microsoft.PowerShell.GraphicalHost.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8d5894ec85509cf78703ea1bee1fc80c\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6d8c4d87787f216de0dad380b900e1aa\Microsoft.PowerShell.Security.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6d8c4d87787f216de0dad380b900e1aa\Microsoft.PowerShell.Security.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3afddd7d0aa6f1dd5a33388b9dc07f5a\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3afddd7d0aa6f1dd5a33388b9dc07f5a\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
- 2011-08-11 09:40 . 2011-08-11 09:40 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-16 11:24 . 2011-08-16 11:24 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-16 11:23 . 2011-08-16 11:23 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
- 2010-03-18 03:16 . 2010-03-18 03:16 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 1368920 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 6428520 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 3788128 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 2261832 c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
- 2010-03-18 03:16 . 2010-03-18 03:16 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2011-05-16 22:44 . 2011-05-16 22:44 1862504 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Extensions.dll
+ 2011-05-16 22:44 . 2011-05-16 22:44 5226832 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 6097256 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2011-05-16 22:44 . 2011-05-16 22:44 5097816 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Design.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 2975064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
+ 2011-04-06 06:48 . 2011-04-06 06:48 1354584 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-04-12 05:11 . 2011-04-12 05:11 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 1142616 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-04-06 06:16 . 2011-04-06 06:16 1069936 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll
+ 2011-05-16 23:27 . 2011-05-16 23:27 6735176 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
- 2011-04-12 05:11 . 2011-04-12 05:11 6735176 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 1862504 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 1749880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 1749880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 5097816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll
- 2011-08-11 08:23 . 2011-08-11 08:23 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 1069936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll
+ 2011-08-16 09:18 . 2011-08-16 09:18 5226832 c:\windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-08-16 09:20 . 2011-08-16 09:20 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-08-11 08:19 . 2011-08-11 08:19 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-08-11 08:20 . 2011-08-11 08:20 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-08-16 09:21 . 2011-08-16 09:21 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-08-20 01:56 . 2011-08-20 01:56 1066496 c:\windows\Installer\5285b.msi
+ 2010-03-18 03:16 . 2010-03-18 03:16 1663320 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\wpfgfx_x86.dll
+ 2010-03-18 03:16 . 2010-03-18 03:16 1303896 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\WindowsBase_x86.dll
+ 2010-03-18 03:16 . 2010-03-18 03:16 6346600 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationFramework_x86.dll
+ 2010-03-18 03:16 . 2010-03-18 03:16 3545952 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationCore_x86.dll
+ 2011-08-11 09:41 . 2011-08-11 09:41 6616576 c:\windows\assembly\temp\LW7HQ0AJT2\System.Data.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 1587200 c:\windows\assembly\temp\EMT07ELSY5\System.Drawing.ni.dll
+ 2011-08-11 09:37 . 2011-08-11 09:37 7950848 c:\windows\assembly\temp\DLSZ6DKQX4\System.ni.dll
+ 2011-08-11 09:38 . 2011-08-11 09:38 5450752 c:\windows\assembly\temp\08FMT07EKR\System.Xml.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 3857920 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9839629d913ad7c3b547c706b5512244\WindowsBase.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\669115f8fe730f98f292c8abed23c838\UIAutomationClientsideProviders.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 9086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System\5900bfd9c4074ffe52b2d9a893de98a1\System.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cee28b8750121ade07d247723143e4b3\System.Xml.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a5b14a2322f4277e0e7c1d62c27a7ffd\System.Xaml.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 1223168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\29a80f57febbfc075678389e85e016b3\System.WorkflowServices.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 1971712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\c2d873a50c92ac53bbf50856c7043242\System.Workflow.Runtime.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 4462080 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\6b2b0df988a81a90a4d872d0b445e413\System.Workflow.ComponentModel.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 2871808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\977a90cf2caba1106f4fa4399e40fa02\System.Workflow.Activities.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\a9d43636c91e84bb9a0825158789921b\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1925632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\9b0e6e5db89f2908277099fb1db62f4e\System.Web.Services.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 2334208 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\5ca511fdd320d959924680c38be98134\System.Web.Mobile.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 3126784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\b67e60646bce7f8eaff0c72270f93518\System.Web.Extensions.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 4535808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\39a1349ac3157a40d1ece8e7f82fb704\System.Web.DataVisualization.ni.dll
+ 2011-08-16 11:31 . 2011-08-16 11:31 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\51de02725f2c44331425ba6030d29fc6\System.Speech.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\eb9c7a63a1cd05de9e92c67fa02caf53\System.ServiceModel.Discovery.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b3052a55279bcdc92f44efb788b57708\System.ServiceModel.Activities.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 1086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5aec4695cb86a17a615c7714801f68d2\System.ServiceModel.Web.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\05dbc6b70dd59d178de0a00ab955e764\System.Runtime.Serialization.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\89eb5f37818a0a82434c6e040111272b\System.Runtime.DurableInstancing.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\68dcedaf4fbb2bd6fc6a61b36c93f475\System.Printing.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\ebc5de59bf2fb4b3bf9d858de8ea27f4\System.Management.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\191dfee6a11a5fbdcb8ff14f4239705a\System.IdentityModel.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 1652736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a758893a1caa463e03b81e5c28977c5d\System.Drawing.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\90672651880a389e77b402e20941ac24\System.DirectoryServices.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\8a7fc9e6edb5e07eae6cbd6568ee0da4\System.Deployment.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\edf1bb01a1a7e66f5caf041304241c9f\System.Data.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\99e817dcfb8de80fc208b821b71289fa\System.Data.SqlXml.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 2026496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\307dd2e7370426117006cb47d8af1fa9\System.Data.Services.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\6b39a8dc9f9c5aaff611388ec2f60d41\System.Data.Services.Client.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1189376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\5b68a75d6eb3b95fcdee5c44245e3a49\System.Data.OracleClient.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\4e6d0fd805ad0395159c56458b2970e3\System.Data.Linq.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 1424384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\2632e4b6656c177c2b6b432aa4d31305\System.Data.Entity.Design.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\6a85287b749d5d56f3559f425277ad5a\System.Core.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\886d14640252ed51bc42c94b41d771d1\System.Activities.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\35a91e95e3640641bd5b2febdc55e1dc\System.Activities.Presentation.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\031a48aad47992e6fb52d99e70980f41\System.Activities.Core.Presentation.ni.dll
+ 2011-08-16 11:29 . 2011-08-16 11:29 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\fcbc56f32c1eb5cf47000ee7d0b98296\ReachFramework.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\933e9bacab865bcc539b3102c061544a\PresentationUI.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1479168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationBuildTa#\7949b0a8eca5ac81018c7ff3c6c01cd5\PresentationBuildTasks.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\dc3352d862576e43a856622821914444\Microsoft.VisualBasic.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\9cb2b42b6001866f16191ab68e318972\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8fc21d1ef141c37da595c8c88e4bd542\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\4e8069eb9d8fbf67d99180bdbdd252c3\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\437212946d004929e99ab879c2ae8834\Microsoft.JScript.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\e567ee2b612fff2f82de705a62d4f237\Microsoft.CSharp.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 4247552 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\cc9d29e8ce6feb0136f51686f48cb499\Microsoft.Build.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 2877440 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\ba87d0287944185a3e90d5ab6ecb39f2\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 1931264 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Eng#\03d00e3507778d61118658993dadbf89\Microsoft.Build.Engine.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9941609d8cd69c96bb84d4c6f8d99653\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9941609d8cd69c96bb84d4c6f8d99653\WindowsLive.Writer.PostEditor.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 2002944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8730afcee53ec055b34e22b51c0c8d8a\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 2002944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8730afcee53ec055b34e22b51c0c8d8a\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\434b51a4a49b78836e8bc68d7bab2713\WindowsLive.Writer.ApplicationFramework.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\434b51a4a49b78836e8bc68d7bab2713\WindowsLive.Writer.ApplicationFramework.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-08-16 09:10 . 2011-08-16 09:10 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD.tmp\System.Core.dll
- 2011-08-11 09:37 . 2011-08-11 09:37 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
- 2011-08-11 09:38 . 2011-08-11 09:38 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-08-16 11:27 . 2011-08-16 11:27 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
+ 2011-08-16 11:23 . 2011-08-16 11:23 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
- 2011-08-11 09:40 . 2011-08-11 09:40 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\e6e037f89fa00f6bef019911d8a61e7c\System.Management.Automation.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\e6e037f89fa00f6bef019911d8a61e7c\System.Management.Automation.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-08-16 11:23 . 2011-08-16 11:23 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
- 2011-08-11 09:40 . 2011-08-11 09:40 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\c729750d54f6e7427230622bcccd4709\System.Data.OracleClient.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\c729750d54f6e7427230622bcccd4709\System.Data.OracleClient.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
- 2011-08-11 09:40 . 2011-08-11 09:40 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
- 2011-08-11 09:40 . 2011-08-11 09:40 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c523412e6b11e7072f93bdd3ef24a479\PresentationBuildTasks.ni.dll
- 2011-08-11 09:40 . 2011-08-11 09:40 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c523412e6b11e7072f93bdd3ef24a479\PresentationBuildTasks.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fe9fe5f005c3388b746775e37bdd570e\Microsoft.PowerShell.Commands.Utility.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fe9fe5f005c3388b746775e37bdd570e\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c4a3531d82739a8d87ff114dd8c414db\Microsoft.PowerShell.GPowerShell.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c4a3531d82739a8d87ff114dd8c414db\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-08-16 11:25 . 2011-08-16 11:25 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7f20fe401b30d585776df19e2ea04695\Microsoft.PowerShell.Editor.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7f20fe401b30d585776df19e2ea04695\Microsoft.PowerShell.Editor.ni.dll
- 2011-08-11 09:46 . 2011-08-11 09:46 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-16 11:26 . 2011-08-16 11:26 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 8:57 pm

part four:

+ 2011-08-16 11:24 . 2011-08-16 11:24 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
- 2011-08-11 09:45 . 2011-08-11 09:45 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2011-08-16 11:24 . 2011-08-16 11:24 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2009-09-04 17:00 . 2011-07-30 00:05 52390856 c:\windows\system32\MRT.exe
+ 2011-05-18 12:55 . 2011-05-18 12:55 19624448 c:\windows\Installer\2501856.msp
+ 2011-08-11 08:16 . 2011-08-11 08:16 11490816 c:\windows\assembly\temp\X6EMU19HPX\mscorlib.ni.dll
+ 2011-08-11 09:39 . 2011-08-11 09:39 12430848 c:\windows\assembly\temp\DMU18FMSZ6\System.Windows.Forms.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 13138432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e151ef41235a7728cc85def54c466d26\System.Windows.Forms.ni.dll
+ 2011-08-16 11:28 . 2011-08-16 11:28 12067840 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\cc3e0faa383e8d5b1e81d1376b277b40\System.Web.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c889dd8c65d78ac522452073bc7033f\System.ServiceModel.ni.dll
+ 2011-08-16 09:23 . 2011-08-16 09:23 10999296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Design\627d02d9585a6d51ed1f2d34d1234916\System.Design.ni.dll
+ 2011-08-16 11:30 . 2011-08-16 11:30 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\e9c933d8ef2a0a89cbab8d9fdf7f3369\System.Data.Entity.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\fcf68e7b2b161f62ac26240f59ec96ec\PresentationFramework.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1d786d235f1dabba699b4237257c9f68\PresentationCore.ni.dll
+ 2011-08-16 09:22 . 2011-08-16 09:22 14408704 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44dd4dc744d897fd912815d478988f16\mscorlib.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
- 2011-08-11 09:44 . 2011-08-11 09:44 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-08-16 11:23 . 2011-08-16 11:23 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
- 2011-08-11 09:41 . 2011-08-11 09:41 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
- 2011-08-11 09:40 . 2011-08-11 09:40 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-08-16 09:17 . 2011-08-16 09:17 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
- 2011-08-11 09:39 . 2011-08-11 09:39 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
+ 2011-08-16 09:16 . 2011-08-16 09:16 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
- 2011-08-11 08:16 . 2011-08-11 08:16 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
+ 2011-04-07 02:43 . 2011-04-07 02:43 123313664 c:\windows\Installer\2501830.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2009-04-22 02:03 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-17 4603264]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-25 3261688]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-08-18 399736]
"HijackThis startup scan"="c:\program files\Trend Micro\HijackThis\HijackThis.exe" [2009-12-04 396288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-28 13537280]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-12-22 145408]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2009-04-22 15360]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-17 483420]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2009-04-22 656696]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-04 128232]
"nwiz"="nwiz.exe" [2008-08-28 1630208]
"NvMediaCenter"="NvMCTray.dll" [2008-08-28 86016]
"NVHotkey"="nvHotkey.dll" [2008-08-28 90112]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2009-04-22 95544]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-03-19 667648]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2009-02-26 184320]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-01-19 115560]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-02-22 200704]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-03-17 729088]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"Ext2 Volume Manager"="c:\program files\Ext2Fsd\Ext2Mgr.exe" [2009-07-30 1216648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-19 2656528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
.
c:\documents and settings\bryanc\Start Menu\Programs\Startup\
LaunchU3.exe.lnk - c:\documents and settings\bryanc\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe [2011-5-6 1078]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-4-9 1106720]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-10-2 50688]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-5-10 4456448]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-27 123904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-03 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-12-04 20:36 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Telstra Turbo Modem Manager.lnk]
backup=c:\windows\pss\Telstra Turbo Modem Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\VideoViewer\\VideoViewer.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 Ext2Fsd;Linux ext2 file system driver;c:\windows\system32\drivers\ext2fsd.sys [10/10/2009 11:10 AM 651264]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [14/05/2009 1:22 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [14/05/2009 1:22 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [5/07/2010 9:02 AM 116608]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [19/04/2007 7:56 AM 133968]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [15/06/2011 5:33 PM 249648]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [29/12/2008 1:07 PM 320800]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [22/01/2009 12:19 PM 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [22/01/2009 12:19 PM 20840]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [9/04/2009 4:02 PM 447264]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [22/08/2010 9:50 PM 366640]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [21/10/2009 4:19 AM 50704]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/05/2010 11:33 AM 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [10/05/2010 11:32 AM 1858048]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [10/05/2010 11:32 AM 482304]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [27/08/2009 11:42 AM 112512]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [27/08/2009 11:43 AM 32808]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [27/08/2009 11:42 AM 244368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28/07/2011 11:00 AM 105592]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [22/08/2010 9:50 PM 22712]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [26/08/2009 8:31 PM 232744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [7/07/2011 7:31 PM 195336]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [13/08/2011 8:35 PM 223232]
S3 cmusbnet;WAN Driver @ 3GPP (6280);c:\windows\system32\drivers\cmusbnet.sys [23/09/2009 5:57 AM 81152]

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 8:57 pm

part five:

S3 cmusbser;%CMUSBSER%;c:\windows\system32\drivers\cmusbser.sys [23/09/2009 5:57 AM 87040]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [20/01/2010 9:39 AM 23888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 4:43 PM 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [22/08/2010 9:50 PM 41272]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys --> c:\windows\system32\Drivers\NvtSp50.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [14/05/2009 1:22 PM 12872]
S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe --> c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [26/07/2010 8:56 PM 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 07:57]
.
2011-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 06:43]
.
2011-08-20 c:\windows\Tasks\User_Feed_Synchronization-{FD13B3EA-061B-4977-B7E0-44EEA53537C9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-07 18:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = 10.10.10.254:3128
uInternet Settings,ProxyOverride = nexus.*;nexus;10.10.10.1;
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\bryanc\Application Data\Mozilla\Firefox\Profiles\qqr2juqo.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.ftp - 10.10.10.254
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 10.10.10.254
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 10.10.10.254
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 10.10.10.254
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 10.10.10.254
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 4
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-08-20 17:26
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(984)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
c:\documents and settings\bryanc\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\NetProvCredMan.dll
.
- - - - - - - > 'explorer.exe'(10348)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\documents and settings\bryanc\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Symantec\Symantec Endpoint Protection\Smc.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\drivers\audio\r213367\stacsv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Symantec\Symantec Endpoint Protection\SmcGui.exe
c:\windows\system32\sessmgr.exe
c:\windows\system32\RunDLL32.exe
c:\windows\system32\rundll32.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\system32\msiexec.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\documents and settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-08-20 17:33:29 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-20 07:33
ComboFix2.txt 2011-08-13 07:27
ComboFix3.txt 2011-08-08 10:43
ComboFix4.txt 2011-08-07 07:25
ComboFix5.txt 2011-08-20 07:06
.
Pre-Run: 33,884,545,024 bytes free
Post-Run: 34,151,211,008 bytes free
.
- - End Of File - - 4DFC066806767DFEFBA0BBD6D0837DDC

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sat Aug 20, 2011 9:00 pm

By the way, superantispyware found multiple copies of
c:\windows\temp\logishrd\lvprcinj01.dll. it calls it a Trojan.agent/gen-nullo(short).process

after running combofix. I scanned and removed it.

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Dr Jay on Sun Aug 21, 2011 5:54 pm

Scan for malware

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].
Alternate link: [You must be registered and logged in to see this link.].
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sun Aug 21, 2011 10:10 pm

here it is:

Malwarebytes' Anti-Malware 1.51.1.1800
[You must be registered and logged in to see this link.]

Database version: 7477

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

22/08/2011 7:46:35 AM
mbam-log-2011-08-22 (07-46-35).txt

Scan type: Quick scan
Objects scanned: 260130
Time elapsed: 8 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Sun Aug 21, 2011 11:05 pm

Just rebooted my computer after running Malwarebytes and having been given the all clear and symantec found:

vent: Risk Found!
Security risk detected: Trojan.ADH.2
File: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine\APQ2A.tmp
Location: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine
Computer: WORKSTATION-N
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Monday, 22 August 2011 8:57:31 AM

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Mon Aug 22, 2011 8:48 am

sorry it also found this:

Scan type: Auto-Protect Scan
Event: Security Risk Found!
Security risk detected: Trojan.ADH.2
File: C:\Documents and Settings\bryanc\Desktop\Commy.exe
Location: Deleted or access blocked
Computer: WORKSTATION-N
User: BryanC
Action taken: Cleaned by Deletion
Date found: Monday, 22 August 2011 8:59:14 AM

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Mon Aug 22, 2011 8:49 am

and this

Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.ADH.2
File: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine\APQ2C.tmp
Location: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine
Computer: WORKSTATION-N
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Monday, 22 August 2011 8:59:18 AM

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Mon Aug 22, 2011 8:49 am

and also this:

Scan type: Auto-Protect Scan
Event: Security Risk Found!
Security risk detected: Trojan.ADH.2
File: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine\APQ2A.tmp
Location: Deleted or access blocked
Computer: WORKSTATION-N
User: SYSTEM
Action taken: Cleaned by Deletion
Date found: Monday, 22 August 2011 8:59:19 AM

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Mon Aug 22, 2011 8:51 am

and these:

Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.ADH.2
File: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine\APQ2E.tmp
Location: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine
Computer: WORKSTATION-N
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Monday, 22 August 2011 8:59:23 AM




and

Scan type: Auto-Protect Scan
Event: Security Risk Found!
Security risk detected: Trojan.ADH.2
File: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine\APQ2C.tmp
Location: Deleted or access blocked
Computer: WORKSTATION-N
User: SYSTEM
Action taken: Cleaned by Deletion
Date found: Monday, 22 August 2011 8:59:23 AM

and

Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.ADH.2
File: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine\APQ30.tmp
Location: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine
Computer: WORKSTATION-N
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: Monday, 22 August 2011 8:59:27 AM

and

lots more


bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Dr Jay on Mon Aug 22, 2011 8:42 pm

I don't see those as a problem, because it has found and detected things that were in quarantine, or temporary files. Mostly deactivated stuff...


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Mon Aug 22, 2011 9:42 pm

I just ran Malwarbytes. It found phum.hijack homepage ;-(
here's the log


Malwarebytes' Anti-Malware 1.51.1.1800
[You must be registered and logged in to see this link.]

Database version: 7477

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23/08/2011 7:41:27 AM
mbam-log-2011-08-23 (07-41-27).txt

Scan type: Quick scan
Objects scanned: 259371
Time elapsed: 9 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel\HomePage (PUM.Hijack.HomePageControl) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Re: hijack homepage

Post by Dr Jay on Tue Aug 23, 2011 11:22 am

You can safely add that detection the the Malwarebytes' Anti-Malware Ignore List. It is a benign threat.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: hijack homepage

Post by bryanc on Tue Aug 23, 2011 9:16 pm

Thankkyou.

bryanc
Intermediate
Intermediate

Status :
Online
Offline

Posts Posts : 132
Joined Joined : 2009-05-24
OS : XP

View user profile

Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum