Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › не могу зайти не на один сайт с антивирусами
- This topic has 9 ответов, 2 участника, and was last updated 14 years, 3 months назад by ena.
-
АвторСообщения
-
29 мая, 2010 в 5:26 пп #18331
Здравствуйте!
Помогите, пожалуйста, вылечить комп.
На компе стоял антивирусник nod32 демо версия, переустанавливала ежемесячно, все базы обновлялись и все работало. Около месяца назад, после очередной переустановки, базы не обновились. Вчера каким-то образом удалось скачать он-лайн проверку с сайта касперского. Нашла около 20 троянов, но на сайты антивирусных программ так и не могу зайти. Что делать? Пробовала исправлять HOSTS, не помагло29 мая, 2010 в 5:28 пп #29577Здравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте сканер RSIT кликнув по этой ссылке и сохраните файл на вашем рабочем столе. Если эта ссылка для вас не работает, то попробуйте одну из приведённых здесь.
* Дважды кликните по скачанному файлу.
* Если у вас есть файрвал (firewall) и он покажет, что программа RSIT пытается выйти в Интернет, то разрешите ей.
* Кликните по кнопке Continue.
* Когда программа закончит работу, будут показаны два лога (log.txt и info.txt).Вставьте оба RSIT лога (их содержимое) в ваш ответ. Каждый лог в отдельное сообщение.
29 мая, 2010 в 5:30 пп #29578Результат сканирования RSIT
Logfile of random’s system information tool 1.07 (written by random/random)
Run by Katya at 2010-05-29 21:06:04
Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (17%) free of 20 GB
Total RAM: 1015 MB (47% free)HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-23 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2007-03-15 151040][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2010-02-04 41760][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2010-02-04 79648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-03-07 180224]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2009-02-17 849392][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«CoolSwitch»=C:WINDOWSsystem32TaskSwitch.exe [2005-12-22 45632]
«igfxtray»=C:WINDOWSsystem32igfxtray.exe [2005-11-28 98304]
«igfxhkcmd»=C:WINDOWSsystem32hkcmd.exe [2005-11-28 77824]
«igfxpers»=C:WINDOWSsystem32igfxpers.exe [2005-11-28 118784]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-11-14 16270848]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2007-03-01 153136]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2005-11-09 128920]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-10-03 4417016]
«FineReader7NewsReaderPro»=C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe [2003-08-20 278528]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792]
«SunJavaUpdateSched»=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2010-01-11 246504]
«LogitechQuickCamRibbon»=C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe [2009-05-08 2780432]
«Regedit32″=C:WINDOWSsystem32regedit.exe [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2007-06-27 152872]
«EDLauncher»=C:Program FilesPRMT8PRMTEDEDLauncher.exe []
«Punto Switcher»=C:Program FilesPunto Switcherps.exe [2004-11-13 205824]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2007-03-21 3066880]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]
«QIP.Online»=C:Program FilesQIP.Onlineqiponline.exe auto_start []
«ICQ»=C:DOCUME~1KatyaLOCALS~1TempRar$EX00.969ICQ6ICQ.exe silent []
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-10-13 1694208]
«YotaAccess_E100″=C:Program FilesSamsung ElectronicsmWiMAX U200YotaAccess.exe -RUNBYOS []
«QIP2005″=C:Program FilesQIPqip.exe [2009-01-22 3259904]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
AutoCAD Startup Accelerator.lnk — C:Program FilesCommon FilesAutodesk Sharedacstart16.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»ice_time.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2005-11-28 135168][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Documents and SettingsKatyatempTeamViewer3TeamViewer.exe»=»C:Documents and SettingsKatyatempTeamViewer3TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application»
«C:Program FilesQIPqip.exe»=»C:Program FilesQIPqip.exe:*:Enabled:Quiet Internet Pager»
«C:Program FilesMail.RuAgentmagent.exe»=»C:Program FilesMail.RuAgentmagent.exe:*:Enabled:Mail.Ru Агент»
«C:Program FilesCommon FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe»=»C:Program FilesCommon FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe:*:Enabled:Sentinel Protection Server»
«C:Program FilesCommon FilesSafeNet SentinelSentinel Keys Serversntlkeyssrvr.exe»=»C:Program FilesCommon FilesSafeNet SentinelSentinel Keys Serversntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{19d99aaa-46bb-11dd-8552-0018c07fdb45}]
shellAutoRuncommand — G:a3g3.bat
shellexplorecommand — G:a3g3.bat
shellopencommand — G:a3g3.bat[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{19d99aac-46bb-11dd-8552-0018c07fdb45}]
shellAutoRuncommand — I:a3g3.bat
shellexplorecommand — I:a3g3.bat
shellopencommand — I:a3g3.bat[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{80630402-7eb7-11de-8756-0018c07fdb45}]
shellAutoRuncommand — G:AutoInstall.exe======File associations======
.scr — open — «C:WINDOWSsystem32NOTEPAD.EXE» «%1»
.scr — install —
.scr — config —======List of files/folders created in the last 1 months======
2010-05-29 21:06:04 —-D—- C:rsit
2010-05-29 21:06:04 —-D—- C:Program Filestrend micro
2010-05-28 22:24:40 —-A—- C:WINDOWSsystem32QTBadFQ.exe
2010-05-28 21:36:39 —-A—- C:WINDOWSsystem32G6soSZC.exe
2010-05-27 20:35:29 —-A—- C:WINDOWSsystem32ACchLK.exe
2010-05-26 22:29:38 —-A—- C:WINDOWSsystem32JMGKsnB.exe
2010-05-24 19:09:31 —-A—- C:WINDOWSsystem32lDdwq9F.exe
2010-05-23 11:03:32 —-A—- C:WINDOWSsystem32v2mRxwQ.exe
2010-05-22 10:48:06 —-A—- C:WINDOWSsystem32wYeLGfk.exe
2010-05-21 20:46:36 —-A—- C:WINDOWSsystem32EZwO7vu.exe
2010-05-20 22:33:36 —-A—- C:WINDOWSsystem32NfkQYjT.exe
2010-05-20 19:08:24 —-A—- C:WINDOWSsystem327LW32ub.exe
2010-05-19 20:02:34 —-A—- C:WINDOWSsystem32eqrLQRt.exe
2010-05-18 21:35:46 —-A—- C:WINDOWSsystem32Oudhoqg.exe
2010-05-17 20:04:15 —-A—- C:WINDOWSsystem328VlYGHu.exe
2010-05-16 12:23:57 —-A—- C:WINDOWSsystem32M8zenQl.exe
2010-05-15 10:27:15 —-A—- C:WINDOWSsystem32GiGoQ0I.exe
2010-05-13 20:45:27 —-A—- C:WINDOWSsystem32dJ0ziBN.exe
2010-05-11 20:05:33 —-A—- C:WINDOWSsystem32VTfygI9.exe
2010-05-10 17:34:06 —-A—- C:WINDOWSsystem32hdG2EVs.exe
2010-05-10 13:06:25 —-A—- C:WINDOWSsystem329GcszWv.exe
2010-05-10 11:49:38 —-A—- C:WINDOWSsystem32ef8jcwg.exe
2010-05-10 11:10:26 —-A—- C:WINDOWSsystem32JFeTlXd.exe
2010-05-05 21:45:41 —-A—- C:WINDOWSsystem32nuyCrDb.exe
2010-05-05 21:45:31 —-A—- C:WINDOWSsystem32jTydRpl.exe======List of files/folders modified in the last 1 months======
2010-05-29 21:06:04 —-D—- C:Program Files
2010-05-29 21:05:32 —-D—- C:WINDOWSPrefetch
2010-05-29 20:59:40 —-D—- C:WINDOWSTemp
2010-05-29 20:59:40 —-D—- C:WINDOWS
2010-05-29 20:58:38 —-A—- C:WINDOWSSchedLgU.Txt
2010-05-29 20:57:30 —-D—- C:WINDOWSsystem32drivers
2010-05-29 19:24:26 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2010-05-29 00:47:10 —-D—- C:WINDOWSsystem32Restore
2010-05-28 23:48:54 —-D—- C:WINDOWSsystem32
2010-05-28 22:27:33 —-SHD—- C:System Volume Information
2010-05-28 22:26:26 —-HD—- C:WINDOWSinf
2010-05-28 22:25:30 —-D—- C:WINDOWSsystem32CatRoot2
2010-05-28 22:13:38 —-SHD—- C:WINDOWSInstaller
2010-05-24 20:53:11 —-D—- C:Documents and SettingsAll UsersApplication DataSCAD Soft
2010-05-10 00:27:25 —-D—- C:SDATA
2010-05-09 11:46:52 —-D—- C:Documents and SettingsKatyaApplication DataSkype
2010-05-08 14:29:14 —-A—- C:WINDOWSwin.ini
2010-05-07 20:52:12 —-D—- C:Documents and SettingsKatyaApplication DataskypePM
2010-05-05 22:30:47 —-A—- C:Program FilesCommon Fileskeylog.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2006-02-17 40448]
R2 Hardlock;Hardlock; ??C:WINDOWSsystem32drivershardlock.sys []
R2 haspflt;haspflt; ??C:WINDOWSSystem32Drivershaspflt.sys []
R2 Haspnt;Haspnt; ??C:WINDOWSsystem32driversHaspnt.sys []
R2 NSCADWRK;Sentinel Dongle Emulator Driver; ??C:WINDOWSsystem32DriversNSCADWRK.SYS []
R2 Sentinel;Sentinel; C:WINDOWSSystem32DriversSENTINEL.SYS [2006-12-21 90688]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2006-02-21 60800]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2007-09-08 223128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-12-26 138752]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-11-15 4225920]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:WINDOWSsystem32DRIVERSLVPr2Mon.sys [2009-04-30 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:WINDOWSsystem32DRIVERSlvrs.sys [2009-05-01 265496]
R3 LVUVC;Logitech Webcam 300(UVC); C:WINDOWSsystem32DRIVERSlvuvc.sys [2009-05-01 6754712]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2006-02-21 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2006-08-14 83200]
R3 usbaudio;Аудио драйвер USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-04 59264]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2005-10-26 27264]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S1 aekgoprn;aekgoprn; C:WINDOWSaekgoprn.sys []
S3 C7xxUSB;Samsung CMC7xx USB Network Driver; C:WINDOWSsystem32DRIVERSC7xUSBX3.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-04 17024]
S3 FilterService;UVC Filter Service; C:WINDOWSsystem32DRIVERSlvuvcflt.sys [2009-05-01 23832]
S3 lvpopflt;Logitech POP Suppression Filter; C:WINDOWSsystem32DRIVERSlvpopflt.sys [2009-05-01 114712]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-04 85376]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:WINDOWSsystem32DRIVERSNetMotCM.sys [2004-09-30 15360]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-04 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Драйвер Sony USB фильтра (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-04 15360]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;USB Video Device (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2005-07-30 121856]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2010-02-04 153376]
R2 LVPrcSrv;Process Monitor; C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe [2009-04-30 154136]
R2 SentinelKeysServer;Sentinel Keys Server; C:Program FilesCommon FilesSafeNet SentinelSentinel Keys Serversntlkeyssrvr.exe [2006-08-22 316992]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-06-27 279848]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-02-09 72704]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2007-09-09 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-09-25 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 MSCSPTISRV;MSCSPTISRV; C:Program FilesCommon FilesSony SharedAVLibMSCSPTISRV.exe [2006-12-14 45056]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:Program FilesCommon FilesSony SharedAVLibPACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:Program FilesCommon FilesSony SharedAVLibSPTISRV.exe [2006-12-14 69632]
S3 WMConnectCDS;Служба Windows Media Connect; C:Program FilesWindows Media Connect 2Wmccds.exe [2006-02-01 855552]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
EOF
info.txt logfile of random’s system information tool 1.06 2010-05-29 21:06:27======Uninstall list======
—>C:Program FilesNeroNero 7\nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY FineReader 7.0 Professional Edition—>MsiExec.exe /I{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)—>MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 8.1.2—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AutoCAD 2006 — English—>MsiExec.exe /I{5783F2D7-4001-0409-0002-0060B0CE6BBA}
AutoCAD 2007 — English—>MsiExec.exe /I{5783F2D7-5001-0409-0002-0060B0CE6BBA}
AutoCAD 2010 — English—>C:Program FilesAutoCAD 2010SetupSetup.exe /P {5783F2D7-8001-0409-0002-0060B0CE6BBA} /M ACAD /language en-US
AutoCAD 2010 — English—>C:Program FilesAutoCAD 2010SetupSetup.exe /P {5783F2D7-8001-0409-0002-0060B0CE6BBA} /M ACAD /language en-US
AVIConverter 5.0.1—>C:Program FilesAVIConverteruninst.exe
CsAcIntegrator—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll
Download Master version 5.3.1.1077—>»C:Program FilesDownload Masterunins000.exe»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Windows XP (KB926239)—>»C:WINDOWS$NtUninstallKB926239$spuninstspuninst.exe»
Intel(R) Graphics Media Accelerator Driver—>RUNDLL32.EXE C:WINDOWSsystem32ialmrem.dll,UninstallW2KIGfx2ID PCIVEN_8086&DEV_2776 PCIVEN_8086&DEV_2772
J2SE Runtime Environment 5.0 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 18—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
K-Lite Codec Pack 5.8.3 (Basic)—>»C:Program FilesK-Lite Codec Packunins000.exe»
Logitech Webcam Software—>MsiExec.exe /I{AC96671C-2001-432C-9826-5266D84EF1DC}
Mail.Ru Агент 5.2 (сборка 2405, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{736D8DEB-66C6-3655-9D59-DF6493A81F77}
Microsoft .NET Framework 2.0 Service Pack 2—>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{6CF6A814-CE65-39FC-BBBC-6CB340A4028B}
Microsoft .NET Framework 3.0 Service Pack 2—>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 — rus—>MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 SP1setup.exe
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»C:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.17—>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual Studio 2005 Tools for Office Runtime—>MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Monomakh 4.2—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{49D23351-3B1D-4516-8C1D-7036FAA193F6}
Mozilla Firefox (2.0.0.4)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 6.0 Parser (KB925673)—>MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 7 Ultra Edition—>MsiExec.exe /X{91C0B95B-B83A-4828-A775-BBE2DD421049}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OpenMG Secure Module 4.7.00—>C:PROGRA~1COMMON~1INSTAL~1Driver1150INTEL3~1IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
Punto Switcher 2.9—>C:Program FilesPunto Switcheruninstall.exe
QIP 2005 8081—>»C:Program FilesQIPunins000.exe»
Rambler-Ассистент—>»C:Program FilesRambler Assistantuninstall.exe»
REALTEK GbE & FE Ethernet PCI-E NIC Driver—>C:Program FilesInstallShield Installation Information{C9BED750-1211-4480-B1A5-718A3BE15525}SETUP.EXE -runfromtemp -l0x0019 -removeonly
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}SETUP.EXE» -l0x19 -removeonly
SCAD Office 11.3—>»C:Program FilesInstallShield Installation Information{30B57E9E-744F-4FF4-A7FB-6CFE9E8A0D97}setup.exe» -runfromtemp -l0x0019 -removeonly
Sentinel Protection Installer 7.3.2—>MsiExec.exe /I{EDFE2142-CFB3-44AB-A961-DE85F6408A28}
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
TopPlan 2007 Office Edition — Удаление—>C:Program FilesTopPlanOffice 2007uninst.exe
Windows Imaging Component—>»C:WINDOWS$NtUninstallWIC$spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Presentation Foundation—>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
XML Paper Specification Shared Components Language Pack 1.0—>»C:WINDOWS$NtUninstallXPSEPSCLP$spuninstspuninst.exe»
Архиватор WinRAR (только удаление)—>C:Program FilesWinRARuninstall.exe
еда выполнения Visual Studio 2005 Tools for Office, второй выпуск—>C:Program FilesCommon FilesMicrosoft SharedVSTO8.0Microsoft Visual Studio 2005 Tools for Office Runtimeinstall.exe
Исправление для Windows XP (KB942288-v3)—>»C:WINDOWS$NtUninstallKB942288-v3$spuninstspuninst.exe»
Пакет драйвера Logitech Webcam Software—>»C:Program FilesCommon FilesLogiShrdLogiDriverStorelvdrivers12.0.1278LgDrvInst.exe» -remove -instdir»C:Program FilesCommon FilesLogiShrdLogiDriverStorelvdrivers» -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey»lvdrivers_12.0″ /clone_wait /hide_progress
СПДС GraphiCS 5.0 для AutoCAD—>MsiExec.exe /I{E71EFB1C-DF25-4CA2-9FC2-45BD417530B3}
СПДС GraphiCS 6.0 для AutoCAD—>MsiExec.exe /I{AE76A273-3C24-4C47-8A61-0AE32C3FE26F}
Экранная заставка «Яндекс.Новогодний» 1.0.0—>»C:Program FilesYandexNYScreenSaverunins000.exe»
Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 Language Pack SP1 — russetup.exe======Hosts File======
127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com======System event log======
Computer Name: HOME
Event Code: 6006
Message: Служба журнала событий остановлена.Record Number: 29804
Source Name: EventLog
Time Written: 20100304000950.000000+180
Event Type: информация
User:Computer Name: HOME
Event Code: 4226
Message: Достигнут предел безопасности для TCP/IP, налагаемый на количество попыток одновременных TCP-подключений.Record Number: 29803
Source Name: Tcpip
Time Written: 20100303191919.000000+180
Event Type: предупреждение
User:Computer Name: HOME
Event Code: 4226
Message: Достигнут предел безопасности для TCP/IP, налагаемый на количество попыток одновременных TCP-подключений.Record Number: 29802
Source Name: Tcpip
Time Written: 20100303173001.000000+180
Event Type: предупреждение
User:Computer Name: HOME
Event Code: 4226
Message: Достигнут предел безопасности для TCP/IP, налагаемый на количество попыток одновременных TCP-подключений.Record Number: 29801
Source Name: Tcpip
Time Written: 20100303163521.000000+180
Event Type: предупреждение
User:Computer Name: HOME
Event Code: 4226
Message: Достигнут предел безопасности для TCP/IP, налагаемый на количество попыток одновременных TCP-подключений.Record Number: 29800
Source Name: Tcpip
Time Written: 20100303160801.000000+180
Event Type: предупреждение
User:=====Application event log=====
Computer Name: HOME
Event Code: 0
Message:
Record Number: 2275
Source Name: NMIndexingService
Time Written: 20081122115304.000000+180
Event Type: информация
User:Computer Name: HOME
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.Record Number: 2274
Source Name: SecurityCenter
Time Written: 20081122115244.000000+180
Event Type: информация
User:Computer Name: HOME
Event Code: 1517
Message: Реестр пользователя HOMEKatya был сохранен в то время, как приложение или служба продолжали использовать его во время выхода из системы. Используемая реестром пользователя память не была освобождена. Реестр будет выгружен, когда он не будет использоваться.Возможная причина — службы, выполняемые от имени пользователя. Попробуйте изменить настройку служб и задать их выполнение с учетными записями LocalService или NetworkService.
Record Number: 2273
Source Name: Userenv
Time Written: 20081122010618.000000+180
Event Type: предупреждение
User: NT AUTHORITYSYSTEMComputer Name: HOME
Event Code: 0
Message:
Record Number: 2272
Source Name: NMIndexingService
Time Written: 20081121220704.000000+180
Event Type: информация
User:Computer Name: HOME
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.Record Number: 2271
Source Name: SecurityCenter
Time Written: 20081121220645.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesCommon FilesAutodesk Shared
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 2, GenuineIntel
«PROCESSOR_REVISION»=0f02
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«K_DATA_S»=C:Program FilesAX3000K_DATA
«K_DATA»=C:Program FilesAX3000K_DATA
«PROG_PATH_K»=C:Program FilesAX3000prog
EOF
29 мая, 2010 в 5:40 пп #29576Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.29 мая, 2010 в 6:12 пп #29575ComboFix 10-05-28.08 — Katya 29.05.2010 22:07:46.1.2 — x86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.1015.672 [GMT 4:00]
Running from: c:documents and settingsKatyaРабочий столComboFix.exe
Command switches used :: c:documents and settingsKatyaРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
* Created a new restore point
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsKatyaApplication Datawiaserva.log
c:documents and settingsKatyaoashdihasidhasuidhiasdhiashdiuasdhasd
c:program filesCommon Fileskeylog.txt
c:program filesMail.RuAgentMradllnewmrasearch.dll
c:windowssystem32ACchLK.exe
c:windowssystem327LW32ub.exe
c:windowssystem328VlYGHu.exe
c:windowssystem32dJ0ziBN.exe
c:windowssystem32EZwO7vu.exe
c:windowssystem32GiGoQ0I.exe
c:windowssystem32JMGKsnB.exe
c:windowssystem32jTydRpl.exe
c:windowssystem32lDdwq9F.exe
c:windowssystem32M8zenQl.exe
c:windowssystem32NfkQYjT.exe
c:windowssystem32nuyCrDb.exe
c:windowssystem32Oudhoqg.exe
c:windowssystem32VTfygI9.exe
c:windowssystem32wYeLGfk.exe.
((((((((((((((((((((((((( Files Created from 2010-04-28 to 2010-05-29 )))))))))))))))))))))))))))))))
.2010-05-29 17:06 . 2010-05-29 17:06
d
w- C:rsit
2010-05-29 17:06 . 2010-05-29 17:06
d
w- c:program filestrend micro
2010-05-28 18:24 . 2010-05-28 18:24 102912 —-a-w- c:windowssystem32QTBadFQ.exe
2010-05-28 17:36 . 2010-05-28 17:36 102912 —-a-w- c:windowssystem32G6soSZC.exe
2010-05-27 17:41 . 2010-05-27 17:41 503808 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.046f84c6ae-74362d8e-nmsvcp71.dll
2010-05-27 17:41 . 2010-05-27 17:41 499712 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.046f84c6ae-74362d8e-njmc.dll
2010-05-27 17:41 . 2010-05-27 17:41 348160 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.046f84c6ae-74362d8e-nmsvcr71.dll
2010-05-27 17:41 . 2010-05-27 17:41 61440 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.0505535ab32-27f35d6b-ndecora-sse.dll
2010-05-27 17:41 . 2010-05-27 17:41 12800 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.0505535ab32-27f35d6b-ndecora-d3d.dll
2010-05-23 07:03 . 2010-05-23 07:03 112640 —-a-w- c:windowssystem32v2mRxwQ.exe
2010-05-19 16:02 . 2010-05-19 16:02 121856 —-a-w- c:windowssystem32eqrLQRt.exe
2010-05-10 13:34 . 2010-05-10 13:34 97792 —-a-w- c:windowssystem32hdG2EVs.exe
2010-05-10 09:06 . 2010-05-10 09:06 97792 —-a-w- c:windowssystem329GcszWv.exe
2010-05-10 07:49 . 2010-05-10 07:49 97792 —-a-w- c:windowssystem32ef8jcwg.exe
2010-05-10 07:10 . 2010-05-10 07:10 97792 —-a-w- c:windowssystem32JFeTlXd.exe.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-29 18:04 . 2009-11-12 17:55 0 —-a-w- c:windowssystem32driverslvuvc.hs
2010-05-29 18:04 . 2009-11-12 17:53 0 —-a-w- c:windowssystem32driverslogiflt.iad
2010-05-29 15:24 . 2007-10-08 19:43
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab
2010-05-24 16:53 . 2009-12-17 17:16
d
w- c:documents and settingsAll UsersApplication DataSCAD Soft
2010-05-09 07:46 . 2008-11-02 08:21
d
w- c:documents and settingsKatyaApplication DataSkype
2010-05-07 16:52 . 2008-11-02 08:25
d
w- c:documents and settingsKatyaApplication DataskypePM
2010-04-28 17:57 . 2010-04-28 17:57 102400 —-a-w- c:windowssystem32O1EZQR0.exe
2010-04-11 09:04 . 2007-09-08 18:52 57024 —-a-w- c:documents and settingsKatyaLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2010-04-10 18:12 . 2009-11-04 09:30
d
w- c:program filesCSoft
2010-04-10 18:12 . 2009-11-04 09:30
d
w- c:documents and settingsAll UsersApplication DataCSoft
2010-04-05 19:52 . 2010-04-05 19:52
d
w- c:program filesK-Lite Codec Pack
2010-04-04 10:08 . 2001-10-20 13:00 79748 —-a-w- c:windowssystem32perfc019.dat
2010-04-04 10:08 . 2001-10-20 13:00 474826 —-a-w- c:windowssystem32perfh019.dat
2007-05-15 20:52 . 2007-09-28 16:02 66672 —-a-w- c:program filesmozilla firefoxcomponentsjar50.dll
2007-05-15 20:52 . 2007-09-28 16:02 54376 —-a-w- c:program filesmozilla firefoxcomponentsjsd3250.dll
2007-05-15 20:52 . 2007-09-28 16:02 34952 —-a-w- c:program filesmozilla firefoxcomponentsmyspell.dll
2007-05-15 20:52 . 2007-09-28 16:02 46720 —-a-w- c:program filesmozilla firefoxcomponentsspellchk.dll
2007-05-15 20:52 . 2007-09-28 16:02 172144 —-a-w- c:program filesmozilla firefoxcomponentsxpinstal.dll
1999-06-28 10:41 . 1999-06-28 10:41 3120 —sha-w- c:windowssystem32vlbvnm.dll
.
Sigcheck
[-] 2006-02-21 . ECDBAA880D716E575135CB5171CA04E8 . 1548288 . . [5.1.2600.2180] . . c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesAheadLibNMBgMonitor.exe» [2007-06-27 152872]
«Punto Switcher»=»c:program filesPunto Switcherps.exe» [2004-11-13 205824]
«Download Master»=»c:program filesDownload Masterdmaster.exe» [2007-03-21 3066880]
«Skype»=»c:program filesSkypePhoneSkype.exe» [2008-09-23 21755688]
«QIP2005″=»c:program filesQIPqip.exe» [2009-01-22 3259904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«CoolSwitch»=»c:windowssystem32TaskSwitch.exe» [2005-12-21 45632]
«igfxtray»=»c:windowssystem32igfxtray.exe» [2005-11-28 98304]
«igfxhkcmd»=»c:windowssystem32hkcmd.exe» [2005-11-28 77824]
«igfxpers»=»c:windowssystem32igfxpers.exe» [2005-11-28 118784]
«RTHDCPL»=»RTHDCPL.EXE» [2006-11-14 16270848]
«SkyTel»=»SkyTel.EXE» [2006-05-16 2879488]
«NeroFilterCheck»=»c:program filesCommon FilesAheadLibNeroCheck.exe» [2007-03-01 153136]
«DAEMON Tools»=»c:program filesDAEMON Toolsdaemon.exe» [2005-11-08 128920]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2008-10-03 4417016]
«FineReader7NewsReaderPro»=»c:program filesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe» [2003-08-19 278528]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«SunJavaUpdateSched»=»c:program filesCommon FilesJavaJava Updatejusched.exe» [2010-01-11 246504]
«LogitechQuickCamRibbon»=»c:program filesLogitechLogitech WebCam SoftwareLWS.exe» [2009-05-08 2780432][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-17 15360]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
AutoCAD Startup Accelerator.lnk — c:program filesCommon FilesAutodesk Sharedacstart16.exe [2005-3-5 10872][HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Documents and Settings\Katya\temp\TeamViewer3\TeamViewer.exe»=
«c:\Program Files\QIP\qip.exe»=
«c:\Program Files\Mail.Ru\Agent\magent.exe»=
«c:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe»=
«c:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«7173:TCP»= 7173:TCPR2 haspflt;haspflt;c:windowssystem32drivershaspflt.sys [12.09.2007 19:24 29024]
R2 NSCADWRK;Sentinel Dongle Emulator Driver;c:windowssystem32driversNSCADWRK.SYS [17.04.2009 12:48 239104]
R2 SentinelKeysServer;Sentinel Keys Server;c:program filesCommon FilesSafeNet SentinelSentinel Keys Serversntlkeyssrvr.exe [22.08.2006 1:00 316992]
S0 sptd;sptd;c:windowssystem32driverssptd.sys [08.09.2007 23:31 664064]
S3 C7xxUSB;Samsung CMC7xx USB Network Driver;c:windowssystem32DRIVERSC7xUSBX3.sys —> c:windowssystem32DRIVERSC7xUSBX3.sys [?]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.rambler.ru/ri6
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~3OFFICE11EXCEL.EXE/3000
IE: Добавить в Rambler-Закладки — c:program filesRambler AssistantramblertoolbarU0.dll/zakladki.htm
IE: Загрузить ссылку при помощи Mega Manager… — c:program filesMegauploadMega Managermm_file.htm
IE: Закачать ВСЕ при помощи Download Master — c:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — c:program filesDownload Masterdmie.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/search.htm
IE: Опубликовать в Дневнике — c:program filesRambler AssistantramblertoolbarU0.dll/planet.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/dic.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
FF — ProfilePath — c:documents and settingsKatyaApplication DataMozillaFirefoxProfilesqdyl0fa6.default
FF — prefs.js: browser.search.selectedEngine — Rambler
FF — prefs.js: browser.startup.homepage — hxxp://www.rambler.ru/ri6
FF — prefs.js: keyword.URL — hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF — component: c:program filesMozilla Firefoxcomponentsxpinstal.dll
.
.
File Associations
.
.scr=AutoCADScriptFile
.
— — — — ORPHANS REMOVED — — — —HKCU-Run-EDLauncher — c:program filesPRMT8PRMTEDEDLauncher.exe
HKCU-Run-QIP.Online — c:program filesQIP.Onlineqiponline.exe
HKCU-Run-YotaAccess_E100 — c:program filesSamsung ElectronicsmWiMAX U200YotaAccess.exe**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-29 22:10
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-1078081533-1960408961-839522115-1003SoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSaveMRU!2*]
@Class=»Shell»
«a»=»g:\котельная\КМ\1.С2»
«MRUList»=»a»
.
Completion time: 2010-05-29 22:11:50
ComboFix-quarantined-files.txt 2010-05-29 18:11Pre-Run: 3 632 668 672 байт свободно
Post-Run: 4 461 146 112 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /noexecute=optin /fastdetect— — End Of File — — 1C2A8085665C3B91A6633C99A9D1D2E2
30 мая, 2010 в 12:23 пп #29573Большое спасибо! Все заработало
1 июня, 2010 в 6:52 пп #29574Нужно ещё немножко поработать.
Откройте блокнот (Кликните Пуск, Выполнить, в строке ввода введите notepad и нажмите Enter) и вставьте в него следующий текст:
File::
c:windowssystem32QTBadFQ.exe
c:windowssystem32G6soSZC.exe
c:windowssystem32v2mRxwQ.exe
c:windowssystem32eqrLQRt.exe
c:windowssystem32hdG2EVs.exe
c:windowssystem329GcszWv.exe
c:windowssystem32ef8jcwg.exe
c:windowssystem32JFeTlXd.exe
c:windowssystem32driverslvuvc.hs
c:windowssystem32driverslogiflt.iad
c:windowssystem32O1EZQR0.exeЗапишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.2 июня, 2010 в 3:45 пп #29579ComboFix 10-06-01.05 — Katya 02.06.2010 19:32:55.2.2 — x86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.1015.413 [GMT 4:00]
Running from: c:documents and settingsKatyaРабочий столComboFix.exe
Command switches used :: c:documents and settingsKatyaРабочий столCFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is activeFILE ::
«c:windowssystem329GcszWv.exe»
«c:windowssystem32driverslogiflt.iad»
«c:windowssystem32driverslvuvc.hs»
«c:windowssystem32ef8jcwg.exe»
«c:windowssystem32eqrLQRt.exe»
«c:windowssystem32G6soSZC.exe»
«c:windowssystem32hdG2EVs.exe»
«c:windowssystem32JFeTlXd.exe»
«c:windowssystem32O1EZQR0.exe»
«c:windowssystem32QTBadFQ.exe»
«c:windowssystem32v2mRxwQ.exe»
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:windowssystem32driverslogiflt.iad
c:windowssystem32driverslvuvc.hs
c:windowssystem32G6soSZC.exe
c:windowssystem32O1EZQR0.exe
c:windowssystem32QTBadFQ.exe
c:windowssystem32v2mRxwQ.exe
c:windowsTEMPlogishrdLVPrcInj01.dll.
((((((((((((((((((((((((( Files Created from 2010-05-02 to 2010-06-02 )))))))))))))))))))))))))))))))
.2010-06-02 15:22 . 2010-06-02 15:22 159744 —-a-w- c:documents and settingsKatyaApplication DataMozillaFirefoxProfilesqdyl0fa6.defaultFlashGot.exe
2010-05-30 10:15 . 2010-05-30 10:15
d
w- c:windowssystem32KB905474
2010-05-30 09:52 . 2010-05-30 09:52
d
w- c:program filesMSXML 6.0
2010-05-30 09:46 . 2010-05-30 09:46
d
w- c:windowsServicePackFiles
2010-05-30 09:45 . 2010-05-30 09:45
d
w- c:program filesMSXML 4.0
2010-05-30 08:35 . 2010-05-30 09:35
d
w- c:windowssystem32CatRoot_bak
2010-05-30 08:32 . 2010-02-24 12:48 457216 -c—-w- c:windowssystem32dllcachemrxsmb.sys
2010-05-30 08:14 . 2008-06-14 17:59 272512 -c—-w- c:windowssystem32dllcachebthport.sys
2010-05-30 08:14 . 2008-06-14 17:59 272512
w- c:windowssystem32driversbthport.sys
2010-05-30 07:59 . 2010-02-17 10:26 2065536 -c—-w- c:windowssystem32dllcachentkrnlpa.exe
2010-05-30 07:59 . 2010-02-16 19:26 2023936 -c—-w- c:windowssystem32dllcachentkrpamp.exe
2010-05-30 07:59 . 2010-02-16 19:26 2188672 -c—-w- c:windowssystem32dllcachentoskrnl.exe
2010-05-30 07:59 . 2010-02-16 19:26 2145792 -c—-w- c:windowssystem32dllcachentkrnlmp.exe
2010-05-30 07:45 . 2010-05-31 15:20
d—h—w- c:windows$hf_mig$
2010-05-30 07:40 . 2010-05-30 07:40
d
w- c:program filesESET
2010-05-29 17:06 . 2010-05-29 17:06
d
w- C:rsit
2010-05-29 17:06 . 2010-05-29 17:06
d
w- c:program filestrend micro
2010-05-27 17:41 . 2010-05-27 17:41 503808 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.046f84c6ae-74362d8e-nmsvcp71.dll
2010-05-27 17:41 . 2010-05-27 17:41 499712 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.046f84c6ae-74362d8e-njmc.dll
2010-05-27 17:41 . 2010-05-27 17:41 348160 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.046f84c6ae-74362d8e-nmsvcr71.dll
2010-05-27 17:41 . 2010-05-27 17:41 61440 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.0505535ab32-27f35d6b-ndecora-sse.dll
2010-05-27 17:41 . 2010-05-27 17:41 12800 —-a-w- c:documents and settingsKatyaApplication DataSunJavaDeploymentSystemCache6.0505535ab32-27f35d6b-ndecora-d3d.dll.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-30 10:18 . 2001-10-20 13:00 79748 —-a-w- c:windowssystem32perfc019.dat
2010-05-30 10:18 . 2001-10-20 13:00 474826 —-a-w- c:windowssystem32perfh019.dat
2010-05-29 15:24 . 2007-10-08 19:43
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab
2010-05-24 16:53 . 2009-12-17 17:16
d
w- c:documents and settingsAll UsersApplication DataSCAD Soft
2010-05-09 07:46 . 2008-11-02 08:21
d
w- c:documents and settingsKatyaApplication DataSkype
2010-05-07 16:52 . 2008-11-02 08:25
d
w- c:documents and settingsKatyaApplication DataskypePM
2010-04-11 09:04 . 2007-09-08 18:52 57024 —-a-w- c:documents and settingsKatyaLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2010-04-10 18:12 . 2009-11-04 09:30
d
w- c:program filesCSoft
2010-04-10 18:12 . 2009-11-04 09:30
d
w- c:documents and settingsAll UsersApplication DataCSoft
2010-04-05 19:52 . 2010-04-05 19:52
d
w- c:program filesK-Lite Codec Pack
2010-03-10 08:07 . 2006-02-17 12:13 417792 —-a-w- c:windowssystem32vbscript.dll
2007-05-15 20:52 . 2007-09-28 16:02 66672 —-a-w- c:program filesmozilla firefoxcomponentsjar50.dll
2007-05-15 20:52 . 2007-09-28 16:02 54376 —-a-w- c:program filesmozilla firefoxcomponentsjsd3250.dll
2007-05-15 20:52 . 2007-09-28 16:02 34952 —-a-w- c:program filesmozilla firefoxcomponentsmyspell.dll
2007-05-15 20:52 . 2007-09-28 16:02 46720 —-a-w- c:program filesmozilla firefoxcomponentsspellchk.dll
2007-05-15 20:52 . 2007-09-28 16:02 172144 —-a-w- c:program filesmozilla firefoxcomponentsxpinstal.dll
1999-06-28 10:41 . 1999-06-28 10:41 3120 —sha-w- c:windowssystem32vlbvnm.dll
.
Sigcheck
[-] 2008-04-14 . 4379CA978CB35BB2458156B2B6CB35DF . 1571840 . . [5.1.2600.5512] . . c:windowsSoftwareDistributionDownloade6ee13bab691afad01f3e7fa891e3f3dsfcfiles.dll
[-] 2006-02-21 . ECDBAA880D716E575135CB5171CA04E8 . 1548288 . . [5.1.2600.2180] . . c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-05-29_18.10.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-28 19:42 . 2009-06-28 19:42 91656 c:windowsWinSxSx86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bcebmsxml4r.dll
+ 2010-06-02 15:37 . 2010-06-02 15:37 16384 c:windowsTempPerflib_Perfdata_6b8.dat
+ 2005-07-01 07:31 . 2009-08-06 15:24 44768 c:windowssystem32wups2.dll
+ 2007-09-08 18:42 . 2009-08-06 15:24 35552 c:windowssystem32wups.dll
+ 2007-09-08 18:42 . 2009-08-06 15:24 53472 c:windowssystem32wuauclt.exe
+ 2004-08-17 13:04 . 2009-06-25 08:22 59392 c:windowssystem32wdigest.dll
— 2004-08-17 13:05 . 2004-08-17 13:05 50176 c:windowssystem32utilman.exe
+ 2004-08-17 13:05 . 2006-10-04 13:34 50176 c:windowssystem32utilman.exe
+ 2004-08-17 13:04 . 2006-10-04 13:39 36352 c:windowssystem32umandlg.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 36352 c:windowssystem32umandlg.dll
+ 2010-05-30 07:56 . 2010-04-21 13:28 46080 c:windowssystem32tzchange.exe
+ 2004-08-17 13:05 . 2009-06-15 12:09 80896 c:windowssystem32tlntsess.exe
+ 2005-05-11 02:33 . 2009-06-15 12:09 79872 c:windowssystem32telnet.exe
+ 2004-08-17 13:04 . 2009-10-21 05:51 75776 c:windowssystem32strmfilt.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 75776 c:windowssystem32strmfilt.dll
— 2007-09-08 18:55 . 2007-11-30 11:18 26488 c:windowssystem32spupdsvc.exe
+ 2007-09-08 18:55 . 2008-07-09 07:58 26488 c:windowssystem32spupdsvc.exe
+ 2008-06-30 15:54 . 2009-05-26 11:43 17784 c:windowssystem32spmsg.dll
+ 2010-05-30 07:42 . 2009-08-06 15:24 44768 c:windowssystem32SoftwareDistributionSetupServiceStartupwups2.dll7.4.7600.226wups2.dll
+ 2010-05-30 07:42 . 2009-08-06 15:24 35552 c:windowssystem32SoftwareDistributionSetupServiceStartupwups.dll7.4.7600.226wups.dll
+ 2004-08-17 13:04 . 2009-06-25 08:22 56320 c:windowssystem32secur32.dll
+ 2001-10-20 13:00 . 2009-02-06 09:54 35328 c:windowssystem32sc.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 69632 c:windowssystem32raschap.dll
+ 2004-08-17 13:04 . 2009-10-12 13:54 69632 c:windowssystem32raschap.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 39424 c:windowssystem32pngfilt.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 39424 c:windowssystem32pngfilt.dll
— 2001-10-20 13:00 . 2010-04-04 10:08 67448 c:windowssystem32perfc009.dat
+ 2001-10-20 13:00 . 2010-05-30 10:18 67448 c:windowssystem32perfc009.dat
+ 2004-08-17 13:04 . 2006-10-04 13:34 54784 c:windowssystem32narrator.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 54784 c:windowssystem32narrator.exe
+ 2007-09-08 18:39 . 2008-06-12 13:49 91648 c:windowssystem32mtxoci.dll
+ 2006-02-17 12:12 . 2008-06-12 13:49 66560 c:windowssystem32mtxclu.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 66560 c:windowssystem32mtxclu.dll
+ 2004-08-17 16:04 . 2009-11-27 17:11 17920 c:windowssystem32msyuv.dll
+ 2001-10-20 13:00 . 2009-11-27 16:40 28672 c:windowssystem32msvidc32.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 11264 c:windowssystem32msrle32.dll
+ 2004-08-17 13:04 . 2009-11-27 16:40 11264 c:windowssystem32msrle32.dll
— 2007-09-08 18:39 . 2004-08-17 13:04 58880 c:windowssystem32msdtclog.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 58880 c:windowssystem32msdtclog.dll
+ 2006-02-17 12:12 . 2008-06-24 16:31 74240 c:windowssystem32mscms.dll
+ 2004-08-17 13:04 . 2009-09-04 20:47 58880 c:windowssystem32msasn1.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 48640 c:windowssystem32mqupgrd.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 48640 c:windowssystem32mqupgrd.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 95744 c:windowssystem32mqsec.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 95744 c:windowssystem32mqsec.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 16896 c:windowssystem32mqise.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 16896 c:windowssystem32mqise.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 47104 c:windowssystem32mqdscli.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 47104 c:windowssystem32mqdscli.dll
+ 2004-08-17 13:04 . 2009-06-22 11:49 19968 c:windowssystem32mqbkup.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 19968 c:windowssystem32mqbkup.exe
+ 2004-08-17 13:04 . 2006-10-04 13:34 72704 c:windowssystem32magnify.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 72704 c:windowssystem32magnify.exe
+ 2004-08-17 13:04 . 2010-02-26 06:06 16384 c:windowssystem32jsproxy.dll
+ 2004-08-17 16:04 . 2009-11-27 16:40 48128 c:windowssystem32iyuv_32.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 96256 c:windowssystem32inseng.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 96256 c:windowssystem32inseng.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 81920 c:windowssystem32ieencode.dll
+ 2004-08-17 13:04 . 2010-02-26 06:06 81920 c:windowssystem32ieencode.dll
+ 2004-08-17 13:04 . 2009-10-21 05:51 25088 c:windowssystem32httpapi.dll
+ 2006-02-17 12:12 . 2009-10-15 16:56 81920 c:windowssystem32fontsub.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 55808 c:windowssystem32extmgr.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 55808 c:windowssystem32extmgr.dll
+ 2004-08-03 19:58 . 2009-06-22 11:48 91776 c:windowssystem32driversmqac.sys
+ 2004-08-03 19:59 . 2009-06-22 11:35 92544 c:windowssystem32driversksecdd.sys
+ 2008-07-01 05:04 . 2008-07-01 05:04 34312 c:windowssystem32driversepfwtdir.sys
+ 2008-07-01 04:57 . 2008-07-01 04:57 53256 c:windowssystem32driverseasdrv.sys
+ 2008-07-01 04:56 . 2008-07-01 04:56 39944 c:windowssystem32driverseamon.sys
+ 2007-09-08 18:42 . 2009-08-06 15:24 35552 c:windowssystem32dllcachewups.dll
+ 2007-09-08 18:42 . 2009-08-06 15:24 53472 c:windowssystem32dllcachewuauclt.exe
+ 2004-08-17 13:04 . 2009-06-25 08:22 59392 c:windowssystem32dllcachewdigest.dll
+ 2004-08-17 13:05 . 2006-10-04 13:34 50176 c:windowssystem32dllcacheutilman.exe
— 2004-08-17 13:05 . 2004-08-17 13:05 50176 c:windowssystem32dllcacheutilman.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 36352 c:windowssystem32dllcacheumandlg.dll
+ 2004-08-17 13:04 . 2006-10-04 13:39 36352 c:windowssystem32dllcacheumandlg.dll
+ 2004-08-17 13:05 . 2009-06-15 12:09 80896 c:windowssystem32dllcachetlntsess.exe
+ 2005-05-11 02:33 . 2009-06-15 12:09 79872 c:windowssystem32dllcachetelnet.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 75776 c:windowssystem32dllcachestrmfilt.dll
+ 2004-08-17 13:04 . 2009-10-21 05:51 75776 c:windowssystem32dllcachestrmfilt.dll
+ 2004-08-17 13:04 . 2009-06-25 08:22 56320 c:windowssystem32dllcachesecur32.dll
+ 2001-10-20 13:00 . 2009-02-06 09:54 35328 c:windowssystem32dllcachesc.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 69632 c:windowssystem32dllcacheraschap.dll
+ 2004-08-17 13:04 . 2009-10-12 13:54 69632 c:windowssystem32dllcacheraschap.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 39424 c:windowssystem32dllcachepngfilt.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 39424 c:windowssystem32dllcachepngfilt.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 54784 c:windowssystem32dllcachenarrator.exe
+ 2004-08-17 13:04 . 2006-10-04 13:34 54784 c:windowssystem32dllcachenarrator.exe
+ 2007-09-08 18:39 . 2008-06-12 13:49 91648 c:windowssystem32dllcachemtxoci.dll
+ 2006-02-17 12:12 . 2008-06-12 13:49 66560 c:windowssystem32dllcachemtxclu.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 66560 c:windowssystem32dllcachemtxclu.dll
+ 2004-08-17 16:04 . 2009-11-27 17:11 17920 c:windowssystem32dllcachemsyuv.dll
+ 2001-10-20 13:00 . 2009-11-27 16:40 28672 c:windowssystem32dllcachemsvidc32.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 11264 c:windowssystem32dllcachemsrle32.dll
+ 2004-08-17 13:04 . 2009-11-27 16:40 11264 c:windowssystem32dllcachemsrle32.dll
— 2007-09-08 18:39 . 2004-08-17 13:04 58880 c:windowssystem32dllcachemsdtclog.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 58880 c:windowssystem32dllcachemsdtclog.dll
+ 2006-02-17 12:12 . 2008-06-24 16:31 74240 c:windowssystem32dllcachemscms.dll
+ 2004-08-17 13:04 . 2009-09-04 20:47 58880 c:windowssystem32dllcachemsasn1.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 48640 c:windowssystem32dllcachemqupgrd.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 48640 c:windowssystem32dllcachemqupgrd.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 95744 c:windowssystem32dllcachemqsec.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 95744 c:windowssystem32dllcachemqsec.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 16896 c:windowssystem32dllcachemqise.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 16896 c:windowssystem32dllcachemqise.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 47104 c:windowssystem32dllcachemqdscli.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 47104 c:windowssystem32dllcachemqdscli.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 19968 c:windowssystem32dllcachemqbkup.exe
+ 2004-08-17 13:04 . 2009-06-22 11:49 19968 c:windowssystem32dllcachemqbkup.exe
+ 2004-08-03 19:58 . 2009-06-22 11:48 91776 c:windowssystem32dllcachemqac.sys
+ 2004-08-17 13:04 . 2006-10-04 13:34 72704 c:windowssystem32dllcachemagnify.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 72704 c:windowssystem32dllcachemagnify.exe
+ 2004-08-03 19:59 . 2009-06-22 11:35 92544 c:windowssystem32dllcacheksecdd.sys
+ 2004-08-17 13:04 . 2010-02-26 06:06 16384 c:windowssystem32dllcachejsproxy.dll
+ 2004-08-17 16:04 . 2009-11-27 16:40 48128 c:windowssystem32dllcacheiyuv_32.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 96256 c:windowssystem32dllcacheinseng.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 96256 c:windowssystem32dllcacheinseng.dll
+ 2004-08-17 13:04 . 2010-02-26 06:06 81920 c:windowssystem32dllcacheieencode.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 81920 c:windowssystem32dllcacheieencode.dll
+ 2007-09-08 18:41 . 2010-02-25 11:17 18432 c:windowssystem32dllcacheiedw.exe
— 2007-09-08 18:41 . 2006-02-17 12:12 18432 c:windowssystem32dllcacheiedw.exe
+ 2004-08-17 13:04 . 2009-10-21 05:51 25088 c:windowssystem32dllcachehttpapi.dll
+ 2006-02-17 12:12 . 2009-10-15 16:56 81920 c:windowssystem32dllcachefontsub.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 55808 c:windowssystem32dllcacheextmgr.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 55808 c:windowssystem32dllcacheextmgr.dll
+ 2004-08-17 13:04 . 2009-12-14 07:37 33280 c:windowssystem32dllcachecsrsrv.dll
+ 2006-02-17 12:12 . 2009-08-06 15:24 96480 c:windowssystem32dllcachecdm.dll
+ 2004-08-17 13:04 . 2010-01-13 14:10 86016 c:windowssystem32dllcachecabview.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 85504 c:windowssystem32dllcacheavifil32.dll
+ 2004-08-17 13:04 . 2009-11-27 16:40 85504 c:windowssystem32dllcacheavifil32.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 58880 c:windowssystem32dllcacheatl.dll
+ 2004-08-17 13:04 . 2009-07-17 18:57 58880 c:windowssystem32dllcacheatl.dll
+ 2004-08-17 13:04 . 2009-12-14 07:37 33280 c:windowssystem32csrsrv.dll
+ 2006-02-17 12:12 . 2009-08-06 15:24 96480 c:windowssystem32cdm.dll
+ 2004-08-17 13:04 . 2010-01-13 14:10 86016 c:windowssystem32cabview.dll
+ 2004-08-17 13:04 . 2009-11-27 16:40 85504 c:windowssystem32avifil32.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 85504 c:windowssystem32avifil32.dll
+ 2004-08-17 13:04 . 2009-07-17 18:57 58880 c:windowssystem32atl.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 58880 c:windowssystem32atl.dll
+ 2008-11-25 00:59 . 2008-11-25 00:59 31560 c:windowsMicrosoft.NETFrameworkv2.0.50727aspnet_wp.exe
+ 2010-05-30 09:45 . 2010-05-30 09:45 32768 c:windowsInstaller{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}icon.exe
+ 2010-05-30 09:45 . 2010-05-30 09:45 32768 c:windowsInstaller{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}icon.exe
+ 2010-05-30 07:40 . 2010-05-30 07:40 10134 c:windowsInstaller{3407FD83-0A2F-475E-BE94-34F1FA342C84}callmsi.exe
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:windowsDriver Cachei386msyuv.dll
+ 2009-11-27 16:40 . 2009-11-27 16:40 48128 c:windowsDriver Cachei386iyuv_32.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 60928 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationProviderb4a9e413d5cd6d6ec2d50aa05381e293UIAutomationProvider.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 37888 c:windowsassemblyNativeImages_v2.0.50727_32System.Windows.Pres#8acb476a0d4ee17a12881e17ae74a6afSystem.Windows.Presentation.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 36864 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.DynamicD#4b87ca3482a3c0ee733e028ecee7de65System.Web.DynamicData.Design.ni.dll
+ 2010-05-30 13:17 . 2010-05-30 13:17 94208 c:windowsassemblyNativeImages_v2.0.50727_32System.ComponentMod#a0c71055364bd356971791284c3fb910System.ComponentModel.DataAnnotations.ni.dll
+ 2010-05-30 13:17 . 2010-05-30 13:17 82944 c:windowsassemblyNativeImages_v2.0.50727_32System.AddIn.Contra#f9a75bbdc2ce7db578b5977766a09b99System.AddIn.Contract.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 47104 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFontCac#3dd0f86c966c75755d62eab8ddf0634cPresentationFontCache.ni.exe
+ 2010-05-30 10:19 . 2010-05-30 10:19 39424 c:windowsassemblyNativeImages_v2.0.50727_32PresentationCFFRast#34d081fe294bab1ee1ecc98c1181424PresentationCFFRasterizer.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 55296 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Vsaf2673aec397c52796aef05bb9d2668dfMicrosoft.Vsa.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 15872 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.VisualC1ded203bd27031c3a5e3441f94b528c0Microsoft.VisualC.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 65024 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Fra#d513fe1a81c441e7656a9b062cff4e9fMicrosoft.Build.Framework.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 74752 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Fra#c5d504724d7f351b1d034615dbb72a2aMicrosoft.Build.Framework.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 14336 c:windowsassemblyNativeImages_v2.0.50727_32dfsvca664ccab020f93f1d533919f57131190dfsvc.ni.exe
+ 2010-05-30 10:19 . 2010-05-30 10:19 25600 c:windowsassemblyNativeImages_v2.0.50727_32Accessibilitye63d6d26b8a664cfdfbd4ad75e03c14dAccessibility.ni.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 77824 c:windowsassemblyGAC_MSILSystem.Web.RegularExpressions2.0.0.0__b03f5f7f11d50a3aSystem.Web.RegularExpressions.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 77824 c:windowsassemblyGAC_MSILSystem.Web.RegularExpressions2.0.0.0__b03f5f7f11d50a3aSystem.Web.RegularExpressions.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 81920 c:windowsassemblyGAC_MSILSystem.Drawing.Design2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.Design.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 81920 c:windowsassemblyGAC_MSILSystem.Drawing.Design2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.Design.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 81920 c:windowsassemblyGAC_MSILSystem.Configuration.Install2.0.0.0__b03f5f7f11d50a3aSystem.Configuration.Install.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 81920 c:windowsassemblyGAC_MSILSystem.Configuration.Install2.0.0.0__b03f5f7f11d50a3aSystem.Configuration.Install.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 32768 c:windowsassemblyGAC_MSILMicrosoft.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 32768 c:windowsassemblyGAC_MSILMicrosoft.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 12800 c:windowsassemblyGAC_MSILMicrosoft.Vsa.Vb.CodeDOMProcessor8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.Vb.CodeDOMProcessor.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 12800 c:windowsassemblyGAC_MSILMicrosoft.Vsa.Vb.CodeDOMProcessor8.0.0.0__b03f5f7f11d50a3aMicrosoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 28672 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Vsa.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 28672 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Vsa8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Vsa.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 77824 c:windowsassemblyGAC_MSILMicrosoft.Build.Utilities2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Utilities.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 77824 c:windowsassemblyGAC_MSILMicrosoft.Build.Utilities2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Utilities.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 36864 c:windowsassemblyGAC_MSILMicrosoft.Build.Framework2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Framework.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 36864 c:windowsassemblyGAC_MSILMicrosoft.Build.Framework2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Framework.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 77824 c:windowsassemblyGAC_MSILIEHost2.0.0.0__b03f5f7f11d50a3aIEHost.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 77824 c:windowsassemblyGAC_MSILIEHost2.0.0.0__b03f5f7f11d50a3aIEHost.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 13312 c:windowsassemblyGAC_MSILcscompmgd8.0.0.0__b03f5f7f11d50a3acscompmgd.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 13312 c:windowsassemblyGAC_MSILcscompmgd8.0.0.0__b03f5f7f11d50a3acscompmgd.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 10752 c:windowsassemblyGAC_MSILAccessibility2.0.0.0__b03f5f7f11d50a3aAccessibility.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 10752 c:windowsassemblyGAC_MSILAccessibility2.0.0.0__b03f5f7f11d50a3aAccessibility.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 72192 c:windowsassemblyGAC_32ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 72192 c:windowsassemblyGAC_32ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 69120 c:windowsassemblyGAC_32CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 69120 c:windowsassemblyGAC_32CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 8192 c:windowsWinSxSMSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34eIEExecRemote.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 8192 c:windowsWinSxSMSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34eIEExecRemote.dll
+ 2001-10-19 21:06 . 2009-11-27 16:40 8704 c:windowssystem32tsbyuv.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 4608 c:windowssystem32mqsvc.exe
+ 2004-08-17 13:04 . 2009-06-22 11:49 4608 c:windowssystem32mqsvc.exe
+ 2001-10-19 21:06 . 2009-11-27 16:40 8704 c:windowssystem32dllcachetsbyuv.dll
+ 2004-08-17 13:04 . 2009-06-22 11:49 4608 c:windowssystem32dllcachemqsvc.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 4608 c:windowssystem32dllcachemqsvc.exe
+ 2009-11-27 16:40 . 2009-11-27 16:40 8704 c:windowsDriver Cachei386tsbyuv.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 7168 c:windowsassemblyGAC_MSILMicrosoft_VsaVb8.0.0.0__b03f5f7f11d50a3aMicrosoft_VsaVb.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 7168 c:windowsassemblyGAC_MSILMicrosoft_VsaVb8.0.0.0__b03f5f7f11d50a3aMicrosoft_VsaVb.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 5632 c:windowsassemblyGAC_MSILMicrosoft.VisualC8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualC.Dll
— 2009-09-25 17:44 . 2009-09-25 17:44 5632 c:windowsassemblyGAC_MSILMicrosoft.VisualC8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualC.Dll
— 2009-09-25 17:44 . 2009-09-25 17:44 6656 c:windowsassemblyGAC_MSILIIEHost2.0.0.0__b03f5f7f11d50a3aIIEHost.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 6656 c:windowsassemblyGAC_MSILIIEHost2.0.0.0__b03f5f7f11d50a3aIIEHost.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 8192 c:windowsassemblyGAC_MSILIEExecRemote2.0.0.0__b03f5f7f11d50a3aIEExecRemote.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 8192 c:windowsassemblyGAC_MSILIEExecRemote2.0.0.0__b03f5f7f11d50a3aIEExecRemote.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 113664 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.Wrapper.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 113664 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.Wrapper.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 258048 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 258048 c:windowsWinSxSx86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790System.EnterpriseServices.dll
+ 2005-10-06 06:15 . 2010-02-26 00:58 361984 c:windowssystem32xpsp3res.dll
+ 2007-09-08 18:42 . 2009-08-06 15:24 209632 c:windowssystem32wuweb.dll
+ 2007-09-08 18:42 . 2009-08-06 15:24 327896 c:windowssystem32wucltui.dll
+ 2007-09-08 18:42 . 2009-08-06 15:23 575704 c:windowssystem32wuapi.dll
+ 2006-02-17 13:50 . 2009-04-01 19:02 604160 c:windowssystem32wmspdmod.dll
+ 2006-02-17 13:49 . 2009-07-13 06:08 286720 c:windowssystem32wmpdxm.dll
+ 2006-02-17 13:49 . 2008-06-18 01:03 938496 c:windowssystem32WMNetmgr.dll
+ 2006-02-17 13:49 . 2007-10-25 05:28 222720 c:windowssystem32wmasf.dll
+ 2004-08-17 13:04 . 2009-06-10 06:32 132096 c:windowssystem32wkssvc.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 132096 c:windowssystem32wkssvc.dll
+ 2004-08-17 13:04 . 2009-12-24 07:07 177664 c:windowssystem32wintrust.dll
+ 2006-02-17 12:13 . 2010-02-26 06:06 669184 c:windowssystem32wininet.dll
+ 2004-08-17 13:04 . 2009-08-25 09:48 352256 c:windowssystem32winhttp.dll
+ 2007-09-08 18:39 . 2009-02-06 09:41 227840 c:windowssystem32wbemwmiprvse.exe
+ 2007-09-08 18:39 . 2009-02-10 14:34 453120 c:windowssystem32wbemwmiprvsd.dll
+ 2007-09-08 18:39 . 2009-02-09 10:04 473088 c:windowssystem32wbemfastprox.dll
+ 2006-02-17 12:13 . 2010-02-26 06:06 627712 c:windowssystem32urlmon.dll
+ 2006-02-17 12:13 . 2009-10-15 16:56 119808 c:windowssystem32t2embed.dll
+ 2004-08-17 13:04 . 2009-08-26 08:16 247326 c:windowssystem32strmdll.dll
— 2006-02-17 12:13 . 2006-02-17 12:13 474112 c:windowssystem32shlwapi.dll
+ 2006-02-17 12:13 . 2010-02-26 06:06 474112 c:windowssystem32shlwapi.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 169472 c:windowssystem32Setupmsmqocm.dll
+ 2004-08-17 13:05 . 2009-02-09 09:54 111104 c:windowssystem32services.exe
+ 2004-08-17 13:04 . 2009-06-25 08:22 168448 c:windowssystem32schannel.dll
+ 2006-02-17 12:13 . 2009-02-09 10:04 401408 c:windowssystem32rpcss.dll
+ 2006-02-17 12:13 . 2009-04-15 15:31 583168 c:windowssystem32rpcrt4.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 112640 c:windowssystem32rastls.dll
+ 2004-08-17 13:04 . 2009-10-12 13:54 112640 c:windowssystem32rastls.dll
+ 2001-10-20 13:00 . 2010-05-30 10:18 432492 c:windowssystem32perfh009.dat
— 2001-10-20 13:00 . 2010-04-04 10:08 432492 c:windowssystem32perfh009.dat
+ 2004-08-17 13:04 . 2009-03-06 14:01 284672 c:windowssystem32pdh.dll
+ 2004-08-17 13:05 . 2006-10-04 13:34 215552 c:windowssystem32osk.exe
— 2004-08-17 13:05 . 2004-08-17 13:05 215552 c:windowssystem32osk.exe
+ 2004-08-17 13:04 . 2009-10-13 10:53 267264 c:windowssystem32oakley.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 267264 c:windowssystem32oakley.dll
+ 2004-08-17 13:04 . 2009-02-09 10:04 719360 c:windowssystem32ntdll.dll
+ 2004-08-17 13:04 . 2009-02-06 18:47 408064 c:windowssystem32netlogon.dll
+ 2006-02-17 12:12 . 2008-10-15 16:55 339456 c:windowssystem32netapi32.dll
+ 2004-08-17 13:04 . 2008-06-20 17:37 247296 c:windowssystem32mswsock.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 247296 c:windowssystem32mswsock.dll
+ 2004-08-17 13:04 . 2009-08-05 09:08 204800 c:windowssystem32mswebdvd.dll
+ 2004-08-17 13:04 . 2009-09-11 14:12 136192 c:windowssystem32msv1_0.dll
+ 2007-09-08 18:39 . 2009-06-05 07:46 655872 c:windowssystem32mstscax.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 532480 c:windowssystem32mstime.dll
+ 2006-02-17 13:49 . 2006-12-04 12:21 414720 c:windowssystem32msscp.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 146432 c:windowssystem32msrating.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 146432 c:windowssystem32msrating.dll
+ 2007-09-08 18:39 . 2009-12-17 08:00 345088 c:windowssystem32mspaint.exe
— 2007-09-08 18:39 . 2004-08-17 13:04 345088 c:windowssystem32mspaint.exe
+ 2006-02-17 12:12 . 2010-02-26 06:06 449024 c:windowssystem32mshtmled.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 161792 c:windowssystem32msdtcuiu.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 956928 c:windowssystem32msdtctm.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 428032 c:windowssystem32msdtcprx.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 486400 c:windowssystem32mqutil.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 486400 c:windowssystem32mqutil.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 186880 c:windowssystem32mqtrig.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 186880 c:windowssystem32mqtrig.dll
+ 2004-08-17 13:04 . 2009-06-22 11:49 117248 c:windowssystem32mqtgsvc.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 117248 c:windowssystem32mqtgsvc.exe
+ 2004-08-17 13:04 . 2009-06-25 18:37 517120 c:windowssystem32mqsnap.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 123392 c:windowssystem32mqrtdep.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 123392 c:windowssystem32mqrtdep.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 177152 c:windowssystem32mqrt.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 177152 c:windowssystem32mqrt.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 661504 c:windowssystem32mqqm.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 225280 c:windowssystem32mqoa.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 225280 c:windowssystem32mqoa.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 138240 c:windowssystem32mqad.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 138240 c:windowssystem32mqad.dll
+ 2006-02-17 12:12 . 2009-06-25 08:22 731648 c:windowssystem32lsasrv.dll
+ 2006-02-17 13:49 . 2008-06-17 21:09 100864 c:windowssystem32logagent.exe
— 2006-02-17 13:49 . 2006-10-18 16:03 100864 c:windowssystem32logagent.exe
+ 2004-08-17 13:04 . 2009-05-07 15:44 345088 c:windowssystem32localspl.dll
+ 2006-02-17 13:49 . 2009-03-21 13:58 995328 c:windowssystem32kernel32.dll
+ 2006-02-17 12:12 . 2009-06-25 08:22 301568 c:windowssystem32kerberos.dll
+ 2010-05-30 10:15 . 2009-03-10 18:18 454536 c:windowssystem32KB905474wgasetup.exe
+ 2006-02-17 12:12 . 2009-08-21 06:52 450560 c:windowssystem32jscript.dll
+ 2007-09-08 18:41 . 2010-01-29 14:49 683520 c:windowssystem32inetcomm.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 251904 c:windowssystem32iepeers.dll
+ 2006-02-17 12:12 . 2008-10-23 12:52 284160 c:windowssystem32gdi32.dll
+ 2007-09-08 22:33 . 2010-05-30 12:10 218448 c:windowssystem32FNTCACHE.DAT
— 2007-09-08 22:33 . 2010-04-11 06:04 218448 c:windowssystem32FNTCACHE.DAT
+ 2006-02-17 12:12 . 2008-07-07 20:18 253952 c:windowssystem32es.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 205312 c:windowssystem32dxtrans.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 205312 c:windowssystem32dxtrans.dll
+ 2004-08-17 13:04 . 2010-02-26 06:06 357888 c:windowssystem32dxtmsft.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 357888 c:windowssystem32dxtmsft.dll
+ 2004-08-03 20:07 . 2010-02-11 11:08 226880 c:windowssystem32driverstcpip6.sys
+ 2006-02-17 12:13 . 2008-06-20 10:44 360960 c:windowssystem32driverstcpip.sys
+ 2006-02-17 12:13 . 2009-12-31 15:06 352640 c:windowssystem32driverssrv.sys
+ 2001-10-20 13:00 . 2008-05-08 12:28 202752 c:windowssystem32driversrmcast.sys
+ 2006-02-17 12:12 . 2010-02-24 12:48 457216 c:windowssystem32driversmrxsmb.sys
+ 2006-02-17 12:12 . 2009-10-20 14:41 265728 c:windowssystem32drivershttp.sys
+ 2004-08-03 20:14 . 2008-08-14 09:48 138368 c:windowssystem32driversafd.sys
+ 2004-08-17 13:04 . 2008-06-20 17:37 147968 c:windowssystem32dnsapi.dll
+ 2007-09-08 18:42 . 2009-08-06 15:24 209632 c:windowssystem32dllcachewuweb.dll
+ 2007-09-08 18:42 . 2009-08-06 15:24 327896 c:windowssystem32dllcachewucltui.dll
+ 2007-09-08 18:42 . 2009-08-06 15:23 575704 c:windowssystem32dllcachewuapi.dll
+ 2007-09-08 18:39 . 2008-04-21 21:28 218624 c:windowssystem32dllcachewordpad.exe
+ 2006-02-17 13:50 . 2009-04-01 19:02 604160 c:windowssystem32dllcachewmspdmod.dll
+ 2006-02-17 13:49 . 2009-07-13 06:08 286720 c:windowssystem32dllcachewmpdxm.dll
+ 2006-02-17 13:49 . 2008-06-18 01:03 938496 c:windowssystem32dllcacheWMNetmgr.dll
+ 2007-09-08 18:39 . 2009-02-06 09:41 227840 c:windowssystem32dllcachewmiprvse.exe
+ 2007-09-08 18:39 . 2009-02-10 14:34 453120 c:windowssystem32dllcachewmiprvsd.dll
+ 2006-02-17 13:49 . 2007-10-25 05:28 222720 c:windowssystem32dllcachewmasf.dll
+ 2004-08-17 13:04 . 2009-06-10 06:32 132096 c:windowssystem32dllcachewkssvc.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 132096 c:windowssystem32dllcachewkssvc.dll
+ 2004-08-17 13:04 . 2009-12-24 07:07 177664 c:windowssystem32dllcachewintrust.dll
+ 2006-02-17 12:13 . 2010-02-26 06:06 669184 c:windowssystem32dllcachewininet.dll
+ 2004-08-17 13:04 . 2009-08-25 09:48 352256 c:windowssystem32dllcachewinhttp.dll
+ 2006-02-17 12:13 . 2010-03-10 08:07 417792 c:windowssystem32dllcachevbscript.dll
+ 2006-02-17 12:13 . 2010-02-26 06:06 627712 c:windowssystem32dllcacheurlmon.dll
+ 2007-09-08 18:41 . 2009-06-21 22:07 153088 c:windowssystem32dllcachetriedit.dll
— 2007-09-08 18:41 . 2004-08-17 13:04 153088 c:windowssystem32dllcachetriedit.dll
+ 2004-08-03 20:07 . 2010-02-11 11:08 226880 c:windowssystem32dllcachetcpip6.sys
+ 2006-02-17 12:13 . 2008-06-20 10:44 360960 c:windowssystem32dllcachetcpip.sys
+ 2006-02-17 12:13 . 2009-10-15 16:56 119808 c:windowssystem32dllcachet2embed.dll
+ 2004-08-17 13:04 . 2009-08-26 08:16 247326 c:windowssystem32dllcachestrmdll.dll
+ 2006-02-17 12:13 . 2009-12-31 15:06 352640 c:windowssystem32dllcachesrv.sys
— 2006-02-17 12:13 . 2006-02-17 12:13 474112 c:windowssystem32dllcacheshlwapi.dll
+ 2006-02-17 12:13 . 2010-02-26 06:06 474112 c:windowssystem32dllcacheshlwapi.dll
+ 2004-08-17 13:05 . 2009-02-09 09:54 111104 c:windowssystem32dllcacheservices.exe
+ 2004-08-17 13:04 . 2009-06-25 08:22 168448 c:windowssystem32dllcacheschannel.dll
+ 2006-02-17 12:13 . 2009-02-09 10:04 401408 c:windowssystem32dllcacherpcss.dll
+ 2006-02-17 12:13 . 2009-04-15 15:31 583168 c:windowssystem32dllcacherpcrt4.dll
+ 2001-10-20 13:00 . 2008-05-08 12:28 202752 c:windowssystem32dllcachermcast.sys
+ 2004-08-17 13:04 . 2009-10-12 13:54 112640 c:windowssystem32dllcacherastls.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 112640 c:windowssystem32dllcacherastls.dll
+ 2004-08-17 13:04 . 2009-03-06 14:01 284672 c:windowssystem32dllcachepdh.dll
+ 2004-08-17 13:05 . 2006-10-04 13:34 215552 c:windowssystem32dllcacheosk.exe
— 2004-08-17 13:05 . 2004-08-17 13:05 215552 c:windowssystem32dllcacheosk.exe
+ 2004-08-17 13:04 . 2009-10-13 10:53 267264 c:windowssystem32dllcacheoakley.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 267264 c:windowssystem32dllcacheoakley.dll
+ 2004-08-17 13:04 . 2009-02-09 10:04 719360 c:windowssystem32dllcachentdll.dll
+ 2004-08-17 13:04 . 2009-02-06 18:47 408064 c:windowssystem32dllcachenetlogon.dll
+ 2006-02-17 12:12 . 2008-10-15 16:55 339456 c:windowssystem32dllcachenetapi32.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 247296 c:windowssystem32dllcachemswsock.dll
+ 2004-08-17 13:04 . 2008-06-20 17:37 247296 c:windowssystem32dllcachemswsock.dll
+ 2004-08-17 13:04 . 2009-08-05 09:08 204800 c:windowssystem32dllcachemswebdvd.dll
+ 2004-08-17 13:04 . 2009-09-11 14:12 136192 c:windowssystem32dllcachemsv1_0.dll
+ 2007-09-08 18:39 . 2009-06-05 07:46 655872 c:windowssystem32dllcachemstscax.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 532480 c:windowssystem32dllcachemstime.dll
+ 2006-02-17 13:49 . 2006-12-04 12:21 414720 c:windowssystem32dllcachemsscp.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 146432 c:windowssystem32dllcachemsrating.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 146432 c:windowssystem32dllcachemsrating.dll
— 2007-09-08 18:39 . 2004-08-17 13:04 345088 c:windowssystem32dllcachemspaint.exe
+ 2007-09-08 18:39 . 2009-12-17 08:00 345088 c:windowssystem32dllcachemspaint.exe
+ 2004-08-17 13:04 . 2009-06-25 18:37 169472 c:windowssystem32dllcachemsmqocm.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 449024 c:windowssystem32dllcachemshtmled.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 161792 c:windowssystem32dllcachemsdtcuiu.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 956928 c:windowssystem32dllcachemsdtctm.dll
+ 2007-09-08 18:39 . 2008-06-12 13:49 428032 c:windowssystem32dllcachemsdtcprx.dll
— 2007-09-08 18:41 . 2004-08-17 13:04 331776 c:windowssystem32dllcachemsadce.dll
+ 2007-09-08 18:41 . 2008-05-01 14:33 331776 c:windowssystem32dllcachemsadce.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 486400 c:windowssystem32dllcachemqutil.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 486400 c:windowssystem32dllcachemqutil.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 186880 c:windowssystem32dllcachemqtrig.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 186880 c:windowssystem32dllcachemqtrig.dll
+ 2004-08-17 13:04 . 2009-06-22 11:49 117248 c:windowssystem32dllcachemqtgsvc.exe
— 2004-08-17 13:04 . 2004-08-17 13:04 117248 c:windowssystem32dllcachemqtgsvc.exe
+ 2004-08-17 13:04 . 2009-06-25 18:37 517120 c:windowssystem32dllcachemqsnap.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 123392 c:windowssystem32dllcachemqrtdep.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 123392 c:windowssystem32dllcachemqrtdep.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 177152 c:windowssystem32dllcachemqrt.dll2 июня, 2010 в 3:46 пп #29580— 2004-08-17 13:04 . 2004-08-17 13:04 177152 c:windowssystem32dllcachemqrt.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 661504 c:windowssystem32dllcachemqqm.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 225280 c:windowssystem32dllcachemqoa.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 225280 c:windowssystem32dllcachemqoa.dll
+ 2004-08-17 13:04 . 2009-06-25 18:37 138240 c:windowssystem32dllcachemqad.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 138240 c:windowssystem32dllcachemqad.dll
+ 2006-02-17 12:12 . 2009-06-25 08:22 731648 c:windowssystem32dllcachelsasrv.dll
+ 2006-02-17 13:49 . 2008-06-17 21:09 100864 c:windowssystem32dllcachelogagent.exe
— 2006-02-17 13:49 . 2006-10-18 16:03 100864 c:windowssystem32dllcachelogagent.exe
+ 2004-08-17 13:04 . 2009-05-07 15:44 345088 c:windowssystem32dllcachelocalspl.dll
+ 2006-02-17 13:49 . 2009-03-21 13:58 995328 c:windowssystem32dllcachekernel32.dll
+ 2006-02-17 12:12 . 2009-06-25 08:22 301568 c:windowssystem32dllcachekerberos.dll
+ 2006-02-17 12:12 . 2009-08-21 06:52 450560 c:windowssystem32dllcachejscript.dll
+ 2007-09-08 18:41 . 2010-01-29 14:49 683520 c:windowssystem32dllcacheinetcomm.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 251904 c:windowssystem32dllcacheiepeers.dll
+ 2009-10-20 14:41 . 2009-10-20 14:41 265728 c:windowssystem32dllcachehttp.sys
+ 2006-02-17 12:12 . 2008-10-23 12:52 284160 c:windowssystem32dllcachegdi32.dll
+ 2007-09-08 18:39 . 2009-02-09 10:04 473088 c:windowssystem32dllcachefastprox.dll
+ 2006-02-17 12:12 . 2008-07-07 20:18 253952 c:windowssystem32dllcachees.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 205312 c:windowssystem32dllcachedxtrans.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 205312 c:windowssystem32dllcachedxtrans.dll
+ 2004-08-17 13:04 . 2010-02-26 06:06 357888 c:windowssystem32dllcachedxtmsft.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 357888 c:windowssystem32dllcachedxtmsft.dll
+ 2004-08-17 13:04 . 2008-06-20 17:37 147968 c:windowssystem32dllcachednsapi.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 151552 c:windowssystem32dllcachecdfview.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 151552 c:windowssystem32dllcachecdfview.dll
+ 2004-08-03 20:14 . 2008-08-14 09:48 138368 c:windowssystem32dllcacheafd.sys
+ 2004-08-17 13:04 . 2009-02-09 10:04 688128 c:windowssystem32dllcacheadvapi32.dll
+ 2004-08-17 13:04 . 2009-11-21 16:46 470528 c:windowssystem32dllcacheaclayers.dll
+ 2004-08-17 13:04 . 2010-02-12 04:36 100864 c:windowssystem32dllcache6to4svc.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 151552 c:windowssystem32cdfview.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 151552 c:windowssystem32cdfview.dll
+ 2004-08-17 13:04 . 2009-02-09 10:04 688128 c:windowssystem32advapi32.dll
+ 2004-08-17 13:04 . 2010-02-12 04:36 100864 c:windowssystem326to4svc.dll
+ 2008-11-25 00:59 . 2008-11-25 00:59 436040 c:windowsMicrosoft.NETFrameworkv2.0.50727webengine.dll
+ 2008-11-25 00:59 . 2008-11-25 00:59 486400 c:windowsMicrosoft.NETFrameworkv2.0.50727System.Data.OracleClient.dll
— 2008-07-25 07:17 . 2008-07-25 07:17 486400 c:windowsMicrosoft.NETFrameworkv2.0.50727System.Data.OracleClient.dll
+ 2008-11-25 00:59 . 2008-11-25 00:59 364872 c:windowsMicrosoft.NETFrameworkv2.0.50727mscorjit.dll
+ 2009-08-07 19:51 . 2009-08-07 19:51 989016 c:windowsMicrosoft.NETFrameworkv2.0.50727mscordacwks.dll
+ 2010-05-30 10:15 . 2010-05-30 10:15 969728 c:windowsInstaller94841b.msi
+ 2008-12-13 05:58 . 2008-12-13 05:58 754688 c:windowsInstaller7817db.msp
+ 2009-03-20 07:48 . 2009-03-20 07:48 183808 c:windowsInstaller7817a2.msp
+ 2010-05-30 09:45 . 2010-05-30 09:45 432640 c:windowsInstaller781797.msi
+ 2010-05-30 09:45 . 2010-05-30 09:45 429568 c:windowsInstaller78178e.msi
+ 2010-05-30 07:40 . 2010-05-30 07:40 849408 c:windowsInstaller5faa6.msi
+ 2010-05-30 07:40 . 2010-05-30 07:40 136448 c:windowsInstaller{3407FD83-0A2F-475E-BE94-34F1FA342C84}egui.exe
+ 2010-05-30 08:32 . 2010-02-24 12:48 457216 c:windowsDriver Cachei386mrxsmb.sys
+ 2009-10-20 14:41 . 2009-10-20 14:41 265728 c:windowsDriver Cachei386http.sys
+ 2010-05-30 08:14 . 2008-06-14 17:59 272512 c:windowsDriver Cachei386bthport.sys
+ 2010-05-30 12:53 . 2010-05-30 12:53 321536 c:windowsassemblyNativeImages_v2.0.50727_32WsatConfige2098e43d115155d6ba91ba3a7e577cfWsatConfig.ni.exe
+ 2010-05-30 10:21 . 2010-05-30 10:21 240128 c:windowsassemblyNativeImages_v2.0.50727_32WindowsFormsIntegra#bf92bc207f927cbbd6dfc9dc0c3eae68WindowsFormsIntegration.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 187904 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationTypes6f488b7644dc50a083868e91a4014466UIAutomationTypes.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 447488 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationClientc2fbf25609b704061a93500efa6f241dUIAutomationClient.ni.dll
+ 2010-05-30 13:31 . 2010-05-30 13:31 400896 c:windowsassemblyNativeImages_v2.0.50727_32System.Xml.Linqeb23b78564687badff1bd1f1d0a0ec97System.Xml.Linq.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 129536 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Routinge7666364bf9f3ba5f4833c9efedd8218System.Web.Routing.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 202240 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.RegularE#b5f1b8791e6c47e5bd5e7018c346c586System.Web.RegularExpressions.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 859648 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Extensio#884eacddf339b8b342f66aedff5f8ef9System.Web.Extensions.Design.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 328704 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Entity9e199645bd26f1afe58ebe185d1e7f0fSystem.Web.Entity.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 301056 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Entity.D#652017ebe962ab2eb271c2524f31cd61System.Web.Entity.Design.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 547328 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.DynamicD#d0070c1c1a642ae30394e00bc0d82336System.Web.DynamicData.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 141312 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Abstract#1896753d02d146be1988d32241300f51System.Web.Abstractions.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 627200 c:windowsassemblyNativeImages_v2.0.50727_32System.Transactions408e637346ef628a3f54fb1b9b83ac9fSystem.Transactions.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 212992 c:windowsassemblyNativeImages_v2.0.50727_32System.ServiceProce#1f61bccb700d687775cf778dd77752e9System.ServiceProcess.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 676352 c:windowsassemblyNativeImages_v2.0.50727_32System.Securitya9e9b885a6601469c4058375cc74d856System.Security.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 311296 c:windowsassemblyNativeImages_v2.0.50727_32System.Runtime.Seri#9bc34a79af9c3ed2cf17a0226c769b4cSystem.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 771584 c:windowsassemblyNativeImages_v2.0.50727_32System.Runtime.Remo#af21e3011fb4e107b13ea5c40c351ec4System.Runtime.Remoting.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 621056 c:windowsassemblyNativeImages_v2.0.50727_32System.Net5f74a84e9d28c2332c51f6e30da0e125System.Net.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 593408 c:windowsassemblyNativeImages_v2.0.50727_32System.Messaging8ad38ebb07c0d5b5bbf15f8f3c11c6beSystem.Messaging.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 998400 c:windowsassemblyNativeImages_v2.0.50727_32System.Management2c208e4c5521f31057ea7d6e93c6a567System.Management.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 330752 c:windowsassemblyNativeImages_v2.0.50727_32System.Management.I#818b20a7c6f3b2fe97bf008ca24080c1System.Management.Instrumentation.ni.dll
+ 2010-05-30 12:52 . 2010-05-30 12:52 381440 c:windowsassemblyNativeImages_v2.0.50727_32System.IO.Log6c273eb9d1ee8b66b5ecb073de4b785dSystem.IO.Log.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 212992 c:windowsassemblyNativeImages_v2.0.50727_32System.IdentityMode#7222db518afb4eaaa138824278249bc7System.IdentityModel.Selectors.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 280064 c:windowsassemblyNativeImages_v2.0.50727_32System.EnterpriseSe#8a7d0bd0057a8ed38291d5662248f7a1System.EnterpriseServices.Wrapper.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 627712 c:windowsassemblyNativeImages_v2.0.50727_32System.EnterpriseSe#8a7d0bd0057a8ed38291d5662248f7a1System.EnterpriseServices.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 208384 c:windowsassemblyNativeImages_v2.0.50727_32System.Drawing.Desi#ca6d7208c0fb72ff97429f2636ced321System.Drawing.Design.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 881152 c:windowsassemblyNativeImages_v2.0.50727_32System.DirectorySer#c92fc19800e701c90f90ab7a2ab44c47System.DirectoryServices.AccountManagement.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 455680 c:windowsassemblyNativeImages_v2.0.50727_32System.DirectorySer#a601f47a98ee67df424685c9a66ea449System.DirectoryServices.Protocols.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 939008 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Service#b91b44015859163646f210d284f7166aSystem.Data.Services.Client.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 354816 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Service#1b35297e07b85071daecdb06f96750a1System.Data.Services.Design.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 756736 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Entity.#cf906bf9146d1f0013451ec63b58e064System.Data.Entity.Design.ni.dll
+ 2010-05-30 13:17 . 2010-05-30 13:17 135680 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.DataSet#4ff4134b0d490c090e03d74e104517c4System.Data.DataSetExtensions.ni.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 971264 c:windowsassemblyNativeImages_v2.0.50727_32System.Configuration7c743462baccf29b3567b0e3ec9ac134System.Configuration.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 141312 c:windowsassemblyNativeImages_v2.0.50727_32System.Configuratio#443e3a85c491b2de4a2ac654cb957484System.Configuration.Install.ni.dll
+ 2010-05-30 13:17 . 2010-05-30 13:17 633856 c:windowsassemblyNativeImages_v2.0.50727_32System.AddIncba35f47925431a54d0e6ae147a292f1System.AddIn.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 232448 c:windowsassemblyNativeImages_v2.0.50727_32sysglobl3677b81a93d21c46cbac72c051f8c986sysglobl.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 366080 c:windowsassemblyNativeImages_v2.0.50727_32SMSvcHost6af32fe5cbec0aa54e2efa6910c73651SMSvcHost.ni.exe
+ 2010-05-30 12:53 . 2010-05-30 12:53 256000 c:windowsassemblyNativeImages_v2.0.50727_32SMDiagnostics7602d7687fb9bd21cd9ae60d2b187c99SMDiagnostics.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 320512 c:windowsassemblyNativeImages_v2.0.50727_32ServiceModelRega23dc25782df04533a13e348203e4dc5ServiceModelReg.ni.exe
+ 2010-05-30 10:21 . 2010-05-30 10:21 258048 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#96f74da5fc40b92f09069230bc0df4f0PresentationFramework.Royale.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 539648 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#3bb4d16b042b72c2c85a0f8ac9d48f28PresentationFramework.Luna.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 368128 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#30c5c2682d3c5bdaa83bb9a36ee48afaPresentationFramework.Aero.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 224768 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#7e952efd70f5608e221a008e6231acePresentationFramework.Classic.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 133632 c:windowsassemblyNativeImages_v2.0.50727_32MSBuildeade8c1c9c1e8e5ffb50e6c9b9af0f6aMSBuild.ni.exe
+ 2010-05-30 12:54 . 2010-05-30 12:54 459264 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.VisualStu#19ff0cf56365378ffd31976cdc84cfb9Microsoft.VisualStudio.Tools.Applications.Runtime.ni.dll
+ 2010-05-30 12:52 . 2010-05-30 12:52 386560 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Transacti#fc4d66e0a92b3767006a84f2519d2457Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 144384 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Uti#58ca3ecc52b7246b448c109817198a0bMicrosoft.Build.Utilities.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 175104 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Uti#4dd43724dd92026577c6f588270137a0Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 839680 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Eng#8c651f75bb741330370986dcad8e9e5bMicrosoft.Build.Engine.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 222720 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Con#a6dcbae619ccd938bfe808c54d6d3ae0Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 220672 c:windowsassemblyNativeImages_v2.0.50727_32CustomMarshalers77688ce14f221ed94a9f442ae4736123CustomMarshalers.ni.dll
+ 2010-05-30 12:52 . 2010-05-30 12:52 410112 c:windowsassemblyNativeImages_v2.0.50727_32ComSvcConfiga17c65f0cffaa4f792dd38d50df9d526ComSvcConfig.ni.exe
+ 2010-05-30 12:53 . 2010-05-30 12:53 842240 c:windowsassemblyNativeImages_v2.0.50727_32AspNetMMCExt85d7c111956b478766d90625b35d963fAspNetMMCExt.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 341504 c:windowsassemblyNativeImages_v2.0.50727_32AdWindowsInterop90d4fef278c2477948870aa287c17348AdWindowsInterop.ni.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 839680 c:windowsassemblyGAC_MSILSystem.Web.Services2.0.0.0__b03f5f7f11d50a3aSystem.Web.Services.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 839680 c:windowsassemblyGAC_MSILSystem.Web.Services2.0.0.0__b03f5f7f11d50a3aSystem.Web.Services.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 835584 c:windowsassemblyGAC_MSILSystem.Web.Mobile2.0.0.0__b03f5f7f11d50a3aSystem.Web.Mobile.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 835584 c:windowsassemblyGAC_MSILSystem.Web.Mobile2.0.0.0__b03f5f7f11d50a3aSystem.Web.Mobile.dll
+ 2010-05-30 09:57 . 2010-05-30 09:57 139264 c:windowsassemblyGAC_MSILSystem.Web.Entity3.5.0.0__b77a5c561934e089System.Web.Entity.dll
— 2009-09-25 17:48 . 2009-09-25 17:48 139264 c:windowsassemblyGAC_MSILSystem.Web.Entity3.5.0.0__b77a5c561934e089System.Web.Entity.dll
+ 2010-05-30 09:57 . 2010-05-30 09:57 229376 c:windowsassemblyGAC_MSILSystem.Web.DynamicData3.5.0.0__31bf3856ad364e35System.Web.DynamicData.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 114688 c:windowsassemblyGAC_MSILSystem.ServiceProcess2.0.0.0__b03f5f7f11d50a3aSystem.ServiceProcess.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 114688 c:windowsassemblyGAC_MSILSystem.ServiceProcess2.0.0.0__b03f5f7f11d50a3aSystem.ServiceProcess.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 258048 c:windowsassemblyGAC_MSILSystem.Security2.0.0.0__b03f5f7f11d50a3aSystem.Security.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 258048 c:windowsassemblyGAC_MSILSystem.Security2.0.0.0__b03f5f7f11d50a3aSystem.Security.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 131072 c:windowsassemblyGAC_MSILSystem.Runtime.Serialization.Formatters.Soap2.0.0.0__b03f5f7f11d50a3aSystem.Runtime.Serialization.Formatters.Soap.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 131072 c:windowsassemblyGAC_MSILSystem.Runtime.Serialization.Formatters.Soap2.0.0.0__b03f5f7f11d50a3aSystem.Runtime.Serialization.Formatters.Soap.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 303104 c:windowsassemblyGAC_MSILSystem.Runtime.Remoting2.0.0.0__b77a5c561934e089System.Runtime.Remoting.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 303104 c:windowsassemblyGAC_MSILSystem.Runtime.Remoting2.0.0.0__b77a5c561934e089System.Runtime.Remoting.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 258048 c:windowsassemblyGAC_MSILSystem.Messaging2.0.0.0__b03f5f7f11d50a3aSystem.Messaging.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 258048 c:windowsassemblyGAC_MSILSystem.Messaging2.0.0.0__b03f5f7f11d50a3aSystem.Messaging.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 372736 c:windowsassemblyGAC_MSILSystem.Management2.0.0.0__b03f5f7f11d50a3aSystem.Management.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 372736 c:windowsassemblyGAC_MSILSystem.Management2.0.0.0__b03f5f7f11d50a3aSystem.Management.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 626688 c:windowsassemblyGAC_MSILSystem.Drawing2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 626688 c:windowsassemblyGAC_MSILSystem.Drawing2.0.0.0__b03f5f7f11d50a3aSystem.Drawing.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 401408 c:windowsassemblyGAC_MSILSystem.DirectoryServices2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 401408 c:windowsassemblyGAC_MSILSystem.DirectoryServices2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 188416 c:windowsassemblyGAC_MSILSystem.DirectoryServices.Protocols2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.Protocols.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 188416 c:windowsassemblyGAC_MSILSystem.DirectoryServices.Protocols2.0.0.0__b03f5f7f11d50a3aSystem.DirectoryServices.Protocols.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 970752 c:windowsassemblyGAC_MSILSystem.Deployment2.0.0.0__b03f5f7f11d50a3aSystem.Deployment.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 970752 c:windowsassemblyGAC_MSILSystem.Deployment2.0.0.0__b03f5f7f11d50a3aSystem.Deployment.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 745472 c:windowsassemblyGAC_MSILSystem.Data.SqlXml2.0.0.0__b77a5c561934e089System.Data.SqlXml.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 745472 c:windowsassemblyGAC_MSILSystem.Data.SqlXml2.0.0.0__b77a5c561934e089System.Data.SqlXml.dll
— 2009-09-25 17:48 . 2009-09-25 17:48 442368 c:windowsassemblyGAC_MSILSystem.Data.Services3.5.0.0__b77a5c561934e089System.Data.Services.dll
+ 2010-05-30 09:57 . 2010-05-30 09:57 442368 c:windowsassemblyGAC_MSILSystem.Data.Services3.5.0.0__b77a5c561934e089System.Data.Services.dll
— 2009-09-25 17:48 . 2009-09-25 17:48 294912 c:windowsassemblyGAC_MSILSystem.Data.Services.Client3.5.0.0__b77a5c561934e089System.Data.Services.Client.dll
+ 2010-05-30 09:57 . 2010-05-30 09:57 294912 c:windowsassemblyGAC_MSILSystem.Data.Services.Client3.5.0.0__b77a5c561934e089System.Data.Services.Client.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 425984 c:windowsassemblyGAC_MSILSystem.Configuration2.0.0.0__b03f5f7f11d50a3aSystem.configuration.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 425984 c:windowsassemblyGAC_MSILSystem.Configuration2.0.0.0__b03f5f7f11d50a3aSystem.configuration.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 110592 c:windowsassemblyGAC_MSILsysglobl2.0.0.0__b03f5f7f11d50a3asysglobl.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 110592 c:windowsassemblyGAC_MSILsysglobl2.0.0.0__b03f5f7f11d50a3asysglobl.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 659456 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 659456 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 372736 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 372736 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 110592 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility.Data8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.Data.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 110592 c:windowsassemblyGAC_MSILMicrosoft.VisualBasic.Compatibility.Data8.0.0.0__b03f5f7f11d50a3aMicrosoft.VisualBasic.Compatibility.Data.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 749568 c:windowsassemblyGAC_MSILMicrosoft.JScript8.0.0.0__b03f5f7f11d50a3aMicrosoft.JScript.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 749568 c:windowsassemblyGAC_MSILMicrosoft.JScript8.0.0.0__b03f5f7f11d50a3aMicrosoft.JScript.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 655360 c:windowsassemblyGAC_MSILMicrosoft.Build.Tasks2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Tasks.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 655360 c:windowsassemblyGAC_MSILMicrosoft.Build.Tasks2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Tasks.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 348160 c:windowsassemblyGAC_MSILMicrosoft.Build.Engine2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Engine.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 348160 c:windowsassemblyGAC_MSILMicrosoft.Build.Engine2.0.0.0__b03f5f7f11d50a3aMicrosoft.Build.Engine.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 507904 c:windowsassemblyGAC_MSILAspNetMMCExt2.0.0.0__b03f5f7f11d50a3aAspNetMMCExt.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 507904 c:windowsassemblyGAC_MSILAspNetMMCExt2.0.0.0__b03f5f7f11d50a3aAspNetMMCExt.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 261632 c:windowsassemblyGAC_32System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 261632 c:windowsassemblyGAC_32System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 113664 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 113664 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 258048 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 258048 c:windowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 486400 c:windowsassemblyGAC_32System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 486400 c:windowsassemblyGAC_32System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
+ 2004-08-17 13:04 . 2009-11-21 16:46 470528 c:windowsAppPatchaclayers.dll
+ 2010-05-30 08:32 . 2009-08-13 13:56 1748992 c:windowsWinSxSx86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2dfGdiPlus.dll
+ 2009-07-20 20:03 . 2009-07-20 20:03 1348432 c:windowsWinSxSx86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5msxml4.dll
+ 2008-09-30 12:42 . 2008-09-30 12:42 1286152 c:windowsWinSxSx86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cfmsxml4.dll
+ 2007-09-08 18:42 . 2009-08-06 15:23 1929952 c:windowssystem32wuaueng.dll
+ 2006-02-17 13:50 . 2009-05-20 00:56 2458112 c:windowssystem32WMVCore.dll
+ 2006-02-17 13:49 . 2009-07-13 06:08 5537792 c:windowssystem32wmp.dll
+ 2006-02-17 12:13 . 2009-08-14 15:06 1859456 c:windowssystem32win32k.sys
+ 2006-02-17 12:13 . 2008-07-03 13:10 8478208 c:windowssystem32shell32.dll
+ 2006-02-17 12:13 . 2010-03-10 04:57 1509888 c:windowssystem32shdocvw.dll
+ 2004-08-17 13:04 . 2009-07-17 16:27 1438208 c:windowssystem32query.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 1438208 c:windowssystem32query.dll
+ 2006-02-17 12:13 . 2009-11-27 17:11 1293312 c:windowssystem32quartz.dll
+ 2006-02-17 13:49 . 2010-02-16 19:26 2145792 c:windowssystem32ntoskrnl.exe
+ 2005-10-20 04:24 . 2010-02-16 19:26 2023936 c:windowssystem32ntkrnlpa.exe
+ 2009-08-19 13:07 . 2009-08-19 13:07 1415000 c:windowssystem32msxml6.dll
+ 2009-07-20 20:05 . 2009-07-20 20:05 1348432 c:windowssystem32msxml4.dll
+ 2006-02-17 12:12 . 2009-07-31 04:59 1172480 c:windowssystem32msxml3.dll
+ 2006-02-17 12:12 . 2010-02-26 19:36 3094016 c:windowssystem32mshtml.dll
+ 2010-05-30 10:15 . 2009-03-10 18:26 1440128 c:windowssystem32KB905474wganotifypackageinner.exe
+ 2007-09-08 18:42 . 2009-08-06 15:23 1929952 c:windowssystem32dllcachewuaueng.dll
+ 2006-02-17 13:50 . 2009-05-20 00:56 2458112 c:windowssystem32dllcacheWMVCore.dll
+ 2006-02-17 13:49 . 2009-07-13 06:08 5537792 c:windowssystem32dllcachewmp.dll
+ 2006-02-17 12:13 . 2009-08-14 15:06 1859456 c:windowssystem32dllcachewin32k.sys
+ 2006-02-17 12:13 . 2008-07-03 13:10 8478208 c:windowssystem32dllcacheshell32.dll
+ 2006-02-17 12:13 . 2010-03-10 04:57 1509888 c:windowssystem32dllcacheshdocvw.dll
+ 2004-08-17 13:04 . 2009-07-17 16:27 1438208 c:windowssystem32dllcachequery.dll
— 2004-08-17 13:04 . 2004-08-17 13:04 1438208 c:windowssystem32dllcachequery.dll
+ 2006-02-17 12:13 . 2009-11-27 17:11 1293312 c:windowssystem32dllcachequartz.dll
+ 2006-02-17 12:12 . 2009-07-31 04:59 1172480 c:windowssystem32dllcachemsxml3.dll
+ 2007-09-08 18:41 . 2010-01-29 14:49 1315840 c:windowssystem32dllcachemsoe.dll
+ 2006-02-17 12:12 . 2010-02-26 19:36 3094016 c:windowssystem32dllcachemshtml.dll
+ 2007-09-08 18:42 . 2009-10-23 14:27 3555328 c:windowssystem32dllcachemoviemk.exe
— 2007-09-08 18:42 . 2004-08-17 13:04 3555328 c:windowssystem32dllcachemoviemk.exe
+ 2006-02-17 12:12 . 2010-02-26 06:06 1055232 c:windowssystem32dllcachedanim.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 1055232 c:windowssystem32dllcachedanim.dll
+ 2006-02-17 12:12 . 2010-03-10 04:57 1024000 c:windowssystem32dllcachebrowseui.dll
+ 2006-02-17 12:12 . 2010-02-26 06:06 1055232 c:windowssystem32danim.dll
— 2006-02-17 12:12 . 2006-02-17 12:12 1055232 c:windowssystem32danim.dll
+ 2006-02-17 12:12 . 2010-03-10 04:57 1024000 c:windowssystem32browseui.dll
+ 2008-12-05 15:35 . 2008-12-05 15:35 1736528 c:windowsMicrosoft.NETFrameworkv3.0WPFwpfgfx_v0300.dll
+ 2008-12-05 16:12 . 2008-12-05 16:12 5931008 c:windowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationSystem.ServiceModel.dll
— 2008-07-29 15:16 . 2008-07-29 15:16 5931008 c:windowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationSystem.ServiceModel.dll
— 2008-07-25 07:17 . 2008-07-25 07:17 2048000 c:windowsMicrosoft.NETFrameworkv2.0.50727System.XML.dll
+ 2008-11-25 00:59 . 2008-11-25 00:59 2048000 c:windowsMicrosoft.NETFrameworkv2.0.50727System.XML.dll
+ 2008-11-25 00:59 . 2008-11-25 00:59 5242880 c:windowsMicrosoft.NETFrameworkv2.0.50727System.Web.dll
+ 2009-08-07 19:51 . 2009-08-07 19:51 5812560 c:windowsMicrosoft.NETFrameworkv2.0.50727mscorwks.dll
— 2008-07-25 07:17 . 2008-07-25 07:17 4546560 c:windowsMicrosoft.NETFrameworkv2.0.50727mscorlib.dll
+ 2009-08-07 19:51 . 2009-08-07 19:51 4546560 c:windowsMicrosoft.NETFrameworkv2.0.50727mscorlib.dll
+ 2008-12-13 05:57 . 2008-12-13 05:57 8397824 c:windowsInstaller7817c2.msp
+ 2010-05-30 07:59 . 2010-02-16 19:26 2188672 c:windowsDriver Cachei386ntoskrnl.exe
+ 2010-05-30 07:59 . 2010-02-16 19:26 2023936 c:windowsDriver Cachei386ntkrpamp.exe
+ 2010-05-30 07:59 . 2010-02-17 10:26 2065536 c:windowsDriver Cachei386ntkrnlpa.exe
+ 2010-05-30 07:59 . 2010-02-16 19:26 2145792 c:windowsDriver Cachei386ntkrnlmp.exe
+ 2010-05-30 10:19 . 2010-05-30 10:19 3313664 c:windowsassemblyNativeImages_v2.0.50727_32WindowsBase204d6e5b335134f23ca37638b9227ecfWindowsBase.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 1049600 c:windowsassemblyNativeImages_v2.0.50727_32UIAutomationClients#f2ed6a204eb13841e99b77025464afcUIAutomationClientsideProviders.ni.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 7868416 c:windowsassemblyNativeImages_v2.0.50727_32System3de5bd01124463d7862bd173af90bc83System.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 5450752 c:windowsassemblyNativeImages_v2.0.50727_32System.Xml5913d3f81e77194ec833991b1047a532System.Xml.ni.dll
+ 2010-05-30 13:31 . 2010-05-30 13:31 1356288 c:windowsassemblyNativeImages_v2.0.50727_32System.WorkflowServ#fa48917b13629d8effa80dd4a2f2973dSystem.WorkflowServices.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 1908224 c:windowsassemblyNativeImages_v2.0.50727_32System.Workflow.Run#6fe66ee6f3c81996bc148f1ebe7ec030System.Workflow.Runtime.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 4514304 c:windowsassemblyNativeImages_v2.0.50727_32System.Workflow.Com#9d0b61f2f1ebdc300bd970f594c422efSystem.Workflow.ComponentModel.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 2992640 c:windowsassemblyNativeImages_v2.0.50727_32System.Workflow.Act#65328898148a720d394f802f192fc2a0System.Workflow.Activities.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 1840640 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Servicesea07ac791bb5cb9f83679e3dd1a0c0ccSystem.Web.Services.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 2209280 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Mobile29e2f8b1fb691ced973acf49fcee6ec1System.Web.Mobile.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 2403328 c:windowsassemblyNativeImages_v2.0.50727_32System.Web.Extensio#981dea02bc63c0c083e335adf9018788System.Web.Extensions.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 1917440 c:windowsassemblyNativeImages_v2.0.50727_32System.Speech99594bae1d022502925f5b9dfcdaae9aSystem.Speech.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 1706496 c:windowsassemblyNativeImages_v2.0.50727_32System.ServiceModel#e182695d05ea57257568bc5f3208aca7System.ServiceModel.Web.ni.dll
+ 2010-05-30 12:52 . 2010-05-30 12:52 2338304 c:windowsassemblyNativeImages_v2.0.50727_32System.Runtime.Seri#67ad55827f2542552b576170f0a7dc56System.Runtime.Serialization.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 1035264 c:windowsassemblyNativeImages_v2.0.50727_32System.Printinge5313735a40c0800f116e27fba4754dbSystem.Printing.ni.dll
+ 2010-05-30 12:52 . 2010-05-30 12:52 1056768 c:windowsassemblyNativeImages_v2.0.50727_32System.IdentityModelc3b18fef5c6dc3bcdbe5df699fd21a55System.IdentityModel.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 1587200 c:windowsassemblyNativeImages_v2.0.50727_32System.Drawingabb2ac7e08bee026f857d8fa36f9fe6fSystem.Drawing.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 1116672 c:windowsassemblyNativeImages_v2.0.50727_32System.DirectorySer#f47ebb9db460874b1bcbfc391dc970b1System.DirectoryServices.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 1801216 c:windowsassemblyNativeImages_v2.0.50727_32System.Deploymentc94a427baa7683f4221b91f90c18461bSystem.Deployment.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 6616576 c:windowsassemblyNativeImages_v2.0.50727_32System.Data694c07365e0fd6bba0bc304d4d2404a7System.Data.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 2510336 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.SqlXml272152f0cc139490729e215611a4b244System.Data.SqlXml.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 1328128 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Services112a48e34620a0210eb850040da8a31bSystem.Data.Services.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 1115136 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.OracleC#ffa1018e8022964eb51025c2c6d8727aSystem.Data.OracleClient.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 2516480 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Linq32788c58ff9f8324460604cf1fe7681bSystem.Data.Linq.ni.dll
+ 2010-05-30 13:18 . 2010-05-30 13:18 9924096 c:windowsassemblyNativeImages_v2.0.50727_32System.Data.Entity9012cac7819660f61f1c69cf8e4f2ccfSystem.Data.Entity.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 2295296 c:windowsassemblyNativeImages_v2.0.50727_32System.Corec0a42d2ad8a4078040b334f6770ea11fSystem.Core.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 2128896 c:windowsassemblyNativeImages_v2.0.50727_32ReachFramework954685c29689d2a6126ceca1fd55e904ReachFramework.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 1657856 c:windowsassemblyNativeImages_v2.0.50727_32PresentationUIa3a6f52ce1d09a7bdccc8e7fc664792dPresentationUI.ni.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 1451008 c:windowsassemblyNativeImages_v2.0.50727_32PresentationBuildTa#f906701365083c1473db31519147e263PresentationBuildTasks.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 1712128 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.VisualBas#6eee9b772b6d12d3dbd82f118c2ab2e5Microsoft.VisualBasic.ni.dll
+ 2010-05-30 12:52 . 2010-05-30 12:52 1093120 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Transacti#f19e9b439636d0744597fff1331cad04Microsoft.Transactions.Bridge.ni.dll
+ 2010-05-30 13:30 . 2010-05-30 13:30 2332160 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.JScript5b1af7b5be24c7ace065fe1c81c2b650Microsoft.JScript.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 1620992 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Tas#9eec1cc7ac37e0c7f3205e8156149c5aMicrosoft.Build.Tasks.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 1966080 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Tas#28c0730288453d57d5dcd62903c4d31bMicrosoft.Build.Tasks.v3.5.ni.dll
+ 2010-05-30 12:54 . 2010-05-30 12:54 1888768 c:windowsassemblyNativeImages_v2.0.50727_32Microsoft.Build.Eng#5dd4f58999eed37c12aee7ea9f9863acMicrosoft.Build.Engine.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 4195840 c:windowsassemblyNativeImages_v2.0.50727_32AdWindowsd7f46a60764a821ecbfef72cb120ada7AdWindows.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 1830400 c:windowsassemblyNativeImages_v2.0.50727_32AcWindows2e677a7c4d68c3fb8c10432ab076f1d0AcWindows.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 4864512 c:windowsassemblyNativeImages_v2.0.50727_32acmgdfbb8bd7de74bb69b0e082850ff386559acmgd.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 1420800 c:windowsassemblyNativeImages_v2.0.50727_32AcLayer4f4b8eae718314b95da65f6a5c499073AcLayer.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 8356864 c:windowsassemblyNativeImages_v2.0.50727_32acdbmgda1eb2495c96337792e6d917f78fca76facdbmgd.ni.dll
+ 2010-05-30 12:53 . 2010-05-30 12:53 1573888 c:windowsassemblyNativeImages_v2.0.50727_32AcCui8e5e5a6f620c27377e7fdaefb1d82f07AcCui.ni.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 3149824 c:windowsassemblyGAC_MSILSystem2.0.0.0__b77a5c561934e089System.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 3149824 c:windowsassemblyGAC_MSILSystem2.0.0.0__b77a5c561934e089System.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 2048000 c:windowsassemblyGAC_MSILSystem.Xml2.0.0.0__b77a5c561934e089System.XML.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 2048000 c:windowsassemblyGAC_MSILSystem.Xml2.0.0.0__b77a5c561934e089System.XML.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 5025792 c:windowsassemblyGAC_MSILSystem.Windows.Forms2.0.0.0__b77a5c561934e089System.Windows.Forms.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 5025792 c:windowsassemblyGAC_MSILSystem.Windows.Forms2.0.0.0__b77a5c561934e089System.Windows.Forms.dll
— 2009-09-25 17:48 . 2009-09-25 17:48 1277952 c:windowsassemblyGAC_MSILSystem.Web.Extensions3.5.0.0__31bf3856ad364e35System.Web.Extensions.dll
+ 2010-05-30 09:57 . 2010-05-30 09:57 1277952 c:windowsassemblyGAC_MSILSystem.Web.Extensions3.5.0.0__31bf3856ad364e35System.Web.Extensions.dll
+ 2010-05-30 09:56 . 2010-05-30 09:56 5931008 c:windowsassemblyGAC_MSILSystem.ServiceModel3.0.0.0__b77a5c561934e089System.ServiceModel.dll
— 2009-09-25 17:47 . 2009-09-25 17:47 5931008 c:windowsassemblyGAC_MSILSystem.ServiceModel3.0.0.0__b77a5c561934e089System.ServiceModel.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 5062656 c:windowsassemblyGAC_MSILSystem.Design2.0.0.0__b03f5f7f11d50a3aSystem.Design.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 5062656 c:windowsassemblyGAC_MSILSystem.Design2.0.0.0__b03f5f7f11d50a3aSystem.Design.dll
+ 2010-05-30 09:56 . 2010-05-30 09:56 5283840 c:windowsassemblyGAC_MSILPresentationFramework3.0.0.0__31bf3856ad364e35PresentationFramework.dll
— 2009-09-25 17:47 . 2009-09-25 17:47 5283840 c:windowsassemblyGAC_MSILPresentationFramework3.0.0.0__31bf3856ad364e35PresentationFramework.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 5242880 c:windowsassemblyGAC_32System.Web2.0.0.0__b03f5f7f11d50a3aSystem.Web.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 2933248 c:windowsassemblyGAC_32System.Data2.0.0.0__b77a5c561934e089System.Data.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 2933248 c:windowsassemblyGAC_32System.Data2.0.0.0__b77a5c561934e089System.Data.dll
+ 2010-05-30 10:17 . 2010-05-30 10:17 4546560 c:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
— 2009-09-25 17:44 . 2009-09-25 17:44 4546560 c:windowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
+ 2006-02-15 06:55 . 2010-04-30 07:51 32058312 c:windowssystem32mrt.exe
+ 2009-08-14 16:32 . 2009-08-14 16:32 11110912 c:windowsInstaller94842c.msp
+ 2008-12-13 06:21 . 2008-12-13 06:21 10473472 c:windowsInstaller7817ce.msp
+ 2010-05-30 10:19 . 2010-05-30 10:19 12430848 c:windowsassemblyNativeImages_v2.0.50727_32System.Windows.Formsd2ea8d76f015817db1607075812b555fSystem.Windows.Forms.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 11796992 c:windowsassemblyNativeImages_v2.0.50727_32System.Web5cea03cfb008f2eac1439a9905467f37System.Web.ni.dll
+ 2010-05-30 12:52 . 2010-05-30 12:52 17317888 c:windowsassemblyNativeImages_v2.0.50727_32System.ServiceModel6d6eab93282d2b136a377bd50b7c5a9System.ServiceModel.ni.dll
+ 2010-05-30 10:21 . 2010-05-30 10:21 10683392 c:windowsassemblyNativeImages_v2.0.50727_32System.Design8b82e08c008924d51833cb0884bcbfc5System.Design.ni.dll
+ 2010-05-30 10:20 . 2010-05-30 10:20 14327808 c:windowsassemblyNativeImages_v2.0.50727_32PresentationFramewo#58c7ac6b6054038dc9346d7ec8e32b4cPresentationFramework.ni.dll
+ 2010-05-30 10:19 . 2010-05-30 10:19 12216320 c:windowsassemblyNativeImages_v2.0.50727_32PresentationCore94badbd64df59de7da249f71da38b1c2PresentationCore.ni.dll
+ 2010-05-30 10:18 . 2010-05-30 10:18 11486720 c:windowsassemblyNativeImages_v2.0.50727_32mscorlib7124a40b9998f7b63c86bd1a2125ce26mscorlib.ni.dll
.
— Snapshot reset to current date —
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesAheadLibNMBgMonitor.exe» [2007-06-27 152872]
«Punto Switcher»=»c:program filesPunto Switcherps.exe» [2004-11-13 205824]
«Download Master»=»c:program filesDownload Masterdmaster.exe» [2007-03-21 3066880]
«Skype»=»c:program filesSkypePhoneSkype.exe» [2008-09-23 21755688]
«QIP2005″=»c:program filesQIPqip.exe» [2009-01-22 3259904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«CoolSwitch»=»c:windowssystem32TaskSwitch.exe» [2005-12-21 45632]
«igfxtray»=»c:windowssystem32igfxtray.exe» [2005-11-28 98304]
«igfxhkcmd»=»c:windowssystem32hkcmd.exe» [2005-11-28 77824]
«igfxpers»=»c:windowssystem32igfxpers.exe» [2005-11-28 118784]
«RTHDCPL»=»RTHDCPL.EXE» [2006-11-14 16270848]
«SkyTel»=»SkyTel.EXE» [2006-05-16 2879488]
«NeroFilterCheck»=»c:program filesCommon FilesAheadLibNeroCheck.exe» [2007-03-01 153136]
«DAEMON Tools»=»c:program filesDAEMON Toolsdaemon.exe» [2005-11-08 128920]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2008-10-03 4417016]
«FineReader7NewsReaderPro»=»c:program filesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe» [2003-08-19 278528]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«SunJavaUpdateSched»=»c:program filesCommon FilesJavaJava Updatejusched.exe» [2010-01-11 246504]
«LogitechQuickCamRibbon»=»c:program filesLogitechLogitech WebCam SoftwareLWS.exe» [2009-05-08 2780432]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-07-01 1447168][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-17 15360]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
AutoCAD Startup Accelerator.lnk — c:program filesCommon FilesAutodesk Sharedacstart16.exe [2005-3-5 10872][HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Documents and Settings\Katya\temp\TeamViewer3\TeamViewer.exe»=
«c:\Program Files\QIP\qip.exe»=
«c:\Program Files\Mail.Ru\Agent\magent.exe»=
«c:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe»=
«c:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«7173:TCP»= 7173:TCPR0 sptd;sptd;c:windowssystem32driverssptd.sys [08.09.2007 23:31 664064]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [01.07.2008 9:04 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [01.07.2008 9:02 468224]
R2 haspflt;haspflt;c:windowssystem32drivershaspflt.sys [12.09.2007 19:24 29024]
R2 NSCADWRK;Sentinel Dongle Emulator Driver;c:windowssystem32driversNSCADWRK.SYS [17.04.2009 12:48 239104]
R2 SentinelKeysServer;Sentinel Keys Server;c:program filesCommon FilesSafeNet SentinelSentinel Keys Serversntlkeyssrvr.exe [22.08.2006 1:00 316992]
S3 C7xxUSB;Samsung CMC7xx USB Network Driver;c:windowssystem32DRIVERSC7xUSBX3.sys —> c:windowssystem32DRIVERSC7xUSBX3.sys [?]
.
Contents of the ‘Scheduled Tasks’ folder2010-06-02 c:windowsTasksWGASetup.job
— c:windowssystem32KB905474wgasetup.exe [2010-05-30 18:18]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.rambler.ru/ri6
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~3OFFICE11EXCEL.EXE/3000
IE: Добавить в Rambler-Закладки — c:program filesRambler AssistantramblertoolbarU0.dll/zakladki.htm
IE: Загрузить ссылку при помощи Mega Manager… — c:program filesMegauploadMega Managermm_file.htm
IE: Закачать ВСЕ при помощи Download Master — c:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — c:program filesDownload Masterdmie.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/search.htm
IE: Опубликовать в Дневнике — c:program filesRambler AssistantramblertoolbarU0.dll/planet.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/dic.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
FF — ProfilePath — c:documents and settingsKatyaApplication DataMozillaFirefoxProfilesqdyl0fa6.default
FF — prefs.js: browser.search.selectedEngine — Rambler
FF — prefs.js: browser.startup.homepage — hxxp://www.rambler.ru/ri6
FF — prefs.js: keyword.URL — hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF — component: c:program filesMozilla Firefoxcomponentsxpinstal.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-02 19:38
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe >>UNKNOWN [0x8659FB78]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> 0x8659fb78
DriverACPI -> ACPI.sys @ 0xf7373cb8
Driveratapi -> atapi.sys @ 0xf730a2f0
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582544
ParseProcedure -> ntkrnlpa.exe @ 0x80581684
DeviceHarddisk0DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582544
ParseProcedure -> ntkrnlpa.exe @ 0x80581684
NDIS: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf71ffba0
PacketIndicateHandler -> NDIS.sys @ 0xf720cb21
SendHandler -> NDIS.sys @ 0xf71ea87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-1078081533-1960408961-839522115-1003SoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSaveMRU!2*]
@Class=»Shell»
«a»=»g:\котельная\КМ\1.С2»
«MRUList»=»a»
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘explorer.exe'(4124)
c:windowsTEMPlogishrdLVPrcInj01.dll
c:windowssystem32msi.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
Other Running Processes
.
c:program filesJavajre6binjqs.exe
c:program filesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
c:windowsRTHDCPL.EXE
c:program filesCommon FilesAheadLibNMIndexingService.exe
c:program filesCommon FilesAheadLibNMIndexStoreSvr.exe
c:windowssystem32wbemwmiapsrv.exe
c:program filesCommon FilesLogishrdLQCVFXCOCIManager.exe
.
**************************************************************************
.
Completion time: 2010-06-02 19:41:46 — machine was rebooted
ComboFix-quarantined-files.txt 2010-06-02 15:41
ComboFix2.txt 2010-05-29 18:11Pre-Run: 2 570 723 328 байт свободно
Post-Run: 2 593 075 200 байт свободно— — End Of File — — 4065DCBA8AC7768381C223B07DE37E45
8 августа, 2010 в 9:15 дп #29581Здравствуйте!
У меня опять та же проблема. Помогите еще раз, пожалуйста. -
АвторСообщения
- Для ответа в этой теме необходимо авторизоваться.