iexplore.exe help

3 posters

WiredWX Christian Hobby Weather Tools :: GeekPolice tech support archive :: Technical Support

iexplore.exe help12th July 2009, 1:23 pm

Hey. Okay so I recently got some virus issues on my computer affecting my whole system. I was infected with a 'Security System 2009' thing which by following directions on this site I managed to get rid of with the help of Maylwarebytes'Anti-Malware, but now it seems that didn't fix all the problems. I have multiple 'iexplore.exe' running in my taskmanager and removing them from the list does not help at all. They just keep coming back and i'm at a loss on what to do. So here is my Hijackthis log and hopefully you can help me get rid of this mess. Thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:10:31 AM, on 7/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Wireless-N PCI Adapter\WLService.exe
C:\Program Files\Wireless-N PCI Adapter\WMP300N.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Normy\Desktop\Stuff\Zone Archive\winlogon.exe

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\2.bin\MORPHBAR.DLL (file missing)
O3 - Toolbar: Win Stream plugin - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\Win Stream plugin\win_stream_plugin.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Ultimate Fixer] "C:\Program Files\Ultimate Fixer\UltimateFixer.exe" hide
O4 - HKLM\..\Run: [WebInf] C:\Program Files\Trkic\webinfox2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RegGenie Scheduler] C:\Program Files\RegGenie\RegGenieScheduler.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [] C:\DOCUME~1\Normy\LOCALS~1\Temp\czouj.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: CSIScanner (csiscanner) - Unknown owner - C:\Program Files\Prevx\prevx.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: WMP300NSvc - GEMTEKS - C:\Program Files\Wireless-N PCI Adapter\WLService.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 6837 bytes

Re: iexplore.exe help12th July 2009, 4:34 pm

Hello.

Open HijackThis
Choose "Do a system scan only"
Check the boxes in front of these lines:

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\2.bin\MORPHBAR.DLL (file missing)
O3 - Toolbar: Win Stream plugin - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\Win Stream plugin\win_stream_plugin.dll (file missing)
O4 - HKCU\..\Run: [] C:\DOCUME~1\Normy\LOCALS~1\Temp\czouj.exe
O23 - Service: CSIScanner (csiscanner) - Unknown owner - C:\Program Files\Prevx\prevx.exe (file missing)
Press "Fix Checked"
Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

............................................................................................
Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
iexplore.exe help DXwU4

Re: iexplore.exe help13th July 2009, 12:11 am

Thanks for the response. I wanted to appologize for taking so long to get back I have been up for too many hours trying to figure this out, haha... anyway I ran Malwarebytes'Anti-Malware as requested and after restarting the computer I ran it again just to make sure and the log was the exact same again seeing how the same things are being deleted or trying to on reboot. I guess I should throw in that certain system abilities I cannot access anymore such as 'SafeMode' and 'System Restore' and also connecting to iexplore has proven difficult and constantly getting redirected to 'computer fix-it' sites still. Anyway sorry to waste your time with this talk so heres the log you asked for and thanks again for the help so far.

Malwarebytes' Anti-Malware 1.38
Database version: 2413
Windows 5.1.2600 Service Pack 3

7/12/2009 6:47:44 PM
mbam-log-2009-07-12 (18-47-44).txt

Scan type: Quick Scan
Objects scanned: 110327
Time elapsed: 4 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\CLSID\{46c166aa-3108-11d4-9348-00c04f8eeb71}\inprocserver32\(default) (Hijack.Hnetcfg) -> Bad: (\\?\globalroot\systemroot\installer\2642bd.msi) Good: (hnetcfg.dll) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.

Re: iexplore.exe help13th July 2009, 12:18 am

Hello.

Download combofix from here
Link 1
Link 2

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:

3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
We need to disable your local AV (Anti-virus) before running Combofix.
See HERE for how to disable your AV.
Double click on ComboFix.exe.
Follow the prompts. NOTE:
ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
Allow ComboFix to download the Recovery Console.
Accept the End-User License Agreement.
The Recovery Console will be installed.
You will then get this next prompt that asks if you want to continue the malware scan, select yes
Allow combofix to run
Post C:\combofix.txt back here.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Re: iexplore.exe help13th July 2009, 1:20 am

Okay I just got done running Combofix and it seemed to catch quite a few things. I'm not positive, but it sure looked like it anyway. Not sure if it fixed everything so any response would be appreciated. Here's the log and thank you again for the help so far.

ComboFix 09-07-12.03 - Normy 07/12/2009 19:49.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1626 [GMT -5:00]
Running from: c:\documents and settings\Normy\Desktop\Stuff\Zone Archive\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\UACfqmqyulbaupbimpeu.sys
c:\windows\system32\UACehefoymngsrjgrjmw.db
c:\windows\system32\UACkeevxfmlwhosptixn.dll
c:\windows\system32\UACobycdrubptjwvlyxy.dll
c:\windows\system32\UACpturrckmjwilaswwy.dll
c:\windows\system32\UACtiqwwgwjaimtowhvm.dll
c:\windows\system32\UACullpbisrrrppckpxv.dat
c:\windows\system32\UACwcxvjwqdoqmvwoipy.dll

c:\windows\system32\proquota.exe was missing
Restored copy from - c:\windows\ServicePackFiles\i386\proquota.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys
-------\Legacy_sfx
-------\Legacy_sfxdrv
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}

((((((((((((((((((((((((( Files Created from 2009-06-13 to 2009-07-13 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2004-01-07 06:01 . 2004-01-07 06:01 110592 c:\program files\Common Files\Sonic\Update Manager\bak\sgtray.exe

2005-03-15 20:55 . 2005-03-15 20:55 48752 c:\program files\Common Files\Symantec Shared\bak\ccApp.exe

2005-05-19 17:16 . 2003-09-17 15:43 57344 c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\bak\CTSysVol.exe

2005-05-19 17:20 . 2004-07-19 12:51 306688 c:\program files\Dell Support\bak\DSAgnt.exe

2005-05-19 17:15 . 2003-09-04 01:12 221184 c:\program files\Intel\Modem Event Monitor\bak\IntelMEM.exe

2003-11-19 22:48 . 2003-11-19 22:48 32881 c:\program files\Java\j2re1.4.2_03\bin\bak\jusched.exe

2005-05-19 17:24 . 2005-05-19 17:24 98304 c:\program files\QuickTime\bak\qttask.exe
2009-05-26 22:18 . 2009-05-26 22:18 413696 c:\program files\QuickTime\QTTask.exe

2005-05-19 17:24 . 2005-05-19 17:24 26112 c:\program files\Real\RealPlayer\bak\RealPlay.exe
2009-05-19 23:48 . 2009-05-19 23:48 214536 c:\program files\Real\RealPlayer\realplay.exe

2005-05-19 17:17 . 2000-05-11 06:00 90112 c:\windows\bak\UpdReg.EXE

1980-01-01 05:00 . 2005-09-20 15:32 77824 c:\windows\SYSTEM32\bak\hkcmd.exe

2005-09-20 15:36 . 2005-09-20 15:36 114688 c:\windows\SYSTEM32\bak\igfxpers.exe

1980-01-01 05:00 . 2005-09-20 15:35 94208 c:\windows\SYSTEM32\bak\igfxtray.exe

2006-05-28 03:52 . 2001-07-09 16:50 155648 c:\windows\SYSTEM32\bak\NeroCheck.exe

2006-10-26 23:29 . 2006-04-25 04:51 1273856 c:\windows\SYSTEM32\bak\WLTRAY.exe

2005-05-19 17:27 . 2004-12-06 06:05 127035 c:\windows\SYSTEM32\dla\bak\tfswctrl.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
2009-06-14 21:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [N/A]
"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebInf"="c:\program files\Trkic\webinfox2.exe" [N/A]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-12 1948440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-19 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"RegGenie Scheduler"="c:\program files\RegGenie\RegGenieScheduler.exe" [N/A]
"P17Helper"="P17.dll" - c:\windows\SYSTEM32\P17.dll [2005-05-04 64512]
"nwiz"="nwiz.exe" - c:\windows\SYSTEM32\nwiz.exe [2008-10-07 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\SYSTEM32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-12 09:22 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Warcraft
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"8085:TCP"= 8085:TCP:sfx

R1 d22ac5c2;d22ac5c2;c:\windows\System32\drivers\d22ac5c2.sys [2009-07-12 0]
R2 csiscanner;csiscanner;c:\program files\Prevx\prevx.exe [x]
R2 cuzespsg;cuzespsg;c:\windows\system32\drivers\folghbx.sys [x]
R2 pcwtmdk;pcwtmdk;c:\windows\system32\drivers\tbtu.sys [x]
R2 sfx;sfx;c:\windows\sySTEM32\SvchoSt.ExE [2008-04-14 14336]
R3 TIAcxubt;D-Link WLAN USB Boot Device;c:\windows\system32\Drivers\tiacxubt.sys [x]
R3 TIACXUSB;D-Link AirPlus DWL-120+ Wireless USB Adapter;c:\windows\system32\Drivers\tiacxusb.sys [x]
S0 pxscan;pxscan;c:\windows\System32\drivers\pxscan.sys [2009-07-12 22024]
S0 pxsec;pxsec;c:\windows\System32\drivers\pxsec.sys [2009-07-12 27656]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-07-12 335752]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-05-29 108552]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-07-12 907032]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-05-29 298776]
S2 WMP300NSvc;WMP300NSvc;c:\program files\Wireless-N PCI Adapter\WLService.exe WMP300N.exe [x]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - SFX
*NewlyCreated* - {79007602-0CDB-4405-9DBF-1257BB3226ED}
*NewlyCreated* - {79007602-0CDB-4405-9DBF-1257BB3226EE}
*Deregistered* - {79007602-0CDB-4405-9DBF-1257BB3226ED}
*Deregistered* - {79007602-0CDB-4405-9DBF-1257BB3226EE}

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-04-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2005-11-05 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 00:12]
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-12 20:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\windows\system32\drivers\hjgruigouitcwq.sys 67584 bytes executable
c:\docume~1\Normy\LOCALS~1\Temp\hjgrui000 0 bytes
c:\windows\TEMP\hjgruibupnvbkuag.tmp 18944 bytes executable
c:\windows\TEMP\hjgruifubbkosgte.tmp 93 bytes
c:\windows\TEMP\hjgruiibiukpjfqo.tmp 18944 bytes executable
c:\windows\TEMP\hjgruikbjnqfsrvk.tmp 93 bytes
c:\windows\TEMP\hjgruiqrtmpfvafo.tmp 18944 bytes executable
c:\windows\TEMP\hjgruitpgjvuvmuo.tmp 93 bytes
c:\windows\system32\hjgruimqibnfav.dat 93 bytes
c:\windows\system32\hjgruinqekqrdn.dll 18944 bytes executable
c:\windows\system32\hjgruiopqyujwr.dll 42496 bytes executable
c:\windows\system32\hjgruiunmusvqj.dat 81928 bytes

scan completed successfully
hidden files: 12

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hjgruitklrqarv]
"imagepath"="\systemroot\system32\drivers\hjgruigouitcwq.sys"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1008)
c:\windows\system32\WININET.dll
c:\windows\System32\BCMLogon.dll

- - - - - - - > 'lsass.exe'(1072)
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(2396)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\WLTRYSVC.EXE
c:\windows\SYSTEM32\BCMWLTRY.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\SYSTEM32\CTSVCCDA.EXE
c:\windows\SYSTEM32\nvsvc32.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\SYSTEM32\MsPMSPSv.exe
c:\program files\Wireless-N PCI Adapter\WLService.exe
c:\program files\Wireless-N PCI Adapter\WMP300N.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\windows\SYSTEM32\rundll32.exe
c:\windows\SYSTEM32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-07-13 20:11 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-13 01:11

Pre-Run: 38,862,450,688 bytes free
Post-Run: 38,967,902,208 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

206 --- E O F --- 2009-07-13 01:05

Re: iexplore.exe help13th July 2009, 2:45 am

After posting this last log I did a testrun on certain programs and things on my computer and everything seems to be working nicely now. No more annoying pop-ups or misdirects! Also Windows Update and certain programs that were restricted for access are now working properly as well and no more blue screens! I believe your helpful information was a huge success and I can't thank you enough. Untill next time, best of luck and keep up the great work! - BreakingSilence

Re: iexplore.exe help13th July 2009, 3:33 pm

Hello.
There is still a lot of malware present, I didn't say we was finished. The infection will come back because the main driver is still active.

Re: iexplore.exe help13th July 2009, 9:33 pm

Oh I am sorry. I was just excited to have function back on my computer I didn't mean to be so hasty. Thanks for the response i'll do whatever it takes with your help.

Re: iexplore.exe help13th July 2009, 9:39 pm

Now open a new notepad file.
Input this into the notepad file:

Driver::
d22ac5c2
csiscanner
cuzespsg
pcwtmdk
sfx

Registry::
[-HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[-HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[-HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8085:TCP"=-

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:
iexplore.exe help Sfxdaw

This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

............................................................................................
While my help is always free, please consider donating to keep this site alive: Donate

Re: iexplore.exe help13th July 2009, 10:37 pm

Again sorry for being so hasty I had no idea there was so much. Thank you again for all your help so far here is the log gonna have to split in a couple different posts:

ComboFix 09-07-12.03 - Normy 07/13/2009 17:06.2.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1643 [GMT -5:00]
Running from: c:\documents and settings\Normy\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Normy\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\FuckYou.NORMSKEET\My Documents\winlogon.exe
c:\windows\box boat blue.ico
c:\windows\Installer\2642bd.msi
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\Data
c:\windows\system32\drivers\hjgruigouitcwq.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\hjgruimqibnfav.dat
c:\windows\system32\hjgruinqekqrdn.dll
c:\windows\system32\hjgruiopqyujwr.dll
c:\windows\system32\hjgruiunmusvqj.dat
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\uacinit.dll
c:\windows\system32\uactmp.db
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_hjgruitklrqarv
-------\Legacy_CSISCANNER
-------\Legacy_SFX
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}
-------\Service_csiscanner
-------\Service_cuzespsg
-------\Service_d22ac5c2
-------\Service_pcwtmdk
-------\Service_sfx
-------\Service_hjgruitklrqarv

((((((((((((((((((((((((( Files Created from 2009-06-13 to 2009-07-13 )))))))))))))))))))))))))))))))
.

2009-07-13 01:47 . 2009-07-13 01:47 -------- d-----w- C:\dc7fea2a851727a99a2bb69816
2009-07-13 01:46 . 2009-07-13 06:24 -------- d-----w- c:\windows\SxsCaPendDel
2009-07-13 00:58 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-07-13 00:58 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe
2009-07-12 11:01 . 2009-07-12 11:01 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys
2009-07-12 11:01 . 2009-07-12 11:01 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys
2009-07-12 09:27 . 2009-07-12 09:22 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-12 09:27 . 2009-07-12 09:21 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-12 09:27 . 2009-07-12 09:21 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll
2009-07-12 09:27 . 2009-07-12 09:21 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-12 09:26 . 2009-07-12 09:21 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-12 09:25 . 2009-06-14 21:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-07-12 09:22 . 2009-07-12 09:22 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-12 07:45 . 2009-07-12 07:46 -------- d-----w- c:\documents and settings\FuckYou
2009-07-12 07:17 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-12 07:17 . 2009-07-12 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-12 07:17 . 2009-07-12 07:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-12 07:17 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-11 06:55 . 2009-07-11 06:55 -------- d-----w- c:\documents and settings\Friends\Local Settings\Application Data\Apple Computer
2009-07-11 06:26 . 2009-07-11 06:26 156 ----a-w- c:\documents and settings\Normy\Application Data\AdobeUM\delself.bat
2009-07-11 06:26 . 2009-07-12 11:41 0 ----a-w- c:\windows\system32\drivers\d22ac5c2.sys
2009-07-11 05:29 . 2009-07-11 05:29 -------- d-sh--w- c:\documents and settings\Friends\PrivacIE
2009-07-11 05:28 . 2009-07-11 05:28 -------- d-sh--w- c:\documents and settings\Friends\IETldCache
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\scripting
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\en
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\bits
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\l2schemas
2009-07-11 05:07 . 2009-07-11 05:07 -------- d-----w- c:\windows\ServicePackFiles
2009-07-11 05:02 . 2009-07-11 05:02 -------- d-----w- c:\windows\EHome
2009-07-11 03:59 . 2009-07-11 03:59 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-11 03:56 . 2009-07-11 03:56 -------- d-sh--w- c:\documents and settings\Normy\PrivacIE
2009-07-11 03:56 . 2009-07-11 03:56 -------- d-sh--w- c:\documents and settings\Normy\IECompatCache
2009-07-11 03:42 . 2009-07-11 03:42 -------- d-sh--w- c:\documents and settings\Normy\IETldCache
2009-07-11 03:42 . 2009-07-11 03:42 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-07-11 03:39 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-07-11 03:39 . 2009-07-11 03:39 -------- d-----w- c:\windows\ie8updates
2009-07-11 03:39 . 2009-04-30 21:22 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-07-11 03:39 . 2009-04-30 21:22 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-11 03:37 . 2009-07-11 03:38 -------- dc-h--w- c:\windows\ie8
2009-07-07 22:53 . 2009-07-01 23:03 2167576 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-01 23:03 . 2009-06-19 01:29 906520 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe
2009-06-19 01:29 . 2009-07-01 23:03 2054424 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-13 02:01 . 2005-11-07 07:08 -------- d-----w- c:\program files\World of Warcraft
2009-07-13 01:58 . 2006-08-22 03:17 42816 -c--a-w- c:\documents and settings\Normy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-12 10:48 . 2009-01-05 23:02 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-12 10:46 . 2009-07-12 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-07-12 10:20 . 2005-05-19 17:21 -------- d-----w- c:\program files\Jasc Software Inc
2009-07-12 09:26 . 2008-11-10 22:19 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-12 09:21 . 2008-11-10 22:18 -------- d--h--w- c:\documents and settings\All Users\Application Data\avg8
2009-07-12 08:22 . 2009-07-12 08:22 -------- d-----w- c:\documents and settings\Normy\Application Data\Malwarebytes
2009-07-11 11:04 . 2007-12-05 03:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-11 06:26 . 2005-11-05 22:04 -------- d-----w- c:\documents and settings\Normy\Application Data\AdobeUM
2009-07-11 05:19 . 2008-09-06 22:06 96384 ----a-w- c:\windows\system32\drivers\sptd5149.sys
2009-07-11 05:11 . 2004-08-10 18:13 78519 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-07-11 01:04 . 2005-05-19 17:25 -------- d-----w- c:\program files\Common Files\Intuit
2009-07-05 07:40 . 2005-05-19 17:24 -------- d-----w- c:\program files\QuickTime
2009-06-29 14:28 . 2007-01-10 02:16 -------- d-----w- c:\program files\IGN
2009-06-19 01:29 . 2006-12-05 09:14 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-19 01:29 . 2009-06-11 22:34 829208 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-06-19 01:29 . 2009-06-11 22:34 3298072 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-06-19 01:28 . 2009-06-11 22:32 1454360 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-06-12 04:48 . 2009-06-12 04:48 390664 ----a-w- c:\documents and settings\Normy\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-05-29 02:55 . 2008-11-10 22:19 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-19 23:48 . 2005-05-19 17:24 -------- d-----w- c:\program files\Common Files\Real
2009-05-13 05:15 . 2004-08-04 10:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-08 01:42 . 2006-03-29 06:45 48656 -c--a-w- c:\documents and settings\Friends\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-07 15:32 . 2004-08-04 10:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-17 12:26 . 2004-08-04 10:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-08-04 10:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll

Re: iexplore.exe help13th July 2009, 10:44 pm

((((((((((((((((((((((((((((( SnapShot@2009-07-13_01.02.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-08 01:39 . 2008-07-06 12:06 89088 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll
+ 2008-07-30 00:59 . 2008-07-30 00:59 43544 c:\windows\SYSTEM32\PresentationHostProxy.dll
+ 2005-05-19 17:04 . 2009-07-13 01:52 71732 c:\windows\SYSTEM32\PERFC009.DAT
- 2007-10-24 07:47 . 2007-10-24 07:47 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 83968 c:\windows\SYSTEM32\mscories.dll
+ 2008-07-30 00:24 . 2008-07-30 00:24 97800 c:\windows\SYSTEM32\infocardapi.dll
+ 2008-07-30 00:24 . 2008-07-30 00:24 11264 c:\windows\SYSTEM32\icardres.dll
+ 2006-10-14 21:43 . 2008-07-06 12:06 89088 c:\windows\SYSTEM32\DLLCACHE\filterpipelineprintproc.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 96760 c:\windows\SYSTEM32\dfshim.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 96760 c:\windows\SYSTEM32\dfshim.dll
- 2005-11-05 21:50 . 2009-07-13 01:00 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2005-11-05 21:50 . 2009-07-13 21:47 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2005-11-05 21:50 . 2009-07-13 21:47 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
- 2005-11-05 21:50 . 2009-07-13 01:00 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2005-11-05 21:50 . 2009-07-13 21:47 16384 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
- 2005-11-05 21:50 . 2009-07-13 01:00 16384 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
+ 2008-07-30 04:40 . 2008-07-30 04:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 02:10 . 2008-07-30 02:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-30 00:59 . 2008-07-30 00:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
- 2007-10-09 18:58 . 2007-10-09 18:58 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 02:10 . 2008-07-30 02:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-30 00:32 . 2008-07-30 00:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-30 00:16 . 2008-07-30 00:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2007-10-11 15:55 . 2007-10-11 15:55 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 16:17 . 2008-07-25 16:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 16:17 . 2008-07-25 16:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe

Re: iexplore.exe help13th July 2009, 10:47 pm

- 2007-10-24 07:47 . 2007-10-24 07:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe

Re: iexplore.exe help13th July 2009, 10:52 pm

+ 2008-07-30 02:07 . 2008-07-30 02:07 23040 c:\windows\Installer\2b26b7.msp
+ 2009-07-13 01:45 . 2009-07-13 01:45 88576 c:\windows\Installer\279a8c.msi
+ 2009-07-13 01:47 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\I386\filterpipelineprintproc.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-07-13 02:21 . 2009-07-13 02:21 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-07-13 02:21 . 2009-07-13 02:21 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 47104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-07-13 01:55 . 2009-07-13 01:55 39424 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 15872 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualC\ec83ec80653eb20ccc6ed42075c90aee\Microsoft.VisualC.ni.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-07-13 01:55 . 2009-07-13 01:55 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 94208 c:\windows\ASSEMBLY\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 98304 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 40960 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 12288 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 61440 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2008-02-01 01:10 . 2008-02-01 01:10 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 73728 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 53248 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 57344 c:\windows\ASSEMBLY\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 45056 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 46104 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-07-13 01:47 . 2009-07-13 01:47 32768 c:\windows\ASSEMBLY\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-02-01 01:11 . 2008-02-01 01:11 32768 c:\windows\ASSEMBLY\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 41984 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 77824 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 77824 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 94208 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 77824 c:\windows\ASSEMBLY\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 77824 c:\windows\ASSEMBLY\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 69120 c:\windows\ASSEMBLY\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 69120 c:\windows\ASSEMBLY\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 07:47 . 2007-10-24 07:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 07:47 . 2007-10-24 07:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-07-13 01:49 . 2009-07-13 01:49 5632 c:\windows\ASSEMBLY\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-02-01 01:08 . 2008-02-01 01:08 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

Re: iexplore.exe help13th July 2009, 10:54 pm

+ 2009-07-13 01:52 . 2009-07-13 01:52 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 07:19 . 2007-11-07 07:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 07:19 . 2007-11-07 07:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 02:23 . 2007-11-07 02:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 02:26 . 2008-07-30 02:26 301568 c:\windows\SYSTEM32\XPSViewer\XPSViewer.exe
+ 2006-10-15 01:21 . 2008-07-06 12:06 575488 c:\windows\SYSTEM32\xpsshhdr.dll
+ 2007-07-08 01:39 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\mxdwdrv.dll
+ 2007-07-08 01:39 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\mxdwdrv.dll
+ 2007-07-08 01:38 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\mxdwdrv.dll
+ 2007-07-08 01:39 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2007-07-08 01:39 . 2008-07-06 12:06 147456 c:\windows\SYSTEM32\SPOOL\PRTPROCS\x64\filterpipelineprintproc.dll
+ 2006-10-14 21:44 . 2008-07-06 10:50 597504 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfilterpipelinesvc.exe
+ 2006-01-07 07:38 . 2008-03-13 04:52 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
- 2006-01-07 07:38 . 2007-03-23 02:03 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
+ 2006-01-07 07:38 . 2008-07-06 12:06 744960 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll
- 2006-01-07 07:38 . 2008-04-14 00:12 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
+ 2006-01-07 07:38 . 2008-07-06 12:06 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
+ 2006-10-14 21:42 . 2008-07-06 12:06 198656 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdui.dll
+ 2006-10-14 21:43 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdrv.dll
+ 2006-10-14 21:43 . 2008-07-06 12:06 117760 c:\windows\SYSTEM32\prntvpt.dll
+ 2008-07-30 00:59 . 2008-07-30 00:59 781344 c:\windows\SYSTEM32\PresentationNative_v0300.dll
+ 2008-07-30 01:35 . 2008-07-30 01:35 326160 c:\windows\SYSTEM32\PresentationHost.exe
+ 2008-07-30 00:59 . 2008-07-30 00:59 105016 c:\windows\SYSTEM32\PresentationCFFRasterizerNative_v0300.dll
+ 2005-05-19 17:04 . 2009-07-13 01:52 442466 c:\windows\SYSTEM32\PERFH009.DAT
- 2007-10-24 07:47 . 2007-10-24 07:47 158720 c:\windows\SYSTEM32\mscorier.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 158720 c:\windows\SYSTEM32\mscorier.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 282112 c:\windows\SYSTEM32\mscoree.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 282112 c:\windows\SYSTEM32\mscoree.dll
+ 2008-07-30 00:24 . 2008-07-30 00:24 622080 c:\windows\SYSTEM32\icardagt.exe
+ 2004-08-10 18:08 . 2009-07-13 06:24 183424 c:\windows\SYSTEM32\FNTCACHE.DAT
- 2004-08-10 18:08 . 2009-07-12 13:54 183424 c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2006-10-15 01:21 . 2008-07-06 12:06 575488 c:\windows\SYSTEM32\DLLCACHE\xpsshhdr.dll
+ 2006-10-14 21:44 . 2008-07-06 10:50 597504 c:\windows\SYSTEM32\DLLCACHE\printfilterpipelinesvc.exe
+ 2009-07-11 03:42 . 2009-07-13 21:24 245760 c:\windows\SYSTEM32\CONFIG\systemprofile\IETldCache\index.dat
- 2009-07-11 03:42 . 2009-07-13 01:00 245760 c:\windows\SYSTEM32\CONFIG\systemprofile\IETldCache\index.dat
+ 2008-07-30 04:40 . 2008-07-30 04:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 23:47 . 2008-07-29 23:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 23:47 . 2008-07-29 23:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 04:15 . 2008-07-30 04:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 04:40 . 2008-07-30 04:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 01:35 . 2008-07-30 01:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-30 00:59 . 2008-07-30 00:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-30 00:16 . 2008-07-30 00:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-30 00:16 . 2008-07-30 00:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-30 00:16 . 2008-07-30 00:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
- 2007-10-11 15:55 . 2007-10-11 15:55 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-30 00:24 . 2008-07-30 00:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-30 00:16 . 2008-07-30 00:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe

Re: iexplore.exe help13th July 2009, 10:55 pm

+ 2008-11-25 09:59 . 2008-11-25 09:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-24 07:47 . 2007-10-24 07:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-12-13 14:58 . 2008-12-13 14:58 754688 c:\windows\Installer\2c85eb.msp
+ 2009-07-13 01:49 . 2009-07-13 01:49 648192 c:\windows\Installer\2c85c8.msi
+ 2008-07-30 02:23 . 2008-07-30 02:23 250880 c:\windows\Installer\2b26c0.msp
+ 2008-07-30 02:28 . 2008-07-30 02:28 278016 c:\windows\Installer\2b26be.msp
+ 2008-07-30 00:40 . 2008-07-30 00:40 291840 c:\windows\Installer\2b26bc.msp
+ 2009-07-13 01:48 . 2009-07-13 01:48 137728 c:\windows\Installer\2b26b6.msi
+ 2008-07-29 22:35 . 2008-07-29 22:35 553472 c:\windows\Installer\279a91.msp
+ 2008-07-29 22:33 . 2008-07-29 22:33 506368 c:\windows\Installer\279a8f.msp
+ 2008-07-29 22:37 . 2008-07-29 22:37 911360 c:\windows\Installer\279a8e.msp
+ 2009-07-13 01:47 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\I386\unires.dll
+ 2009-07-13 01:47 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\I386\unidrvui.dll
+ 2009-07-13 01:47 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\I386\unidrv.dll
+ 2009-07-13 01:47 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\I386\mxdwdui.dll
+ 2009-07-13 01:47 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\I386\mxdwdrv.dll

Re: iexplore.exe help13th July 2009, 10:55 pm

+ 2009-07-13 02:20 . 2009-07-13 02:20 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-07-13 01:58 . 2009-07-13 01:58 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 676352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 771584 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 593408 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Messaging\f48e3419fb2cb012fd160ae801600ae7\System.Messaging.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-07-13 02:19 . 2009-07-13 02:19 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-07-13 02:19 . 2009-07-13 02:19 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 208384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-07-13 02:21 . 2009-07-13 02:21 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-07-13 02:21 . 2009-07-13 02:21 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 232448 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\sysglobl\45067d0793a09d3431d26bfa55c5a76a\sysglobl.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-07-13 02:20 . 2009-07-13 02:20 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-07-13 01:57 . 2009-07-13 01:57 224768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 539648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 368128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 258048 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-07-13 02:20 . 2009-07-13 02:20 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-07-13 02:20 . 2009-07-13 02:20 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 385024 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 167936 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 507904 c:\windows\ASSEMBLY\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 540672 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 839680 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 839680 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 835584 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 335872 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll

Re: iexplore.exe help13th July 2009, 10:56 pm

- 2008-02-01 01:08 . 2008-02-01 01:08 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 569344 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 966656 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 303104 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 233472 c:\windows\ASSEMBLY\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 372736 c:\windows\ASSEMBLY\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 372736 c:\windows\ASSEMBLY\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 143360 c:\windows\ASSEMBLY\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2008-02-01 01:11 . 2008-02-01 01:11 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 430080 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2008-02-01 01:11 . 2008-02-01 01:11 430080 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 126976 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2008-02-01 01:11 . 2008-02-01 01:11 126976 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 626688 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 401408 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 401408 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 286720 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 970752 c:\windows\ASSEMBLY\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 745472 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 442368 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 294912 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 684032 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 667648 c:\windows\ASSEMBLY\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 425984 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 425984 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 163840 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 110592 c:\windows\ASSEMBLY\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 528384 c:\windows\ASSEMBLY\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2008-02-01 01:11 . 2008-02-01 01:11 528384 c:\windows\ASSEMBLY\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 864256 c:\windows\ASSEMBLY\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 163840 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 397312 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 139264 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 196608 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 598016 c:\windows\ASSEMBLY\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 659456 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-02-01 01:11 . 2008-02-01 01:11 397312 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 397312 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 749568 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 749568 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 655360 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 655360 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 802816 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 733184 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 348160 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 348160 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-07-13 01:48 . 2009-07-13 01:48 106496 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-02-01 01:08 . 2008-02-01 01:08 507904 c:\windows\ASSEMBLY\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 507904 c:\windows\ASSEMBLY\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 261632 c:\windows\ASSEMBLY\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 368640 c:\windows\ASSEMBLY\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 113664 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 113664 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-02-01 01:09 . 2008-02-01 01:09 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 486400 c:\windows\ASSEMBLY\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 163840 c:\windows\ASSEMBLY\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2006-10-15 01:22 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\xpssvcs.dll

Re: iexplore.exe help13th July 2009, 10:56 pm

+ 2007-07-08 01:39 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\xpssvcs.dll
+ 2007-07-08 01:39 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\xpssvcs.dll
+ 2007-07-08 01:38 . 2008-07-06 22:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\xpssvcs.dll
+ 2007-07-08 01:39 . 2008-07-06 22:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\xpssvcs.dll
+ 2006-10-15 01:22 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\XpsSvcs.dll
+ 2006-10-15 01:22 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\DLLCACHE\xpssvcs.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 23:47 . 2008-07-29 23:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-06 00:35 . 2008-12-06 00:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-12-06 01:12 . 2008-12-06 01:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-10-24 07:47 . 2007-10-24 07:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 09:59 . 2008-11-25 09:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2008-12-13 14:57 . 2008-12-13 14:57 8397824 c:\windows\Installer\2c85d6.msp
+ 2008-07-30 00:26 . 2008-07-30 00:26 1043456 c:\windows\Installer\2b26bf.msp
+ 2008-07-30 01:37 . 2008-07-30 01:37 2679808 c:\windows\Installer\2b26bd.msp
+ 2008-07-30 02:15 . 2008-07-30 02:15 3697664 c:\windows\Installer\2b26bb.msp
+ 2008-07-30 00:34 . 2008-07-30 00:34 1448448 c:\windows\Installer\2b26ba.msp
+ 2008-07-30 01:22 . 2008-07-30 01:22 4137984 c:\windows\Installer\2b26b9.msp
+ 2008-07-30 00:18 . 2008-07-30 00:18 3376640 c:\windows\Installer\2b26b8.msp
+ 2008-07-29 22:45 . 2008-07-29 22:45 2543616 c:\windows\Installer\279a95.msp
+ 2008-07-29 22:29 . 2008-07-29 22:29 2926080 c:\windows\Installer\279a94.msp
+ 2008-07-29 22:41 . 2008-07-29 22:41 6487040 c:\windows\Installer\279a93.msp
+ 2008-07-29 22:39 . 2008-07-29 22:39 3403264 c:\windows\Installer\279a92.msp
+ 2008-07-29 22:43 . 2008-07-29 22:43 1013248 c:\windows\Installer\279a90.msp
+ 2008-07-29 22:31 . 2008-07-29 22:31 6083072 c:\windows\Installer\279a8d.msp
+ 2009-07-13 01:55 . 2009-07-13 01:55 3313664 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 7868416 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-07-13 02:23 . 2009-07-13 02:23 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 2403328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 1917440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-07-13 02:19 . 2009-07-13 02:19 2338304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 1035264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-07-13 02:19 . 2009-07-13 02:19 1056768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 1587200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 6616576 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-07-13 01:54 . 2009-07-13 01:54 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 1115136 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fab76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 2516480 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 2295296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 2128896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 1657856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 1451008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-07-13 02:21 . 2009-07-13 02:21 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-07-13 02:22 . 2009-07-13 02:22 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 1245184 c:\windows\ASSEMBLY\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 3149824 c:\windows\ASSEMBLY\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 2048000 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 1630208 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 1138688 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 5025792 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 1277952 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 5931008 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 5062656 c:\windows\ASSEMBLY\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-07-13 01:49 . 2009-07-13 01:49 2879488 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 5283840 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 5242880 c:\windows\ASSEMBLY\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 2933248 c:\windows\ASSEMBLY\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-07-13 01:47 . 2009-07-13 01:47 4210688 c:\windows\ASSEMBLY\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-07-13 01:52 . 2009-07-13 01:52 4546560 c:\windows\ASSEMBLY\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-12-13 15:21 . 2008-12-13 15:21 10473472 c:\windows\Installer\2c85e0.msp
+ 2009-07-13 01:55 . 2009-07-13 01:55 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 11796992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-07-13 02:20 . 2009-07-13 02:20 17317888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-07-13 01:57 . 2009-07-13 01:57 10683392 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-07-13 01:56 . 2009-07-13 01:56 14327808 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-07-13 01:55 . 2009-07-13 01:55 12216320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-07-13 01:53 . 2009-07-13 01:53 11486720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll

Re: iexplore.exe help13th July 2009, 10:57 pm

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2004-01-07 06:01 . 2004-01-07 06:01 110592 c:\program files\Common Files\Sonic\Update Manager\bak\sgtray.exe

2005-03-15 20:55 . 2005-03-15 20:55 48752 c:\program files\Common Files\Symantec Shared\bak\ccApp.exe

2005-05-19 17:16 . 2003-09-17 15:43 57344 c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\bak\CTSysVol.exe

2005-05-19 17:20 . 2004-07-19 12:51 306688 c:\program files\Dell Support\bak\DSAgnt.exe

2005-05-19 17:15 . 2003-09-04 01:12 221184 c:\program files\Intel\Modem Event Monitor\bak\IntelMEM.exe

2003-11-19 22:48 . 2003-11-19 22:48 32881 c:\program files\Java\j2re1.4.2_03\bin\bak\jusched.exe

2005-05-19 17:24 . 2005-05-19 17:24 98304 c:\program files\QuickTime\bak\qttask.exe
2009-05-26 22:18 . 2009-05-26 22:18 413696 c:\program files\QuickTime\QTTask.exe

2005-05-19 17:24 . 2005-05-19 17:24 26112 c:\program files\Real\RealPlayer\bak\RealPlay.exe
2009-05-19 23:48 . 2009-05-19 23:48 214536 c:\program files\Real\RealPlayer\realplay.exe

2005-05-19 17:17 . 2000-05-11 06:00 90112 c:\windows\bak\UpdReg.EXE

1980-01-01 05:00 . 2005-09-20 15:32 77824 c:\windows\SYSTEM32\bak\hkcmd.exe

2005-09-20 15:36 . 2005-09-20 15:36 114688 c:\windows\SYSTEM32\bak\igfxpers.exe

1980-01-01 05:00 . 2005-09-20 15:35 94208 c:\windows\SYSTEM32\bak\igfxtray.exe

2006-05-28 03:52 . 2001-07-09 16:50 155648 c:\windows\SYSTEM32\bak\NeroCheck.exe

2006-10-26 23:29 . 2006-04-25 04:51 1273856 c:\windows\SYSTEM32\bak\WLTRAY.exe

2005-05-19 17:27 . 2004-12-06 06:05 127035 c:\windows\SYSTEM32\dla\bak\tfswctrl.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [N/A]
"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebInf"="c:\program files\Trkic\webinfox2.exe" [N/A]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-12 1948440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-19 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"RegGenie Scheduler"="c:\program files\RegGenie\RegGenieScheduler.exe" [N/A]
"P17Helper"="P17.dll" - c:\windows\SYSTEM32\P17.dll [2005-05-04 64512]
"nwiz"="nwiz.exe" - c:\windows\SYSTEM32\nwiz.exe [2008-10-07 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\SYSTEM32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-12 09:22 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Warcraft
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 pxscan;pxscan;c:\windows\SYSTEM32\DRIVERS\pxscan.sys [7/12/2009 6:01 AM 22024]
R0 pxsec;pxsec;c:\windows\SYSTEM32\DRIVERS\pxsec.sys [7/12/2009 6:01 AM 27656]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [11/10/2008 5:19 PM 335752]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [11/10/2008 5:19 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/12/2009 4:21 AM 907032]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [11/10/2008 5:18 PM 298776]
R2 WMP300NSvc;WMP300NSvc;c:\program files\Wireless-N PCI Adapter\WLService.exe [10/26/2006 6:29 PM 53307]
S3 TIAcxubt;D-Link WLAN USB Boot Device;c:\windows\system32\Drivers\tiacxubt.sys --> c:\windows\system32\Drivers\tiacxubt.sys [?]
S3 TIACXUSB;D-Link AirPlus DWL-120+ Wireless USB Adapter;c:\windows\system32\Drivers\tiacxusb.sys --> c:\windows\system32\Drivers\tiacxusb.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - gtndis5

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-04-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2005-11-05 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 00:12]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{a3bc75a2-1f87-4686-aa43-5347d756017c} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-13 17:15
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1008)
c:\windows\System32\BCMLogon.dll

- - - - - - - > 'explorer.exe'(3684)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\WLTRYSVC.EXE
c:\windows\SYSTEM32\BCMWLTRY.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\SYSTEM32\CTSVCCDA.EXE
c:\windows\SYSTEM32\nvsvc32.exe
c:\windows\SYSTEM32\MsPMSPSv.exe
c:\program files\Wireless-N PCI Adapter\WMP300N.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\windows\SYSTEM32\rundll32.exe
c:\windows\SYSTEM32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-07-13 17:19 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-13 22:19
ComboFix2.txt 2009-07-13 01:12

Pre-Run: 38,565,265,408 bytes free
Post-Run: 38,588,260,352 bytes free

922 --- E O F --- 2009-07-13 08:00

Re: iexplore.exe help13th July 2009, 10:58 pm

Okay I believe I got it all sorry it took so long.

Re: iexplore.exe help14th July 2009, 3:07 am

Now open a new notepad file.
Input this into the notepad file:

File::
C:\dc7fea2a851727a99a2bb69816

Rookit::
c:\windows\system32\drivers\d22ac5c2.sys

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:
iexplore.exe help Sfxdaw

This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

............................................................................................
While my help is always free, please consider donating to keep this site alive: Donate

Re: iexplore.exe help14th July 2009, 3:39 am

Hello. I did as you asked, but it is prompting me saying "There's a newer version of ComboFix available. Would you like to update Combofix?" Should I trust this and click yes?

Re: iexplore.exe help14th July 2009, 4:04 am

Okay I just went ahead and said yes and it seemed to be fine I hope anyway... heres the log you asked for.

ComboFix 09-07-13.01 - Normy 07/13/2009 22:55.3.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1561 [GMT -5:00]
Running from: c:\documents and settings\Normy\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Normy\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"C:\dc7fea2a851727a99a2bb69816"
.

((((((((((((((((((((((((( Files Created from 2009-06-14 to 2009-07-14 )))))))))))))))))))))))))))))))
.

2009-07-13 01:47 . 2009-07-13 01:47 -------- d-----w- C:\dc7fea2a851727a99a2bb69816
2009-07-13 01:46 . 2009-07-13 06:24 -------- d-----w- c:\windows\SxsCaPendDel
2009-07-13 00:58 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-07-13 00:58 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe
2009-07-12 11:01 . 2009-07-12 11:01 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys
2009-07-12 11:01 . 2009-07-12 11:01 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys
2009-07-12 09:27 . 2009-07-12 09:22 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-12 09:27 . 2009-07-12 09:21 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-12 09:27 . 2009-07-12 09:21 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll
2009-07-12 09:27 . 2009-07-12 09:21 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-12 09:26 . 2009-07-12 09:21 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-12 09:25 . 2009-06-14 21:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-07-12 09:22 . 2009-07-12 09:22 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-12 07:45 . 2009-07-12 07:46 -------- d-----w- c:\documents and settings\FuckYou
2009-07-12 07:17 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-12 07:17 . 2009-07-12 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-12 07:17 . 2009-07-12 07:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-12 07:17 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-11 06:55 . 2009-07-11 06:55 -------- d-----w- c:\documents and settings\Friends\Local Settings\Application Data\Apple Computer
2009-07-11 06:26 . 2009-07-11 06:26 156 ----a-w- c:\documents and settings\Normy\Application Data\AdobeUM\delself.bat
2009-07-11 06:26 . 2009-07-12 11:41 0 ----a-w- c:\windows\system32\drivers\d22ac5c2.sys
2009-07-11 05:29 . 2009-07-11 05:29 -------- d-sh--w- c:\documents and settings\Friends\PrivacIE
2009-07-11 05:28 . 2009-07-11 05:28 -------- d-sh--w- c:\documents and settings\Friends\IETldCache
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\scripting
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\en
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\bits
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\l2schemas
2009-07-11 05:07 . 2009-07-11 05:07 -------- d-----w- c:\windows\ServicePackFiles
2009-07-11 05:02 . 2009-07-11 05:02 -------- d-----w- c:\windows\EHome
2009-07-11 03:59 . 2009-07-11 03:59 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-11 03:56 . 2009-07-11 03:56 -------- d-sh--w- c:\documents and settings\Normy\PrivacIE
2009-07-11 03:56 . 2009-07-11 03:56 -------- d-sh--w- c:\documents and settings\Normy\IECompatCache
2009-07-11 03:42 . 2009-07-11 03:42 -------- d-sh--w- c:\documents and settings\Normy\IETldCache
2009-07-11 03:42 . 2009-07-11 03:42 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-07-11 03:39 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-07-11 03:39 . 2009-07-11 03:39 -------- d-----w- c:\windows\ie8updates
2009-07-11 03:39 . 2009-04-30 21:22 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-07-11 03:39 . 2009-04-30 21:22 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-11 03:37 . 2009-07-11 03:38 -------- dc-h--w- c:\windows\ie8
2009-07-07 22:53 . 2009-07-01 23:03 2167576 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-01 23:03 . 2009-06-19 01:29 906520 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe
2009-06-19 01:29 . 2009-07-01 23:03 2054424 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-13 02:01 . 2005-11-07 07:08 -------- d-----w- c:\program files\World of Warcraft
2009-07-13 01:58 . 2006-08-22 03:17 42816 -c--a-w- c:\documents and settings\Normy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-12 10:48 . 2009-01-05 23:02 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-12 10:46 . 2009-07-12 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-07-12 10:20 . 2005-05-19 17:21 -------- d-----w- c:\program files\Jasc Software Inc
2009-07-12 09:26 . 2008-11-10 22:19 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-12 09:21 . 2008-11-10 22:18 -------- d--h--w- c:\documents and settings\All Users\Application Data\avg8
2009-07-12 08:22 . 2009-07-12 08:22 -------- d-----w- c:\documents and settings\Normy\Application Data\Malwarebytes
2009-07-11 11:04 . 2007-12-05 03:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-11 06:26 . 2005-11-05 22:04 -------- d-----w- c:\documents and settings\Normy\Application Data\AdobeUM
2009-07-11 05:19 . 2008-09-06 22:06 96384 ----a-w- c:\windows\system32\drivers\sptd5149.sys
2009-07-11 05:11 . 2004-08-10 18:13 78519 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-07-11 01:04 . 2005-05-19 17:25 -------- d-----w- c:\program files\Common Files\Intuit
2009-07-05 07:40 . 2005-05-19 17:24 -------- d-----w- c:\program files\QuickTime
2009-06-29 14:28 . 2007-01-10 02:16 -------- d-----w- c:\program files\IGN
2009-06-19 01:29 . 2006-12-05 09:14 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-19 01:29 . 2009-06-11 22:34 829208 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-06-19 01:29 . 2009-06-11 22:34 3298072 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-06-19 01:28 . 2009-06-11 22:32 1454360 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-06-12 04:48 . 2009-06-12 04:48 390664 ----a-w- c:\documents and settings\Normy\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-05-29 02:55 . 2008-11-10 22:19 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-19 23:48 . 2005-05-19 17:24 -------- d-----w- c:\program files\Common Files\Real
2009-05-13 05:15 . 2004-08-04 10:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-08 01:42 . 2006-03-29 06:45 48656 -c--a-w- c:\documents and settings\Friends\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-07 15:32 . 2004-08-04 10:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-17 12:26 . 2004-08-04 10:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-08-04 10:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2004-01-07 06:01 . 2004-01-07 06:01 110592 c:\program files\Common Files\Sonic\Update Manager\bak\sgtray.exe

2005-03-15 20:55 . 2005-03-15 20:55 48752 c:\program files\Common Files\Symantec Shared\bak\ccApp.exe

2005-05-19 17:16 . 2003-09-17 15:43 57344 c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\bak\CTSysVol.exe

2005-05-19 17:20 . 2004-07-19 12:51 306688 c:\program files\Dell Support\bak\DSAgnt.exe

2005-05-19 17:15 . 2003-09-04 01:12 221184 c:\program files\Intel\Modem Event Monitor\bak\IntelMEM.exe

2003-11-19 22:48 . 2003-11-19 22:48 32881 c:\program files\Java\j2re1.4.2_03\bin\bak\jusched.exe

2005-05-19 17:24 . 2005-05-19 17:24 98304 c:\program files\QuickTime\bak\qttask.exe
2009-05-26 22:18 . 2009-05-26 22:18 413696 c:\program files\QuickTime\QTTask.exe

2005-05-19 17:24 . 2005-05-19 17:24 26112 c:\program files\Real\RealPlayer\bak\RealPlay.exe
2009-05-19 23:48 . 2009-05-19 23:48 214536 c:\program files\Real\RealPlayer\realplay.exe

2005-05-19 17:17 . 2000-05-11 06:00 90112 c:\windows\bak\UpdReg.EXE

1980-01-01 05:00 . 2005-09-20 15:32 77824 c:\windows\SYSTEM32\bak\hkcmd.exe

2005-09-20 15:36 . 2005-09-20 15:36 114688 c:\windows\SYSTEM32\bak\igfxpers.exe

1980-01-01 05:00 . 2005-09-20 15:35 94208 c:\windows\SYSTEM32\bak\igfxtray.exe

2006-05-28 03:52 . 2001-07-09 16:50 155648 c:\windows\SYSTEM32\bak\NeroCheck.exe

2006-10-26 23:29 . 2006-04-25 04:51 1273856 c:\windows\SYSTEM32\bak\WLTRAY.exe

2005-05-19 17:27 . 2004-12-06 06:05 127035 c:\windows\SYSTEM32\dla\bak\tfswctrl.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [N/A]
"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebInf"="c:\program files\Trkic\webinfox2.exe" [N/A]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-12 1948440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-19 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"RegGenie Scheduler"="c:\program files\RegGenie\RegGenieScheduler.exe" [N/A]
"P17Helper"="P17.dll" - c:\windows\SYSTEM32\P17.dll [2005-05-04 64512]
"nwiz"="nwiz.exe" - c:\windows\SYSTEM32\nwiz.exe [2008-10-07 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\SYSTEM32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-12 09:22 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Warcraft
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 pxscan;pxscan;c:\windows\SYSTEM32\DRIVERS\pxscan.sys [7/12/2009 6:01 AM 22024]
R0 pxsec;pxsec;c:\windows\SYSTEM32\DRIVERS\pxsec.sys [7/12/2009 6:01 AM 27656]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [11/10/2008 5:19 PM 335752]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [11/10/2008 5:19 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/12/2009 4:21 AM 907032]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [11/10/2008 5:18 PM 298776]
R2 WMP300NSvc;WMP300NSvc;c:\program files\Wireless-N PCI Adapter\WLService.exe [10/26/2006 6:29 PM 53307]
S3 TIAcxubt;D-Link WLAN USB Boot Device;c:\windows\system32\Drivers\tiacxubt.sys --> c:\windows\system32\Drivers\tiacxubt.sys [?]
S3 TIACXUSB;D-Link AirPlus DWL-120+ Wireless USB Adapter;c:\windows\system32\Drivers\tiacxusb.sys --> c:\windows\system32\Drivers\tiacxusb.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-04-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2005-11-05 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 00:12]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-13 22:59
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1012)
c:\windows\System32\BCMLogon.dll

- - - - - - - > 'explorer.exe'(1180)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-07-14 23:02
ComboFix-quarantined-files.txt 2009-07-14 04:02
ComboFix2.txt 2009-07-13 22:19
ComboFix3.txt 2009-07-13 01:12

Pre-Run: 38,579,470,336 bytes free
Post-Run: 38,554,165,248 bytes free

188 --- E O F --- 2009-07-13 08:00

Re: iexplore.exe help14th July 2009, 3:42 pm

Hello.
Just need to clear up one last infection.

Now open a new notepad file.
Input this into the notepad file:

AWF::
c:\program files\Common Files\Sonic\Update Manager\bak\sgtray.exe
c:\program files\Common Files\Symantec Shared\bak\ccApp.exe
c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\bak\CTSysVol.exe
c:\program files\Dell Support\bak\DSAgnt.exe
c:\program files\Intel\Modem Event Monitor\bak\IntelMEM.exe
c:\program files\Java\j2re1.4.2_03\bin\bak\jusched.exe
c:\program files\QuickTime\bak\qttask.exe
c:\program files\Real\RealPlayer\bak\RealPlay.exe
c:\windows\bak\UpdReg.EXE
c:\windows\SYSTEM32\bak\hkcmd.exe
c:\windows\SYSTEM32\bak\igfxpers.exe
c:\windows\SYSTEM32\bak\igfxtray.exe
c:\windows\SYSTEM32\bak\NeroCheck.exe
c:\windows\SYSTEM32\bak\WLTRAY.exe
c:\windows\SYSTEM32\dla\bak\tfswctrl.exe

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:
iexplore.exe help Sfxdaw

This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

Re: iexplore.exe help15th July 2009, 12:53 am

Hello there. This whole thing has been quite the experience, haha.. I know you prob. get this all the time, but thank you again so much for your patience and help so far I could of never done any of this without you guys. Anyway i'll be quiet now... here is the new log. Open Grin

ComboFix 09-07-14.07 - Normy 07/14/2009 19:39.4.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1564 [GMT -5:00]
Running from: c:\documents and settings\Normy\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Normy\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Files Created from 2009-06-15 to 2009-07-15 )))))))))))))))))))))))))))))))
.

2009-07-13 01:47 . 2009-07-13 01:47 -------- d-----w- C:\dc7fea2a851727a99a2bb69816
2009-07-13 01:46 . 2009-07-13 06:24 -------- d-----w- c:\windows\SxsCaPendDel
2009-07-13 00:58 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-07-13 00:58 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe
2009-07-12 11:01 . 2009-07-12 11:01 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys
2009-07-12 11:01 . 2009-07-12 11:01 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys
2009-07-12 09:27 . 2009-07-12 09:22 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-12 09:27 . 2009-07-12 09:21 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-12 09:27 . 2009-07-12 09:21 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll
2009-07-12 09:27 . 2009-07-12 09:21 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-12 09:26 . 2009-07-12 09:21 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-12 09:25 . 2009-06-14 21:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-07-12 09:22 . 2009-07-12 09:22 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-12 07:45 . 2009-07-12 07:46 -------- d-----w- c:\documents and settings\FuckYou
2009-07-12 07:17 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-12 07:17 . 2009-07-12 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-12 07:17 . 2009-07-12 07:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-12 07:17 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-11 06:55 . 2009-07-11 06:55 -------- d-----w- c:\documents and settings\Friends\Local Settings\Application Data\Apple Computer
2009-07-11 06:26 . 2009-07-11 06:26 156 ----a-w- c:\documents and settings\Normy\Application Data\AdobeUM\delself.bat
2009-07-11 06:26 . 2009-07-12 11:41 0 ----a-w- c:\windows\system32\drivers\d22ac5c2.sys
2009-07-11 05:29 . 2009-07-11 05:29 -------- d-sh--w- c:\documents and settings\Friends\PrivacIE
2009-07-11 05:28 . 2009-07-11 05:28 -------- d-sh--w- c:\documents and settings\Friends\IETldCache
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\scripting
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\en
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\system32\bits
2009-07-11 05:09 . 2009-07-11 05:09 -------- d-----w- c:\windows\l2schemas
2009-07-11 05:07 . 2009-07-11 05:07 -------- d-----w- c:\windows\ServicePackFiles
2009-07-11 05:02 . 2009-07-11 05:02 -------- d-----w- c:\windows\EHome
2009-07-11 03:59 . 2009-07-11 03:59 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-11 03:56 . 2009-07-11 03:56 -------- d-sh--w- c:\documents and settings\Normy\PrivacIE
2009-07-11 03:56 . 2009-07-11 03:56 -------- d-sh--w- c:\documents and settings\Normy\IECompatCache
2009-07-11 03:42 . 2009-07-11 03:42 -------- d-sh--w- c:\documents and settings\Normy\IETldCache
2009-07-11 03:42 . 2009-07-11 03:42 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-07-11 03:39 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-07-11 03:39 . 2009-07-11 03:39 -------- d-----w- c:\windows\ie8updates
2009-07-11 03:39 . 2009-04-30 21:22 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-07-11 03:39 . 2009-04-30 21:22 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-11 03:37 . 2009-07-11 03:38 -------- dc-h--w- c:\windows\ie8
2009-07-07 22:53 . 2009-07-01 23:03 2167576 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-01 23:03 . 2009-06-19 01:29 906520 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe
2009-06-19 01:29 . 2009-07-01 23:03 2054424 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-15 00:43 . 2005-05-19 17:28 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-15 00:43 . 2005-05-19 17:24 -------- d-----w- c:\program files\QuickTime
2009-07-15 00:43 . 2005-05-19 17:20 -------- d-----w- c:\program files\Dell Support
2009-07-13 02:01 . 2005-11-07 07:08 -------- d-----w- c:\program files\World of Warcraft
2009-07-13 01:58 . 2006-08-22 03:17 42816 -c--a-w- c:\documents and settings\Normy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-12 10:48 . 2009-01-05 23:02 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-12 10:46 . 2009-07-12 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-07-12 10:20 . 2005-05-19 17:21 -------- d-----w- c:\program files\Jasc Software Inc
2009-07-12 09:26 . 2008-11-10 22:19 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-12 09:21 . 2008-11-10 22:18 -------- d--h--w- c:\documents and settings\All Users\Application Data\avg8
2009-07-12 08:22 . 2009-07-12 08:22 -------- d-----w- c:\documents and settings\Normy\Application Data\Malwarebytes
2009-07-11 11:04 . 2007-12-05 03:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-11 06:26 . 2005-11-05 22:04 -------- d-----w- c:\documents and settings\Normy\Application Data\AdobeUM
2009-07-11 05:19 . 2008-09-06 22:06 96384 ----a-w- c:\windows\system32\drivers\sptd5149.sys
2009-07-11 05:11 . 2004-08-10 18:13 78519 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-07-11 01:04 . 2005-05-19 17:25 -------- d-----w- c:\program files\Common Files\Intuit
2009-06-29 14:28 . 2007-01-10 02:16 -------- d-----w- c:\program files\IGN
2009-06-19 01:29 . 2006-12-05 09:14 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-19 01:29 . 2009-06-11 22:34 829208 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-06-19 01:29 . 2009-06-11 22:34 3298072 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-06-19 01:28 . 2009-06-11 22:32 1454360 ---ha-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-06-12 04:48 . 2009-06-12 04:48 390664 ----a-w- c:\documents and settings\Normy\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-05-29 02:55 . 2008-11-10 22:19 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-19 23:48 . 2005-05-19 17:24 -------- d-----w- c:\program files\Common Files\Real
2009-05-13 05:15 . 2004-08-04 10:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-08 01:42 . 2006-03-29 06:45 48656 -c--a-w- c:\documents and settings\Friends\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-07 15:32 . 2004-08-04 10:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-17 12:26 . 2004-08-04 10:00 1847168 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( SnapShot_2009-07-13_22.15.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-05-19 17:17 . 2000-05-11 06:00 90112 c:\windows\UpdReg.EXE
+ 1980-01-01 05:00 . 2005-09-20 15:35 94208 c:\windows\SYSTEM32\igfxtray.exe
+ 1980-01-01 05:00 . 2005-09-20 15:32 77824 c:\windows\SYSTEM32\hkcmd.exe
+ 2006-05-28 03:52 . 2001-07-09 16:50 155648 c:\windows\SYSTEM32\NeroCheck.exe
+ 2005-09-20 15:36 . 2005-09-20 15:36 114688 c:\windows\SYSTEM32\igfxpers.exe
+ 2005-05-19 17:27 . 2004-12-06 06:05 127035 c:\windows\SYSTEM32\dla\tfswctrl.exe
+ 2006-10-26 23:29 . 2006-04-25 04:51 1273856 c:\windows\SYSTEM32\WLTRAY.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-12 1948440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-19 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2005-05-19 98304]
"P17Helper"="P17.dll" - c:\windows\SYSTEM32\P17.dll [2005-05-04 64512]
"nwiz"="nwiz.exe" - c:\windows\SYSTEM32\nwiz.exe [2008-10-07 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\SYSTEM32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-12 09:22 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Warcraft
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 pxscan;pxscan;c:\windows\SYSTEM32\DRIVERS\pxscan.sys [7/12/2009 6:01 AM 22024]
R0 pxsec;pxsec;c:\windows\SYSTEM32\DRIVERS\pxsec.sys [7/12/2009 6:01 AM 27656]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [11/10/2008 5:19 PM 335752]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [11/10/2008 5:19 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/12/2009 4:21 AM 907032]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [11/10/2008 5:18 PM 298776]
R2 WMP300NSvc;WMP300NSvc;c:\program files\Wireless-N PCI Adapter\WLService.exe [10/26/2006 6:29 PM 53307]
S3 TIAcxubt;D-Link WLAN USB Boot Device;c:\windows\system32\Drivers\tiacxubt.sys --> c:\windows\system32\Drivers\tiacxubt.sys [?]
S3 TIACXUSB;D-Link AirPlus DWL-120+ Wireless USB Adapter;c:\windows\system32\Drivers\tiacxusb.sys --> c:\windows\system32\Drivers\tiacxusb.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-04-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2005-11-05 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 00:12]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-MsnMsgr - c:\program files\MSN Messenger\MsnMsgr.Exe
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
HKLM-Run-WebInf - c:\program files\Trkic\webinfox2.exe
HKLM-Run-RegGenie Scheduler - c:\program files\RegGenie\RegGenieScheduler.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-14 19:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1012)
c:\windows\System32\BCMLogon.dll

- - - - - - - > 'explorer.exe'(1344)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-07-15 19:45
ComboFix-quarantined-files.txt 2009-07-15 00:45
ComboFix2.txt 2009-07-14 04:02
ComboFix3.txt 2009-07-13 22:19
ComboFix4.txt 2009-07-13 01:12

Pre-Run: 38,513,664,000 bytes free
Post-Run: 38,529,654,784 bytes free

179 --- E O F --- 2009-07-13 08:00

Re: iexplore.exe help15th July 2009, 3:03 pm

Hello.
This looks fine now.

How is the machine running?

Re: iexplore.exe help15th July 2009, 3:09 pm

Hey there. My computer seems to be working much better now. Not getting annoying misdirects or random system restarts anymore. I just had a question on what I should do next. I haven't restarted my computer since the last restart from Combofix and really haven't done much else besides played a game.. also when I open Internet Explore under running processes there are two iexplore.exe wasn't sure if that was normal. So I guess what i'm trying to say is should I restart and try running Malwarebytes again or AVG 8.5 and possibly post another log from Hijackthis? Sorry if i'm asking too much or getting annoying... just want to make sure it's finally over, haha. This was a total nightmare.

Re: iexplore.exe help15th July 2009, 3:16 pm

Run MBAM again, I already have what Hijack This would show from the Combofix log.

Re: iexplore.exe help15th July 2009, 3:35 pm

Well everything seems to be doing well from MBAM. It managed to find one thing but said it was okay. Well I think i'm finally out in the clear once again. You've been such a great help to me and I could never thank you enough - I am just paranoid now because nothing that bad has taken over my computer before, but i'm sure i'll get over it. :smile2: Anyway here is the MBAM log just in case.

Malwarebytes' Anti-Malware 1.38
Database version: 2413
Windows 5.1.2600 Service Pack 3

7/15/2009 10:29:06 AM
mbam-log-2009-07-15 (10-28-50).txt

Scan type: Quick Scan
Objects scanned: 107034
Time elapsed: 6 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\CLSID\{46c166aa-3108-11d4-9348-00c04f8eeb71}\inprocserver32\(default) (Hijack.Hnetcfg) -> Bad: (\\?\globalroot\systemroot\installer\2642bd.msi) Good: (hnetcfg.dll) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Re: iexplore.exe help15th July 2009, 3:45 pm

Hello.
Before you go, you still have a now old version of MBAM, please update it and run a new scan.

Re: iexplore.exe help15th July 2009, 4:09 pm

Thanks for the heads up on that I should of done that in the first place, haha. Anyway I ran it with the new version and it came up with the same file so I guess i'm okay! One last question and i'll leave you to your awesome work - Is there anything else that I should do or that you would reccomend? Here's the MBAM log once more just (Same thing but thought i'd post it anyway)

Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 3

7/15/2009 11:05:23 AM
mbam-log-2009-07-15 (11-05-19).txt

Scan type: Quick Scan
Objects scanned: 104024
Time elapsed: 7 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\CLSID\{46c166aa-3108-11d4-9348-00c04f8eeb71}\inprocserver32\(default) (Hijack.Hnetcfg) -> Bad: (\\?\globalroot\systemroot\installer\2642bd.msi) Good: (hnetcfg.dll) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Re: iexplore.exe help15th July 2009, 4:13 pm

Hello.
Please select MBAM to remove that one line.

Re: iexplore.exe help15th July 2009, 4:32 pm

Alright, I am back and happy to report a fully clean MBAM log. What a relief... so does this mean i'm good to go or do you recommend anything else? Smile...

Re: iexplore.exe help15th July 2009, 4:42 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u

iexplore.exe help CF_Cleanup

This will also reset your restore points.

Glad we could help Smile...

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865
https://addons.mozilla.org/en-US/firefox/addon/433

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
Update Checker

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio, or
Outpost
A tutorial on understanding and using firewalls may be found here.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found here.

Hopefully this should take care of your problems! Good luck. Big Grin

............................................................................................
While my help is always free, please consider donating to keep this site alive: Donate

iexplore.exe help

descriptioniexplore.exe help12th July 2009, 1:23 pm

descriptionRe: iexplore.exe help12th July 2009, 4:34 pm

descriptionRe: iexplore.exe help13th July 2009, 12:11 am

descriptionRe: iexplore.exe help13th July 2009, 12:18 am

descriptionRe: iexplore.exe help13th July 2009, 1:20 am

descriptionRe: iexplore.exe help13th July 2009, 2:45 am

descriptionRe: iexplore.exe help13th July 2009, 3:33 pm

descriptionRe: iexplore.exe help13th July 2009, 9:33 pm

descriptionRe: iexplore.exe help13th July 2009, 9:39 pm

descriptionRe: iexplore.exe help13th July 2009, 10:37 pm

descriptionRe: iexplore.exe help13th July 2009, 10:44 pm

descriptionRe: iexplore.exe help13th July 2009, 10:47 pm

descriptionRe: iexplore.exe help13th July 2009, 10:52 pm

descriptionRe: iexplore.exe help13th July 2009, 10:54 pm

descriptionRe: iexplore.exe help13th July 2009, 10:55 pm

descriptionRe: iexplore.exe help13th July 2009, 10:55 pm

descriptionRe: iexplore.exe help13th July 2009, 10:56 pm

descriptionRe: iexplore.exe help13th July 2009, 10:56 pm

descriptionRe: iexplore.exe help13th July 2009, 10:57 pm

descriptionRe: iexplore.exe help13th July 2009, 10:58 pm

descriptionRe: iexplore.exe help14th July 2009, 3:07 am

descriptionRe: iexplore.exe help14th July 2009, 3:39 am

descriptionRe: iexplore.exe help14th July 2009, 4:04 am

descriptionRe: iexplore.exe help14th July 2009, 3:42 pm

descriptionRe: iexplore.exe help15th July 2009, 12:53 am

descriptionRe: iexplore.exe help15th July 2009, 3:03 pm

descriptionRe: iexplore.exe help15th July 2009, 3:09 pm

descriptionRe: iexplore.exe help15th July 2009, 3:16 pm

descriptionRe: iexplore.exe help15th July 2009, 3:35 pm

descriptionRe: iexplore.exe help15th July 2009, 3:45 pm

descriptionRe: iexplore.exe help15th July 2009, 4:09 pm

descriptionRe: iexplore.exe help15th July 2009, 4:13 pm

descriptionRe: iexplore.exe help15th July 2009, 4:32 pm

descriptionRe: iexplore.exe help15th July 2009, 4:42 pm

descriptionRe: iexplore.exe help