ComboFix 10-08-11.05 - administrator 2010-08-12 16:01:23.8.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1542 [GMT 2:00] Uruchomiony z: c:\documents and settings\administrator\Pulpit\ComboFix.exe Użyto następujących komend :: c:\documents and settings\administrator\Pulpit\CFScript.txt AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! FILE :: "c:\windows\system32\beed.sys" . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.dat c:\windows\system32\beed.sys ----- BITS: Możliwe zainfekowane strony ----- hxxp://svmars . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BEED -------\Service_beed ((((((((((((((((((((((((( Pliki utworzone od 2010-07-12 do 2010-08-12 ))))))))))))))))))))))))))))))) . 2010-07-29 06:01 . 2010-07-29 06:01 503808 ----a-w- c:\documents and settings\axpldkr\Dane aplikacji\Sun\Java\Deployment\cache\6.0\46\f84c6ae-51cd5671-n\msvcp71.dll 2010-07-29 06:01 . 2010-07-29 06:01 499712 ----a-w- c:\documents and settings\axpldkr\Dane aplikacji\Sun\Java\Deployment\cache\6.0\46\f84c6ae-51cd5671-n\jmc.dll 2010-07-29 06:01 . 2010-07-29 06:01 348160 ----a-w- c:\documents and settings\axpldkr\Dane aplikacji\Sun\Java\Deployment\cache\6.0\46\f84c6ae-51cd5671-n\msvcr71.dll 2010-07-22 12:12 . 2010-07-22 12:12 -------- d-----w- c:\documents and settings\axpldkr\Dane aplikacji\Malwarebytes 2010-07-15 08:22 . 2010-07-15 08:22 -------- d-----w- c:\documents and settings\Administrator.PCAXPLZHEN\Dane aplikacji\Malwarebytes 2010-07-15 08:22 . 2010-07-15 08:22 -------- d-sh--w- c:\documents and settings\Administrator.PCAXPLZHEN\IETldCache 2010-07-15 07:57 . 2010-07-15 07:58 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-07-15 07:57 . 2010-07-15 07:57 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2010-07-15 07:07 . 2010-07-15 07:07 -------- d-----w- c:\documents and settings\administrator\Ustawienia lokalne\Dane aplikacji\Adobe 2010-07-15 07:07 . 2010-07-15 07:07 -------- d-----w- c:\documents and settings\administrator\Dane aplikacji\AdobeUM 2010-07-15 07:02 . 2010-07-15 07:02 -------- d-----w- c:\program files\CCleaner 1601-01-01 00:00 . 1601-01-01 00:00 -------- d-----w- c:\windows\LastGood.Tmp . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-12 02:05 . 2008-09-17 11:18 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help 2010-08-12 02:04 . 2008-04-15 03:00 85136 ----a-w- c:\windows\system32\perfc015.dat 2010-08-12 02:04 . 2008-04-15 03:00 493976 ----a-w- c:\windows\system32\perfh015.dat 2010-07-29 08:31 . 2009-10-21 09:44 -------- d-----w- c:\documents and settings\axpldkr\Dane aplikacji\FileZilla 2010-07-15 07:04 . 2009-09-07 07:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-15 06:43 . 2009-03-31 09:23 -------- d-----w- c:\documents and settings\axpldkr\Dane aplikacji\Skype 2010-07-14 06:08 . 2010-02-16 11:40 -------- d-----w- c:\documents and settings\axpldkr\Dane aplikacji\skypePM 2010-07-09 09:42 . 2010-07-09 08:50 -------- d-----w- c:\documents and settings\axpldkr\Dane aplikacji\TeamViewer 2010-07-09 08:48 . 2010-07-09 08:44 -------- d-----w- c:\documents and settings\administrator\Dane aplikacji\Skype 2010-07-09 08:47 . 2010-07-09 08:47 -------- d-----w- c:\documents and settings\administrator\Dane aplikacji\skypePM 2010-07-09 08:47 . 2010-07-09 08:47 -------- d-----w- c:\documents and settings\administrator\Dane aplikacji\TeamViewer 2010-07-09 08:46 . 2010-07-09 08:46 -------- d-----w- c:\program files\TeamViewer 2010-07-09 08:44 . 2010-07-09 08:44 -------- d-----w- c:\program files\Common Files\Skype 2010-07-09 08:44 . 2010-02-16 11:37 -------- d-----r- c:\program files\Skype 2010-06-30 12:33 . 2008-04-14 20:50 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-29 20:05 . 2009-01-14 14:21 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-06-24 12:26 . 2008-04-14 20:50 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2008-04-14 19:35 1852160 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2008-04-13 22:45 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2008-04-14 20:50 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-15 20:00 . 2010-06-15 20:00 -------- d-----w- c:\program files\Xenocode 2010-06-14 14:31 . 2008-09-17 09:13 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:43 . 2008-04-14 20:50 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-10 10:45 . 2009-04-08 11:26 10890488 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Audatex\AudaUpdate\Service\AUDAUPDT.EXE 2010-06-10 10:43 . 2009-04-08 11:27 902552 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Audatex\AudaUpdate\Service\UPDATE.EXE 2010-06-10 10:43 . 2009-04-08 11:26 214424 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Audatex\AudaUpdate\Service\SETUP.EXE 2010-06-10 10:42 . 2009-04-08 11:26 21920 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Audatex\AudaUpdate\Service\AUDAUPDATE.EXE 2010-06-02 12:39 . 2008-12-19 13:06 68848 ----a-w- c:\documents and settings\axpldkr\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( SnapShot@2010-08-10_09.44.10 ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-12 14:03 . 2010-08-12 14:03 16384 c:\windows\Temp\Perflib_Perfdata_6f4.dat + 2008-04-15 03:00 . 2010-08-12 02:04 68292 c:\windows\system32\perfc009.dat - 2008-04-15 03:00 . 2010-07-15 09:13 68292 c:\windows\system32\perfc009.dat + 2007-08-13 16:54 . 2010-06-24 12:26 55296 c:\windows\system32\msfeedsbs.dll - 2007-08-13 16:54 . 2010-05-06 10:35 55296 c:\windows\system32\msfeedsbs.dll - 2008-04-14 20:50 . 2010-05-06 10:35 25600 c:\windows\system32\jsproxy.dll + 2008-04-14 20:50 . 2010-06-24 12:26 25600 c:\windows\system32\jsproxy.dll - 2009-09-12 02:02 . 2010-05-06 10:35 12800 c:\windows\system32\dllcache\xpshims.dll + 2009-09-12 02:02 . 2010-06-24 12:26 12800 c:\windows\system32\dllcache\xpshims.dll - 2008-09-18 12:49 . 2010-05-06 10:35 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2008-09-18 12:49 . 2010-06-24 12:26 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2008-04-14 20:50 . 2010-05-06 10:35 25600 c:\windows\system32\dllcache\jsproxy.dll + 2008-04-14 20:50 . 2010-06-24 12:26 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-09-12 02:03 . 2010-06-18 11:39 16896 c:\windows\system32\dllcache\iecompat.dll + 2010-08-10 17:30 . 2010-08-12 02:03 32768 c:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat + 2008-09-17 09:17 . 2010-08-12 02:03 32768 c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat - 2008-09-17 09:17 . 2010-08-09 17:25 32768 c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat + 2010-08-10 17:30 . 2010-08-12 02:03 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-09-17 09:17 . 2010-08-09 17:25 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2008-09-17 11:20 . 2010-08-12 02:05 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2008-09-17 11:20 . 2010-07-15 02:01 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2008-09-17 11:20 . 2010-08-12 02:05 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe - 2008-09-17 11:20 . 2010-07-15 02:01 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe - 2008-09-17 11:20 . 2010-07-15 02:01 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2008-09-17 11:20 . 2010-08-12 02:05 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2010-08-12 02:01 . 2010-04-16 11:43 41984 c:\windows\ie8updates\KB982664-IE8\iecompat.dll + 2010-08-12 02:02 . 2010-05-06 10:35 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll + 2010-08-12 02:02 . 2010-05-06 10:35 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll + 2010-08-12 02:02 . 2010-05-06 10:35 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll + 2010-08-12 02:06 . 2010-08-12 02:06 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll + 2010-08-12 02:05 . 2010-08-12 02:05 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe + 2010-08-12 02:05 . 2010-08-12 02:05 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\34fe99136a2a52306499615d9d0d0e74\Microsoft.WSMan.Runtime.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\8380131f1791ab1f9b90abb6ad1feb11\Microsoft.WSMan.Management.resources.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e118140279d2b051d878390e756b3d55\Microsoft.PowerShell.Commands.Diagnostics.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 38912 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c33b9f23bc924520b5c2adb6f7e9201a\Microsoft.PowerShell.ConsoleHost.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 67072 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\79e5c05ecaa1e72364ba7cdd0e0def29\Microsoft.PowerShell.Editor.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\670fd26293d1519352cfe5c857569424\Microsoft.PowerShell.GraphicalHost.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\51941e9525d3606300db24973cb0f947\Microsoft.PowerShell.GPowerShell.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\49531b555fc6c2f2a22d23a4a732b954\Microsoft.PowerShell.Security.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 31744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3d6a348d4181d43184585fdc8ffc37dd\Microsoft.PowerShell.Commands.Management.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 45568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3bbfe9017abfca0fa0f061741a51067b\Microsoft.PowerShell.Commands.Utility.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 14848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\d0d82882c59bf2b4a14009bab341c456\Microsoft.BackgroundIntelligentTransfer.Management.resources.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\86190801f195b014ec18234ad4816432\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe + 2010-08-12 02:07 . 2010-08-12 02:07 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll - 2010-06-24 02:01 . 2010-06-24 02:01 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-08-12 02:04 . 2010-08-12 02:04 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2010-06-24 02:01 . 2010-06-24 02:01 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2010-08-12 02:04 . 2010-08-12 02:04 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2010-06-24 02:01 . 2010-06-24 02:01 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-08-12 02:04 . 2010-08-12 02:04 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2010-06-24 02:01 . 2010-06-24 02:01 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2010-08-12 02:04 . 2010-08-12 02:04 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2010-06-24 02:01 . 2010-06-24 02:01 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2010-08-12 02:04 . 2010-08-12 02:04 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2010-06-24 02:01 . 2010-06-24 02:01 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2010-08-12 02:04 . 2010-08-12 02:04 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2010-06-24 02:01 . 2010-06-24 02:01 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2010-08-12 02:04 . 2010-08-12 02:04 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2010-06-24 02:01 . 2010-06-24 02:01 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2010-08-12 02:04 . 2010-08-12 02:04 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2010-06-24 02:01 . 2010-06-24 02:01 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2010-08-12 02:04 . 2010-08-12 02:04 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2010-06-24 02:01 . 2010-06-24 02:01 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-08-12 02:04 . 2010-08-12 02:04 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2010-06-24 02:01 . 2010-06-24 02:01 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2010-08-12 02:04 . 2010-08-12 02:04 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2010-08-12 02:04 . 2010-08-12 02:04 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2010-06-24 02:01 . 2010-06-24 02:01 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2010-06-24 02:01 . 2010-06-24 02:01 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-08-12 02:04 . 2010-08-12 02:04 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-08-12 02:04 . 2010-08-12 02:04 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2010-06-24 02:01 . 2010-06-24 02:01 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2010-08-12 02:04 . 2010-08-12 02:04 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2010-06-24 02:01 . 2010-06-24 02:01 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2010-06-24 02:01 . 2010-06-24 02:01 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2010-08-12 02:04 . 2010-08-12 02:04 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2010-06-24 02:01 . 2010-06-24 02:01 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-08-12 02:04 . 2010-08-12 02:04 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2010-06-24 02:01 . 2010-06-24 02:01 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-08-12 02:04 . 2010-08-12 02:04 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-08-12 02:04 . 2010-08-12 02:04 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2010-06-24 02:01 . 2010-06-24 02:01 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2010-08-12 02:04 . 2010-08-12 02:04 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2010-06-24 02:01 . 2010-06-24 02:01 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2008-04-15 03:00 . 2010-07-15 09:13 435396 c:\windows\system32\perfh009.dat + 2008-04-15 03:00 . 2010-08-12 02:04 435396 c:\windows\system32\perfh009.dat - 2008-04-14 20:50 . 2010-05-06 10:35 206848 c:\windows\system32\occache.dll + 2008-04-14 20:50 . 2010-06-24 12:26 206848 c:\windows\system32\occache.dll + 2008-04-14 20:50 . 2010-06-24 12:26 611840 c:\windows\system32\mstime.dll - 2008-04-14 20:50 . 2010-05-06 10:35 611840 c:\windows\system32\mstime.dll - 2007-08-13 16:54 . 2010-05-06 10:35 599040 c:\windows\system32\msfeeds.dll + 2007-08-13 16:54 . 2010-06-24 12:26 599040 c:\windows\system32\msfeeds.dll + 2008-04-14 20:50 . 2010-06-24 12:26 184320 c:\windows\system32\iepeers.dll - 2008-04-14 20:50 . 2010-05-06 10:35 184320 c:\windows\system32\iepeers.dll - 2008-04-14 20:50 . 2010-05-06 10:35 387584 c:\windows\system32\iedkcs32.dll + 2008-04-14 20:50 . 2010-06-24 12:26 387584 c:\windows\system32\iedkcs32.dll - 2008-04-14 20:51 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe + 2008-04-14 20:51 . 2010-06-23 12:08 173056 c:\windows\system32\ie4uinit.exe - 2008-09-17 11:04 . 2010-06-11 07:05 270192 c:\windows\system32\FNTCACHE.DAT + 2008-09-17 11:04 . 2010-08-12 02:07 270192 c:\windows\system32\FNTCACHE.DAT - 2008-04-14 20:50 . 2010-05-06 10:35 916480 c:\windows\system32\dllcache\wininet.dll + 2008-04-14 20:50 . 2010-06-24 12:26 916480 c:\windows\system32\dllcache\wininet.dll + 2008-04-13 22:45 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys + 2008-04-14 20:50 . 2010-06-30 12:33 149504 c:\windows\system32\dllcache\schannel.dll + 2008-04-14 20:50 . 2010-06-24 12:26 206848 c:\windows\system32\dllcache\occache.dll - 2008-04-14 20:50 . 2010-05-06 10:35 206848 c:\windows\system32\dllcache\occache.dll + 2008-04-14 20:50 . 2010-06-24 12:26 611840 c:\windows\system32\dllcache\mstime.dll - 2008-04-14 20:50 . 2010-05-06 10:35 611840 c:\windows\system32\dllcache\mstime.dll - 2008-09-18 12:49 . 2010-05-06 10:35 599040 c:\windows\system32\dllcache\msfeeds.dll + 2008-09-18 12:49 . 2010-06-24 12:26 599040 c:\windows\system32\dllcache\msfeeds.dll - 2009-09-12 02:02 . 2010-05-06 10:35 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-09-12 02:02 . 2010-06-24 12:26 247808 c:\windows\system32\dllcache\ieproxy.dll + 2008-04-14 20:50 . 2010-06-24 12:26 184320 c:\windows\system32\dllcache\iepeers.dll - 2008-04-14 20:50 . 2010-05-06 10:35 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-06-09 03:33 . 2010-06-24 12:26 743424 c:\windows\system32\dllcache\iedvtool.dll - 2010-06-09 03:33 . 2010-05-06 10:35 743424 c:\windows\system32\dllcache\iedvtool.dll - 2008-04-14 20:50 . 2010-05-06 10:35 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2008-04-14 20:50 . 2010-06-24 12:26 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2008-04-14 20:51 . 2010-06-23 12:08 173056 c:\windows\system32\dllcache\ie4uinit.exe - 2008-04-14 20:51 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll - 2008-09-17 11:20 . 2010-07-15 02:01 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2008-09-17 11:20 . 2010-08-12 02:05 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2008-09-17 11:20 . 2010-07-15 02:01 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2008-09-17 11:20 . 2010-08-12 02:05 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2008-09-17 11:20 . 2010-08-12 02:05 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2008-09-17 11:20 . 2010-07-15 02:01 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2008-09-17 11:20 . 2010-08-12 02:05 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2008-09-17 11:20 . 2010-07-15 02:01 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2008-09-17 11:20 . 2010-07-15 02:01 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2008-09-17 11:20 . 2010-08-12 02:05 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe - 2008-09-17 11:20 . 2010-07-15 02:01 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2008-09-17 11:20 . 2010-08-12 02:05 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2010-08-12 02:01 . 2009-05-26 09:02 398200 c:\windows\ie8updates\KB982664-IE8\spuninst\updspapi.dll + 2010-08-12 02:01 . 2009-05-26 11:43 234360 c:\windows\ie8updates\KB982664-IE8\spuninst\spuninst.exe + 2010-08-12 02:02 . 2010-05-06 10:35 916480 c:\windows\ie8updates\KB2183461-IE8\wininet.dll + 2010-08-12 02:02 . 2010-02-22 14:42 398200 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll + 2010-08-12 02:02 . 2009-05-26 09:02 234360 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe + 2010-08-12 02:02 . 2010-05-06 10:35 206848 c:\windows\ie8updates\KB2183461-IE8\occache.dll + 2010-08-12 02:02 . 2010-05-06 10:35 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll + 2010-08-12 02:02 . 2010-05-06 10:35 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll + 2010-08-12 02:02 . 2010-05-06 10:35 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll + 2010-08-12 02:02 . 2010-05-06 10:35 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll + 2010-08-12 02:02 . 2010-05-06 10:35 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll + 2010-08-12 02:02 . 2010-05-06 10:35 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll + 2010-08-12 02:02 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe + 2010-08-12 02:14 . 2010-08-12 02:14 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe + 2010-08-12 02:06 . 2010-08-12 02:06 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\5e16c279496a553c988c6199f0cee8aa\System.Web.Routing.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\720b28d81e987b889180b291ea19b821\System.Web.Extensions.Design.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\da36fd678161cd3444ef547c894e3f35\System.Web.Entity.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\49ae7c73fac8827123d5db1714c22599\System.Web.Entity.Design.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ce3aa27d3c4c052845ac5abb1374defa\System.Web.DynamicData.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95fab896ef2af14876e3e1524379773b\System.Web.Abstractions.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 250368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\c526d8bfb4969a77cb87b0b69a7f7d06\System.Management.Automation.resources.ni.dll + 2010-08-12 02:13 . 2010-08-12 02:13 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll + 2010-08-12 02:13 . 2010-08-12 02:13 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll + 2010-08-12 02:15 . 2010-08-12 02:15 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\488c4017d45e861644a34fae557aa80f\System.Data.Entity.Design.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe + 2010-08-12 02:14 . 2010-08-12 02:14 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5aeb40ff7128df2881fb03c01d070b20\ServiceModelReg.ni.exe + 2010-08-12 02:05 . 2010-08-12 02:05 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll + 2010-08-12 02:05 . 2010-08-12 02:05 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll + 2010-08-12 02:05 . 2010-08-12 02:05 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe + 2010-08-12 02:14 . 2010-08-12 02:14 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\a90fef2e90e3c1c1de3bf24a835dcfa0\Microsoft.WSMan.Management.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ff9583e53a4bec6da6aae423a613ba6c\Microsoft.PowerShell.Commands.Management.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f449b2674e5198e37ce8642b27a94823\Microsoft.PowerShell.ConsoleHost.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8aece00b9a77cc2d75a921465abcce57\Microsoft.PowerShell.GraphicalHost.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\715cee741bcf47ecaf75a856c156f3cb\Microsoft.PowerShell.Security.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3d7d5070c97ef550f64bc835a8959341\Microsoft.PowerShell.Commands.Diagnostics.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe + 2010-08-12 02:07 . 2010-08-12 02:07 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\56aec0938ef1bbdeca65b07a5fe8cd39\AspNetMMCExt.ni.dll + 2010-08-12 02:04 . 2010-08-12 02:04 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2010-06-24 02:01 . 2010-06-24 02:01 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2010-08-12 02:04 . 2010-08-12 02:04 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2010-06-24 02:01 . 2010-06-24 02:01 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2010-06-24 02:01 . 2010-06-24 02:01 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2010-08-12 02:04 . 2010-08-12 02:04 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2010-08-12 02:04 . 2010-08-12 02:04 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2010-06-24 02:01 . 2010-06-24 02:01 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-08-12 02:04 . 2010-08-12 02:04 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2010-06-24 02:01 . 2010-06-24 02:01 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-08-12 02:04 . 2010-08-12 02:04 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2010-06-24 02:01 . 2010-06-24 02:01 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2010-06-24 02:01 . 2010-06-24 02:01 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2010-08-12 02:04 . 2010-08-12 02:04 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2010-08-12 02:04 . 2010-08-12 02:04 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2010-06-24 02:01 . 2010-06-24 02:01 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2010-06-24 02:01 . 2010-06-24 02:01 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2010-08-12 02:04 . 2010-08-12 02:04 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2010-08-12 02:04 . 2010-08-12 02:04 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2010-06-24 02:01 . 2010-06-24 02:01 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2010-06-24 02:01 . 2010-06-24 02:01 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2010-08-12 02:04 . 2010-08-12 02:04 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2010-06-24 02:01 . 2010-06-24 02:01 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2010-08-12 02:04 . 2010-08-12 02:04 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2010-06-24 02:01 . 2010-06-24 02:01 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2010-08-12 02:04 . 2010-08-12 02:04 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2010-06-24 02:01 . 2010-06-24 02:01 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2010-08-12 02:04 . 2010-08-12 02:04 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2010-08-12 02:04 . 2010-08-12 02:04 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2010-06-24 02:01 . 2010-06-24 02:01 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2010-08-12 02:04 . 2010-08-12 02:04 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2010-06-24 02:01 . 2010-06-24 02:01 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2010-06-24 02:01 . 2010-06-24 02:01 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2010-08-12 02:04 . 2010-08-12 02:04 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2010-06-24 02:01 . 2010-06-24 02:01 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2010-08-12 02:04 . 2010-08-12 02:04 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2010-08-12 02:04 . 2010-08-12 02:04 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2010-06-24 02:01 . 2010-06-24 02:01 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2010-06-24 02:01 . 2010-06-24 02:01 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2010-08-12 02:04 . 2010-08-12 02:04 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2010-06-24 02:01 . 2010-06-24 02:01 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-08-12 02:04 . 2010-08-12 02:04 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-08-12 02:04 . 2010-08-12 02:04 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2010-06-24 02:01 . 2010-06-24 02:01 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2010-08-12 02:04 . 2010-08-12 02:04 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2010-06-24 02:01 . 2010-06-24 02:01 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2010-06-24 02:01 . 2010-06-24 02:01 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-08-12 02:04 . 2010-08-12 02:04 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-08-12 02:04 . 2010-08-12 02:04 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2010-06-24 02:01 . 2010-06-24 02:01 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2010-06-24 02:01 . 2010-06-24 02:01 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2010-08-12 02:04 . 2010-08-12 02:04 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-04-14 20:50 . 2010-06-24 12:26 1210368 c:\windows\system32\urlmon.dll + 2008-04-14 20:50 . 2010-07-27 06:30 8491008 c:\windows\system32\shell32.dll + 2008-04-14 19:59 . 2010-04-28 05:45 2147840 c:\windows\system32\ntoskrnl.exe - 2008-04-14 19:59 . 2010-02-16 19:09 2147840 c:\windows\system32\ntoskrnl.exe + 2008-04-14 21:59 . 2010-04-28 05:45 2025984 c:\windows\system32\ntkrnlpa.exe - 2008-04-14 21:59 . 2010-02-16 19:09 2025984 c:\windows\system32\ntkrnlpa.exe + 2008-04-14 20:50 . 2010-06-24 12:26 5951488 c:\windows\system32\mshtml.dll + 2007-08-13 16:34 . 2010-06-24 12:26 1986560 c:\windows\system32\iertutil.dll + 2008-04-14 19:35 . 2010-06-24 09:02 1852160 c:\windows\system32\dllcache\win32k.sys + 2008-04-14 20:50 . 2010-06-24 12:26 1210368 c:\windows\system32\dllcache\urlmon.dll + 2008-12-19 12:43 . 2010-04-28 18:15 2191232 c:\windows\system32\dllcache\ntoskrnl.exe - 2008-12-19 12:43 . 2010-02-17 12:09 2191232 c:\windows\system32\dllcache\ntoskrnl.exe - 2008-12-19 12:43 . 2010-02-16 19:09 2025984 c:\windows\system32\dllcache\ntkrpamp.exe + 2008-12-19 12:43 . 2010-04-28 05:45 2025984 c:\windows\system32\dllcache\ntkrpamp.exe - 2008-12-19 12:43 . 2010-02-16 19:09 2068096 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-12-19 12:43 . 2010-04-28 05:45 2068096 c:\windows\system32\dllcache\ntkrnlpa.exe - 2008-12-19 12:43 . 2010-02-16 19:09 2147840 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-12-19 12:43 . 2010-04-28 05:45 2147840 c:\windows\system32\dllcache\ntkrnlmp.exe - 2008-04-14 20:50 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll + 2008-04-14 20:50 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll + 2008-04-14 20:50 . 2010-06-24 12:26 5951488 c:\windows\system32\dllcache\mshtml.dll + 2008-09-17 09:13 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe - 2008-09-17 09:13 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe + 2008-09-18 12:49 . 2010-06-24 12:26 1986560 c:\windows\system32\dllcache\iertutil.dll + 2010-05-11 04:40 . 2010-05-11 04:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll - 2009-10-20 16:21 . 2009-10-20 16:21 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2010-07-26 14:00 . 2010-07-26 14:00 5010944 c:\windows\Installer\7f2ece5.msp + 2010-07-10 18:14 . 2010-07-10 18:14 2850816 c:\windows\Installer\7f2ecc5.msp - 2008-09-17 11:20 . 2010-07-15 02:01 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2008-09-17 11:20 . 2010-08-12 02:05 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2008-09-17 11:20 . 2010-08-12 02:05 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe - 2008-09-17 11:20 . 2010-07-15 02:01 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-08-12 02:02 . 2010-05-06 10:35 1209344 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll + 2010-08-12 02:02 . 2010-05-06 10:35 5950976 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll + 2010-08-12 02:02 . 2010-05-06 10:35 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll + 2008-12-19 12:43 . 2010-04-28 18:15 2191232 c:\windows\Driver Cache\i386\ntoskrnl.exe - 2008-12-19 12:43 . 2010-02-17 12:09 2191232 c:\windows\Driver Cache\i386\ntoskrnl.exe - 2008-12-19 12:43 . 2010-02-16 19:09 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-12-19 12:43 . 2010-04-28 05:45 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-12-19 12:43 . 2010-04-28 05:45 2068096 c:\windows\Driver Cache\i386\ntkrnlpa.exe - 2008-12-19 12:43 . 2010-02-16 19:09 2068096 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-12-19 12:43 . 2010-04-28 05:45 2147840 c:\windows\Driver Cache\i386\ntkrnlmp.exe - 2008-12-19 12:43 . 2010-02-16 19:09 2147840 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2010-08-12 02:05 . 2010-08-12 02:05 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll + 2010-08-12 02:07 . 2010-08-12 02:07 1021440 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27F.tmp\System.IdentityModel.dll + 2010-08-12 02:05 . 2010-08-12 02:05 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\60b3c9a63b2065a6952d16256545c25d\System.WorkflowServices.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5cc2a23ce8ac371c7a97b5e542ee27ed\System.Workflow.Runtime.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c0aabf67e7ef98dc10c3e174c136731b\System.Workflow.ComponentModel.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\66682c8a064608ba4ffd0463cf09aef9\System.Workflow.Activities.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2d662564b8d9c57a34c588cc2970902b\System.Web.Services.ni.dll + 2010-08-12 02:16 . 2010-08-12 02:16 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\9b455702c9b7b02c5708406f87986751\System.Web.Mobile.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll + 2010-08-12 02:13 . 2010-08-12 02:13 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\47a2229038c869951b36a1081a3c8768\System.Management.Automation.ni.dll + 2010-08-12 02:13 . 2010-08-12 02:13 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll + 2010-08-12 02:05 . 2010-08-12 02:05 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6408339c6991217900316808e44f5158\Microsoft.PowerShell.Editor.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3a9a012a1f912cefb0ef9f69781264c8\Microsoft.PowerShell.Commands.Utility.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\27894b3ee67930492bb4925dc27c9e6b\Microsoft.PowerShell.GPowerShell.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll + 2010-08-12 02:04 . 2010-08-12 02:04 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2010-06-24 02:01 . 2010-06-24 02:01 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2010-08-12 02:04 . 2010-08-12 02:04 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2010-06-24 02:01 . 2010-06-24 02:01 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2010-06-24 02:01 . 2010-06-24 02:01 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-08-12 02:04 . 2010-08-12 02:04 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-08-12 02:04 . 2010-08-12 02:04 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2010-06-24 02:01 . 2010-06-24 02:01 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2010-06-24 02:01 . 2010-06-24 02:01 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2010-08-12 02:04 . 2010-08-12 02:04 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2010-08-12 02:04 . 2010-08-12 02:04 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2010-06-24 02:01 . 2010-06-24 02:01 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2010-08-12 02:04 . 2010-08-12 02:04 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2010-06-24 02:01 . 2010-06-24 02:01 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-09-17 10:57 . 2010-08-03 18:09 35962312 c:\windows\system32\MRT.exe + 2007-08-13 16:54 . 2010-06-24 15:56 11077120 c:\windows\system32\ieframe.dll + 2008-09-18 12:49 . 2010-06-24 15:56 11077120 c:\windows\system32\dllcache\ieframe.dll + 2010-05-19 11:08 . 2010-05-19 11:08 11408896 c:\windows\Installer\7f2ecd0.msp + 2010-07-10 18:06 . 2010-07-10 18:06 10120192 c:\windows\Installer\7f2ecb0.msp + 2010-08-12 02:02 . 2010-05-06 10:35 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll + 2010-08-12 02:06 . 2010-08-12 02:06 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll + 2010-08-12 02:15 . 2010-08-12 02:15 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll + 2010-08-12 02:14 . 2010-08-12 02:14 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f523a69e7c93ee4f245c996eac4b3a57\System.ServiceModel.ni.dll + 2010-08-12 02:06 . 2010-08-12 02:06 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll + 2010-08-12 02:05 . 2010-08-12 02:05 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll + 2010-08-12 02:05 . 2010-08-12 02:05 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll + 2010-08-12 02:05 . 2010-08-12 02:05 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll . -- Migawka wyzerowana -- . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2007-10-25 136512] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-01-24 111952] "RTHDCPL"="RTHDCPL.EXE" [2008-09-17 16384000] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [BU] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ AudaUpdate.lnk - d:\audatex\AudaUpdate\AudaUpdt.exe [2009-3-13 10890488] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ \0 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2025429265-1409082233-725345543-1133\Scripts\Logon\0\0] "Script"=SBS_LOGIN_SCRIPT.bat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2025429265-1409082233-725345543-500\Scripts\Logon\0\0] "Script"=SBS_LOGIN_SCRIPT.bat [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"= "c:\\Program Files\\totalcmd\\TOTALCMD.EXE"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 AudatexInstallService;Audatex Install Service;c:\windows\INSTALLSERVICE.EXE [2009-03-06 654848] R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fb_inet_server.exe [2008-12-19 2707456] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WINRM REG_MULTI_SZ WINRM . . ------- Skan uzupełniający ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\administrator\Dane aplikacji\Mozilla\Firefox\Profiles\dqpjecyc.default\ FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX - SPOSÓB POSTĘPOWANIA ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-12 16:04 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-2025429265-1409082233-725345543-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,6d,8a,3f,3f,d9,6a,48,a8,cf,fa,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,6d,8a,3f,3f,d9,6a,48,a8,cf,fa,\ . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(2716) c:\windows\system32\WININET.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\program files\McAfee\Common Framework\FrameworkService.exe c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe c:\program files\McAfee\Common Framework\naPrdMgr.exe c:\windows\system32\nvsvc32.exe c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe c:\windows\RTHDCPL.EXE c:\program files\McAfee\Common Framework\McTray.exe c:\@auc@\Audatex\AudaUpdate\AudaUpdt.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Czas ukończenia: 2010-08-12 16:06:45 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2010-08-12 14:06 ComboFix2.txt 2010-08-10 09:45 ComboFix3.txt 2009-09-07 09:59 Przed: 81 848 254 464 bajtów wolnych Po: 81 683 652 608 bajtów wolnych - - End Of File - - A004BB5F0B994CABBF4E9CB2089DA1D9