Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

infection trojan virtumonde + blocage mise a jour logiciel de travail.

benjifast

Par benjifast
dans Analyses et éradication malwares

 Partager

Messages recommandés

benjifast Member

benjifast

Posté(e)
  • Auteur
Posté(e) (modifié)

Re,

 

Juste une erreur ci-dessous avec envoi de rapport windows (j'ai envoyer car revenu 2 fois):

 

XML Registry Daemon a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru.

 

Rapport combofix:

 

ComboFix 10-06-11.01 - IDS Administrator 12/06/2010 19:12:25.2.1 - x86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1033.18.502.207 [GMT 2:00]

Lancé depuis: c:\documents and settings\IDS Administrator\Desktop\ComboFix.exe

Commutateurs utilisés :: c:\documents and settings\IDS Administrator\Desktop\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

 

FILE ::

"c:\program files\ford motor company\ids\runtime\tmctrlbho.dll"

"c:\windows\system32\hplsntf.dll"

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\program files\ford motor company\ids\runtime\tmctrlbho.dll

c:\windows\system32\hplsntf.dll

 

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-05-12 au 2010-06-12 ))))))))))))))))))))))))))))))))))))

.

 

2010-06-12 10:40 . 2010-06-12 10:40 -------- d-----w- c:\program files\Trend Micro

2010-06-12 10:39 . 2010-06-12 10:40 -------- d-----w- C:\HJT

2010-06-12 10:03 . 2010-06-12 10:05 -------- d-----w- C:\ToolBar SD

2010-06-11 11:02 . 2010-06-11 11:02 -------- d-----w- c:\documents and settings\IDS Administrator\Application Data\Malwarebytes

2010-06-11 11:01 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-11 11:01 . 2010-06-11 11:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-06-11 11:01 . 2010-06-11 11:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-06-11 11:01 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-10 19:15 . 2010-06-11 10:56 -------- d-----w- c:\program files\ZHPDiag

2010-06-10 09:11 . 2010-06-11 10:14 -------- d-----w- c:\program files\Spybot - Search & Destroy

2010-06-10 09:11 . 2010-06-11 10:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-06-10 06:48 . 2010-06-10 07:00 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-06-10 06:48 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2010-06-10 06:48 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2010-06-10 06:48 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2010-06-10 06:48 . 2010-06-10 06:48 -------- d-----w- c:\program files\Avira

2010-06-10 06:48 . 2010-06-10 06:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2010-06-08 14:34 . 2010-06-08 14:34 -------- d-----w- c:\windows\system32\wbem\Repository

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-09 09:49 . 2007-02-07 13:43 -------- d-----w- c:\program files\Common Files\Teradyne

2010-06-08 17:37 . 2007-02-07 13:51 -------- d-----w- c:\program files\FordEtis

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" [2009-03-14 222496]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-03-10 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-03-10 126976]

"HPlsKey"="c:\program files\Panasonic\HPLSMAN\hplskey.exe" [2005-06-01 61440]

"PRunOnce"="c:\util\prunonce\PRunOnce.exe" [2004-08-06 110592]

"PCinfo"="c:\program files\Panasonic\PCINFO\SetDiag.exe" [2005-06-15 45056]

"Panasonic HotKey Manager"="c:\program files\Panasonic\HotKey Appendix\HKEYAPP.EXE" [2005-06-14 974848]

"AGRSMMSG"="AGRSMMSG.exe" [2004-12-20 88358]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-10-04 401408]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-10-04 385024]

"IDSMainMenu"="c:\program files\IDS Main Menu\IDS Main Menu2.exe" [2007-02-07 360448]

"IDSTechnician"="c:\program files\IDS\TechLocale.exe" [2006-04-04 32768]

"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-05 44032]

"Starburst"="c:\program files\Ford Motor Company\IDS\Runtime\Starburst.exe" [2010-02-21 90112]

"Feedback"="c:\program files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe" [2010-02-21 72704]

"TDSReanimator"="c:\program files\Common Files\Teradyne\TDSReanimator.exe" [2010-01-11 11264]

"ProbeTickHandler"="c:\program files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe" [2010-02-21 43008]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Display Rotation Tool.lnk - c:\program files\Panasonic\DispRot\IDRot.exe [2006-2-18 81920]

Panasonic Hand Writing.lnk - c:\program files\Panasonic\WRITING\Writing.exe [2006-2-18 278528]

Software Keyboard.lnk - c:\program files\Panasonic\MEISKB\meiskb.exe [2006-2-18 139264]

Wireless LAN Switch.lnk - c:\program files\Panasonic\WLANSW\WLANSW.EXE [2006-2-28 94208]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

2005-10-04 06:59 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\FordEtis\\etisdvd.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\ManualUpdate.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\manualcalibration.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\patchapply.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\rtdbupdate.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Tabman.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SysPage.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\testman.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\CodeServeD.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\XMLRegistryD.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\TDSNetConfig.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SWUpdWizard.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\PtchApply.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Rtdb.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Starburst.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\EngineeringFeedback.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SystemDiagnostic.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\VMM.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C402.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C403.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C407.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C412.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C413.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\LVPCheck.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\vcl_pc.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\NetworkActivation.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\ProbeTickHandler.exe"=

 

R1 WLANSW;Panasonic PC Wireless LAN Switch Driver;c:\program files\Panasonic\WLANSW\WLANSW.sys [28/02/2006 14:14 7680]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [10/06/2010 08:48 108289]

R2 brecal;Panasonic Battery Recalibration Driver;c:\program files\Panasonic\BRECAL\Brecal.sys [28/02/2006 14:13 7168]

R2 pcinfo;Panasonic PC Info. Viewer Driver;c:\program files\Panasonic\PCINFO\PCINFO.sys [18/02/2006 04:13 7168]

R2 SDKEY;Panasonic SD Misc. Function Driver;c:\program files\Panasonic\SDKEY\SDKEY.sys [18/02/2006 04:14 8192]

R2 TDSNetSetup;TDSNetSetup;c:\program files\Common Files\Teradyne\TDSNetSetup.exe [07/02/2007 15:43 17920]

R3 FIDMOU;Fujitsu touchpad;c:\windows\system32\drivers\Fidmou.sys [17/02/2006 19:03 23463]

R3 HTKPLUS;Panasonic Hotkey PLUS Driver;c:\windows\system32\drivers\HTKPLUS.SYS [17/02/2006 19:03 8448]

S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [27/10/2004 01:15 31375]

S3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\drivers\rsmartc.sys [17/02/2006 19:03 69460]

S3 USB-100;Realtek RTL8150 USB 10/100 Fast Ethernet Adapter;c:\windows\system32\drivers\RTL8150.SYS [07/02/2007 15:41 22016]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.fr/

uInternet Connection Wizard,ShellNext = hxxp://www.ford.com/

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-06-12 20:05

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'winlogon.exe'(872)

c:\program files\Intel\Wireless\Bin\LgNotify.dll

 

- - - - - - - > 'explorer.exe'(1344)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Intel\Wireless\Bin\S24EvMon.exe

c:\windows\System32\SCardSvr.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\documents and settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\windows\system32\wdfmgr.exe

c:\windows\system32\wscntfy.exe

c:\progra~1\Intel\Wireless\Bin\1XConfig.exe

c:\windows\AGRSMMSG.exe

c:\windows\system32\rundll32.exe

c:\program files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe

c:\program files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe

c:\program files\Ford Motor Company\IDS\Runtime\CodeServeD.exe

c:\windows\system32\dwwin.exe

.

**************************************************************************

.

Heure de fin: 2010-06-12 20:12:39 - La machine a redémarré

ComboFix-quarantined-files.txt 2010-06-12 18:12

ComboFix2.txt 2010-06-12 11:55

 

Avant-CF: 34 005 868 544 bytes free

Après-CF: 33 988 509 696 octets libres

 

- - End Of File - - C23D064D3A8B09ED323D0EBE6EB333CB

Modifié par benjifast

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
     
    Important :
    * Sous Vista : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
     
    * Sous Windows 7 : Il faut mettre le fichier RSIT.exe sur le bureau, faire un clic droit dessus et dans Propriétés, onglet Compatibilité, cocher la case "Exécuter ce programme en mode compatibilité pour" et dans le menu choisir Vista SP2 et la case dans Niveau de privilège.
    Valide par Appliquer.
     
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

 

++

benjifast Member

benjifast

Posté(e)
  • Auteur
Posté(e)

Bonjour,

 

l'erreur n'est pas revenu, les maj windows update fonctionne, mais les maj de mon logiciel bloque toujours.

 

Rapport log et info RSIT:

 

Logfile of random's system information tool 1.07 (written by random/random)

Run by IDS Administrator at 2010-06-13 10:27:03

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 32 GB (55%) free of 57 GB

Total RAM: 502 MB (29% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:27:17, on 13/06/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17055)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe

C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe

C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe

C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe

C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Panasonic\HPLSMAN\hplskey.exe

C:\Program Files\Panasonic\HotKey Appendix\HKEYAPP.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\IDS Main Menu\IDS Main Menu2.exe

C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe

C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe

C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Panasonic\DispRot\IDRot.exe

C:\Program Files\Panasonic\WRITING\Writing.exe

C:\Program Files\Panasonic\MEISKB\meiskb.exe

C:\Program Files\Panasonic\WLANSW\WLANSW.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\IDS Administrator\Desktop\RSIT.exe

C:\Program Files\trend micro\IDS Administrator.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ford.com/

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [HPlsKey] C:\Program Files\Panasonic\HPLSMAN\hplskey.exe

O4 - HKLM\..\Run: [PRunOnce] C:\util\prunonce\PRunOnce.exe

O4 - HKLM\..\Run: [PCinfo] C:\Program Files\Panasonic\PCINFO\SetDiag.exe /FirstLogin

O4 - HKLM\..\Run: [Panasonic HotKey Manager] "C:\Program Files\Panasonic\HotKey Appendix\HKEYAPP.EXE"

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [intelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [iDSMainMenu] "C:\Program Files\IDS Main Menu\IDS Main Menu2.exe"

O4 - HKLM\..\Run: [iDSTechnician] "C:\Program Files\IDS\TechLocale.exe"

O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

O4 - HKLM\..\Run: [starburst] "C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe"

O4 - HKLM\..\Run: [Feedback] "C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe"

O4 - HKLM\..\Run: [TDSReanimator] "C:\Program Files\Common Files\Teradyne\TDSReanimator.exe"

O4 - HKLM\..\Run: [ProbeTickHandler] "C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [iSUSPM] "C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Display Rotation Tool.lnk = ?

O4 - Global Startup: Panasonic Hand Writing.lnk = ?

O4 - Global Startup: Software Keyboard.lnk = ?

O4 - Global Startup: Wireless LAN Switch.lnk = ?

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1172140183305

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: TDSNetSetup - Unknown owner - C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

--

End of file - 7958 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-03-10 155648]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-03-10 126976]

"HPlsKey"=C:\Program Files\Panasonic\HPLSMAN\hplskey.exe [2005-06-01 61440]

"PRunOnce"=C:\util\prunonce\PRunOnce.exe [2004-08-06 110592]

"PCinfo"=C:\Program Files\Panasonic\PCINFO\SetDiag.exe [2005-06-15 45056]

"Panasonic HotKey Manager"=C:\Program Files\Panasonic\HotKey Appendix\HKEYAPP.EXE [2005-06-14 974848]

"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-12-20 88358]

"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-10-04 401408]

"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]

"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]

"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]

"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]

"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-10-04 385024]

"IDSMainMenu"=C:\Program Files\IDS Main Menu\IDS Main Menu2.exe [2007-02-07 360448]

"IDSTechnician"=C:\Program Files\IDS\TechLocale.exe [2006-04-04 32768]

"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-05 44032]

"Starburst"=C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe [2010-02-21 90112]

"Feedback"=C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe [2010-02-21 72704]

"TDSReanimator"=C:\Program Files\Common Files\Teradyne\TDSReanimator.exe [2010-01-11 11264]

"ProbeTickHandler"=C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe [2010-02-21 43008]

"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-12-04 1037192]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"=C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [2009-03-14 222496]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Display Rotation Tool.lnk - C:\Program Files\Panasonic\DispRot\IDRot.exe

Panasonic Hand Writing.lnk - C:\Program Files\Panasonic\WRITING\Writing.exe

Software Keyboard.lnk - C:\Program Files\Panasonic\MEISKB\meiskb.exe

Wireless LAN Switch.lnk - C:\Program Files\Panasonic\WLANSW\WLANSW.EXE

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxsrvc.dll [2005-03-10 348160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]

C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-10-04 110592]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"NoDrives"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\FordEtis\etisdvd.exe"="C:\Program Files\FordEtis\etisdvd.exe:*:Enabled:FordEtis IDS Application Launcher"

"C:\Program Files\Ford Motor Company\IDS\Runtime\ManualUpdate.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\ManualUpdate.exe:*:Enabled:Manual Update"

"C:\Program Files\Ford Motor Company\IDS\Runtime\manualcalibration.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\manualcalibration.exe:*:Enabled:Manual Update"

"C:\Program Files\Ford Motor Company\IDS\Runtime\patchapply.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\patchapply.exe:*:Enabled:Apply TDS Patch"

"C:\Program Files\Ford Motor Company\IDS\Runtime\rtdbupdate.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\rtdbupdate.exe:*:Enabled:Update Database"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe:*:Enabled:Tabman Executable"

"C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe:*:Enabled:System Page"

"C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe:*:Enabled:Testman Executable"

"C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe:*:Enabled:CodeServer Daemon"

"C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe:*:Enabled:XML Registry Daemon"

"C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe:*:Enabled:TDS Network Configuration"

"C:\Program Files\Ford Motor Company\IDS\Runtime\SWUpdWizard.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SWUpdWizard.exe:*:Enabled:Software Update Wizard"

"C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe:*:Enabled:Apply TDS Patch"

"C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe:*:Enabled:Update Database"

"C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe:*:Enabled:StarBurst"

"C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe:*:Enabled:Engineering Feedback"

"C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe:*:Enabled:System Diagnostic Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe:*:Enabled:VMM System Diagnostic Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C402.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C402.exe:*:Enabled:C402 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C403.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C403.exe:*:Enabled:C403 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C407.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C407.exe:*:Enabled:C407 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C412.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C412.exe:*:Enabled:C412 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C413.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C413.exe:*:Enabled:C413 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe:*:Enabled:LVP Check Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe:*:Enabled:VCL_PC MFC Application EZTech"

"C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe:*:Enabled:LAN Connectivity Activation"

"C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe:*:Enabled:ProbeTickHandler executable"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe:*:Enabled:Tabman Executable"

"C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe:*:Enabled:System Page"

"C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe:*:Enabled:Testman Executable"

"C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe:*:Enabled:CodeServer Daemon"

"C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe:*:Enabled:XML Registry Daemon"

"C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe:*:Enabled:TDS Network Configuration"

"C:\Program Files\Ford Motor Company\IDS\Runtime\SWUpdWizard.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SWUpdWizard.exe:*:Enabled:Software Update Wizard"

"C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe:*:Enabled:Apply TDS Patch"

"C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe:*:Enabled:Update Database"

"C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe:*:Enabled:StarBurst"

"C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe:*:Enabled:Engineering Feedback"

"C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe:*:Enabled:System Diagnostic Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe:*:Enabled:VMM System Diagnostic Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C402.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C402.exe:*:Enabled:C402 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C403.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C403.exe:*:Enabled:C403 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C407.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C407.exe:*:Enabled:C407 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C412.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C412.exe:*:Enabled:C412 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C413.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\probes\C413.exe:*:Enabled:C413 Cable Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe:*:Enabled:LVP Check Test Application"

"C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe:*:Enabled:VCL_PC MFC Application EZTech"

"C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe:*:Enabled:LAN Connectivity Activation"

"C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe:*:Enabled:ProbeTickHandler executable"

 

======List of files/folders created in the last 1 months======

 

2010-06-13 10:27:03 ----D---- C:\rsit

2010-06-13 10:22:44 ----D---- C:\WINDOWS\system32\LogFiles

2010-06-13 00:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$

2010-06-13 00:13:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$

2010-06-13 00:10:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$

2010-06-13 00:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$

2010-06-13 00:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$

2010-06-13 00:06:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$

2010-06-12 21:41:33 ----D---- C:\Documents and Settings\IDS Administrator\Application Data\CheckPoint

2010-06-12 21:41:09 ----D---- C:\Program Files\CheckPoint

2010-06-12 21:40:57 ----A---- C:\WINDOWS\system32\vsutil_loc040c.dll

2010-06-12 21:40:55 ----A---- C:\WINDOWS\system32\vsregexp.dll

2010-06-12 21:40:51 ----A---- C:\WINDOWS\system32\zlcommdb.dll

2010-06-12 21:40:51 ----A---- C:\WINDOWS\system32\zlcomm.dll

2010-06-12 21:40:42 ----A---- C:\WINDOWS\system32\vswmi.dll

2010-06-12 21:40:40 ----A---- C:\WINDOWS\system32\zpeng25.dll

2010-06-12 21:40:39 ----D---- C:\WINDOWS\system32\ZoneLabs

2010-06-12 21:40:39 ----A---- C:\WINDOWS\system32\vsxml.dll

2010-06-12 21:40:39 ----A---- C:\WINDOWS\system32\vspubapi.dll

2010-06-12 21:40:39 ----A---- C:\WINDOWS\system32\vsmonapi.dll

2010-06-12 21:40:35 ----D---- C:\Program Files\Zone Labs

2010-06-12 21:39:24 ----D---- C:\WINDOWS\Internet Logs

2010-06-12 21:39:09 ----A---- C:\WINDOWS\system32\vsdata.dll

2010-06-12 21:39:08 ----A---- C:\WINDOWS\system32\vsutil.dll

2010-06-12 21:39:08 ----A---- C:\WINDOWS\system32\vsinit.dll

2010-06-12 20:12:43 ----D---- C:\WINDOWS\temp

2010-06-12 20:12:40 ----A---- C:\ComboFix.txt

2010-06-12 20:07:52 ----A---- C:\TDSNetLog.txt

2010-06-12 13:36:59 ----A---- C:\Boot.bak

2010-06-12 13:36:49 ----RASHD---- C:\cmdcons

2010-06-12 13:35:21 ----A---- C:\WINDOWS\SWXCACLS.exe

2010-06-12 13:35:21 ----A---- C:\WINDOWS\SWSC.exe

2010-06-12 13:35:21 ----A---- C:\WINDOWS\SWREG.exe

2010-06-12 13:35:21 ----A---- C:\WINDOWS\sed.exe

2010-06-12 13:35:21 ----A---- C:\WINDOWS\PEV.exe

2010-06-12 13:35:21 ----A---- C:\WINDOWS\NIRCMD.exe

2010-06-12 13:35:21 ----A---- C:\WINDOWS\MBR.exe

2010-06-12 13:35:21 ----A---- C:\WINDOWS\grep.exe

2010-06-12 13:35:10 ----D---- C:\WINDOWS\ERDNT

2010-06-12 13:34:58 ----D---- C:\Qoobox

2010-06-12 12:40:30 ----D---- C:\Program Files\Trend Micro

2010-06-12 12:39:45 ----D---- C:\HJT

2010-06-12 12:04:36 ----A---- C:\TB.txt

2010-06-12 12:03:45 ----D---- C:\ToolBar SD

2010-06-11 13:02:03 ----D---- C:\Documents and Settings\IDS Administrator\Application Data\Malwarebytes

2010-06-11 13:01:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2010-06-11 13:01:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-06-11 12:56:43 ----A---- C:\ZHPExportRegistry-11-06-2010-12-56-43.txt

2010-06-10 21:15:29 ----D---- C:\Program Files\ZHPDiag

2010-06-10 11:11:43 ----D---- C:\Program Files\Spybot - Search & Destroy

2010-06-10 11:11:43 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2010-06-10 08:48:50 ----D---- C:\Program Files\Avira

2010-06-10 08:48:50 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2010-06-01 09:16:08 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

2010-06-01 09:15:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

 

======List of files/folders modified in the last 1 months======

 

2010-06-13 10:27:16 ----D---- C:\WINDOWS\Prefetch

2010-06-13 10:25:55 ----RD---- C:\Program Files

2010-06-13 10:22:44 ----D---- C:\WINDOWS\system32

2010-06-13 10:16:52 ----D---- C:\WINDOWS\Microsoft.NET

2010-06-13 10:16:33 ----RSD---- C:\WINDOWS\assembly

2010-06-13 10:06:38 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt

2010-06-13 10:06:24 ----D---- C:\WINDOWS\system32\CatRoot2

2010-06-13 00:26:43 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-06-13 00:19:14 ----D---- C:\WINDOWS

2010-06-13 00:14:35 ----HD---- C:\WINDOWS\inf

2010-06-13 00:14:33 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-06-13 00:14:09 ----A---- C:\WINDOWS\imsins.BAK

2010-06-13 00:13:18 ----HD---- C:\WINDOWS\$hf_mig$

2010-06-13 00:12:54 ----SHD---- C:\WINDOWS\Installer

2010-06-13 00:07:27 ----D---- C:\Program Files\Outlook Express

2010-06-13 00:03:31 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-06-13 00:02:34 ----D---- C:\WINDOWS\WinSxS

2010-06-12 23:52:33 ----D---- C:\WINDOWS\system32\en-us

2010-06-12 23:52:33 ----D---- C:\Program Files\Internet Explorer

2010-06-12 23:52:19 ----D---- C:\WINDOWS\ie7updates

2010-06-12 20:12:44 ----D---- C:\WINDOWS\system32\drivers

2010-06-12 20:08:10 ----AC---- C:\WINDOWS\ODBC.INI

2010-06-12 20:05:57 ----A---- C:\WINDOWS\system.ini

2010-06-12 19:17:13 ----D---- C:\WINDOWS\AppPatch

2010-06-12 19:17:10 ----D---- C:\Program Files\Common Files

2010-06-12 13:36:59 ----RASH---- C:\boot.ini

2010-06-09 11:49:29 ----D---- C:\Program Files\Common Files\Teradyne

2010-06-08 19:37:57 ----D---- C:\Program Files\FordEtis

2010-06-08 16:37:45 ----D---- C:\WINDOWS\system32\CatRoot

2010-06-08 16:35:12 ----D---- C:\WINDOWS\system32\config

2010-06-08 16:34:40 ----D---- C:\WINDOWS\system32\wbem

2010-06-08 16:34:30 ----D---- C:\WINDOWS\Registration

2010-06-08 16:29:31 ----D---- C:\WINDOWS\system32\Restore

2010-05-28 12:37:36 ----A---- C:\WINDOWS\system32\MRT.exe

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-10 28520]

R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-12-04 486280]

R1 WLANSW;Panasonic PC Wireless LAN Switch Driver; \??\C:\Program Files\Panasonic\WLANSW\WLANSW.SYS []

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-02-18 17801]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-06-10 56816]

R2 brecal;Panasonic Battery Recalibration Driver; \??\C:\Program Files\Panasonic\BRECAL\Brecal.sys []

R2 pcinfo;Panasonic PC Info. Viewer Driver; \??\C:\Program Files\Panasonic\PCINFO\pcinfo.sys []

R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-09-06 11354]

R2 SDKEY;Panasonic SD Misc. Function Driver; \??\C:\Program Files\Panasonic\SDKEY\SDKEY.SYS []

R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-12-20 1271463]

R3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]

R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 FIDMOU;Fujitsu touchpad; C:\WINDOWS\system32\DRIVERS\Fidmou.sys [2005-04-18 23463]

R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 HOTKEY;Panasonic Hotkey Driver; C:\WINDOWS\system32\DRIVERS\HOTKEY.SYS [2003-03-17 9216]

R3 HTKPLUS;Panasonic Hotkey PLUS Driver; C:\WINDOWS\system32\DRIVERS\HTKPLUS.SYS [2003-03-17 8448]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-03-10 827100]

R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]

R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2004-11-11 276816]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 w29n51;Intel® PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-09-12 3298432]

S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

S1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-06-24 60160]

S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-13 31744]

S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]

S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]

S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]

S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 MOSUMAC;USB-Ethernet Driver; C:\WINDOWS\system32\DRIVERS\MOSUMAC.SYS [2004-08-30 31375]

S3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]

S3 RICOH SmartCard Reader;RICOH SmartCard Reader; C:\WINDOWS\system32\DRIVERS\rsmartc.sys [2003-12-22 69460]

S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851]

S3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-06-20 44288]

S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-06-17 98944]

S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531]

S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-16 50048]

S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]

S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048]

S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816]

S3 USB-100;Realtek RTL8150 USB 10/100 Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8150.SYS [2006-08-08 22016]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-06-10 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-06-10 185089]

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]

R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-10-04 86016]

R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-10-04 139264]

R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-10-04 372809]

R2 TDSNetSetup;TDSNetSetup; C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe [2010-01-11 17920]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-12-04 2384240]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

 

info.txt logfile of random's system information tool 1.06 2010-06-13 10:27:22

 

======Uninstall list======

 

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}

Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log

Agere Systems AC'97 Modem-->agrsmdel

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

Battery Recalibration-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD5C2205-7BAD-4B87-BF9A-2BAC626B29C8}\Setup.exe"

Calibration-->"C:\Program Files\InstallShield Installation Information\{097FE1B7-B186-426B-A4EC-D1D9D21D3099}\setup.exe" -runfromtemp -l0x040c -removeonly

Czech - Panasonic Toughbook CF-18 Configuration-->MsiExec.exe /I{D7F52D63-B1A9-4F18-A336-57E3CF8B800E}

Data Access Objects (DAO) 3.5-->C:\Program Files\Common Files\Microsoft Shared\DAO\Remove.EXE C:\WINDOWS\UNINST.EXE -fC:\PROGRA~1\COMMON~1\MICROS~1\DAO\DeIsL22.isu

Désinstaller l'imprimante EPSON SX110 Series-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSFBE.EXE /R /APD /P:"EPSON SX110 Series"

Display Rotation Tool-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6A55E65-1784-4E84-8EAA-DB4386E11ACF}\Setup.exe" -l0x9

DMI Viewer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5639BE8E-33DA-402A-B414-1FBED9CC50E1}\Setup.exe"

EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

FordEtis IDS 1.1928-->C:\Program Files\FordEtis\uninstall.exe

Greek - Panasonic Toughbook CF-18 Configuration-->MsiExec.exe /I{C8A5A429-8EA9-420E-B357-7B7EE5040B15}

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

HotKey Appendix-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D39011-AD99-4980-ADF9-B8202173668D}\Setup.exe" -l0x9

Hotkey Driver for Panasonic PC-->wscript.exe C:\WINDOWS\system32\HKUNINST.vbs

Hotkey Plus Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4CB41492-DF16-4100-B2F8-7E007D858AF3}\Setup.exe" -l0x9

Hotkey Settings-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEEFA812-64A6-4083-BB38-87F68B6BA820}\Setup.exe"

IC4 Interface Device by SU Enterprise, Inc.-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8718A2BC-7E23-4D23-969A-2A2EC9E45B0E}\Setup.exe" -l0x9 IC4USB32

Icon Enlarger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93994589-6A13-49BE-8AF6-12AAC9A28529}\Setup.exe"

IDS Main Menu-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\IDS Main Menu\ST6UNST.LOG"

IDS-->"C:\Program Files\InstallShield Installation Information\{91DE1A85-7350-458A-B674-D7C8F3476299}\setup.exe" -runfromtemp -l0x040c -removeonly

Intel® Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592

Intel® PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe

Loupe Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6DAA0AF0-3B51-4EE0-83CC-47A3582DFA51}\Setup.exe" -l0x9

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}

mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}

mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}

mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft GB18030 Support Package-->MsiExec.exe /I{DEBACE7E-5DD1-42DB-AFE7-2B60E7CC80A8}

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}

mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}

mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}

mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}

mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}

mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}

mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}

mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}

mZConfig-->MsiExec.exe /I{7CD7A451-7224-49C8-95EF-9A1859C66607}

Panasonic Hand Writing 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5408344D-95C0-486A-9539-36EBBACADC68}\Setup.exe"

PC Information Viewer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30348D0E-37F0-41EE-869B-F0441A87FFEC}\Setup.exe" -l0x9

Puma-->MsiExec.exe /I{BCA5A78E-DB6F-4D03-8C3C-80CBF3BE6A5B}

Russian - Panasonic Toughbook CF-18 Configuration-->MsiExec.exe /I{83FC7B10-10E6-4F9C-9203-D33653EE945C}

SD Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B18C20D2-A3E9-422D-9136-99B5BDD6565D}\Setup.exe" -l0x9

Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"

Software Keyboard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{412B3181-280F-409C-BCC9-C69BE63688AE}\Setup.exe" -l0x9

touchpad/touchscreen-->Fidmouu.exe

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"

Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"

Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

USB-Ethernet Adapter Device-->MacUnInstall.exe

Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"

Windows Internet Explorer 7 Multilingual User Interface (MUI)-->"C:\WINDOWS\ie7updates\IE7-MUI\spuninst\spuninst.exe"

Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Player 10 Hotfix [see KB887626 for more information]-->C:\WINDOWS\$NtUninstallKB887626$\spuninst\spuninst.exe

Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

Wireless LAN Switch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF758B2C-348F-4B43-9818-08895BDCFC1C}\Setup.exe" -l0x9

ZHPDiag 1.25-->"C:\Program Files\ZHPDiag\unins000.exe"

ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

 

======Security center information======

 

AV: AntiVir Desktop

FW: ZoneAlarm Firewall

 

======System event log======

 

Computer Name: IDS_CF-18

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service Remote Access Connection Manager.

 

Record Number: 36975

Source Name: Service Control Manager

Time Written: 20100409080332.000000+120

Event Type: Informations

User: IDS_CF-18\IDS Administrator

 

Computer Name: IDS_CF-18

Event Code: 7036

Message: Le service IMAPI CD-Burning COM Service est entré dans l'état : en cours d'exécution.

 

Record Number: 36974

Source Name: Service Control Manager

Time Written: 20100409080330.000000+120

Event Type: Informations

User:

 

Computer Name: IDS_CF-18

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service IMAPI CD-Burning COM Service.

 

Record Number: 36973

Source Name: Service Control Manager

Time Written: 20100409080330.000000+120

Event Type: Informations

User: AUTORITE NT\SYSTEM

 

Computer Name: IDS_CF-18

Event Code: 7036

Message: Le service SSDP Discovery Service est entré dans l'état : en cours d'exécution.

 

Record Number: 36972

Source Name: Service Control Manager

Time Written: 20100409080329.000000+120

Event Type: Informations

User:

 

Computer Name: IDS_CF-18

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service SSDP Discovery Service.

 

Record Number: 36971

Source Name: Service Control Manager

Time Written: 20100409080329.000000+120

Event Type: Informations

User: AUTORITE NT\SYSTEM

 

=====Application event log=====

 

Computer Name: IDS_CF-18

Event Code: 2002

Message:

Record Number: 2907

Source Name: EAPOL

Time Written: 20090921102602.000000+120

Event Type: Informations

User:

 

Computer Name: IDS_CF-18

Event Code: 2003

Message:

Record Number: 2906

Source Name: EAPOL

Time Written: 20090921102602.000000+120

Event Type: Informations

User:

 

Computer Name: IDS_CF-18

Event Code: 1800

Message: Le service Centre de sécurité Windows a démarré.

 

Record Number: 2905

Source Name: SecurityCenter

Time Written: 20090921102524.000000+120

Event Type: Informations

User:

 

Computer Name: IDS_CF-18

Event Code: 0

Message:

Record Number: 2904

Source Name: RegSrvc

Time Written: 20090921102523.000000+120

Event Type: Informations

User:

 

Computer Name: IDS_CF-18

Event Code: 0

Message:

Record Number: 2903

Source Name: EvtEng

Time Written: 20090921102520.000000+120

Event Type: Informations

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Ford Motor Company\IDS\Runtime

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel

"PROCESSOR_REVISION"=0d08

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"tvdumpflags"=8

 

-----------------EOF-----------------

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

J'ai fait une petite erreur d'appréciation, c'est à ça que tu dois ce message d'erreur.

 

J'ai préparé une procédure de récupération, mais j'ai demandé l'avis d'un collègue avant de te la faire lancer.

Deux avis valent mieux qu'un seul.

 

Je te tiens au courant dès que j'aurai obtenu les renseignements complémentaires dont j'ai besoin.

 

@++

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Re,

 

Non rien de bien grave, mais on va récupérer une dll et deux clés de registre dans les sauvegardes de ComboFix.

 

Mais il faut que les manip soient précises car CF l'exige.

 

Vundo a été viré et je ne sais pas trop pourquoi tu as des soucis avec une mise à jour; quel est le nom du logiciel en question?

 

@++

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Re,

 

On va récupérer le fichier de la quarantaine de CFIX pour commencer, ensuite on ira récupérer les clés de registre.

 

Ce script a été rédigé spécialement pour cet utilisateur; ne pas l'utiliser sur une autre machine: dangereux!

 

1. Ferme tous les navigateurs ouverts.

2. Désactive provisoirement l'antivirus.

 

 

2. Ferme/désactive tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.

 

3. Ouvre le Bloc-notes et fais un copier/coller du texte situé dans la boîte Code ci-dessous dans le Bloc-notes: (sans le mot code)!

 

DeQuarantine::

C:\Qoobox\Quarantine\c:\program files\ford motor company\ids\runtime\tmctrlbho.dll.vir

Quit::

 

Enregistre le fichier sous le nom CFScript.txt, au même endroit que ComboFix.exe

 

 

img-195530n0pz2.gif

 

Comme sur l'image ci-dessus, fais glisser CFScript puis dépose-le sur ComboFix.exe

 

Lorsque l'outil aura terminé, il t'affichera un rapport nommé C:\DeQuarantine_log.txt

que tu devras m'envoyer dans ton prochain message.

benjifast Member

benjifast

Posté(e)
  • Auteur
Posté(e)

Re,

 

Il s'agit du logiciel: FORD ETIS IDS utilisé pour diagnostic et base de données sur les véhicule ford.

 

Mes mises à jour sont bien télécharger, au moment de l'installation ça se passe normalement, puis elle reste à 11 en suspens et 0 installée, donc à chaque fois que je relance le logiciel le meme problème.

 

Rapport combofix:

 

ComboFix 10-06-11.01 - IDS Administrator 13/06/2010 14:16:01.3.1 - x86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1033.18.502.245 [GMT 2:00]

Lancé depuis: c:\documents and settings\IDS Administrator\Desktop\ComboFix.exe

Commutateurs utilisés :: c:\documents and settings\IDS Administrator\Desktop\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

.

 

((((((((((((((((((((((((((((( Fichiers créés du 2010-05-13 au 2010-06-13 ))))))))))))))))))))))))))))))))))))

.

 

2010-06-13 08:27 . 2010-06-13 08:27 -------- d-----w- C:\rsit

2010-06-13 08:22 . 2010-06-13 08:22 -------- d-----w- c:\windows\system32\LogFiles

2010-06-12 19:41 . 2010-06-12 19:41 -------- d-----w- c:\documents and settings\IDS Administrator\Application Data\CheckPoint

2010-06-12 19:41 . 2010-06-12 19:41 -------- d-----w- c:\program files\CheckPoint

2010-06-12 19:41 . 2010-06-12 19:41 4212 ---ha-w- c:\windows\system32\zllictbl.dat

2010-06-12 19:40 . 2009-12-04 14:35 46472 ----a-w- c:\windows\system32\vsutil_loc040c.dll

2010-06-12 19:40 . 2009-12-04 14:34 69000 ----a-w- c:\windows\system32\zlcomm.dll

2010-06-12 19:40 . 2009-12-04 14:34 103816 ----a-w- c:\windows\system32\zlcommdb.dll

2010-06-12 19:40 . 2009-12-04 14:34 1238408 ----a-w- c:\windows\system32\zpeng25.dll

2010-06-12 19:40 . 2010-06-12 19:41 -------- d-----w- c:\windows\system32\ZoneLabs

2010-06-12 19:40 . 2010-06-12 19:40 -------- d-----w- c:\program files\Zone Labs

2010-06-12 19:39 . 2010-06-13 12:12 -------- d-----w- c:\windows\Internet Logs

2010-06-12 10:40 . 2010-06-13 08:27 -------- d-----w- c:\program files\Trend Micro

2010-06-12 10:39 . 2010-06-12 10:40 -------- d-----w- C:\HJT

2010-06-12 10:03 . 2010-06-12 10:05 -------- d-----w- C:\ToolBar SD

2010-06-11 11:02 . 2010-06-11 11:02 -------- d-----w- c:\documents and settings\IDS Administrator\Application Data\Malwarebytes

2010-06-11 11:01 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-11 11:01 . 2010-06-11 11:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-06-11 11:01 . 2010-06-11 11:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-06-11 11:01 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-10 19:15 . 2010-06-11 10:56 -------- d-----w- c:\program files\ZHPDiag

2010-06-10 09:11 . 2010-06-11 10:14 -------- d-----w- c:\program files\Spybot - Search & Destroy

2010-06-10 09:11 . 2010-06-11 10:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-06-10 06:48 . 2010-06-10 07:00 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-06-10 06:48 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2010-06-10 06:48 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2010-06-10 06:48 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2010-06-10 06:48 . 2010-06-10 06:48 -------- d-----w- c:\program files\Avira

2010-06-10 06:48 . 2010-06-10 06:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2010-06-08 14:34 . 2010-06-08 14:34 -------- d-----w- c:\windows\system32\wbem\Repository

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-12 22:23 . 2010-06-12 22:17 1945839 ----a-w- c:\windows\Internet Logs\tvDebug.Zip

2010-06-09 09:49 . 2007-02-07 13:43 -------- d-----w- c:\program files\Common Files\Teradyne

2010-06-08 17:37 . 2007-02-07 13:51 -------- d-----w- c:\program files\FordEtis

2010-05-04 17:20 . 2006-02-17 16:59 832512 ----a-w- c:\windows\system32\wininet.dll

2010-05-04 17:20 . 2006-02-17 16:57 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-05-04 17:20 . 2006-02-17 16:56 17408 ------w- c:\windows\system32\corpol.dll

2010-05-02 05:22 . 2006-02-17 16:59 1851264 ----a-w- c:\windows\system32\win32k.sys

2010-04-20 05:30 . 2006-02-17 16:56 285696 ----a-w- c:\windows\system32\atmfd.dll

.

 

((((((((((((((((((((((((((((( SnapShot@2010-06-12_11.51.33 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-06-12 19:40 . 2009-12-04 14:35 12680 c:\windows\system32\ZoneLabs\zlsre_loc040c.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 99208 c:\windows\system32\ZoneLabs\zlquarantine.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 65928 c:\windows\system32\ZoneLabs\zatray.exe

+ 2010-06-12 19:40 . 2009-12-04 14:35 40328 c:\windows\system32\ZoneLabs\vsmon_loc040c.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 20872 c:\windows\system32\ZoneLabs\lib\zsys.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 14216 c:\windows\system32\ZoneLabs\lib\zmenu.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 43912 c:\windows\system32\ZoneLabs\lib\zfde.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 85384 c:\windows\system32\ZoneLabs\lib\ZAlert.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 37256 c:\windows\system32\ZoneLabs\lib\UpdateUI.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 12680 c:\windows\system32\ZoneLabs\lib\oem_1488.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 12680 c:\windows\system32\ZoneLabs\lib\oem_1487.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 12680 c:\windows\system32\ZoneLabs\lib\oem_1486.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 18824 c:\windows\system32\ZoneLabs\lib\oem_1466.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 12680 c:\windows\system32\ZoneLabs\lib\oem_1460.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 10120 c:\windows\system32\ZoneLabs\lib\oem_1454.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 11144 c:\windows\system32\ZoneLabs\lib\oem_1445.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 14216 c:\windows\system32\ZoneLabs\lib\oem_1440.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 12168 c:\windows\system32\ZoneLabs\lib\oem_1413.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 11144 c:\windows\system32\ZoneLabs\lib\oem_1010.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 29064 c:\windows\system32\ZoneLabs\lib\NavBar.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 12680 c:\windows\system32\ZoneLabs\lib\MainLoop.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 35720 c:\windows\system32\ZoneLabs\lib\Alert.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 38280 c:\windows\system32\ZoneLabs\featuremap.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 98184 c:\windows\system32\ZoneLabs\fbl.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 74632 c:\windows\system32\ZoneLabs\camupd.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 41864 c:\windows\system32\vswmi.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 58248 c:\windows\system32\vsregexp.dll

+ 2007-01-29 08:58 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe

- 2007-01-29 08:58 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe

+ 2006-02-17 16:58 . 2010-05-04 17:20 44544 c:\windows\system32\pngfilt.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 44544 c:\windows\system32\pngfilt.dll

+ 2006-02-17 16:58 . 2010-06-12 22:03 72066 c:\windows\system32\perfc009.dat

- 2006-02-17 16:58 . 2010-03-30 06:36 72066 c:\windows\system32\perfc009.dat

+ 2009-11-05 20:17 . 2009-11-05 20:17 11600 c:\windows\system32\mui\0409\mscorees.dll

- 2007-08-13 16:54 . 2010-03-11 12:38 52224 c:\windows\system32\msfeedsbs.dll

+ 2007-08-13 16:54 . 2010-05-04 17:20 52224 c:\windows\system32\msfeedsbs.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 27648 c:\windows\system32\jsproxy.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 27648 c:\windows\system32\jsproxy.dll

- 2007-08-13 16:39 . 2010-03-10 13:18 13824 c:\windows\system32\ieudinit.exe

+ 2007-08-13 16:39 . 2010-05-04 12:39 13824 c:\windows\system32\ieudinit.exe

- 2006-02-17 16:57 . 2010-03-11 12:38 44544 c:\windows\system32\iernonce.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 44544 c:\windows\system32\iernonce.dll

+ 2006-02-17 16:57 . 2010-05-04 12:39 70656 c:\windows\system32\ie4uinit.exe

- 2006-02-17 16:57 . 2010-03-10 13:18 70656 c:\windows\system32\ie4uinit.exe

+ 2007-08-13 16:36 . 2010-05-04 17:20 63488 c:\windows\system32\icardie.dll

- 2007-08-13 16:36 . 2010-03-11 12:38 63488 c:\windows\system32\icardie.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 44544 c:\windows\system32\dllcache\pngfilt.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 44544 c:\windows\system32\dllcache\pngfilt.dll

+ 2008-09-23 08:08 . 2010-05-04 17:20 52224 c:\windows\system32\dllcache\msfeedsbs.dll

- 2008-09-23 08:08 . 2010-03-11 12:38 52224 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 27648 c:\windows\system32\dllcache\jsproxy.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 27648 c:\windows\system32\dllcache\jsproxy.dll

- 2008-09-23 08:08 . 2010-03-10 13:18 13824 c:\windows\system32\dllcache\ieudinit.exe

+ 2008-09-23 08:08 . 2010-05-04 12:39 13824 c:\windows\system32\dllcache\ieudinit.exe

- 2006-02-17 16:57 . 2010-03-11 12:38 44544 c:\windows\system32\dllcache\iernonce.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 44544 c:\windows\system32\dllcache\iernonce.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 78336 c:\windows\system32\dllcache\ieencode.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 78336 c:\windows\system32\dllcache\ieencode.dll

+ 2006-02-17 16:57 . 2010-05-04 12:39 70656 c:\windows\system32\dllcache\ie4uinit.exe

- 2006-02-17 16:57 . 2010-03-10 13:18 70656 c:\windows\system32\dllcache\ie4uinit.exe

- 2008-09-23 08:08 . 2010-03-11 12:38 63488 c:\windows\system32\dllcache\icardie.dll

+ 2008-09-23 08:08 . 2010-05-04 17:20 63488 c:\windows\system32\dllcache\icardie.dll

- 2006-02-17 16:56 . 2010-03-11 12:38 17408 c:\windows\system32\dllcache\corpol.dll

+ 2006-02-17 16:56 . 2010-05-04 17:20 17408 c:\windows\system32\dllcache\corpol.dll

+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll

+ 2006-02-17 16:56 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

- 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

+ 2010-03-23 03:31 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2010-04-01 09:42 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll

- 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

- 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll

- 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll

+ 2010-03-31 13:32 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe

- 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe

+ 2010-03-31 13:32 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll

- 2003-02-21 03:19 . 2003-02-21 03:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 44544 c:\windows\ie7updates\KB982381-IE7\pngfilt.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 52224 c:\windows\ie7updates\KB982381-IE7\msfeedsbs.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 27648 c:\windows\ie7updates\KB982381-IE7\jsproxy.dll

+ 2010-06-12 21:52 . 2010-03-10 13:18 13824 c:\windows\ie7updates\KB982381-IE7\ieudinit.exe

+ 2010-06-12 21:52 . 2010-03-11 12:38 44544 c:\windows\ie7updates\KB982381-IE7\iernonce.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 78336 c:\windows\ie7updates\KB982381-IE7\ieencode.dll

+ 2010-06-12 21:52 . 2010-03-10 13:18 70656 c:\windows\ie7updates\KB982381-IE7\ie4uinit.exe

+ 2010-06-12 21:52 . 2010-03-11 12:38 63488 c:\windows\ie7updates\KB982381-IE7\icardie.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 17408 c:\windows\ie7updates\KB982381-IE7\corpol.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_56fa7e1b\System.Drawing.Design.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_64b762a9\CustomMarshalers.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll

+ 2010-06-12 22:10 . 2010-06-12 22:10 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\e67992626a30603458b0df22841c2423\PresentationFontCache.ni.exe

+ 2010-06-12 22:07 . 2010-06-12 22:07 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\6be27d744e6e2bfc4b0e25bd2998ef7c\PresentationCFFRasterizer.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

- 2009-08-31 09:52 . 2009-08-31 09:52 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

+ 2010-06-12 22:05 . 2010-06-12 22:05 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2010-06-12 22:12 . 2010-06-12 22:12 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 7048 c:\windows\system32\ZoneLabs\zlquarantine_loc040c.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 7048 c:\windows\system32\ZoneLabs\vsvault_loc040c.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 7048 c:\windows\system32\ZoneLabs\vsdb_loc040c.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 7048 c:\windows\system32\ZoneLabs\scheduler_loc040c.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 7048 c:\windows\system32\ZoneLabs\camupd_loc040c.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2009-10-19 08:41 . 2009-10-19 08:41 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2009-10-19 08:40 . 2009-10-19 08:41 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 141192 c:\windows\system32\ZoneLabs\zlupdate.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 172936 c:\windows\system32\ZoneLabs\vsvault.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 190856 c:\windows\system32\ZoneLabs\vsruledb_loc040c.dll

+ 2010-06-12 19:39 . 2009-12-04 14:34 210824 c:\windows\system32\ZoneLabs\vsdb.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 113544 c:\windows\system32\ZoneLabs\updClient_loc040c.dll

+ 2010-06-12 19:40 . 2007-10-11 14:51 832984 c:\windows\system32\ZoneLabs\updating.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 434568 c:\windows\system32\ZoneLabs\ssleay32.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 135048 c:\windows\system32\ZoneLabs\scheduler.dll

+ 2010-06-12 19:40 . 2009-07-13 21:58 722392 c:\windows\system32\ZoneLabs\qrbase.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 119688 c:\windows\system32\ZoneLabs\lib\zui.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 267656 c:\windows\system32\ZoneLabs\lib\TrayTest.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 175496 c:\windows\system32\ZoneLabs\lib\Overview.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 368008 c:\windows\system32\ZoneLabs\lib\LicenseUI.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 139144 c:\windows\system32\ZoneLabs\lib\DashBoard.zip.dll

+ 2010-06-12 19:40 . 2009-12-04 14:35 376712 c:\windows\system32\ZoneLabs\lib\ConfigWizard.zip.dll

+ 2010-06-12 19:39 . 2009-10-09 18:33 579048 c:\windows\system32\ZoneLabs\icslta.dll

+ 2010-06-12 19:41 . 2008-03-17 14:52 813568 c:\windows\system32\ZoneLabs\dbghelp.dll

- 2006-02-17 16:59 . 2010-03-11 12:38 233472 c:\windows\system32\webcheck.dll

+ 2006-02-17 16:59 . 2010-05-04 17:20 233472 c:\windows\system32\webcheck.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 109960 c:\windows\system32\vsxml.dll

+ 2010-06-12 19:39 . 2009-12-04 14:34 621960 c:\windows\system32\vsutil.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 299912 c:\windows\system32\vspubapi.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 107912 c:\windows\system32\vsmonapi.dll

+ 2010-06-12 19:39 . 2009-12-04 14:34 227720 c:\windows\system32\vsinit.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 486280 c:\windows\system32\vsdatant.sys

+ 2010-06-12 19:39 . 2009-12-04 14:34 112008 c:\windows\system32\vsdata.dll

- 2006-02-17 16:59 . 2010-03-11 12:38 105984 c:\windows\system32\url.dll

+ 2006-02-17 16:59 . 2010-05-04 17:20 105984 c:\windows\system32\url.dll

+ 2006-02-17 16:58 . 2010-06-12 22:03 442800 c:\windows\system32\perfh009.dat

- 2006-02-17 16:58 . 2010-03-30 06:36 442800 c:\windows\system32\perfh009.dat

- 2006-02-17 16:58 . 2010-03-11 12:38 102912 c:\windows\system32\occache.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 102912 c:\windows\system32\occache.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 671232 c:\windows\system32\mstime.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 671232 c:\windows\system32\mstime.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 193024 c:\windows\system32\msrating.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 193024 c:\windows\system32\msrating.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 477696 c:\windows\system32\mshtmled.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 477696 c:\windows\system32\mshtmled.dll

- 2007-08-13 16:54 . 2010-03-11 12:38 459264 c:\windows\system32\msfeeds.dll

+ 2007-08-13 16:54 . 2010-05-04 17:20 459264 c:\windows\system32\msfeeds.dll

- 2006-02-18 01:37 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll

+ 2006-02-18 01:37 . 2010-01-29 15:01 691712 c:\windows\system32\inetcomm.dll

+ 2007-08-13 16:34 . 2010-05-04 17:20 268288 c:\windows\system32\iertutil.dll

- 2007-08-13 16:34 . 2010-03-11 12:38 268288 c:\windows\system32\iertutil.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 192512 c:\windows\system32\iepeers.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 192512 c:\windows\system32\iepeers.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 385024 c:\windows\system32\iedkcs32.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 385024 c:\windows\system32\iedkcs32.dll

+ 2007-07-11 10:27 . 2010-05-04 17:20 380928 c:\windows\system32\ieapfltr.dll

- 2007-07-11 10:27 . 2010-03-11 12:38 380928 c:\windows\system32\ieapfltr.dll

+ 2006-02-17 16:57 . 2010-04-16 11:43 161792 c:\windows\system32\ieakui.dll

- 2006-02-17 16:57 . 2010-02-23 05:18 161792 c:\windows\system32\ieakui.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 230400 c:\windows\system32\ieaksie.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 230400 c:\windows\system32\ieaksie.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 153088 c:\windows\system32\ieakeng.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 153088 c:\windows\system32\ieakeng.dll

+ 2006-02-17 17:29 . 2010-06-12 22:17 161936 c:\windows\system32\FNTCACHE.DAT

- 2006-02-17 17:29 . 2009-11-18 11:31 161936 c:\windows\system32\FNTCACHE.DAT

+ 2006-02-17 16:57 . 2010-05-04 17:20 133120 c:\windows\system32\extmgr.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 133120 c:\windows\system32\extmgr.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 214528 c:\windows\system32\dxtrans.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 214528 c:\windows\system32\dxtrans.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 347136 c:\windows\system32\dxtmsft.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 347136 c:\windows\system32\dxtmsft.dll

+ 2006-02-17 16:59 . 2010-05-04 17:20 832512 c:\windows\system32\dllcache\wininet.dll

- 2006-02-17 16:59 . 2010-03-11 12:38 832512 c:\windows\system32\dllcache\wininet.dll

+ 2006-02-17 16:59 . 2010-05-04 17:20 233472 c:\windows\system32\dllcache\webcheck.dll

- 2006-02-17 16:59 . 2010-03-11 12:38 233472 c:\windows\system32\dllcache\webcheck.dll

+ 2006-02-17 16:59 . 2010-05-04 17:20 105984 c:\windows\system32\dllcache\url.dll

- 2006-02-17 16:59 . 2010-03-11 12:38 105984 c:\windows\system32\dllcache\url.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 102912 c:\windows\system32\dllcache\occache.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 102912 c:\windows\system32\dllcache\occache.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 671232 c:\windows\system32\dllcache\mstime.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 671232 c:\windows\system32\dllcache\mstime.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 193024 c:\windows\system32\dllcache\msrating.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 193024 c:\windows\system32\dllcache\msrating.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 477696 c:\windows\system32\dllcache\mshtmled.dll

- 2006-02-17 16:58 . 2010-03-11 12:38 477696 c:\windows\system32\dllcache\mshtmled.dll

+ 2008-09-23 08:08 . 2010-05-04 17:20 459264 c:\windows\system32\dllcache\msfeeds.dll

- 2008-09-23 08:08 . 2010-03-11 12:38 459264 c:\windows\system32\dllcache\msfeeds.dll

- 2008-08-25 14:10 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll

+ 2008-08-25 14:10 . 2010-01-29 15:01 691712 c:\windows\system32\dllcache\inetcomm.dll

+ 2006-02-18 01:37 . 2010-04-16 11:43 634656 c:\windows\system32\dllcache\iexplore.exe

- 2008-09-23 08:08 . 2010-03-11 12:38 268288 c:\windows\system32\dllcache\iertutil.dll

+ 2008-09-23 08:08 . 2010-05-04 17:20 268288 c:\windows\system32\dllcache\iertutil.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 192512 c:\windows\system32\dllcache\iepeers.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 192512 c:\windows\system32\dllcache\iepeers.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 385024 c:\windows\system32\dllcache\iedkcs32.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 385024 c:\windows\system32\dllcache\iedkcs32.dll

- 2008-09-23 08:08 . 2010-03-11 12:38 380928 c:\windows\system32\dllcache\ieapfltr.dll

+ 2008-09-23 08:08 . 2010-05-04 17:20 380928 c:\windows\system32\dllcache\ieapfltr.dll

- 2006-02-17 16:57 . 2010-02-23 05:18 161792 c:\windows\system32\dllcache\ieakui.dll

+ 2006-02-17 16:57 . 2010-04-16 11:43 161792 c:\windows\system32\dllcache\ieakui.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 230400 c:\windows\system32\dllcache\ieaksie.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 230400 c:\windows\system32\dllcache\ieaksie.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 153088 c:\windows\system32\dllcache\ieakeng.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 153088 c:\windows\system32\dllcache\ieakeng.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 133120 c:\windows\system32\dllcache\extmgr.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 133120 c:\windows\system32\dllcache\extmgr.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 214528 c:\windows\system32\dllcache\dxtrans.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 214528 c:\windows\system32\dllcache\dxtrans.dll

- 2006-02-17 16:57 . 2010-03-11 12:38 347136 c:\windows\system32\dllcache\dxtmsft.dll

+ 2006-02-17 16:57 . 2010-05-04 17:20 347136 c:\windows\system32\dllcache\dxtmsft.dll

+ 2010-04-20 05:30 . 2010-04-20 05:30 285696 c:\windows\system32\dllcache\atmfd.dll

+ 2006-02-17 16:56 . 2010-05-04 17:20 124928 c:\windows\system32\dllcache\advpack.dll

- 2006-02-17 16:56 . 2010-03-11 12:38 124928 c:\windows\system32\dllcache\advpack.dll

+ 2006-02-17 16:56 . 2010-05-04 17:20 124928 c:\windows\system32\advpack.dll

- 2006-02-17 16:56 . 2010-03-11 12:38 124928 c:\windows\system32\advpack.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

- 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll

+ 2010-03-23 03:31 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

- 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

- 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

+ 2010-03-31 12:49 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

- 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

- 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

+ 2010-03-31 13:32 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\f84c0f.msp

+ 2010-06-12 21:52 . 2010-03-11 12:38 832512 c:\windows\ie7updates\KB982381-IE7\wininet.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 233472 c:\windows\ie7updates\KB982381-IE7\webcheck.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 105984 c:\windows\ie7updates\KB982381-IE7\url.dll

+ 2010-06-12 21:52 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB982381-IE7\spuninst\updspapi.dll

+ 2010-06-12 21:52 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB982381-IE7\spuninst\spuninst.exe

+ 2010-06-12 21:52 . 2010-03-11 12:38 102912 c:\windows\ie7updates\KB982381-IE7\occache.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 671232 c:\windows\ie7updates\KB982381-IE7\mstime.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 193024 c:\windows\ie7updates\KB982381-IE7\msrating.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 477696 c:\windows\ie7updates\KB982381-IE7\mshtmled.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 459264 c:\windows\ie7updates\KB982381-IE7\msfeeds.dll

+ 2010-06-12 21:52 . 2010-02-23 05:20 634648 c:\windows\ie7updates\KB982381-IE7\iexplore.exe

+ 2010-06-12 21:52 . 2010-03-11 12:38 268288 c:\windows\ie7updates\KB982381-IE7\iertutil.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 192512 c:\windows\ie7updates\KB982381-IE7\iepeers.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 385024 c:\windows\ie7updates\KB982381-IE7\iedkcs32.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 380928 c:\windows\ie7updates\KB982381-IE7\ieapfltr.dll

+ 2010-06-12 21:52 . 2010-02-23 05:18 161792 c:\windows\ie7updates\KB982381-IE7\ieakui.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 230400 c:\windows\ie7updates\KB982381-IE7\ieaksie.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 153088 c:\windows\ie7updates\KB982381-IE7\ieakeng.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 133120 c:\windows\ie7updates\KB982381-IE7\extmgr.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 214528 c:\windows\ie7updates\KB982381-IE7\dxtrans.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 347136 c:\windows\ie7updates\KB982381-IE7\dxtmsft.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 124928 c:\windows\ie7updates\KB982381-IE7\advpack.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_024c3711\System.Drawing.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_143d8091\System.Drawing.Design.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_269c7f61\CustomMarshalers.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe

+ 2010-06-12 22:25 . 2010-06-12 22:25 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a7c702f75d47bf841b9587e582c2d0b2\WindowsFormsIntegration.ni.dll

+ 2010-06-12 22:25 . 2010-06-12 22:25 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\3a78043c85333d5af49a0d958912ae4a\UIAutomationClient.ni.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll

+ 2010-06-12 22:19 . 2010-06-12 22:19 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll

+ 2010-06-12 22:15 . 2010-06-12 22:15 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll

+ 2010-06-12 22:20 . 2010-06-12 22:20 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll

+ 2010-06-12 22:07 . 2010-06-12 22:07 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll

+ 2010-06-12 22:10 . 2010-06-12 22:10 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2010-06-12 22:15 . 2010-06-12 22:15 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2077ce69bd24a095dd54683ae26454d4\System.Runtime.Remoting.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\07da2b0e44d62f3c65d6516f4e2f94bb\System.Messaging.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll

+ 2010-06-13 08:12 . 2010-06-13 08:12 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll

+ 2010-06-12 22:15 . 2010-06-12 22:15 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll

+ 2010-06-12 22:15 . 2010-06-12 22:15 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll

+ 2010-06-12 22:16 . 2010-06-12 22:16 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll

+ 2010-06-12 22:19 . 2010-06-12 22:19 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll

+ 2010-06-12 22:06 . 2010-06-12 22:06 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll

+ 2010-06-12 22:20 . 2010-06-12 22:20 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe

+ 2010-06-13 08:13 . 2010-06-13 08:13 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe

+ 2010-06-12 22:24 . 2010-06-12 22:24 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae733e4062edba3a33bb0a632bef66bf\PresentationFramework.Royale.ni.dll

+ 2010-06-12 22:22 . 2010-06-12 22:22 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3ffad524016f0aba7b11a8aa33301a65\PresentationFramework.Aero.ni.dll

+ 2010-06-12 22:24 . 2010-06-12 22:24 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\201968d038a23a4688310fed1eeaddaa\PresentationFramework.Classic.ni.dll

+ 2010-06-12 22:24 . 2010-06-12 22:24 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ead87ca8eb84c595c77c70e3b2df88d\PresentationFramework.Luna.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe

+ 2010-06-13 08:13 . 2010-06-13 08:13 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2010-06-12 22:07 . 2010-06-12 22:07 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe

+ 2010-06-13 08:13 . 2010-06-13 08:13 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-06-12 22:05 . 2010-06-12 22:05 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2010-06-12 22:05 . 2010-06-12 22:05 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2009-08-31 09:52 . 2009-08-31 09:52 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

+ 2010-06-12 22:05 . 2010-06-12 22:05 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2009-10-19 08:40 . 2009-10-19 08:41 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2010-06-12 19:40 . 2009-12-04 14:34 1789320 c:\windows\system32\ZoneLabs\vsruledb.dll

+ 2010-06-12 19:40 . 2009-12-04 14:36 2384240 c:\windows\system32\ZoneLabs\vsmon.exe

+ 2010-06-12 19:40 . 2009-12-04 14:35 1536392 c:\windows\system32\ZoneLabs\lib\zpy.zip.dll

+ 2006-02-17 17:01 . 2010-04-03 01:33 2365288 c:\windows\system32\WMVCore.dll

- 2006-02-17 16:59 . 2010-03-11 12:38 1168384 c:\windows\system32\urlmon.dll

+ 2006-02-17 16:59 . 2010-05-04 17:20 1168384 c:\windows\system32\urlmon.dll

- 2006-02-17 16:58 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll

+ 2006-02-17 16:58 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 3600384 c:\windows\system32\mshtml.dll

+ 2007-08-13 16:54 . 2010-05-04 17:20 6067200 c:\windows\system32\ieframe.dll

- 2007-08-13 16:54 . 2010-03-11 12:38 6067200 c:\windows\system32\ieframe.dll

+ 2006-02-17 17:01 . 2010-04-03 01:33 2365288 c:\windows\system32\dllcache\WMVCore.dll

+ 2008-10-15 12:11 . 2010-05-02 05:22 1851264 c:\windows\system32\dllcache\win32k.sys

+ 2006-02-17 16:59 . 2010-05-04 17:20 1168384 c:\windows\system32\dllcache\urlmon.dll

- 2006-02-17 16:59 . 2010-03-11 12:38 1168384 c:\windows\system32\dllcache\urlmon.dll

- 2006-02-17 16:58 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll

+ 2006-02-17 16:58 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll

+ 2006-02-18 01:37 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll

- 2006-02-18 01:37 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll

+ 2006-02-17 16:58 . 2010-05-04 17:20 3600384 c:\windows\system32\dllcache\mshtml.dll

+ 2008-09-23 08:08 . 2010-05-04 17:20 6067200 c:\windows\system32\dllcache\ieframe.dll

- 2008-09-23 08:08 . 2010-03-11 12:38 6067200 c:\windows\system32\dllcache\ieframe.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll

+ 2010-03-23 03:32 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

- 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

+ 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll

- 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll

+ 2010-04-01 09:42 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll

- 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll

+ 2010-04-01 09:42 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll

+ 2010-03-31 12:50 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

- 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

+ 2010-03-31 12:50 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll

+ 2010-04-01 09:42 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

- 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

+ 2010-04-11 20:17 . 2010-04-11 20:17 2607104 c:\windows\Installer\f84c1b.msp

+ 2010-04-11 20:17 . 2010-04-11 20:17 4210688 c:\windows\Installer\f84c1a.msp

+ 2010-06-12 21:52 . 2010-03-11 12:38 1168384 c:\windows\ie7updates\KB982381-IE7\urlmon.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 3599872 c:\windows\ie7updates\KB982381-IE7\mshtml.dll

+ 2010-06-12 21:52 . 2010-03-11 12:38 6067200 c:\windows\ie7updates\KB982381-IE7\ieframe.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_675ecb6b\System.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_31476286\System.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_a2ceb260\System.Xml.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0d2189d5\System.Xml.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_ef01ec36\System.Windows.Forms.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9d7a08fa\System.Windows.Forms.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_aa655721\System.Drawing.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c349ffbd\System.Design.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_328f1caf\System.Design.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_51807571\mscorlib.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_01df5914\mscorlib.dll

+ 2010-06-12 22:07 . 2010-06-12 22:07 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\f231461883859922a040002dddfb7b12\WindowsBase.ni.dll

+ 2010-06-12 22:25 . 2010-06-12 22:25 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\48b66876f72f472db62de48ae4369406\UIAutomationClientsideProviders.ni.dll

+ 2010-06-12 22:16 . 2010-06-12 22:16 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP343.tmp\System.Data.OracleClient.dll

+ 2010-06-12 22:06 . 2010-06-12 22:06 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll

+ 2010-06-12 22:06 . 2010-06-12 22:06 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\016b75f60a18535c8d6b3e5d861ab559\System.WorkflowServices.ni.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6dacae37d337004345518976fb57099e\System.Workflow.Runtime.ni.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c7b832bbc5bb11c6c7f128c801ce90d7\System.Workflow.ComponentModel.ni.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b9ea6ea910293cd6f13f765775867ebd\System.Workflow.Activities.ni.dll

+ 2010-06-12 22:16 . 2010-06-12 22:16 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll

+ 2010-06-13 08:16 . 2010-06-13 08:16 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll

+ 2010-06-12 22:24 . 2010-06-12 22:24 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\169fe0ad9d59982a2a6b89779c09885b\System.ServiceModel.Web.ni.dll

+ 2010-06-13 08:12 . 2010-06-13 08:12 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\161b423dc4e86e569af019e838d39de5\System.Printing.ni.dll

+ 2010-06-13 08:12 . 2010-06-13 08:12 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll

+ 2010-06-12 22:09 . 2010-06-12 22:09 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll

+ 2010-06-12 22:09 . 2010-06-12 22:09 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll

+ 2010-06-12 22:14 . 2010-06-12 22:14 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll

+ 2010-06-12 22:07 . 2010-06-12 22:07 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll

+ 2010-06-12 22:19 . 2010-06-12 22:19 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\f249a2dbc8dcb91860d0997c163c73ff\System.Data.OracleClient.ni.dll

+ 2010-06-12 22:24 . 2010-06-12 22:24 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6abf820d8ec57a0561c3367727d274df\System.Data.Entity.ni.dll

+ 2010-06-12 22:24 . 2010-06-12 22:24 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\fc373f0a8dbd173c63b6b95551b1c673\ReachFramework.ni.dll

+ 2010-06-12 22:13 . 2010-06-12 22:13 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\ead93b6a4f0101cb99d09f3e3fc6491c\PresentationUI.ni.dll

+ 2010-06-12 22:06 . 2010-06-12 22:06 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll

+ 2010-06-13 08:15 . 2010-06-13 08:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\9db8f9f7fe63ca4451bb5316a3ebb009\Microsoft.JScript.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c96be82d6cb00367db4e3553272165ef\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll

+ 2010-06-13 08:13 . 2010-06-13 08:13 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2010-06-12 22:05 . 2010-06-12 22:05 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2009-10-19 08:40 . 2009-10-19 08:40 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2009-10-19 08:41 . 2009-10-19 08:41 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2010-06-12 22:02 . 2010-06-12 22:02 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2010-06-12 22:12 . 2010-06-12 22:12 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

- 2009-10-19 08:31 . 2009-10-19 08:31 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

- 2009-10-19 08:31 . 2009-10-19 08:31 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-06-12 22:12 . 2010-06-12 22:12 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

+ 2007-02-16 08:41 . 2010-05-28 10:37 32472008 c:\windows\system32\MRT.exe

+ 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp

+ 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\f84c46.msp

+ 2010-04-11 20:17 . 2010-04-11 20:17 14599680 c:\windows\Installer\f84c29.msp

+ 2010-06-12 22:10 . 2010-06-12 22:10 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll

+ 2010-06-12 22:15 . 2010-06-12 22:15 11797504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll

+ 2010-06-13 08:12 . 2010-06-13 08:12 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll

+ 2010-06-12 22:16 . 2010-06-12 22:16 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll

+ 2010-06-12 22:11 . 2010-06-12 22:11 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ca898d942e4d85af4c3d5f14a77c359a\PresentationFramework.ni.dll

+ 2010-06-12 22:09 . 2010-06-12 22:09 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ba8f917fd89d7afa8885c2a326379f03\PresentationCore.ni.dll

.

-- Instantané actualisé --

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" [2009-03-14 222496]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-03-10 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-03-10 126976]

"HPlsKey"="c:\program files\Panasonic\HPLSMAN\hplskey.exe" [2005-06-01 61440]

"PRunOnce"="c:\util\prunonce\PRunOnce.exe" [2004-08-06 110592]

"PCinfo"="c:\program files\Panasonic\PCINFO\SetDiag.exe" [2005-06-15 45056]

"Panasonic HotKey Manager"="c:\program files\Panasonic\HotKey Appendix\HKEYAPP.EXE" [2005-06-14 974848]

"AGRSMMSG"="AGRSMMSG.exe" [2004-12-20 88358]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-10-04 401408]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-10-04 385024]

"IDSMainMenu"="c:\program files\IDS Main Menu\IDS Main Menu2.exe" [2007-02-07 360448]

"IDSTechnician"="c:\program files\IDS\TechLocale.exe" [2006-04-04 32768]

"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-05 44032]

"Starburst"="c:\program files\Ford Motor Company\IDS\Runtime\Starburst.exe" [2010-02-21 90112]

"Feedback"="c:\program files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe" [2010-02-21 72704]

"TDSReanimator"="c:\program files\Common Files\Teradyne\TDSReanimator.exe" [2010-01-11 11264]

"ProbeTickHandler"="c:\program files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe" [2010-02-21 43008]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-12-04 1037192]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Display Rotation Tool.lnk - c:\program files\Panasonic\DispRot\IDRot.exe [2006-2-18 81920]

Panasonic Hand Writing.lnk - c:\program files\Panasonic\WRITING\Writing.exe [2006-2-18 278528]

Software Keyboard.lnk - c:\program files\Panasonic\MEISKB\meiskb.exe [2006-2-18 139264]

Wireless LAN Switch.lnk - c:\program files\Panasonic\WLANSW\WLANSW.EXE [2006-2-28 94208]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

2005-10-04 06:59 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\FordEtis\\etisdvd.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\ManualUpdate.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\manualcalibration.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\patchapply.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\rtdbupdate.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Tabman.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SysPage.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\testman.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\CodeServeD.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\XMLRegistryD.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\TDSNetConfig.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SWUpdWizard.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\PtchApply.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Rtdb.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Starburst.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\EngineeringFeedback.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SystemDiagnostic.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\VMM.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C402.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C403.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C407.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C412.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\probes\\C413.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\LVPCheck.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\vcl_pc.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\NetworkActivation.exe"=

"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\ProbeTickHandler.exe"=

 

R1 WLANSW;Panasonic PC Wireless LAN Switch Driver;c:\program files\Panasonic\WLANSW\WLANSW.sys [28/02/2006 14:14 7680]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [10/06/2010 08:48 108289]

R2 brecal;Panasonic Battery Recalibration Driver;c:\program files\Panasonic\BRECAL\Brecal.sys [28/02/2006 14:13 7168]

R2 pcinfo;Panasonic PC Info. Viewer Driver;c:\program files\Panasonic\PCINFO\PCINFO.sys [18/02/2006 04:13 7168]

R2 SDKEY;Panasonic SD Misc. Function Driver;c:\program files\Panasonic\SDKEY\SDKEY.sys [18/02/2006 04:14 8192]

R3 FIDMOU;Fujitsu touchpad;c:\windows\system32\drivers\Fidmou.sys [17/02/2006 19:03 23463]

R3 HTKPLUS;Panasonic Hotkey PLUS Driver;c:\windows\system32\drivers\HTKPLUS.SYS [17/02/2006 19:03 8448]

S2 TDSNetSetup;TDSNetSetup;c:\program files\Common Files\Teradyne\TDSNetSetup.exe [07/02/2007 15:43 17920]

S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [27/10/2004 01:15 31375]

S3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\drivers\rsmartc.sys [17/02/2006 19:03 69460]

S3 USB-100;Realtek RTL8150 USB 10/100 Fast Ethernet Adapter;c:\windows\system32\drivers\RTL8150.SYS [07/02/2007 15:41 22016]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.fr/

uInternet Connection Wizard,ShellNext = hxxp://www.ford.com/

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-06-13 14:25

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'winlogon.exe'(888)

c:\program files\Intel\Wireless\Bin\LgNotify.dll

 

- - - - - - - > 'explorer.exe'(700)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

.

Heure de fin: 2010-06-13 14:29:49

ComboFix-quarantined-files.txt 2010-06-13 12:29

ComboFix2.txt 2010-06-12 18:12

ComboFix3.txt 2010-06-12 11:55

 

Avant-CF: 32 702 664 704 bytes free

Après-CF: 32 804 376 576 octets libres

 

- - End Of File - - 14181B7CA62C1BFD76511A88549716B0

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Re,

 

Je voudrais que tu vérifies si la DLL a été replacée dans son répertoire:

 

c:\program files\ford motor company\ids\runtime\tmctrlbho.dll

 

@++

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...