Combo Fix

  • June 2020
  • PDF
Download

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA

Overview

Download & View Combo Fix as PDF for free.

More details

  • Words: 3,428
  • Pages: 20
ComboFix 09-10-01.01 - Bob 12.10.2009 12:48.5.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.659 [GMT 3:00] Running from: c:\documents and settings\Bob\Desktop\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482AA743-FDD3350758C7} . - REDUCED FUNCTIONALITY MODE . ((((((((((((((((((((((((( Files Created from 2009-09-12 to 2009-1012 ))))))))))))))))))))))))))))))) . 2009-10-08 16:33 . 2009-10-08 16:33 -------d-----wc:\documents and settings\All Users\Application Data\Fallout3 2009-10-06 22:00 . 2009-10-06 22:00 -------d-----wc:\documents and settings\Bob\Application Data\MSNInstaller 2009-10-06 19:04 . 2009-10-06 19:04 -------d-----wc:\windows\system32\wbem\Repository 2009-10-05 18:55 . 2009-09-04 14:44 515416 ----a-wc:\windows\system32\XAudio2_5.dll 2009-10-05 18:55 . 2009-09-04 14:44 238936 ----a-wc:\windows\system32\xactengine3_5.dll 2009-10-05 18:55 . 2009-09-04 14:29 1974616 ----a-wc:\windows\system32\D3DCompiler_42.dll 2009-10-05 18:55 . 2009-09-04 14:29 5501792 ----a-wc:\windows\system32\d3dcsx_42.dll 2009-10-05 18:55 . 2009-09-04 14:29 235344 ----a-wc:\windows\system32\d3dx11_42.dll 2009-10-05 18:55 . 2009-09-04 14:29 453456 ----a-wc:\windows\system32\d3dx10_42.dll 2009-10-05 18:55 . 2009-09-04 14:29 1892184 ----a-wc:\windows\system32\D3DX9_42.dll 2009-10-04 15:18 . 2009-10-04 15:18 -------d-----wc:\documents and settings\Bob\Application Data\InstallShield Installation Information 2009-10-04 15:18 . 2009-10-04 15:33 -------d-----wc:\documents and settings\Bob\Local Settings\Application Data\Fallout3 2009-10-02 17:38 . 2009-10-02 17:39 -------d-----wc:\windows\FlyakiteOSX 2009-10-01 20:07 . 2009-10-01 20:07 -------d-----wc:\windows\Left 4 Dead 2009-09-27 20:01 . 2009-03-06 14:22 284160 -c----wc:\windows\system32\dllcache\pdh.dll 2009-09-27 20:01 . 2009-02-09 12:10 473600 -c----wc:\windows\system32\dllcache\fastprox.dll 2009-09-27 20:01 . 2009-02-09 12:10 453120 -c----wc:\windows\system32\dllcache\wmiprvsd.dll 2009-09-27 20:01 . 2009-02-09 12:10 401408 -c----wc:\windows\system32\dllcache\rpcss.dll 2009-09-27 20:01 . 2009-02-06 11:11 110592 -c----wc:\windows\system32\dllcache\services.exe 2009-09-27 20:01 . 2009-02-06 10:10 227840 -c----wc:\windows\system32\dllcache\wmiprvse.exe 2009-09-27 20:01 . 2009-06-25 08:25 730112 -c----wc:\windows\system32\dllcache\lsasrv.dll 2009-09-27 20:01 . 2009-02-09 12:10 714752 -c----wc:\windows\system32\dllcache\ntdll.dll 2009-09-27 20:01 . 2009-02-09 12:10 617472 -c----wc:\windows\system32\dllcache\advapi32.dll 2009-09-27 20:01 . 2009-02-06 11:08 2189056 -c----w-

c:\windows\system32\dllcache\ntoskrnl.exe 2009-09-27 20:01 . 2009-02-06 11:06 2145280 -c----wc:\windows\system32\dllcache\ntkrnlmp.exe 2009-09-27 20:01 . 2009-02-06 10:32 2023936 -c----wc:\windows\system32\dllcache\ntkrpamp.exe 2009-09-27 17:32 . 2009-09-27 17:32 -------d-----wc:\windows\system32\KB905474 2009-09-27 17:26 . 2009-09-27 17:26 -------d-----w4.0 2009-09-27 08:19 . 2008-06-13 11:05 272128 -c----wc:\windows\system32\dllcache\bthport.sys 2009-09-27 07:58 . 2009-06-21 21:44 153088 -c----wc:\windows\system32\dllcache\triedit.dll 2009-09-27 07:58 . 2008-05-08 14:02 203136 -c----wc:\windows\system32\dllcache\rmcast.sys 2009-09-27 07:58 . 2008-10-24 11:21 455296 -c----wc:\windows\system32\dllcache\mrxsmb.sys 2009-09-27 07:58 . 2008-12-11 10:57 333952 -c----wc:\windows\system32\dllcache\srv.sys 2009-09-27 07:58 . 2008-05-01 14:33 331776 -c----wc:\windows\system32\dllcache\msadce.dll 2009-09-27 07:58 . 2009-07-10 13:27 1315328 -c----wc:\windows\system32\dllcache\msoe.dll 2009-09-27 07:58 . 2008-04-11 19:04 691712 -c----wc:\windows\system32\dllcache\inetcomm.dll 2009-09-27 07:57 . 2008-10-15 16:34 337408 -c----wc:\windows\system32\dllcache\netapi32.dll 2009-09-27 07:57 . 2008-09-04 17:15 1106944 -c----wc:\windows\system32\dllcache\msxml3.dll 2009-09-27 07:57 . 2008-05-03 11:55 2560 ------wc:\windows\system32\xpsp4res.dll 2009-09-27 07:57 . 2008-04-21 12:08 215552 -c----wc:\windows\system32\dllcache\wordpad.exe 2009-09-27 07:57 . 2009-08-13 15:16 512000 -c----wc:\windows\system32\dllcache\jscript.dll 2009-09-26 21:25 . 2009-09-28 07:42 -------d--h--w2009-09-26 21:22 . 2009-09-26 21:22 -------d-----wsettings\Bob\Application Data\PedestrianEntertainment 2009-09-16 20:04 . 2009-09-16 20:04 -------d-----wsettings\Bob\Local Settings\Application Data\Yahoo 2009-09-16 20:03 . 2009-09-16 20:03 -------d-----wsettings\Bob\Application Data\Yahoo! 2009-09-16 20:03 . 2009-09-16 20:04 -------d-----wsettings\All Users\Application Data\Yahoo! 2009-09-16 08:01 . 2009-07-28 13:33 55656 ----a-wc:\windows\system32\drivers\avgntflt.sys 2009-09-16 08:01 . 2009-03-30 07:33 96104 ----a-wc:\windows\system32\drivers\avipbb.sys 2009-09-16 08:01 . 2009-02-13 09:29 22360 ----a-wc:\windows\system32\drivers\avgntmgr.sys 2009-09-16 08:01 . 2009-02-13 09:17 45416 ----a-wc:\windows\system32\drivers\avgntdd.sys 2009-09-16 08:01 . 2009-09-16 08:01 -------d-----w2009-09-16 08:01 . 2009-09-16 08:01 -------d-----wsettings\All Users\Application Data\Avira 2009-09-15 18:02 . 2009-09-15 18:06 -------d-----wc:\windows\.jagex_cache_32 2009-09-15 18:02 . 2009-09-15 18:02 -------d-----w-

c:\program files\MSXML

c:\windows\$hf_mig$ c:\documents and c:\documents and c:\documents and c:\documents and

c:\program files\Avira c:\documents and

c:\windows\Sun

2009-09-13 15:40 . 2009-09-13 15:40 -------d-----wc:\documents and settings\Bob\Application Data\LEGO Company 2009-09-13 15:40 . 2009-09-13 15:40 -------d-----wc:\program files\LEGO Company 2009-09-13 13:02 . 2003-04-18 21:32 4736 ----a-wc:\windows\system32\drivers\tandpl.sys 2009-09-13 13:02 . 2003-03-02 14:44 7552 ----a-wc:\windows\system32\drivers\enodpl.sys 2009-09-12 19:15 . 2009-09-12 19:17 -------d-----wc:\program files\BSplayer Pro 2009-09-12 19:11 . 2009-09-12 19:11 -------d-----wc:\documents and settings\Bob\Application Data\Apple Computer 2009-09-12 19:04 . 2009-09-12 19:04 -------d-----wc:\documents and settings\All Users\Application Data\Apple Computer 2009-09-12 19:04 . 2009-09-12 19:04 -------d-----wc:\program files\Common Files\Apple 2009-09-12 19:04 . 2009-09-12 19:04 -------d-----wc:\documents and settings\Bob\Local Settings\Application Data\Apple 2009-09-12 19:04 . 2009-09-12 19:04 -------d-----wc:\program files\Apple Software Update 2009-09-12 19:04 . 2009-09-12 19:04 -------d-----wc:\documents and settings\All Users\Application Data\Apple 2009-09-12 19:04 . 2009-09-12 19:04 -------d-----wc:\documents and settings\Bob\Local Settings\Application Data\Apple Computer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-11 14:34 . 2006-09-22 09:07 -------d--h--wc:\program files\InstallShield Installation Information 2009-10-08 17:24 . 2009-07-05 21:29 -------d---a-wc:\documents and settings\All Users\Application Data\TEMP 2009-10-06 21:31 . 2006-09-20 16:07 35840 ----a-wc:\documents and settings\Bob\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-06 21:29 . 2009-05-14 18:01 151456 ----a-wc:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-10-05 20:04 . 2009-09-11 14:07 -------d-----wc:\documents and settings\Bob\Application Data\uTorrent 2009-10-05 08:18 . 2007-12-11 10:36 -------d-----wc:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-10-01 09:24 . 2009-01-26 19:10 -------d-----wc:\program files\DOSBox-0.72 2009-09-16 20:03 . 2007-11-17 11:11 -------d-----wc:\program files\Yahoo! 2009-09-16 07:32 . 2006-09-22 09:09 -------d-----wc:\program files\ESET 2009-09-12 06:17 . 2009-09-11 13:24 -------d-----wc:\documents and settings\All Users\Application Data\NOS 2009-09-11 19:50 . 2006-09-30 08:28 86016 ----a-wc:\windows\system32\OpenAL32.dll 2009-09-11 16:13 . 2006-10-27 18:12 -------d-----wc:\program files\Common Files\Wise Installation Wizard 2009-09-11 14:09 . 2009-09-11 14:09 -------d-----wc:\program files\AskSearch 2009-09-11 14:09 . 2009-09-11 14:09 -------d-----wc:\program files\AskBarDis 2009-09-11 14:08 . 2009-09-11 14:08 -------d-----wc:\program files\uTorrent 2009-09-11 13:27 . 2009-09-11 13:27 411368 ----a-w-

c:\windows\system32\deploytk.dll 2009-09-11 13:27 . 2009-09-11 13:27 -------d-----wc:\program files\Java 2009-09-11 13:13 . 2009-09-11 13:13 0 ----a-wc:\windows\nsreg.dat 2009-09-11 12:51 . 2009-09-11 12:51 -------d-----wc:\program files\Sc Cobalt IT 2009-09-09 08:09 . 2006-10-27 14:04 1138 ----a-wc:\windows\eReg.dat 2009-09-09 07:54 . 2006-09-30 09:09 -------d-----wc:\program files\Sierra On-Line 2009-09-04 14:44 . 2009-06-23 13:08 69464 ----a-wc:\windows\system32\XAPOFX1_3.dll 2009-08-05 09:01 . 2004-08-04 01:07 204800 ----a-wc:\windows\system32\mswebdvd.dll 2009-07-29 04:37 . 2004-08-04 01:07 81920 ----a-wc:\windows\system32\fontsub.dll 2009-07-29 04:37 . 2004-08-04 01:07 119808 ----a-wc:\windows\system32\t2embed.dll 2009-07-23 10:13 . 2009-05-14 18:30 3784 ----a-wc:\windows\system32\ealregsnapshot1.reg 2009-07-17 19:01 . 2004-08-04 01:07 58880 ----a-wc:\windows\system32\atl.dll 2008-04-05 11:35 . 2008-04-05 11:35 560 ----a-wc:\program files\Global.sw . ((((((((((((((((((((((((((((( SnapShot_2009-1006_18.28.06 ))))))))))))))))))))))))))))))))))))))))) . + 2004-08-04 01:07 . 2009-10-06 21:28 67370 c:\windows\system32\perfc009.dat - 2009-10-06 17:48 . 2009-10-06 17:48 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e 2efd0d7adf5dfa733a\PresentationFontCache.ni.exe + 2009-10-06 18:39 . 2009-10-06 18:39 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e 2efd0d7adf5dfa733a\PresentationFontCache.ni.exe + 2009-10-06 18:56 . 2009-10-06 18:56 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9f cc6\dfsvc.ni.exe - 2009-10-06 17:53 . 2009-10-06 17:53 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9f cc6\dfsvc.ni.exe - 2009-10-06 17:48 . 2009-10-06 17:48 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e512880 5759121ea6c\Accessibility.ni.dll + 2009-10-06 18:38 . 2009-10-06 18:38 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e512880 5759121ea6c\Accessibility.ni.dll - 2009-10-06 17:40 . 2009-10-06 17:40 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a 3a\System.Web.RegularExpressions.dll + 2009-10-06 21:28 . 2009-10-06 21:28 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a 3a\System.Web.RegularExpressions.dll + 2009-10-06 21:28 . 2009-10-06 21:28 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\Syste m.Drawing.Design.dll - 2009-10-06 17:40 . 2009-10-06 17:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\Syste m.Drawing.Design.dll - 2009-10-06 17:40 . 2009-10-06 17:40 81920

c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3 a\System.Configuration.Install.dll + 2009-10-06 21:28 . 2009-10-06 21:28 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3 a\System.Configuration.Install.dll + 2009-10-06 21:28 . 2009-10-06 21:28 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa .dll - 2009-10-06 17:40 . 2009-10-06 17:40 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa .dll - 2009-10-06 17:40 . 2009-10-06 17:40 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11 d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-10-06 21:28 . 2009-10-06 21:28 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11 d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-10-06 21:28 . 2009-10-06 21:28 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\M icrosoft.VisualBasic.Vsa.dll - 2009-10-06 17:40 . 2009-10-06 17:40 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\M icrosoft.VisualBasic.Vsa.dll - 2009-10-06 17:40 . 2009-10-06 17:40 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\M icrosoft.Build.Utilities.dll + 2009-10-06 21:28 . 2009-10-06 21:28 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\M icrosoft.Build.Utilities.dll + 2009-10-06 21:28 . 2009-10-06 21:28 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\M icrosoft.Build.Framework.dll - 2009-10-06 17:40 . 2009-10-06 17:40 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\M icrosoft.Build.Framework.dll + 2009-10-06 21:28 . 2009-10-06 21:28 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2009-10-06 17:40 . 2009-10-06 17:40 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2009-10-06 21:28 . 2009-10-06 21:28 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2009-10-06 17:40 . 2009-10-06 17:40 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2009-10-06 17:40 . 2009-10-06 17:40 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility .dll + 2009-10-06 21:28 . 2009-10-06 21:28 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility .dll + 2009-10-06 21:28 . 2009-10-06 21:28 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2009-10-06 17:40 . 2009-10-06 17:40 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2009-10-06 21:28 . 2009-10-06 21:28 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarsha lers.dll - 2009-10-06 17:40 . 2009-10-06 17:40 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarsha

lers.dll + 2009-10-11 09:48 . 2009-10-11 09:48 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35 \Microsoft.DirectX.Diagnostics.dll - 2009-10-04 15:18 . 2009-10-04 15:18 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35 \Microsoft.DirectX.Diagnostics.dll + 2009-10-11 09:48 . 2009-10-11 09:48 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856a d364e35\Microsoft.DirectX.AudioVideoPlayback.dll - 2009-10-04 15:18 . 2009-10-04 15:18 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856a d364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2009-10-06 21:28 . 2009-10-06 21:28 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_xww_6e57c34e\IEExecRemote.dll - 2009-10-06 17:40 . 2009-10-06 17:40 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_xww_6e57c34e\IEExecRemote.dll + 2009-10-06 21:28 . 2009-10-06 21:28 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_V saVb.dll - 2009-10-06 17:40 . 2009-10-06 17:40 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_V saVb.dll - 2009-10-06 17:40 . 2009-10-06 17:40 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualC.Dll + 2009-10-06 21:28 . 2009-10-06 21:28 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualC.Dll - 2009-10-06 17:40 . 2009-10-06 17:40 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2009-10-06 21:28 . 2009-10-06 21:28 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2009-10-06 17:40 . 2009-10-06 17:40 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.d ll + 2009-10-06 21:28 . 2009-10-06 21:28 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.d ll + 2009-10-06 21:28 . 2009-10-06 21:28 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_xww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2009-10-06 17:40 . 2009-10-06 17:40 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_xww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2009-10-06 17:40 . 2009-10-06 17:40 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_xww_7d5f3790\System.EnterpriseServices.dll + 2009-10-06 21:28 . 2009-10-06 21:28 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_xww_7d5f3790\System.EnterpriseServices.dll + 2004-08-04 01:07 . 2009-10-06 21:28 432796 c:\windows\system32\perfh009.dat - 2009-10-06 17:52 . 2009-10-06 17:52 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a 4f32294a\WsatConfig.ni.exe

+ 2009-10-06 18:56 . 2009-10-06 18:56 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a 4f32294a\WsatConfig.ni.exe + 2009-10-06 18:41 . 2009-10-06 18:41 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a83372e5cbc404 2b620166dd5350d85f\WindowsFormsIntegration.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a83372e5cbc404 2b620166dd5350d85f\WindowsFormsIntegration.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0 277673ea4a2d89fb\UIAutomationClient.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0 277673ea4a2d89fb\UIAutomationClient.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dc be80c990e443051cc5\System.Web.RegularExpressions.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dc be80c990e443051cc5\System.Web.RegularExpressions.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c4 0157cf940bb519f7c\System.Transactions.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c4 0157cf940bb519f7c\System.Transactions.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1 715f1c620e33ee3c8a\System.ServiceProcess.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1 715f1c620e33ee3c8a\System.ServiceProcess.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589 cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2009-10-06 18:38 . 2009-10-06 18:38 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589 cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b 088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b 088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll + 2009-10-06 18:55 . 2009-10-06 18:55 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf 8149272d845\System.IO.Log.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf 8149272d845\System.IO.Log.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0 d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll + 2009-10-06 18:55 . 2009-10-06 18:55 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0 d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 280064

c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd90817560 3006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll - 2009-10-06 17:48 . 2009-10-06 17:48 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd90817560 3006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll + 2009-10-06 18:40 . 2009-10-06 18:40 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd90817560 3006c6c90bb5d900c7\System.EnterpriseServices.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd90817560 3006c6c90bb5d900c7\System.EnterpriseServices.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f 1d1dd672526e9889ee\System.Drawing.Design.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f 1d1dd672526e9889ee\System.Drawing.Design.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce49 0711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce49 0711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b0 4b016949d57ffac03e\System.Configuration.Install.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b0 4b016949d57ffac03e\System.Configuration.Install.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\45067d0793a09d3431d26bfa55 c5a76a\sysglobl.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\45067d0793a09d3431d26bfa55 c5a76a\sysglobl.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\5facd2b8ec742efe5917184a6 a66a642\SMSvcHost.ni.exe + 2009-10-06 18:56 . 2009-10-06 18:56 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\5facd2b8ec742efe5917184a6 a66a642\SMSvcHost.ni.exe - 2009-10-06 17:52 . 2009-10-06 17:52 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aa a1c221891c7\SMDiagnostics.ni.dll + 2009-10-06 18:56 . 2009-10-06 18:56 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aa a1c221891c7\SMDiagnostics.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\6d2a8707386cbc50aa8 ee439af7088de\ServiceModelReg.ni.exe + 2009-10-06 18:56 . 2009-10-06 18:56 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\6d2a8707386cbc50aa8 ee439af7088de\ServiceModelReg.ni.exe - 2009-10-06 17:49 . 2009-10-06 17:49 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\92748439cdac6d df0f44ea37c80f86e6\PresentationFramework.Luna.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\92748439cdac6d

df0f44ea37c80f86e6\PresentationFramework.Luna.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\64e2cac1a876e4 a95db852f4bd7745b0\PresentationFramework.Aero.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\64e2cac1a876e4 a95db852f4bd7745b0\PresentationFramework.Aero.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a14da1535de3 ee3408f5595770ceb6\PresentationFramework.Royale.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a14da1535de3 ee3408f5595770ceb6\PresentationFramework.Royale.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1d02316b597174 79d61ce0ddba9af4b1\PresentationFramework.Classic.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1d02316b597174 79d61ce0ddba9af4b1\PresentationFramework.Classic.ni.dll + 2009-10-06 18:56 . 2009-10-06 18:56 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c60dc12a5f041a b9b66c380e846f30ae\Microsoft.Transactions.Bridge.Dtc.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c60dc12a5f041a b9b66c380e846f30ae\Microsoft.Transactions.Bridge.Dtc.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\97204b1800078467a38514 d05378afef\ComSvcConfig.ni.exe + 2009-10-06 18:55 . 2009-10-06 18:55 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\97204b1800078467a38514 d05378afef\ComSvcConfig.ni.exe - 2009-10-06 17:53 . 2009-10-06 17:53 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daeb c0bcd2b5e2\AspNetMMCExt.ni.dll + 2009-10-06 18:56 . 2009-10-06 18:56 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daeb c0bcd2b5e2\AspNetMMCExt.ni.dll + 2009-10-06 21:28 . 2009-10-06 21:28 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System. Web.Services.dll - 2009-10-06 17:40 . 2009-10-06 17:40 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System. Web.Services.dll + 2009-10-06 21:28 . 2009-10-06 21:28 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.We b.Mobile.dll - 2009-10-06 17:40 . 2009-10-06 17:40 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.We b.Mobile.dll + 2009-10-06 21:28 . 2009-10-06 21:28 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\Syste m.ServiceProcess.dll - 2009-10-06 17:40 . 2009-10-06 17:40 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\Syste m.ServiceProcess.dll - 2009-10-06 17:40 . 2009-10-06 17:40 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Secu rity.dll

+ 2009-10-06 21:28 . 2009-10-06 21:28 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Secu rity.dll + 2009-10-06 21:28 . 2009-10-06 21:28 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0_ _b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2009-10-06 17:40 . 2009-10-06 17:40 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0_ _b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2009-10-06 17:40 . 2009-10-06 17:40 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\Sys tem.Runtime.Remoting.dll + 2009-10-06 21:28 . 2009-10-06 21:28 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\Sys tem.Runtime.Remoting.dll + 2009-10-06 21:28 . 2009-10-06 21:28 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Mes saging.dll - 2009-10-06 17:40 . 2009-10-06 17:40 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Mes saging.dll - 2009-10-06 17:40 . 2009-10-06 17:40 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Ma nagement.dll + 2009-10-06 21:28 . 2009-10-06 21:28 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Ma nagement.dll - 2009-10-06 17:40 . 2009-10-06 17:40 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawi ng.dll + 2009-10-06 21:28 . 2009-10-06 21:28 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawi ng.dll - 2009-10-06 17:40 . 2009-10-06 17:40 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\Sy stem.DirectoryServices.dll + 2009-10-06 21:28 . 2009-10-06 21:28 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\Sy stem.DirectoryServices.dll + 2009-10-06 21:28 . 2009-10-06 21:28 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f1 1d50a3a\System.DirectoryServices.Protocols.dll - 2009-10-06 17:40 . 2009-10-06 17:40 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f1 1d50a3a\System.DirectoryServices.Protocols.dll - 2009-10-06 17:40 . 2009-10-06 17:40 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.De ployment.dll + 2009-10-06 21:28 . 2009-10-06 21:28 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.De ployment.dll - 2009-10-06 17:40 . 2009-10-06 17:40 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.D ata.SqlXml.dll + 2009-10-06 21:28 . 2009-10-06 21:28 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.D ata.SqlXml.dll - 2009-10-06 17:40 . 2009-10-06 17:40 425984

c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System .configuration.dll + 2009-10-06 21:28 . 2009-10-06 21:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System .configuration.dll + 2009-10-06 21:28 . 2009-10-06 21:28 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2009-10-06 17:40 . 2009-10-06 17:40 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2009-10-06 17:40 . 2009-10-06 17:40 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Micro soft.VisualBasic.dll + 2009-10-06 21:28 . 2009-10-06 21:28 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Micro soft.VisualBasic.dll - 2009-10-06 17:40 . 2009-10-06 17:40 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f 11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2009-10-06 21:28 . 2009-10-06 21:28 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f 11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2009-10-06 21:28 . 2009-10-06 21:28 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03 f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2009-10-06 17:40 . 2009-10-06 17:40 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03 f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2009-10-06 21:28 . 2009-10-06 21:28 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft .JScript.dll - 2009-10-06 17:40 . 2009-10-06 17:40 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft .JScript.dll - 2009-10-06 17:40 . 2009-10-06 17:40 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Micro soft.Build.Tasks.dll + 2009-10-06 21:28 . 2009-10-06 21:28 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Micro soft.Build.Tasks.dll + 2009-10-06 21:28 . 2009-10-06 21:28 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Micr osoft.Build.Engine.dll - 2009-10-06 17:40 . 2009-10-06 17:40 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Micr osoft.Build.Engine.dll - 2009-10-06 17:40 . 2009-10-06 17:40 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.d ll + 2009-10-06 21:28 . 2009-10-06 21:28 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.d ll + 2009-10-06 21:28 . 2009-10-06 21:28 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Tr ansactions.dll - 2009-10-06 17:40 . 2009-10-06 17:40 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Tr ansactions.dll + 2009-10-06 21:28 . 2009-10-06 21:28 113664

c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\Sys tem.EnterpriseServices.Wrapper.dll - 2009-10-06 17:40 . 2009-10-06 17:40 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\Sys tem.EnterpriseServices.Wrapper.dll + 2009-10-06 21:28 . 2009-10-06 21:28 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\Sys tem.EnterpriseServices.dll - 2009-10-06 17:40 . 2009-10-06 17:40 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\Sys tem.EnterpriseServices.dll - 2009-10-06 17:40 . 2009-10-06 17:40 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\Syst em.Data.OracleClient.dll + 2009-10-06 21:28 . 2009-10-06 21:28 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\Syst em.Data.OracleClient.dll + 2009-10-11 09:48 . 2009-10-11 09:48 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.D irectX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.D irectX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35 \Microsoft.DirectX.DirectSound.dll + 2009-10-11 09:48 . 2009-10-11 09:48 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35 \Microsoft.DirectX.DirectSound.dll + 2009-10-11 09:48 . 2009-10-11 09:48 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\ Microsoft.DirectX.DirectPlay.dll - 2009-10-04 15:18 . 2009-10-04 15:18 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\ Microsoft.DirectX.DirectPlay.dll - 2009-10-04 15:18 . 2009-10-04 15:18 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35 \Microsoft.DirectX.DirectInput.dll + 2009-10-11 09:48 . 2009-10-11 09:48 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35 \Microsoft.DirectX.DirectInput.dll - 2009-10-04 15:18 . 2009-10-04 15:18 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\ Microsoft.DirectX.DirectDraw.dll + 2009-10-11 09:48 . 2009-10-11 09:48 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\ Microsoft.DirectX.DirectDraw.dll + 2009-10-11 09:48 . 2009-10-11 09:48 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\M

icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Mi crosoft.DirectX.Direct3D.dll - 2009-10-04 15:18 . 2009-10-04 15:18 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Mi crosoft.DirectX.Direct3D.dll + 2006-09-20 18:43 . 2009-10-06 22:02 1607224 c:\windows\system32\FNTCACHE.DAT + 2009-10-06 18:40 . 2009-10-06 18:40 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec8 5f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec8 5f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920 cbfa2bee29d1e22b7\System.Web.Services.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920 cbfa2bee29d1e22b7\System.Web.Services.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 1917440

c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643 c85016e7422\System.Speech.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643 c85016e7422\System.Speech.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee7 3d452652c52767b5ea\System.Runtime.Serialization.ni.dll + 2009-10-06 18:55 . 2009-10-06 18:55 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee7 3d452652c52767b5ea\System.Runtime.Serialization.ni.dll + 2009-10-06 18:39 . 2009-10-06 18:39 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\f5cba80c080c5a234c6 38e4459daf1a2\System.Printing.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\f5cba80c080c5a234c6 38e4459daf1a2\System.Printing.ni.dll + 2009-10-06 18:55 . 2009-10-06 18:55 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852 f56996f79bc93acb13\System.IdentityModel.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852 f56996f79bc93acb13\System.IdentityModel.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0 c3f8e037955941afc6\System.DirectoryServices.ni.dll + 2009-10-06 18:39 . 2009-10-06 18:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0 c3f8e037955941afc6\System.DirectoryServices.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb 158948a03\System.Data.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb 158948a03\System.Data.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fa b76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fa b76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll + 2009-10-06 18:39 . 2009-10-06 18:39 2128384 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\c9ea0609aeb74eec2c5f d52a512398e3\ReachFramework.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 2128384 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\c9ea0609aeb74eec2c5f d52a512398e3\ReachFramework.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 1657344 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\5a7fa09a141e93808f4c be64a40e7f31\PresentationUI.ni.dll + 2009-10-06 18:39 . 2009-10-06 18:39 1657344 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\5a7fa09a141e93808f4c be64a40e7f31\PresentationUI.ni.dll + 2009-10-06 18:56 . 2009-10-06 18:56 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\9f71891a23ee3d 1b2f60f262f6652b28\Microsoft.Transactions.Bridge.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\9f71891a23ee3d

1b2f60f262f6652b28\Microsoft.Transactions.Bridge.ni.dll - 2009-10-06 17:40 . 2009-10-06 17:40 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2009-10-06 21:28 . 2009-10-06 21:28 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2009-10-06 17:40 . 2009-10-06 17:40 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2009-10-06 21:28 . 2009-10-06 21:28 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2009-10-06 17:40 . 2009-10-06 17:40 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System .Windows.Forms.dll + 2009-10-06 21:28 . 2009-10-06 21:28 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System .Windows.Forms.dll - 2009-10-06 17:40 . 2009-10-06 17:40 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design .dll + 2009-10-06 21:28 . 2009-10-06 21:28 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design .dll + 2009-10-06 21:28 . 2009-10-06 21:28 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2009-10-06 17:40 . 2009-10-06 17:40 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2009-10-06 21:28 . 2009-10-06 21:28 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2009-10-06 17:40 . 2009-10-06 17:40 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2009-10-06 21:28 . 2009-10-06 21:28 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2009-10-06 17:40 . 2009-10-06 17:40 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2009-10-11 09:48 . 2009-10-11 09:48 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-11 09:48 . 2009-10-11 09:48 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll - 2009-10-04 15:18 . 2009-10-04 15:18 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\M icrosoft.DirectX.Direct3DX.dll + 2009-10-06 18:38 . 2009-10-06 18:38 12907008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\94c1af121c89d9 57a195140ec254341f\System.Windows.Forms.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388 d590134b\System.Web.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388 d590134b\System.Web.ni.dll + 2009-10-06 18:55 . 2009-10-06 18:55 17316864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d158ccb0c46f29a 4a8d6de8074b1196d\System.ServiceModel.ni.dll - 2009-10-06 17:52 . 2009-10-06 17:52 17316864

c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d158ccb0c46f29a 4a8d6de8074b1196d\System.ServiceModel.ni.dll - 2009-10-06 17:49 . 2009-10-06 17:49 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd781 8946519ed7f\System.Design.ni.dll + 2009-10-06 18:40 . 2009-10-06 18:40 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd781 8946519ed7f\System.Design.ni.dll - 2009-10-06 17:48 . 2009-10-06 17:48 14325760 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\eb6989bfcd1f7f b02c7b230cc65e4e4f\PresentationFramework.ni.dll + 2009-10-06 18:39 . 2009-10-06 18:39 14325760 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\eb6989bfcd1f7f b02c7b230cc65e4e4f\PresentationFramework.ni.dll . -- Snapshot reset to current date -. ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1aa35e39143ed}] 2009-04-02 09:47 333192 ----a-wc:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "00000000000000000000000000000000"="/r" [X] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-04 486856] "RamCleaner"="c:\program files\RamCleaner\ramcore.exe" [2009-06-02 341504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-11 149280] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-04 856064] "CTHelper"="CTHELPER.EXE" - c:\windows\CTHELPER.EXE [2006-08-11 17920] "CTxfiHlp"="CTXFIHLP.EXE" - c:\windows\system32\CTXFIHLP.EXE [2006-08-11 18944] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-06-10 1657376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Bob\Start Menu\Programs\Startup\ PowerReg Scheduler.exe [2008-12-5 189952] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760000000000003}\_SC_Acrobat.exe [2007-8-8 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-21 110592] Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-21 110592] Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authorized Applications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\Ubisoft\\THE SETTLERS - Rise of an Empire\\base\\bin\\Settlers6.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "d:\\Garena\\Garena.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [16.09.2009 11:01 108289] S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [11.09.2009 17:09 234888] S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Bob\LOCALS~1\Temp\WXQBA.tmp --> c:\docume~1\Bob\LOCALS~1\Temp\WXQBA.tmp [?] . Contents of the 'Scheduled Tasks' folder 2009-10-12 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-09-27 19:18] . .

------- Supplementary Scan ------. uStart Page = hxxp://www.ask.com/?o=13928&l=dis uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect? o=13925&gct=&gc=1&q=%s IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 TCP: {0535A0F2-A270-4099-8613-5AC408A8FF5D} = 193.19.192.15,193.19.192.16 FF - ProfilePath - c:\documents and settings\Bob\Application Data\Mozilla\Firefox\Profiles\vs3l5vkt.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=13928&l=dis FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect? o=13925&gct=&gc=1&q= ---- FIREFOX POLICIES ---. ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-12 12:50 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine] "ImagePath"="\??\c:\docume~1\Bob\LOCALS~1\Temp\WXQBA.tmp" . --------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-776561741-436374069-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:dc,49,5a,ef,37,a2,07,c9,40,89,3f,31,40,d1,b6,da,af,a9,43,88,85,df,60, 56,4c,67,f7,44,2b,b1,e9,75,a1,c4,6f,c8,a4,f1,84,53,28,f1,d6,af,21,4a,3d,da,\ "??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49 [HKEY_USERS\S-1-5-21-776561741-436374069-725345543-1003\Software\SecuROM\License information*] "datasecu"=hex:d3,7e,9f,98,05,79,30,11,00,52,9d,8d,4f,ef,cb,c2,f0,fa,c2,5b,f6, 02,53,56,23,c4,91,e9,4e,20,70,2a,af,a3,66,17,88,b3,72,39,d5,fc,00,a4,4e,a4,\ "rkeysecu"=hex:ed,ae,0e,73,63,27,4c,ff,35,8f,bb,fe,93,a6,2a,d5 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE917A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE917A0E48D3BBB}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE917A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C2398713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C2398713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C2398713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - > 'explorer.exe'(1364) c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-10-12 12:51 ComboFix-quarantined-files.txt 2009-10-12 09:51 ComboFix2.txt 2009-10-06 18:30 ComboFix3.txt 2009-09-16 07:41 Pre-Run: 897.654.784 bytes free Post-Run: 1.050.349.568 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 489 --- E O F --2009-10-12 09:43

Related Documents

Combo Fix
November 2019 44
Combo Fix
June 2020 27
Combo Fix
October 2019 37
Combo Fix
June 2020 15
Combo
April 2020 36
Combo
November 2019 83

Copyright © 2024 PDFCOKE.