Przy skanowaniu NOD 32 komp się restartuje (wykrywa trojany)

Dla specjalistów Bezpieczeństwo
#1

http://wklej.org/id/b545454641

przy skanowaniu antywirem NOD 32 komp się restartuje (nod wykrywa trojany) ale nie dochodzi do końca skanu bo restaruje się komp i troszki lipę mam :frowning: I tak na okragło! !!

#2

Pobierz ComboFix, ale nie uruchamiaj

Wklej do notatnika:

File::

C:\psapi.dll

Plik -> zapisz jako -> CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->

02f8f1e3c410a4cc.gif

Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

Wyłącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

Włącz przywracanie systemu.

#3

Proszę zmienić temat postu na konkretny, opcja edytuj i popraw.JNJN

#4

tu skany dysków (wyłączone przywracanie systemu na dyskach)

KASPERSKY ONLINE SCANNER REPORT

13 czerwiec 2008 23:04:49

System operacyjny: Microsoft Windows XP Home Edition, Dodatek Service Pack 3 (Build 2600)

Kaspersky Online Scanner wersja: 5.0.98.0

Ostatnia aktualizacja Kaspersky Anti-Virus13/06/2008

Liczba wpisów w bazie danych Kaspersky Anti-Virus860715

Ustawienia skanowania:

Skanowanie przy użyciu następujących baz danych: rozszerzone

Skanuj archiwa: tak

Skanuj pocztowe bazy danych: tak

Obszar skanowania - Mój komputer:

C:\

D:\

E:\

F:\

G:\

J:\

Statystyki skanowania:

Liczba skanowanych obiektów: 98423

Liczba wykrytych wirusów: 2

Liczba zainfekowanych obiektów: 2

Liczba podejrzanych obiektów: 0

Czas trwania skanowania: 01:33:03

Nazwa zainfekowanego obiektu / Nazwa wirusa / Ostatnie działanie

C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Cookies\index.dat Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\ntuser.dat Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\NTUSER.dat.LOG Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Dane aplikacji\Microsoft\Feeds Cache\index.dat Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Historia\History.IE5\MSHist012008061320080614\index.dat Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Temp~DFF6AE.tmp Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Temp~DFF6B9.tmp Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked pominięty

C:\Documents and Settings\ADM-DTOX\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty

C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Dr Watson\user.dmp Object is locked pominięty

C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Windows Defender\Support\MPLog-02292008-193750.log Object is locked pominięty

C:\Documents and Settings\D-TOX\Cookies\index.dat Object is locked pominięty

C:\Documents and Settings\D-TOX\ntuser.dat Object is locked pominięty

C:\Documents and Settings\D-TOX\ntuser.dat.LOG Object is locked pominięty

C:\Documents and Settings\D-TOX\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty

C:\Documents and Settings\D-TOX\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty

C:\Documents and Settings\D-TOX\Ustawienia lokalne\Dane aplikacji\YouTube\Uploader\uploads.db Object is locked pominięty

C:\Documents and Settings\D-TOX\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty

C:\Documents and Settings\D-TOX\Ustawienia lokalne\Historia\History.IE5\MSHist012008061320080614\index.dat Object is locked pominięty

C:\Documents and Settings\D-TOX\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked pominięty

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked pominięty

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked pominięty

C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty

C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty

C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty

C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked pominięty

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked pominięty

C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty

C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty

C:\Program Files\ESET\cache\CACHE.NDB Object is locked pominięty

C:\Program Files\ESET\infected\52RDFQBA.NQF Zainfekowanych: Trojan-Downloader.Win32.Injecter.rv pominięty

C:\Program Files\ESET\infected\VSQD2RBA.NQF Zainfekowanych: not-a-virus:AdTool.Win32.WhenU.a pominięty

C:\Program Files\ESET\logs\virlog.dat Object is locked pominięty

C:\Program Files\ESET\logs\warnlog.dat Object is locked pominięty

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty

C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty

C:\WINDOWS\SchedLgU.Txt Object is locked pominięty

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked pominięty

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked pominięty

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked pominięty

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty

C:\WINDOWS\system32\config\default Object is locked pominięty

C:\WINDOWS\system32\config\default.LOG Object is locked pominięty

C:\WINDOWS\system32\config\Internet.evt Object is locked pominięty

C:\WINDOWS\system32\config\SAM Object is locked pominięty

C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty

C:\WINDOWS\system32\config\SECURITY Object is locked pominięty

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty

C:\WINDOWS\system32\config\software Object is locked pominięty

C:\WINDOWS\system32\config\software.LOG Object is locked pominięty

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty

C:\WINDOWS\system32\config\system Object is locked pominięty

C:\WINDOWS\system32\config\system.LOG Object is locked pominięty

C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty

C:\WINDOWS\system32\h323log.txt Object is locked pominięty

C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty

C:\WINDOWS\WindowsUpdate.log Object is locked pominięty

C:\WINDOWS{00000000-00000000-0000000C-00001102-00000002-80661102}.CDF Object is locked pominięty

D:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked pominięty

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty

E:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked pominięty

E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty

F:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked pominięty

F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty

Proces skanowania został zakończony.

TU SKAN PLIKÓW STARTOWYCH

KASPERSKY ONLINE SCANNER REPORT

13 czerwiec 2008 21:22:34

System operacyjny: Microsoft Windows XP Home Edition, Dodatek Service Pack 3 (Build 2600)

Kaspersky Online Scanner wersja: 5.0.98.0

Ostatnia aktualizacja Kaspersky Anti-Virus13/06/2008

Liczba wpisów w bazie danych Kaspersky Anti-Virus860715

Ustawienia skanowania:

Skanowanie przy użyciu następujących baz danych: rozszerzone

Skanuj archiwa: tak

Skanuj pocztowe bazy danych: tak

Obszar skanowania - Obszary krytyczne:

C:\WINDOWS

C:\DOCUME~1\ADM-DTOX\USTAWI~1\Temp\

Statystyki skanowania:

Liczba skanowanych obiektów: 18801

Liczba wykrytych wirusów: 0

Liczba zainfekowanych obiektów: 0

Liczba podejrzanych obiektów: 0

Czas trwania skanowania: 00:17:01

Nazwa zainfekowanego obiektu / Nazwa wirusa / Ostatnie działanie

C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty

C:\WINDOWS\SchedLgU.Txt Object is locked pominięty

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked pominięty

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked pominięty

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked pominięty

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty

C:\WINDOWS\system32\config\default Object is locked pominięty

C:\WINDOWS\system32\config\default.LOG Object is locked pominięty

C:\WINDOWS\system32\config\Internet.evt Object is locked pominięty

C:\WINDOWS\system32\config\SAM Object is locked pominięty

C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty

C:\WINDOWS\system32\config\SECURITY Object is locked pominięty

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty

C:\WINDOWS\system32\config\software Object is locked pominięty

C:\WINDOWS\system32\config\software.LOG Object is locked pominięty

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty

C:\WINDOWS\system32\config\system Object is locked pominięty

C:\WINDOWS\system32\config\system.LOG Object is locked pominięty

C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty

C:\WINDOWS\system32\h323log.txt Object is locked pominięty

C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty

C:\WINDOWS\WindowsUpdate.log Object is locked pominięty

C:\WINDOWS{00000000-00000000-0000000C-00001102-00000002-80661102}.CDF Object is locked pominięty

C:\DOCUME~1\ADM-DTOX\USTAWI~1\Temp~DFF6AE.tmp Object is locked pominięty

C:\DOCUME~1\ADM-DTOX\USTAWI~1\Temp~DFF6B9.tmp Object is locked pominięty

Proces skanowania został zakończony.

Napiszcie proszę co dokładnie mam wkleić w pliku CFScript.txt (coś mi nie chce się uruchomić combo) a tworzę plik tak jak radzicie zaraz obok ikonki combo fixa (tylko nie jestem pewien co mam wkleić do środka)

#5

Przed ściągnięciem Combofix wyłącz wszystkie programy ochronne.

Masz wkleić do notatnika dokładnie to co napisał hubert2t czyli:

Zachowaj plik jako CFScript.txt najlepiej obok ikonki ComboFix.exe. Następnie przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe

Po zakończeniu usuwania powstanie log daj go na forum

Dodatkowo usuń te pliki

#6

ComboFix 08-06-06.6 - ADM-DTOX 2008-06-15 15:23:50.6 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.1097 [GMT 2:00]

Running from: D:\AKTA (DAREK)\instalki\anty autorun trojan\ComboFix.exe

Command switches used :: D:\AKTA (DAREK)\instalki\anty autorun trojan\CFScript.txt

* Created a new restore point

* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

FILE ::

C:\psapi.dll

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\psapi.dll

.

((((((((((((((((((((((((( Files Created from 2008-05-15 to 2008-06-15 )))))))))))))))))))))))))))))))

.

2008-06-13 23:54 . 2008-06-13 23:54

2008-06-13 23:51 . 2008-05-12 10:49 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe

2008-06-13 23:50 . 2008-06-13 23:52

2008-06-13 20:41 . 2008-06-13 20:41

2008-06-13 20:41 . 2008-06-13 20:41

2008-06-11 00:43 . 2008-04-14 18:00 273,024 -----c— C:\WINDOWS\system32\dllcache\bthport.sys

2008-06-11 00:43 . 2008-05-08 16:02 203,136 -----c— C:\WINDOWS\system32\dllcache\rmcast.sys

2008-06-06 22:46 . 2001-08-17 22:02 8,576 --a------ C:\WINDOWS\system32\drivers\hidgame.sys

2008-06-06 22:46 . 2001-08-17 22:02 8,576 --a–c— C:\WINDOWS\system32\dllcache\hidgame.sys

2008-05-30 05:02 . 2008-05-30 05:02

2008-05-27 00:23 . 2008-05-27 00:23

2008-05-15 00:03 . 2008-05-15 00:03

2008-05-15 00:03 . 2008-05-15 00:03

2008-05-15 00:03 . 2008-05-15 00:03

2008-05-15 00:00 . 2008-05-15 00:00

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-03 07:36 --------- d-----w C:\Documents and Settings\D-TOX\Dane aplikacji\OpenOfficeT72

2008-05-30 02:52 --------- d-----w C:\Documents and Settings\ADM-DTOX\Dane aplikacji\AdobeUM

2008-05-18 19:44 --------- d–h--w C:\Program Files\InstallShield Installation Information

2008-05-13 11:01 --------- d-----w C:\Documents and Settings\ADM-DTOX\Dane aplikacji\OpenOfficeT72

2008-05-12 16:30 3,007,488 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys

2008-05-12 15:56 397,312 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll

2008-05-12 15:54 305,152 ----a-w C:\WINDOWS\system32\ati2dvag.dll

2008-05-12 15:53 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll

2008-05-12 15:45 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll

2008-05-12 15:45 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe

2008-05-12 15:45 180,224 ----a-w C:\WINDOWS\system32\atipdlxx.dll

2008-05-12 15:45 139,264 ----a-w C:\WINDOWS\system32\Oemdspif.dll

2008-05-12 15:44 139,264 ----a-w C:\WINDOWS\system32\ati2evxx.dll

2008-05-12 15:43 540,672 ----a-w C:\WINDOWS\system32\ati2evxx.exe

2008-05-12 15:43 10,153,984 ----a-w C:\WINDOWS\system32\atioglx2.dll

2008-05-12 15:41 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL

2008-05-12 15:32 3,203,168 ----a-w C:\WINDOWS\system32\ati3duag.dll

2008-05-12 15:22 1,999,616 ----a-w C:\WINDOWS\system32\ativvaxx.dll

2008-05-12 15:09 47,104 ----a-w C:\WINDOWS\system32\amdpcom32.dll

2008-05-12 15:05 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll

2008-05-12 15:05 327,680 ----a-w C:\WINDOWS\system32\atikvmag.dll

2008-05-12 15:03 19,968 ----a-w C:\WINDOWS\system32\atiadlxx.dll

2008-05-12 15:03 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll

2008-05-12 15:02 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll

2008-05-12 15:02 241,664 ----a-w C:\WINDOWS\system32\atiok3x2.dll

2008-05-12 14:57 548,864 ----a-w C:\WINDOWS\system32\ati2cqag.dll

2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys

2008-05-07 05:12 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll

2008-05-02 17:28 --------- d-----w C:\Program Files\XP Codec Pack

2008-04-29 18:33 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-04-29 18:33 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe

2008-04-29 18:29 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe

2008-04-29 06:55 --------- d-----w C:\Program Files\Creative

2008-04-28 22:10 --------- d-----w C:\Program Files\Usługi online

2008-04-28 08:48 23,904 ----a-w C:\Documents and Settings\D-TOX\Dane aplikacji\GDIPFONTCACHEV1.DAT

2008-04-23 07:20 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-04-14 20:51 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe

2008-04-14 20:50 997,888 ----a-w C:\WINDOWS\system32\setupapi.dll

2008-04-14 20:50 424,960 ----a-w C:\WINDOWS\system32\licdll.dll

2008-04-14 17:46 1,804 ----a-w C:\WINDOWS\system32\dcache.bin

2008-04-14 17:26 332,288 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 17:22 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll

2008-04-14 17:22 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll

2008-04-14 17:22 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll

2008-04-14 17:22 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll

2008-04-14 17:20 999,936 ----a-w C:\WINDOWS\system32\syssetup.dll

2008-04-14 17:19 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll

2008-04-14 17:18 5,632 ----a-w C:\WINDOWS\system32\wmi.dll

2008-04-14 17:18 1,449,472 ----a-w C:\WINDOWS\system32\winntbbu.dll

2008-04-14 17:17 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll

2008-04-14 17:13 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll

2008-04-14 17:12 3,584 ----a-w C:\WINDOWS\system32\msafd.dll

2008-04-14 17:06 3,584 ----a-w C:\WINDOWS\system32\icmp.dll

2008-04-14 17:05 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll

2008-04-14 17:03 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll

2008-04-14 17:03 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll

2008-04-14 17:01 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll

2008-04-14 17:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll

2008-04-14 16:30 2,190,336 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-04-14 16:29 2,067,200 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 16:25 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 16:22 89,600 ------w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 16:20 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 16:15 49,664 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 16:13 563,200 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 16:07 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 16:05 67,584 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-14 16:05 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys

2008-04-14 15:59 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll

2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys

2008-04-13 18:40 427,008 ----a-w C:\WINDOWS\system32\xpob2res.dll

2008-04-13 18:37 2,953,216 ----a-w C:\WINDOWS\system32\xpsp2res.dll

2008-04-13 18:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll

2008-04-13 18:35 194,560 ----a-w C:\WINDOWS\system32\xpsp1res.dll

2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll

2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll

2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll

2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll

2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll

2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll

2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll

2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll

2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll

2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll

2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll

2008-04-06 16:53 4,704 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

2008-03-25 04:52 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll

2008-03-25 04:52 178,976 ----a-w C:\WINDOWS\system32\msjint40.dll

2004-08-09 22:30 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe

.

((((((((((((((((((((((((((((( snapshot_2008-06-11_ 1.22.00,43 )))))))))))))))))))))))))))))))))))))))))

.

  • 2008-05-09 22:43:05 135,168 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
  • 2008-06-13 21:52:25 135,168 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
  • 2008-05-09 22:43:05 212,992 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
  • 2008-06-13 21:52:25 212,992 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
  • 2008-05-09 22:43:02 15,360 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
  • 2008-06-13 21:52:21 15,360 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
  • 2008-05-09 22:43:02 143,360 ----a-w C:\WINDOWS\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
  • 2008-06-13 21:52:21 143,360 ----a-w C:\WINDOWS\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
  • 2008-05-09 22:43:05 225,280 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
  • 2008-06-13 21:52:25 225,280 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
  • 2008-05-09 22:43:05 360,448 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
  • 2008-06-13 21:52:26 360,448 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
  • 2008-05-09 22:43:05 49,152 ----a-w C:\WINDOWS\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
  • 2008-06-13 21:52:26 49,152 ----a-w C:\WINDOWS\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
  • 2008-05-09 22:43:02 13,312 ----a-w C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
  • 2008-06-13 21:52:21 13,312 ----a-w C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
  • 2008-05-09 22:43:02 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL

  • 2008-06-13 21:52:22 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL

  • 2008-06-13 21:52:26 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3005.17473__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL

  • 2008-06-13 21:52:26 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3005.17563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL

  • 2008-06-13 21:52:26 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3005.17512__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL

  • 2008-06-13 21:52:26 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3005.17562__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL

  • 2008-06-13 21:52:26 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3005.17490__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL

  • 2008-06-13 21:52:26 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3005.17534__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL

  • 2008-06-13 21:52:26 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.EEU.Shared\2.0.3005.17560__90ba9c70f846762e\AEM.Plugin.Source.EEU.Shared.DLL

  • 2008-06-13 21:52:26 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.GD.Shared\2.0.3005.17561__90ba9c70f846762e\AEM.Plugin.Source.GD.Shared.DLL

  • 2008-06-13 21:52:22 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3054.18949__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL

  • 2008-06-13 21:52:26 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3005.17516__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL

  • 2008-06-13 21:52:22 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3005.17489__90ba9c70f846762e\AEM.Server.Shared.DLL

  • 2008-06-13 21:52:20 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3054.18596__90ba9c70f846762e\AEM.Server.DLL

  • 2008-06-13 21:52:22 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.UI.Shared\2.0.3005.17552__90ba9c70f846762e\AEM.UI.Shared.DLL

  • 2008-06-13 21:52:20 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.UI\2.0.3054.18908__90ba9c70f846762e\AEM.UI.DLL

  • 2008-06-13 21:52:22 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3005.17511__90ba9c70f846762e\APM.Foundation.DLL

  • 2008-06-13 21:52:20 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3054.18594__90ba9c70f846762e\APM.Server.DLL

  • 2008-05-09 22:43:01 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL

  • 2008-06-13 21:52:20 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL

  • 2008-06-13 21:52:20 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3054.18598__90ba9c70f846762e\ATIDEMOS.DLL

  • 2008-05-09 22:43:06 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
  • 2008-06-13 21:52:26 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
  • 2008-05-09 22:43:05 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL

  • 2008-06-13 21:52:25 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL

  • 2008-06-13 21:52:20 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3054.18909__90ba9c70f846762e\CCC.Implementation.DLL

  • 2008-05-09 22:43:05 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE

  • 2008-06-13 21:52:25 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE

  • 2008-06-13 21:52:27 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Dashboard\2.0.3054.18949__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:26 12,288 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Runtime\2.0.3054.18948__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Shared\2.0.3005.17561__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Shared.DLL

  • 2008-06-13 21:52:22 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3005.17514__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL

  • 2008-06-13 21:52:20 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private\2.0.3005.17517__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL

  • 2008-06-13 21:52:26 98,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard\2.0.3054.18762__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:27 479,232 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3054.18785__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:27 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3054.18791__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3005.17535__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL

  • 2008-06-13 21:52:27 663,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3054.18840__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:32 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3054.18837__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3005.17539__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL

  • 2008-06-13 21:52:32 688,128 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3054.18864__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.DLL

  • 2008-06-13 21:52:27 446,464 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3054.18777__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:27 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3054.18783__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3005.17535__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL

  • 2008-06-13 21:52:27 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3054.18829__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:27 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3054.18827__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3005.17521__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL

  • 2008-06-13 21:52:27 307,200 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3054.18692__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL

  • 2008-06-13 21:52:27 282,624 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared\2.0.3054.18769__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL

  • 2008-06-13 21:52:32 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3054.18782__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3005.17506__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL

  • 2008-06-13 21:52:27 901,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3054.18885__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:32 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3054.18882__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3005.17541__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL

  • 2008-06-13 21:52:32 364,544 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3054.18892__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL

  • 2008-06-13 21:52:27 585,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3054.18683__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:27 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3054.18690__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3005.17531__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL

  • 2008-06-13 21:52:28 438,272 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3054.18632__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:33 1,679,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3054.18653__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL

  • 2008-06-13 21:52:28 118,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3054.18814__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:28 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3054.18812__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3005.17537__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL

  • 2008-06-13 21:52:33 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3054.18630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3005.17522__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL

  • 2008-06-13 21:52:28 217,088 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3054.18676__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:33 196,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3054.18668__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL

  • 2008-06-13 21:52:28 249,856 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard\2.0.3054.18707__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:28 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime\2.0.3054.18714__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.DLL

  • 2008-06-13 21:52:22 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared\2.0.3005.17532__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.DLL

  • 2008-06-13 21:52:28 802,816 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3054.18793__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:28 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3054.18792__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3005.17536__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL

  • 2008-06-13 21:52:28 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3054.18871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL

  • 2008-06-13 21:52:28 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Dashboard\2.0.3054.18797__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:28 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Runtime\2.0.3054.18794__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Shared\2.0.3005.17534__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Shared.DLL

  • 2008-06-13 21:52:29 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Dashboard\2.0.3054.18806__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:28 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Runtime\2.0.3054.18803__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Shared\2.0.3005.17536__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Shared.DLL

  • 2008-06-13 21:52:29 208,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Dashboard\2.0.3054.18914__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:29 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Runtime\2.0.3054.18911__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Shared\2.0.3005.17555__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Shared.DLL

  • 2008-06-13 21:52:29 147,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Dashboard\2.0.3054.18968__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:29 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Runtime\2.0.3054.18966__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.3005.17520__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.DLL

  • 2008-06-13 21:52:29 479,232 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Dashboard\2.0.3054.18716__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:29 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Runtime\2.0.3054.18715__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Shared\2.0.3005.17533__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Shared.DLL

  • 2008-06-13 21:52:29 1,032,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3054.18739__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:29 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3054.18730__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3005.17533__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.DLL

  • 2008-06-13 21:52:30 442,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3054.18960__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:29 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3054.18959__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3005.17553__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.DLL

  • 2008-06-13 21:52:30 167,936 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.3054.18836__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:30 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3054.18836__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3005.17538__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.DLL

  • 2008-06-13 21:52:30 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3054.18939__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:30 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3054.18939__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.3005.17557__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.DLL

  • 2008-06-13 21:52:30 147,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3054.18922__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:30 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3054.18921__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3005.17556__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL

  • 2008-06-13 21:52:31 172,032 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3054.18957__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:30 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3054.18957__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3005.17558__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.DLL

  • 2008-06-13 21:52:31 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3054.18848__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:31 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3054.18846__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL

  • 2008-06-13 21:52:23 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3005.17540__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL

  • 2008-06-13 21:52:31 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3054.18855__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL

  • 2008-06-13 21:52:31 282,624 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3054.18699__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:31 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3054.18706__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.DLL

  • 2008-06-13 21:52:24 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3005.17532__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.DLL

  • 2008-06-13 21:52:24 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3005.17556__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL

  • 2008-06-13 21:52:32 483,328 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3054.18924__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL

  • 2008-06-13 21:52:31 167,936 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard\2.0.3054.18821__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:31 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime\2.0.3054.18820__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL

  • 2008-06-13 21:52:24 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Shared\2.0.3005.17538__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL

  • 2008-06-13 21:52:32 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3054.18660__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:31 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3054.18659__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.DLL

  • 2008-06-13 21:52:24 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3005.17531__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.DLL

  • 2008-06-13 21:52:32 135,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3054.18932__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:32 98,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard\2.0.3054.18969__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:32 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3054.18970__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL

  • 2008-06-13 21:52:24 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3005.17558__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL

  • 2008-06-13 21:52:24 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3005.17521__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL

  • 2008-06-13 21:52:32 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3054.18623__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL

  • 2008-06-13 21:52:20 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3005.17542__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL

  • 2008-06-13 21:52:33 253,952 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3054.18608__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL

  • 2008-06-13 21:52:24 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3005.17493__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL

  • 2008-06-13 21:52:24 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3005.17530__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL

  • 2008-06-13 21:52:33 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3054.18645__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL

  • 2008-06-13 21:52:20 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.AutoRemoval\2.0.3054.18881__90ba9c70f846762e\CLI.Component.Autoremoval.DLL

  • 2008-06-13 21:52:20 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3005.17499__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL

  • 2008-06-13 21:52:24 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3005.17479__90ba9c70f846762e\CLI.Component.Client.Shared.DLL

  • 2008-06-13 21:52:20 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager.Resources\2.0.3054.18752__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.Resources.DLL

  • 2008-06-13 21:52:20 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager\2.0.3054.18745__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.DLL

  • 2008-06-13 21:52:20 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager.Resources\2.0.3054.18761__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.Resources.DLL

  • 2008-06-13 21:52:20 208,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager\2.0.3054.18754__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.DLL

  • 2008-06-13 21:52:20 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3005.17508__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL

  • 2008-06-13 21:52:24 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3005.17491__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL

  • 2008-06-13 21:52:20 1,511,424 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3054.18617__90ba9c70f846762e\CLI.Component.Dashboard.DLL

  • 2008-06-13 21:52:20 622,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Eeu\2.0.3054.18874__90ba9c70f846762e\CLI.Component.Eeu.DLL

  • 2008-06-13 21:52:20 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Erecord\2.0.3054.18723__90ba9c70f846762e\CLI.Component.Erecord.DLL

  • 2008-06-13 21:52:21 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Help\2.0.3054.18906__90ba9c70f846762e\CLI.Component.Help.DLL

  • 2008-06-13 21:52:21 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Icomponent\2.0.3054.18667__90ba9c70f846762e\CLI.Component.Icomponent.DLL

  • 2008-06-13 21:52:21 487,424 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Launchpad\2.0.3054.18958__90ba9c70f846762e\CLI.Component.Launchpad.DLL

  • 2008-06-13 21:52:21 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Load\2.0.3054.18906__90ba9c70f846762e\CLI.Component.Load.DLL

  • 2008-06-13 21:52:32 118,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.PowerXpressHybrid\2.0.3054.18976__90ba9c70f846762e\CLI.Component.PowerXpressHybrid.DLL

  • 2008-06-13 21:52:21 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3054.18597__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL

  • 2008-06-13 21:52:21 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3005.17514__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL

  • 2008-06-13 21:52:24 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3005.17488__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL

  • 2008-06-13 21:52:21 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3054.18597__90ba9c70f846762e\CLI.Component.Runtime.DLL

  • 2008-06-13 21:52:21 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3054.18600__90ba9c70f846762e\CLI.Component.SkinFactory.DLL

  • 2008-06-13 21:52:21 417,792 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3054.18900__90ba9c70f846762e\CLI.Component.Systemtray.DLL

  • 2008-06-13 21:52:21 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3005.17513__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL

  • 2008-06-13 21:52:24 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3005.17496__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL

  • 2008-06-13 21:52:21 491,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3054.18639__90ba9c70f846762e\CLI.Component.Wizard.DLL

  • 2008-06-13 21:52:21 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3005.17475__90ba9c70f846762e\CLI.Foundation.Private.DLL

  • 2008-06-13 21:52:24 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3005.17608__90ba9c70f846762e\CLI.Foundation.XManifest.DLL

  • 2008-06-13 21:52:24 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3005.17468__90ba9c70f846762e\CLI.Foundation.DLL

  • 2008-06-13 21:52:21 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Implementation\2.0.3054.18593__90ba9c70f846762e\CLI.Implementation.DLL

  • 2008-05-09 22:43:05 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
  • 2008-06-13 21:52:25 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
  • 2008-05-09 22:43:04 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
  • 2008-06-13 21:52:24 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
  • 2008-05-09 22:43:04 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
  • 2008-06-13 21:52:24 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
  • 2008-05-09 22:43:04 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
  • 2008-06-13 21:52:24 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
  • 2008-05-09 22:43:04 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
  • 2008-06-13 21:52:24 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
  • 2008-05-09 22:43:04 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL

  • 2008-06-13 21:52:24 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL

  • 2008-06-13 21:52:24 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3005.17519__90ba9c70f846762e\DEM.Graphics.DLL

  • 2008-06-13 21:52:25 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3005.17518__90ba9c70f846762e\DEM.OS.I0602.DLL

  • 2008-06-13 21:52:25 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3005.17517__90ba9c70f846762e\DEM.OS.DLL

  • 2008-05-09 22:43:06 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL

  • 2008-06-13 21:52:26 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL

  • 2008-06-13 21:52:22 11,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3054.18964__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.DLL

  • 2008-06-13 21:52:21 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3005.17481__90ba9c70f846762e\LOCALIZATION.Foundation.Private.DLL

  • 2008-06-13 21:52:21 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3005.17511__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL

  • 2008-06-13 21:52:21 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3054.18907__90ba9c70f846762e\LOG.Foundation.Implementation.DLL

  • 2008-06-13 21:52:21 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3005.17484__90ba9c70f846762e\LOG.Foundation.Private.DLL

  • 2008-06-13 21:52:25 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3005.17465__90ba9c70f846762e\LOG.Foundation.DLL

  • 2008-06-13 21:52:21 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3054.18908__90ba9c70f846762e\LOG.EXE

  • 2008-06-13 21:52:25 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3005.17510__90ba9c70f846762e\MOM.Foundation.DLL

  • 2008-06-13 21:52:21 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3054.18910__90ba9c70f846762e\MOM.Implementation.DLL

  • 2008-05-09 22:43:05 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE

  • 2008-06-13 21:52:25 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE

  • 2008-06-13 21:52:25 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3005.17466__90ba9c70f846762e\NEWAEM.Foundation.DLL

  • 2008-06-13 21:52:22 19,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PCKGHLP.Foundation.Implementation\2.0.3054.18950__90ba9c70f846762e\PCKGHLP.Foundation.Implementation.DLL

  • 2008-06-13 21:52:21 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PCKGHLP.Foundation.Private\2.0.3005.17554__90ba9c70f846762e\PCKGHLP.Foundation.Private.DLL

  • 2008-06-10 22:47:29 2,048 --s-a-w C:\WINDOWS\bootstat.dat

  • 2008-06-15 08:43:57 2,048 --s-a-w C:\WINDOWS\bootstat.dat

  • 2008-06-13 21:51:57 10,134 ----a-r C:\WINDOWS\Installer{106B839C-DBA9-0AA9-07E9-9A2597151FF6}\ARPPRODUCTICON.exe

  • 2008-06-13 21:51:51 10,134 ----a-r C:\WINDOWS\Installer{3389299C-9F50-D0C4-197C-A8804303B79F}\ARPPRODUCTICON.exe

  • 2008-06-13 21:51:43 10,134 ----a-r C:\WINDOWS\Installer{37A17F53-D058-267B-C256-19FB6DDF3843}\ARPPRODUCTICON.exe

  • 2008-06-13 21:52:12 10,134 ----a-r C:\WINDOWS\Installer{559BA5B3-E3E1-C8A0-E301-5F50531BD44C}\ARPPRODUCTICON.exe

  • 2008-06-13 21:52:17 10,134 ----a-r C:\WINDOWS\Installer{79E88160-A5E4-F7D2-1314-DEB8AADD9C29}\ARPPRODUCTICON.exe

  • 2008-06-13 21:52:17 9,158 ----a-r C:\WINDOWS\Installer{79E88160-A5E4-F7D2-1314-DEB8AADD9C29}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe

  • 2008-06-13 21:52:09 10,134 ----a-r C:\WINDOWS\Installer{83735930-0FB1-D871-8832-B5A9E27C93CA}\ARPPRODUCTICON.exe

  • 2008-06-13 21:51:48 10,134 ----a-r C:\WINDOWS\Installer{B55EF832-4613-A19B-A222-DDB8B6CE1B52}\ARPPRODUCTICON.exe

  • 2008-06-13 21:52:01 10,134 ----a-r C:\WINDOWS\Installer{CED5BB5B-2A24-2F7F-61B1-2B557484084B}\ARPPRODUCTICON.exe

  • 2008-06-13 21:52:04 10,134 ----a-r C:\WINDOWS\Installer{D1268F56-DE79-19A8-C8EC-961D48FFD2FE}\ARPPRODUCTICON.exe

  • 2008-06-13 21:51:59 10,134 ----a-r C:\WINDOWS\Installer{DEB6C5B9-D5BB-D8AC-20F7-F1E0F8A67D5A}\ARPPRODUCTICON.exe

  • 2008-04-14 17:20:01 377,984 ------w C:\WINDOWS\system32\ati2dvaa.dll
  • 2008-04-14 17:20:02 377,984 ----a-w C:\WINDOWS\system32\ati2dvaa.dll
  • 2008-04-14 17:20:01 870,784 ----a-w C:\WINDOWS\system32\ati3d1ag.dll
  • 2008-04-14 17:20:02 870,784 ----a-w C:\WINDOWS\system32\ati3d1ag.dll
  • 2008-03-06 14:40:54 168,883 ----a-w C:\WINDOWS\system32\atiicdxx.dat
  • 2008-03-06 14:24:57 168,883 ----a-w C:\WINDOWS\system32\atiicdxx.dat
  • 2008-03-29 03:36:13 3,107,788 ----a-w C:\WINDOWS\system32\ativva5x.dat
  • 2008-05-12 15:22:31 3,107,788 ----a-w C:\WINDOWS\system32\ativva5x.dat
  • 2008-03-29 03:36:13 887,724 ----a-w C:\WINDOWS\system32\ativva6x.dat
  • 2008-05-12 15:22:31 887,724 ----a-w C:\WINDOWS\system32\ativva6x.dat
  • 2008-03-29 03:36:13 3,107,788 ----a-w C:\WINDOWS\system32\ativvaxx.dat
  • 2008-05-12 15:22:31 3,107,788 ----a-w C:\WINDOWS\system32\ativvaxx.dat
  • 2008-03-29 03:12:59 520,192 -c–a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll

  • 2008-05-12 14:57:08 548,864 -c–a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll

  • 2008-04-14 17:20:02 377,984 -c–a-w C:\WINDOWS\system32\dllcache\ati2dvaa.dll

  • 2008-03-29 04:04:32 299,008 -c–a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
  • 2008-05-12 15:54:44 305,152 -c–a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
  • 2008-03-29 06:21:53 2,873,856 -c–a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys

  • 2008-05-12 16:30:02 3,007,488 -c–a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys

  • 2008-04-14 17:20:02 870,784 -c–a-w C:\WINDOWS\system32\dllcache\ati3d1ag.dll

  • 2008-03-29 03:43:58 3,176,480 -c–a-w C:\WINDOWS\system32\dllcache\ati3duag.dll

  • 2008-05-12 15:32:50 3,203,168 -c–a-w C:\WINDOWS\system32\dllcache\ati3duag.dll

  • 2008-04-14 17:20:02 32,768 -c–a-w C:\WINDOWS\system32\dllcache\ativtmxx.dll

  • 2008-03-29 03:36:32 1,765,120 -c–a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll

  • 2008-05-12 15:22:55 1,999,616 -c–a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll

  • 2005-05-24 10:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll

  • 2007-08-29 13:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

  • 2007-08-29 13:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll

.

– Snapshot reset to current date –

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2008-04-14 19:21 15360]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

“FlashPlayerUpdate”=“C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe” [2007-11-21 02:04 218496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 11:50 155648]

“nod32kui”=“C:\Program Files\Eset\nod32kui.exe” [2008-02-21 00:59 921600]

“QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2008-04-06 18:51 77824]

“CTHelper”=“CTHELPER.EXE” [2003-08-28 10:45 24576 C:\WINDOWS\system32\CTHELPER.EXE]

“UpdReg”=“C:\WINDOWS\UpdReg.EXE” [2000-05-11 01:00 90112]

“Jet Detection”=“C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe” [2001-11-29 01:00 28672]

“StartCCC”=“C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2008-01-21 12:17 61440]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2008-04-14 19:21 15360]

“DWQueuedReporting”=“C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” [2007-03-13 16:38 39264]

C:\Documents and Settings\D-TOX\Menu Start\Programy\Autostart\

YouTube Uploader.lnk - C:\Documents and Settings\D-TOX\Ustawienia lokalne\Dane aplikacji\YouTube\Uploader\youtubeuploader.exe [2007-11-09 14:33:08 71152]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

“UIHost”=“C:\WINDOWS\system32\logonui.exe”

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“vidc.ffds”= ffdshow.ax

“msacm.ac3filter”= ac3filter.acm

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“C:\Program Files\Gadu-Gadu\gg.exe”=

“%windir%\Network Diagnostic\xpnetdiag.exe”=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-09-21 18:49]

R0 xmasbus;xmasbus;C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 18:24]

R0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-23 03:15]

R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS [2005-12-27 01:09]

.

Contents of the ‘Scheduled Tasks’ folder

“2008-06-15 08:47:30 C:\WINDOWS\Tasks\MP Scheduled Scan.job”

  • C:\Program Files\Windows Defender\MpCmdRun.exe

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-15 15:26:40

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe

  • C:\Program Files\Eset\pr_imon.dll

.

Completion time: 2008-06-15 15:27:21

ComboFix-quarantined-files.txt 2008-06-15 13:27:16

ComboFix2.txt 2008-06-11 01:28:24

ComboFix3.txt 2008-06-10 23:22:17

ComboFix4.txt 2008-06-09 07:05:43

ComboFix5.txt 2008-03-16 23:04:16

Pre-Run: 27,325,177,856 bajtów wolnych

Post-Run: 27,388,162,048 bajtów wolnych

446 — E O F — 2008-06-13 21:42:55

#7

Log wygląda na czysty

zrób optymalizacje uruchamiania http://cybertrash.netarteria.pl/cyber/index.php/topic,378.0.html

usuń ręcznie folder C: \Qoobox usuń instalkę Combofix z dysku.

Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html pokaż raport stronę uruchomić przez IE

:slight_smile:

#8

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=213350

#9

DZIĘKUJĘ WAM !!

#10

Chłopie radzę przeczytać regulamin i stosować się do zasad! Nie krzycz na forum, wyłącz Caps Lock-a.