[RESOLVED] Virus on computer Help Please..

Printable View

Show 40 post(s) from this thread on one page

August 4th, 2010, 08:29 PM
Kimmie!

[RESOLVED] Virus on computer Help Please..

Hello,
I am working on my Mother-in-law's computer. Of course she stated that it was working fine and then when she turned it on it started having problems.

It is a Toshiba Laptop. Running Windows Vista OS, 32 bit.

I believe she has malware, spyware and a virus on her computer as popups come up saying that her computer is infected. They ask if she wants to stay unprotected or purchase. When you click on one of the popups it brings what looks like a virus program up and it is scanning the computer. The company's name is "antivir solutions pro".

I noticed that many of the "exe" files would not work, like the snipping tool, the task manager. I could get Firefox to run though.

I uploaded the malwarebytes and it worked only after I shut down the computer and restarted. It found 8 infected files and I removed them like you stated in the instructions.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6000
Internet Explorer 8.0.6001.18904

8/4/2010 1:25:26 AM
mbam-log-2010-08-04 (01-25-26).txt

Scan type: Quick scan
Objects scanned: 117888
Time elapsed: 8 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bkdmkrgf (Rogue.AntivirusSuite.Gen) -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Infected:
C:\ProgramData\35045421 (Rogue.Multiple) -> No action taken.

Files Infected:
C:\ProgramData\35045421\35045421.ini (Rogue.Multiple) -> No action taken.
C:\Users\Owner\AppData\Local\hdsalwpvs\wleryqytssd.exe (Rogue.AntivirusSuite.Gen) -> No action taken.
C:\Users\Owner\Desktop\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.

(continued on next threads)
August 4th, 2010, 08:31 PM
Kimmie!

second part Gmer log

The GMER did not run correctly the first time either. I had a BSOD with information on it (if you need that information I typed the whole thing down).

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-04 18:13:39
Windows 6.0.6000
Running: xdp1sitt.exe; Driver: C:\Users\Owner\AppData\Local\Temp\uwroapow.sys

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[1392] ntdll.dll!LdrLoadDll 76EDEB00 5 Bytes JMP 00A313F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

continue on next thread with DDS logs
August 4th, 2010, 08:33 PM
Kimmie!

3rd thread with dds log

And the last logs from DDS.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/24/2007 9:48:30 PM
System Uptime: 8/4/2010 6:20:29 PM (2 hours ago)

Motherboard: TOSHIBA | | IAKAA
Processor: Genuine Intel(R) CPU T2080 @ 1.73GHz | U2E1 | 1729/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 110 GiB total, 67.511 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP455: 4/9/2010 9:08:31 PM - Windows Update
RP456: 4/15/2010 9:31:11 PM - Windows Update
RP457: 4/23/2010 11:32:11 AM - Scheduled Checkpoint
RP458: 5/10/2010 10:02:58 AM - Scheduled Checkpoint
RP459: 5/12/2010 9:43:32 PM - Windows Update
RP460: 5/13/2010 11:43:45 AM - Scheduled Checkpoint
RP461: 5/25/2010 10:01:17 PM - Scheduled Checkpoint
RP462: 5/28/2010 8:53:06 PM - Scheduled Checkpoint
RP463: 6/13/2010 2:42:32 PM - Windows Update
RP464: 6/26/2010 8:26:21 PM - Scheduled Checkpoint
RP465: 6/29/2010 3:25:27 PM - Scheduled Checkpoint
RP466: 7/5/2010 9:29:16 PM - Windows Update
RP467: 7/14/2010 3:58:43 PM - Windows Update
RP468: 8/3/2010 9:37:04 AM - avast! Free Antivirus Setup

==== Installed Programs ======================

ABBYY FineReader 6.0 Sprint
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Shockwave Player
ArcSoft Print Creations
ArcSoft Print Creations - Brochure
ArcSoft Print Creations - Photo Calendar
Ask Toolbar
AT&T Communication Manager
Atheros Driver Installation Program
Bluetooth Stack for Windows by Toshiba
CD/DVD Drive Acoustic Silencer
Desktop Dialer
Driver Installer
DVD MovieFactory for TOSHIBA
EPSON Scan
EPSON WorkForce 500 Series Printer Uninstall
FATE
First Coast News NOW
Garmin WebUpdater
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Inbox Toolbar
Intel(R) Graphics Media Accelerator Driver
Internet Offers
Java(TM) SE Runtime Environment 6
LTCM Client
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Motorola Driver Installation
Mozilla Firefox (3.6.2)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Napster
Napster Burn Engine
Nokia Connectivity Adapter Cable DKU-5
OGA Notifier 2.0.0048.0
oggcodecs 0.71.0946
Picasa 2
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
SUPERAntiSpyware Free Edition
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Flash Cards Support Utility
TOSHIBA Games
TOSHIBA Hardware Setup
TOSHIBA Music
Toshiba Registration
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Trend Micro AntiVirus
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
WinDVD for TOSHIBA
Yahoo! Install Manager
Yahoo! Music Jukebox

==== Event Viewer Messages From Past Week ========

8/4/2010 5:28:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL spldr tmtdi Tosrfcom Wanarpv6
8/4/2010 5:27:53 PM, Error: EventLog [6008] - The previous system shutdown at 5:11:05 PM on 8/4/2010 was unexpected.
8/4/2010 12:47:50 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.10.3 for the Network Card with network address 001B9E298BCC has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
8/3/2010 9:22:51 AM, Error: EventLog [6008] - The previous system shutdown at 9:17:46 PM on 8/2/2010 was unexpected.
8/3/2010 2:22:57 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 001B9E298BCC has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
8/3/2010 2:07:21 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 2147943752.
8/3/2010 1:18:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
8/3/2010 1:12:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/3/2010 1:11:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/3/2010 1:11:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/3/2010 1:11:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/3/2010 1:11:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSP aswTdi SASDIFSV SASKUTIL spldr tmtdi Tosrfcom Wanarpv6
8/3/2010 1:11:35 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
8/3/2010 1:09:55 PM, Error: EventLog [6008] - The previous system shutdown at 10:06:45 AM on 8/3/2010 was unexpected.
7/29/2010 9:45:25 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 32.179.129.77 for the Network Card with network address 00F1D000F1D0 has been denied by the DHCP server 166.204.102.196 (The DHCP Server sent a DHCPNACK message).
7/28/2010 9:19:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Tosrfcom
7/28/2010 9:19:36 PM, Error: Service Control Manager [7000] - The McAfee Real-time Scanner service failed to start due to the following error: The system cannot find the path specified.

==== End Of File ===========================

continue on next thread (hopefully the last one):)
August 4th, 2010, 08:34 PM
Kimmie!

4th thread with dds attach log

DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Owner at 20:09:27.06 on Wed 08/04/2010
Internet Explorer: 8.0.6001.18904
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1014.429 [GMT -4:00]

AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: Trend Micro AntiVirus *disabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Owner\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyServer = http=127.0.0.1:5643
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80114
mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80114
uURLSearchHooks: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: Ask Search Assistant BHO: {0579b4b1-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: Ask Toolbar BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [TOSCDSPD] "c:\program files\toshiba\toscdspd\TOSCDSPD.exe"
uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [EPSON WorkForce 500 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatieqa.exe /fu "c:\windows\temp\E_SF057.tmp" /EF "HKCU"
uRun: [LTCM Client] c:\users\owner\appdata\local\ltcm client\ltcmClient.exe /startup
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [LtMoh] "c:\program files\ltmoh\Ltmoh.exe"
mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
mRun: [SVPWUTIL] "c:\program files\toshiba\utilities\SVPWUTIL.exe" SVPwUTIL
mRun: [KeNotify] "c:\program files\toshiba\utilities\KeNotify.exe"
mRun: [TPwrMain] "c:\program files\toshiba\power saver\TPwrMain.EXE"
mRun: [HSON] "c:\program files\toshiba\tbs\HSON.exe"
mRun: [SmoothView] "c:\program files\toshiba\smoothview\SmoothView.exe"
mRun: [00TCrdMain] "c:\program files\toshiba\flashcards\TCrdMain.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [<NO NAME>]
mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\scanner1.exe.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\firstc~1.lnk - c:\program files\common files\first coast news now\TrueWeather.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\0w4zie3s.default\
FF - prefs.js: browser.search.selectedEngine - Inbox Search
FF - prefs.js: browser.startup.homepage - hxxp://www.inbox.com/homepage.aspx?tbid=80114&lng=en
FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tbid=80114&language=en&qkw=
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-11-23 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-11-23 74480]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe --> c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-9-17 36368]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2008-7-11 111896]
S3 CAATT;AT&T Con App Svc;c:\program files\at&t\communication manager\ConAppsSvc.exe [2008-7-11 124184]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-5-22 29744]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-2-18 106624]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-2-8 59648]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe --> c:\progra~1\mcafee\viruss~1\mcsysmon.exe [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-11-23 7408]
S3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\drivers\swnc8u56.sys [2008-7-30 101248]
S3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\drivers\swumx56.sys [2008-7-30 73856]
S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-9-17 50704]
S3 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-9-17 689416]

=============== Created Last 30 ================

2010-08-04 04:52:24 0 d-----w- c:\users\owner\appdata\roaming\Malwarebytes
2010-08-04 04:52:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 04:52:12 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-04 04:52:12 0 d-----w- c:\programdata\Malwarebytes
2010-08-04 04:52:12 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-03 13:38:33 0 d-----w- c:\programdata\Alwil Software

==================== Find3M ====================

2009-11-11 16:41:21 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-11 16:41:21 86016 ----a-w- c:\windows\inf\infpub.dat
2009-11-11 16:41:20 143360 ----a-w- c:\windows\inf\infstrng.dat
2008-12-16 14:01:08 174 --sha-w- c:\program files\desktop.ini
2008-06-13 14:31:48 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-11-27 20:10:10 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat
2009-11-27 20:10:10 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat
2009-11-27 20:10:10 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2009-10-19 00:56:12 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-10-19 00:56:12 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-10-19 00:56:12 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2010-01-08 02:35:41 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-12-19 01:30:13 32768 --sha-w- c:\windows\temp\cookies\index.dat
2009-12-19 01:30:13 32768 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-12-19 01:30:13 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 20:09:38.77 ===============

Any help will be greatly apprectiated. Sorry I do not have more information about the problems. Oh, I almost forgot to tell you the IE was opening by itself to www.prono.org before I started.

Thank you,
Kim G:)
August 4th, 2010, 08:42 PM
Kimmie!

BSOD while 1st attemp at GMER

I thought you should at lease see what the screen shot stated. So here is what I could see.

TO YOUR COMPUTER.
UWROAPOW.SYS
Page_fault_in_nonpaged_area
If this is the first time you’ve seen this Stop error screen, restart your computer. If this screen appears again, follow these steps:

Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.
If problems continue, disable or remove any newly installed hardware or software. Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and then select Safe Mode.

Technical Information:

*** STOP: 0x00000050 (0xB6F4D018, Ox00000000, 0xA9246CF8, Ox00000000)
*** uwroapow.sys – Address A9246CR8 base at A923B000, DateStamp 4b274f8d

Collecting data for crash dump …
Initializing disk for crash dump…
Beginning dump of physical memory.
Dumping physical memory to disk: 100
Physical memory dump complete.
Contact your system admin or technical support group for further assistance.

Thanks again for reading and looking at all this information. I truly apprectiate it...

Kim:)
August 4th, 2010, 11:47 PM
Broni
Your MBAM log says "No action taken" after each line.
Please re-run "Quick scan" and this time fix all issues.
Post MBAM's log.

When done...

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  - Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  - Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.
  - Close any open browsers.
  - WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  - Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  - If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
August 10th, 2010, 07:31 PM
Kimmie!

New MBAM ComboFix to follow

Here is the MBAM Log.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6000
Internet Explorer 8.0.6001.18904

8/9/2010 10:12:14 PM
mbam-log-2010-08-09 (22-12-14).txt

Scan type: Quick scan
Objects scanned: 118310
Time elapsed: 8 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
August 10th, 2010, 09:45 PM
Kimmie!

combo fix

I ran the combofix and now the browsers will not open. The message I received said "c?\program Files\Mozilla Firefox\filefox.exe"
Illegal operation attempted on a registry key that has been marked for deletion." Same in IE.

Thanks Kim
August 10th, 2010, 10:07 PM
Broni

I need to see Combofix log to advice.
August 10th, 2010, 10:17 PM
Kimmie!

The computer will not run any programs. I am a little worried about restarting it, but I think I am at that point. :(

Kim
August 10th, 2010, 10:26 PM
Broni

Restart it at let me know what will happen.
We have ways to access it, even if it's not bootable.
August 10th, 2010, 11:34 PM
Kimmie!

Firefox worked after restart.
Trying to post combofix. Firefox stopped working.
August 10th, 2010, 11:38 PM
Broni

Try Internet Explorer, or if it doesn't work either, restart computer one more time, or try starting it in Safe Mode with Networking.
August 11th, 2010, 12:15 AM
Kimmie!

First Part.

ComboFix 10-08-10.03 - Owner 08/10/2010 19:41:21.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1014.244 [GMT -4:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Trend Micro AntiVirus *disabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-07-10 to 2010-08-10 )))))))))))))))))))))))))))))))
.

2010-08-10 23:48 . 2010-08-10 23:48 -------- d-----w- c:\users\Owner\AppData\Local\temp
2010-08-10 23:48 . 2010-08-10 23:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-10 23:48 . 2010-08-10 23:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-10 23:39 . 2010-08-10 23:40 -------- d-----w- C:\32788R22FWJFW
2010-08-04 04:52 . 2010-08-04 04:52 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2010-08-04 04:52 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 04:52 . 2010-08-04 04:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-04 04:52 . 2010-08-04 04:52 -------- d-----w- c:\programdata\Malwarebytes
2010-08-04 04:52 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-03 13:38 . 2010-08-03 17:18 -------- d-----w- c:\programdata\Alwil Software
2010-08-03 13:38 . 2010-08-03 13:38 -------- d-----w- c:\program files\Alwil Software
2010-08-02 02:02 . 2010-08-04 05:38 -------- d-----w- c:\users\Owner\AppData\Local\hdsalwpvs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-04 23:53 . 2008-10-06 21:02 1356 ----a-w- c:\users\Owner\AppData\Local\d3d9caps.dat
2010-08-03 13:27 . 2009-11-27 00:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-06-25 00:24 . 2010-06-25 00:24 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb7ACE.tmp.exe
2010-06-14 18:28 . 2008-08-17 20:25 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-13 19:01 . 2007-06-07 22:23 -------- d-----w- c:\programdata\Microsoft Help
.

((((((((((((((((((((((((((((( SnapShot@2010-08-10_22.13.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-15 14:46 . 2008-07-15 14:46 61440 c:\windows\wnUninstall.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 14848 c:\windows\winsxs\x86_wpf-xamlviewer_31bf3856ad364e35_6.0.6000.16386_none_53d78a858001d1bb\XamlViewer_v0300.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 81920 c:\windows\winsxs\x86_wpf-windowsformsintegration_31bf3856ad364e35_6.0.6000.16386_none_f7e54d677ee500b7\WindowsFormsIntegration.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 86016 c:\windows\winsxs\x86_wpf-uiautomationtypes_31bf3856ad364e35_6.0.6000.16386_none_5adb5f719e057b9d\UIAutomationTypes.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 32768 c:\windows\winsxs\x86_wpf-uiautomationprovider_31bf3856ad364e35_6.0.6000.16386_none_02660f598e06d243\UIAutomationProvider.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 20768 c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6000.16386_none_285454b07ce40c97\PresentationHostProxy.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 36864 c:\windows\winsxs\x86_wpf-presentationfontcache_31bf3856ad364e35_6.0.6000.16386_none_0362d4d3154300e6\PresentationFontCache.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 72992 c:\windows\winsxs\x86_wpf-penimc_31bf3856ad364e35_6.0.6000.16386_none_a97a50ec07c2c315\PenIMC.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 76288 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6000.16386_none_47e1b1bb326f0fb4\SearchFilterHost.exe
+ 2006-11-02 12:34 . 2006-11-02 12:34 65536 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6000.16386_none_47e1b1bb326f0fb4\propdefs.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 52224 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6000.16386_none_47e1b1bb326f0fb4\msstrc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 32256 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6000.16386_none_47e1b1bb326f0fb4\mssprxy.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 98304 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6000.16386_none_47e1b1bb326f0fb4\mssitlb.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 51200 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6000.16386_none_47e1b1bb326f0fb4\msscntrs.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 23552 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_6.0.6000.16386_none_47e1b1bb326f0fb4\msscb.dll
+ 2006-11-02 07:22 . 2006-11-02 06:29 18271 c:\windows\winsxs\x86_windowssearchengine..uredqueryschema.bin_31bf3856ad364e35_6.0.6001.18000_none_9784d4f858e3c74e\StructuredQuerySchemaTrivial.bin
+ 2006-11-02 07:22 . 2006-11-02 06:29 18271 c:\windows\winsxs\x86_windowssearchengine..uredqueryschema.bin_31bf3856ad364e35_6.0.6000.16386_none_954e12fc5bf8b67a\StructuredQuerySchemaTrivial.bin
+ 2006-11-02 07:22 . 2006-11-02 06:29 99999 c:\windows\winsxs\x86_windowssearchengine..uredqueryschema.bin_31bf3856ad364e35_6.0.6000.16386_none_954e12fc5bf8b67a\StructuredQuerySchema.bin
+ 2006-11-02 12:36 . 2006-11-02 12:36 11264 c:\windows\winsxs\x86_wcf-m_svc_mon_sup_dll_31bf3856ad364e35_6.0.6000.16386_none_a3a743514eb35a09\ServiceMonikerSupport.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 95008 c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6000.16386_none_fdea9a14203ad997\SMConfigInstaller.exe
+ 2006-11-02 12:36 . 2006-11-02 12:36 83968 c:\windows\winsxs\x86_wcf-infocard_api_dll_31bf3856ad364e35_6.0.6000.16386_none_a1b038ccb2b525ae\infocardapi.dll
+ 2007-09-12 19:21 . 2007-09-12 19:21 55296 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\USBSTOR.SYS
+ 2007-09-12 19:21 . 2007-09-12 19:21 55296 c:\windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\USBSTOR.SYS
+ 2007-11-14 14:39 . 2007-11-14 14:39 23040 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20672_none_bc1c0cd21fbba94d\usbuhci.sys
+ 2007-11-14 14:39 . 2007-11-14 14:39 19456 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20672_none_bc1c0cd21fbba94d\usbohci.sys
+ 2007-11-14 14:39 . 2007-11-14 14:39 38400 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20672_none_bc1c0cd21fbba94d\usbehci.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 22528 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20496_none_bc0a6a561fc84c3d\usbuhci.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 19456 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20496_none_bc0a6a561fc84c3d\usbohci.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 38400 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20496_none_bc0a6a561fc84c3d\usbehci.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 22528 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20485_none_bc1439f81fc116f5\usbuhci.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 19456 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20485_none_bc1439f81fc116f5\usbohci.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 38400 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.20485_none_bc1439f81fc116f5\usbehci.sys
+ 2007-11-14 14:39 . 2007-11-14 14:39 23040 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16553_none_bba91029068ceaf8\usbuhci.sys
+ 2007-11-14 14:39 . 2007-11-14 14:39 19456 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16553_none_bba91029068ceaf8\usbohci.sys
+ 2007-11-14 14:39 . 2007-11-14 14:39 38400 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16553_none_bba91029068ceaf8\usbehci.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 22528 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16400_none_bbdc1d0106671617\usbuhci.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 19456 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16400_none_bbdc1d0106671617\usbohci.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 38400 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16400_none_bbdc1d0106671617\usbehci.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 22528 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16391_none_bb7bcc1906af2dc0\usbuhci.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 19456 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16391_none_bb7bcc1906af2dc0\usbohci.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 38400 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6000.16391_none_bb7bcc1906af2dc0\usbehci.sys
+ 2007-11-14 14:39 . 2007-11-14 14:39 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6000.20672_none_c95214552aa05b66\usbccgp.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6000.20496_none_c94071d92aacfe56\usbccgp.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6000.20485_none_c94a417b2aa5c90e\usbccgp.sys
+ 2007-11-14 14:39 . 2007-11-14 14:39 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6000.16553_none_c8df17ac11719d11\usbccgp.sys
+ 2007-05-31 21:02 . 2007-05-31 21:02 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6000.16400_none_c9122484114bc830\usbccgp.sys
+ 2007-05-31 20:54 . 2007-05-31 20:54 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6000.16391_none_c8b1d39c1193dfd9\usbccgp.sys
+ 2006-11-02 08:37 . 2006-11-02 09:46 49152 c:\windows\winsxs\x86_umb_31bf3856ad364e35_6.0.6000.16386_none_8480866f1ae0d405\umb.dll
+ 2007-09-28 01:01 . 2007-09-28 01:01 12800 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6000.20588_none_a290664c061ab294\sffp_sd.sys
+ 2007-09-28 01:01 . 2007-09-28 01:01 12800 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6000.20588_none_a290664c061ab294\sffp_mmc.sys
+ 2007-09-28 01:01 . 2007-09-28 01:01 13312 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6000.20588_none_a290664c061ab294\sffdisk.sys
+ 2007-09-28 01:01 . 2007-09-28 01:01 12800 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6000.16478_none_a211996cecf4f6d9\sffp_sd.sys
+ 2007-09-28 01:01 . 2007-09-28 01:01 12800 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6000.16478_none_a211996cecf4f6d9\sffp_mmc.sys
+ 2007-09-28 01:01 . 2007-09-28 01:01 13312 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6000.16478_none_a211996cecf4f6d9\sffdisk.sys
+ 2006-11-02 12:34 . 2006-11-02 12:34 11368 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MsMpLics.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 16488 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5\MpAsDesc.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 14008 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.20516_none_565b3cf37428e14b\MsMpLics.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 58552 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.20516_none_565b3cf37428e14b\MpRtPlug.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 90296 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.20516_none_565b3cf37428e14b\MpOAV.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 19128 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.20516_none_565b3cf37428e14b\MpAsDesc.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 14008 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16420_none_55c0ce805b18c568\MsMpLics.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 58552 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16420_none_55c0ce805b18c568\MpRtPlug.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 90296 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16420_none_55c0ce805b18c568\MpOAV.dll
+ 2007-09-28 01:03 . 2007-09-28 01:03 19128 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16420_none_55c0ce805b18c568\MpAsDesc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 11368 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16386_none_5585eece5b4407f1\MsMpLics.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 55912 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16386_none_5585eece5b4407f1\MpRtPlug.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 87656 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16386_none_5585eece5b4407f1\MpOAV.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 16488 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6000.16386_none_5585eece5b4407f1\MpAsDesc.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 65640 c:\windows\winsxs\x86_security-malware-windows-defender-events_31bf3856ad364e35_6.0.6000.16386_none_b3613e39beae266f\MpEvMsg.dll
+ 2007-09-28 01:01 . 2007-09-28 01:01 82432 c:\windows\winsxs\x86_sdbus.inf_31bf3856ad364e35_6.0.6000.20588_none_70379a0ce687d0a5\sdbus.sys
+ 2007-09-28 01:01 . 2007-09-28 01:01 82432 c:\windows\winsxs\x86_sdbus.inf_31bf3856ad364e35_6.0.6000.16478_none_6fb8cd2dcd6214ea\sdbus.sys
+ 2007-11-14 14:42 . 2007-11-14 14:42 81592 c:\windows\winsxs\x86_sbp2.inf_31bf3856ad364e35_6.0.6000.20673_none_4393529612505abc\sbp2port.sys
+ 2007-05-22 21:36 . 2007-05-22 21:36 76904 c:\windows\winsxs\x86_sbp2.inf_31bf3856ad364e35_6.0.6000.20499_none_4383b0ae125b305a\sbp2port.sys
+ 2007-11-14 14:42 . 2007-11-14 14:42 81592 c:\windows\winsxs\x86_sbp2.inf_31bf3856ad364e35_6.0.6000.16554_none_432055ecf9219c67\sbp2port.sys
+ 2007-05-22 21:36 . 2007-05-22 21:36 76904 c:\windows\winsxs\x86_sbp2.inf_31bf3856ad364e35_6.0.6000.16403_none_43556358f8f9fa34\sbp2port.sys
+ 2006-11-02 06:34 . 2006-10-20 01:14 32768 c:\windows\winsxs\x86_regsvcs_b03f5f7f11d50a3a_6.0.6000.16386_none_ea5acd8d67a02ef5\RegSvcs.exe
+ 2009-09-07 00:23 . 2008-07-27 17:58 53248 c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6001.22230_none_00497e9d2f298b6d\RegAsm.exe
+ 2009-09-07 00:23 . 2008-07-27 18:03 53248 c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6001.18111_none_17150e011584125a\RegAsm.exe
+ 2009-09-07 00:23 . 2008-07-27 17:55 53248 c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6000.20883_none_00723fef2ed44aac\RegAsm.exe
+ 2009-09-07 00:23 . 2008-07-27 18:00 53248 c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6000.16720_none_173a294b153205b9\RegAsm.exe
+ 2006-11-02 06:34 . 2006-10-20 01:14 53248 c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6000.16386_none_173fa2e7152d3645\RegAsm.exe
August 11th, 2010, 12:16 AM
Kimmie!

+ 2006-11-02 08:37 . 2006-11-02 09:46 53248 c:\windows\winsxs\x86_pnpxassocprx_31bf3856ad364e35_6.0.6000.16386_none_654f23b464b6e29a\PNPXAssocPrx.dll
+ 2006-11-02 08:37 . 2006-11-02 09:46 69632 c:\windows\winsxs\x86_pnpxassoc_31bf3856ad364e35_6.0.6000.16386_none_304d2237728a25d6\PNPXAssoc.dll
+ 2007-09-12 19:21 . 2007-09-12 19:21 16896 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.20614_none_98b0c8f3e3d85098\wfapigp.dll
+ 2007-09-12 19:21 . 2007-09-12 19:21 63488 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.20614_none_98b0c8f3e3d85098\mpsdrv.sys
+ 2007-09-12 19:21 . 2007-09-12 19:21 86016 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.20614_none_98b0c8f3e3d85098\icfupgd.dll
+ 2007-09-12 19:21 . 2007-09-12 19:21 16896 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16501_none_982efb36cab548d8\wfapigp.dll
+ 2007-09-12 19:21 . 2007-09-12 19:21 63488 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16501_none_982efb36cab548d8\mpsdrv.sys
+ 2007-09-12 19:21 . 2007-09-12 19:21 86016 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16501_none_982efb36cab548d8\icfupgd.dll
+ 2006-11-02 08:56 . 2006-11-02 09:46 16896 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16386_none_97dd797ccaf1acc5\wfapigp.dll
+ 2006-11-02 08:56 . 2006-11-02 08:56 63488 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16386_none_97dd797ccaf1acc5\mpsdrv.sys
+ 2006-11-02 08:56 . 2006-11-02 09:46 86016 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16386_none_97dd797ccaf1acc5\icfupgd.dll
+ 2006-11-02 08:56 . 2006-11-02 09:46 53760 c:\windows\winsxs\x86_networking-mpssvc-netsh_31bf3856ad364e35_6.0.6000.16386_none_acb9d32fc9c4af3d\fwcfg.dll
+ 2009-09-07 00:23 . 2008-07-27 17:58 37896 c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_5c675395941257b3\WMINet_Utils.dll
+ 2009-09-07 00:23 . 2008-07-27 18:03 37896 c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_7332e2f97a6cdea0\WMINet_Utils.dll
+ 2009-09-07 00:23 . 2008-07-27 17:55 37896 c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_5c9014e793bd16f2\WMINet_Utils.dll
+ 2009-09-07 00:23 . 2008-07-27 18:00 37896 c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_7357fe437a1ad1ff\WMINet_Utils.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 28160 c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_735d77df7a16028b\WMINet_Utils.dll
+ 2009-09-07 00:23 . 2008-07-27 17:58 81400 c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_4a46e49b6d8ffc7e\TLBREF.DLL
+ 2009-09-07 00:23 . 2008-07-27 18:03 81400 c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_611273ff53ea836b\TLBREF.DLL
+ 2009-09-07 00:23 . 2008-07-27 17:55 81400 c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_4a6fa5ed6d3abbbd\TLBREF.DLL
+ 2009-09-07 00:23 . 2008-07-27 18:00 81400 c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_61378f49539876ca\TLBREF.DLL
+ 2006-11-02 06:34 . 2006-11-02 06:34 71680 c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_613d08e55393a756\TLBREF.DLL
+ 2009-09-07 00:23 . 2008-07-27 17:58 95232 c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_8f45fc5fe5d5bfa9\ShFusRes.dll
+ 2009-09-07 00:23 . 2008-07-27 18:03 95232 c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_a6118bc3cc304696\ShFusRes.dll
+ 2009-09-07 00:23 . 2008-07-27 17:55 95232 c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_8f6ebdb1e5807ee8\ShFusRes.dll
+ 2009-09-07 00:23 . 2008-07-27 18:00 95232 c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_a636a70dcbde39f5\ShFusRes.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 85504 c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_a63c20a9cbd96a81\ShFusRes.dll
+ 2009-09-07 00:22 . 2008-07-27 17:58 88584 c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_130c52e1194d5fbe\PerfCounter.dll
+ 2009-09-07 00:22 . 2008-07-27 18:03 88584 c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_29d7e244ffa7e6ab\PerfCounter.dll
+ 2009-09-07 00:22 . 2008-07-27 17:55 88584 c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_1335143318f81efd\PerfCounter.dll
+ 2009-09-07 00:22 . 2008-07-27 18:00 88584 c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_29fcfd8eff55da0a\PerfCounter.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 78336 c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_2a02772aff510a96\PerfCounter.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 15360 c:\windows\winsxs\x86_netfx-normalization_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_dc5bf0ae2d4f6fc2\normalization.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 89600 c:\windows\winsxs\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.0.6000.16386_none_77e860c04a4c2385\ngen.exe
+ 2006-11-02 06:33 . 2006-11-02 06:33 72704 c:\windows\winsxs\x86_netfx-netfxsbs10_exe_31bf3856ad364e35_6.0.6000.16386_none_39582d78b1095a04\NETFXSBS10.exe
+ 2009-09-07 00:22 . 2008-07-27 17:58 19456 c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_b7d330597e7f786d\mscortim.dll
+ 2009-09-07 00:22 . 2008-07-27 18:03 19456 c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_ce9ebfbd64d9ff5a\mscortim.dll
+ 2009-09-07 00:22 . 2008-07-27 17:55 19456 c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_b7fbf1ab7e2a37ac\mscortim.dll
+ 2009-09-07 00:22 . 2008-07-27 18:00 19456 c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_cec3db076487f2b9\mscortim.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 10240 c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_cec954a364832345\mscortim.dll
+ 2009-09-07 00:22 . 2008-07-27 17:58 69632 c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_092b8008021d8703\mscorsvw.exe
+ 2009-09-07 00:22 . 2008-07-27 18:03 69632 c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_1ff70f6be8780df0\mscorsvw.exe
+ 2009-09-07 00:22 . 2008-07-27 17:55 69632 c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_0954415a01c84642\mscorsvw.exe
+ 2009-09-07 00:22 . 2008-07-27 18:00 69632 c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_201c2ab5e826014f\mscorsvw.exe
+ 2006-11-02 06:34 . 2006-11-02 06:34 59392 c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6000.16386_none_2021a451e82131db\mscorsvw.exe
+ 2009-09-07 00:23 . 2008-07-27 17:58 18944 c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_7f8e04aa7abe635a\mscorsn.dll
+ 2009-09-07 00:23 . 2008-07-27 18:03 18944 c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_9659940e6118ea47\mscorsn.dll
+ 2009-09-07 00:23 . 2008-07-27 17:55 18944 c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_7fb6c5fc7a692299\mscorsn.dll
+ 2009-09-07 00:23 . 2008-07-27 18:00 18944 c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_967eaf5860c6dda6\mscorsn.dll
+ 2009-09-07 00:23 . 2008-07-27 17:58 31744 c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_8ecad3ca082b2720\mscorsecr.dll
+ 2009-09-07 00:23 . 2008-07-27 18:03 31744 c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_a596632dee85ae0d\mscorsecr.dll
+ 2009-09-07 00:23 . 2008-07-27 17:55 31744 c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_8ef3951c07d5e65f\mscorsecr.dll
+ 2009-09-07 00:23 . 2008-07-27 18:00 31744 c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_a5bb7e77ee33a16c\mscorsecr.dll
+ 2006-11-02 06:34 . 2006-10-20 01:14 22528 c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_a5c0f813ee2ed1f8\mscorsecr.dll
+ 2009-09-07 00:22 . 2008-07-27 17:58 77312 c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_fae6aedc0e6b4e7e\mscorsec.dll
+ 2009-09-07 00:22 . 2008-07-27 18:03 77312 c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_11b23e3ff4c5d56b\mscorsec.dll
+ 2009-09-07 00:22 . 2008-07-27 17:55 77312 c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_fb0f702e0e160dbd\mscorsec.dll
+ 2009-09-07 00:22 . 2008-07-27 18:00 77312 c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_11d75989f473c8ca\mscorsec.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 67072 c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_11dcd325f46ef956\mscorsec.dll
+ 2009-09-07 00:22 . 2008-07-27 17:58 96768 c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6001.22230_none_a7ebd3ffe29b30fd\mscormmc.dll
+ 2009-09-07 00:22 . 2008-07-27 18:03 96768 c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6001.18111_none_a778d756c96c72a8\mscormmc.dll
+ 2009-09-07 00:22 . 2008-07-27 17:55 96768 c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6000.20883_none_a5d2869be59a77c6\mscormmc.dll
+ 2009-09-07 00:22 . 2008-07-27 18:00 96768 c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6000.16720_none_a586c87acc4ee451\mscormmc.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 86528 c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6000.16386_none_a54be316cc7a2f65\mscormmc.dll
+ 2009-09-07 00:22 . 2008-07-27 17:58 94208 c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_ac146deb63538815\mscorld.dll
+ 2009-09-07 00:22 . 2008-07-27 18:03 94208 c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_c2dffd4f49ae0f02\mscorld.dll
+ 2009-09-07 00:22 . 2008-07-27 17:55 94208 c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_ac3d2f3d62fe4754\mscorld.dll
+ 2009-09-07 00:22 . 2008-07-27 18:00 94208 c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_c3051899495c0261\mscorld.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 81408 c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_c30a9235495732ed\mscorld.dll
+ 2009-09-07 00:22 . 2008-07-27 17:58 83968 c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6001.22230_none_be8c4c4f0b009af1\mscories.dll
+ 2009-09-07 00:22 . 2008-07-27 18:03 83968 c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6001.18111_none_be194fa5f1d1dc9c\mscories.dll
+ 2009-09-07 00:22 . 2008-07-27 17:55 83968 c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6000.20883_none_bc72feeb0dffe1ba\mscories.dll
+ 2009-09-07 00:22 . 2008-07-27 18:00 83968 c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6000.16720_none_bc2740c9f4b44e45\mscories.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 74240 c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6000.16386_none_bbec5b65f4df9959\mscories.dll
+ 2009-09-07 00:23 . 2008-07-27 17:58 46592 c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_d3cbdc1189d08299\mscorie.dll
+ 2009-09-07 00:23 . 2008-07-27 18:03 46592 c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_ea976b75702b0986\mscorie.dll
+ 2009-09-07 00:23 . 2008-07-27 17:55 46592 c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_d3f49d63897b41d8\mscorie.dll
+ 2009-09-07 00:23 . 2008-07-27 18:00 46592 c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_eabc86bf6fd8fce5\mscorie.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 36864 c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_eac2005b6fd42d71\mscorie.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 73216 c:\windows\winsxs\x86_netfx-mscordbc_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_6d1b5243c560db72\mscordbc.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 55296 c:\windows\winsxs\x86_netfx-installutillib_dll_b03f5f7f11d50a3a_6.0.6000.16386_none_b6e1e631d82aaeaf\InstallUtilLib.dll
+ 2006-11-02 06:34 . 2006-11-02 06:34 32768 c:\windows\winsxs\x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.0.6000.16386_none_925ce6867e4dfdfc\netfxperf.dll

Show 40 post(s) from this thread on one page