Inactive Redirect virus after 6 steps

Bobbye · Sep 20, 2011

I guess I thought you had already done that. Try changing the keyword search again.

brainiac9x · Sep 20, 2011

When you say 'change the keyword search,' do you mean the box in Firefox to the right of the URL bar?

Bobbye · Sep 23, 2011

Firefox Keyword Reset:

[1]. Open FireFox and instead of a url, type about:config in the Address Bar.
[2]. Firefox will give you a warning, but go in anyway.
[3]. Locate the keyword.url line. It should look like the image below.

[4]. Right click on keyword.url, then select Reset

You type about:config in the Address Bar.

Is that what you mean?

brainiac9x · Sep 25, 2011

You said "try changing the keyword search again", I thought you meant the search engine tool bar on Firefox.

When I type in about:config and go to keyword URL,the 'status' is 'default.'

The 'type' is 'string.'

There is nothing under the 'value' heading.

And if I right click 'reset' is grayed out on that.

Bobbye · Sep 28, 2011

I think that if any entries for the Askbar remain, that might be what's stopping the change.
==================================
Download HijackThis http://download.bleepingcomputer.com/hijackthis/HijackThis.zipand save to your desktop.

Extract it to a directory on your hard drive called c:\HijackThis.
Then navigate to that directory and double-click on the hijackthis.exe file.
When started click on the Scan button and then the Save Log button to create a log of your information.
The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and paste (Ctrl+V) the log in your next reply.

NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

brainiac9x · Oct 3, 2011

Ran Hijack this, here is my log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:06:12 PM, on 10/3/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [googletalk] C:\Users\Scott W Nebel\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_Plugin.exe -update plugin
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Intel(R) Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11795 bytes

Bobbye · Oct 6, 2011

Question:
Do you use the AIM toolbar for just about everything you do n the browser? There are numerous processes running for it.
========================================
I'd also like to mention this: OS was installed 1/27/2010. The following are all pre-loaded by Sony:

VAIO Care
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Intelligent Network Service Manager
VAIO Content Metadata Manager Settings
VAIO Content Metadata XML Interface Library
VAIO Content Monitoring Settings
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Entertainment Platform
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Messenger
VAIO Movie Story Template Data
VAIO OOBE and Startup Assistant
VAIO Original Function Settings
VAIO Personalization Manager
VAIO Power Management
VAIO Quick Web Access
VAIO Sample Contents
VAIO Survey
VAIO Transfer Support
VAIO Update
VAIO Wallpaper Contents
VAIO Window Organizer

I doubt you are using all of these processes, may not even know they are installed or what they do. It's also best to run a scasn on a new computer to get rid of the just pre-loads. This should work:
Download the PC Decrapifier and save to the desktop. Double click the setup to run.
---------------------------
Here is a list I made that will help identify what some of the processes are for: Most are started with a Service that is set to Automatic Startup:

Change Sony VAIO Services to Manual:

Start> Run> services.msc> right click on each of the following Services> Properties> Change the Startup type to MANUAL> Stop the Service.
Quote:
Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
VAIO Entertainment Aggregation and Control Service (may be VzRs or VzFw)
VAIO Entertainment File Import Service - (may be VzCdb)
VAIO Entertainment TV Device Arbitration Service - (may be VzCs)
VAIO Entertainment UPnP Client Adapter - (may be VCSW)
VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - (may be VMISrv)
VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - (may be SV_Httpd)
VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - (may be UPnPFramework)
VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - (may be VmGateway)
VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - (may be GPVSvr)
VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - (may be \SV_Httpd.)
VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - (may be UPnPFramework)

It's free, you do not need to subscribe. You will only need the one scan.

brainiac9x · Oct 7, 2011

I never use the AIM Toolbar... How do I get rid of it? It's not on the 'Programs' under the Control Panel.

I downloaded the PC Decrapifier & got rid of all that VAIO pre-loads that I never use...

Bobbye · Oct 7, 2011

I went back to the DDS log and gathered all the entries for the AIM toolbar and included them in the script. I think there were more entries for it than I usually see for the AskBar. Be sure to check all download screens for any pre-checked toolbars, BHO. Uncheck them before you get the download.
=========================
Please run this Custom CFScript:

[1]. Close any open browsers.
[2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
[3]. Open notepad> click on Format> Uncheck 'Word Wrap'> and copy/paste the text in the code below into it:Be sure to scroll down to include ALL lines.

Code:

File::
DDS::
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
IE: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO-X64: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO-X64: AIM Toolbar Loader - No File
TB-X64: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
Extra::
File::
Firefox::
Firefox-: - Profile- C:\Users\ScottWNebel\AppData\Roaming\Mozilla\Firefox\Profiles\3aj0lrmw.default\
Firefox-: prefs.js - Search.DefaultURL

Save this as CFScript.txt, in the same location as ComboFix.exe

Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . Please paste in your next reply.
====================
Please reopen HijackThis to 'do system scan only'. Check each of the following if present (Note: some of the entries will have been removed in Combofix script. If you do not seen an entry to check, it's okay)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe

Close all Windows except HijackThis and click on "Fix Checked."
============================================
Look in Add/Remove Programs and uninstall any entries for AIM Toolbar and Viewpoint 'anything.'
Then use Windows Explorer to access Computer> Double click Local Drive> Programs. Do a right click> Delete on programs folders fo AIM Toolbar, Viewpoint.
==========================================
Be sure to reset the Services for th Vaio processes. For the program that you uninstalled, you can set the corresponding Service to Disble and Stop the Service.

Have the problems beem resolved?

brainiac9x · Oct 9, 2011

Ran combofix, here is the log:

ComboFix 11-10-09.01 - Scott W Nebel 10/09/2011 18:01:23.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4063.2659 [GMT -4:00]
Running from: c:\users\Scott W Nebel\Desktop\ComboFix.exe
Command switches used :: c:\users\Scott W Nebel\Desktop\CFscript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AIM Toolbar\aimtb.dll
c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
c:\users\Scott W Nebel\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
.
.
((((((((((((((((((((((((( Files Created from 2011-09-09 to 2011-10-09 )))))))))))))))))))))))))))))))
.
.
2011-10-09 22:08 . 2011-10-09 22:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-10-09 22:08 . 2011-10-09 22:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-08 02:59 . 2011-10-08 02:59 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CE6880F0-8C63-4644-9876-A16B61D50343}\offreg.dll
2011-10-07 20:31 . 2011-10-07 20:31 -------- d-----w- c:\programdata\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}
2011-10-07 18:03 . 2011-10-07 18:03 -------- d-----w- c:\users\Scott W Nebel\AppData\Local\PackageAware
2011-10-07 15:04 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CE6880F0-8C63-4644-9876-A16B61D50343}\mpengine.dll
2011-10-03 23:04 . 2011-10-03 23:06 -------- d-----w- C:\HijackThis
2011-09-30 00:47 . 2011-10-08 02:30 -------- dc-h--w- c:\programdata\~0
2011-09-26 23:36 . 2011-09-26 23:36 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-09-10 01:25 . 2011-09-10 01:25 -------- d-----w- C:\_OTM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-31 21:00 . 2011-07-12 02:56 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-22 05:35 . 2011-08-10 01:05 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:56 . 2011-08-10 01:05 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-16 05:26 . 2011-08-10 01:06 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:26 . 2011-08-10 01:06 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:26 . 2011-08-10 01:06 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:26 . 2011-08-10 01:06 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 05:24 . 2011-08-10 01:06 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:21 . 2011-08-10 01:06 422400 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:17 . 2011-08-10 01:06 338432 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:04 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:36 . 2011-08-10 01:06 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:32 . 2011-08-10 01:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:31 . 2011-08-10 01:06 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:30 . 2011-08-10 01:05 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:30 . 2011-08-10 01:05 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:19 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:19 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:26 . 2011-08-10 01:05 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-16 02:26 . 2011-08-10 01:05 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-16 02:21 . 2011-08-10 01:05 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21 . 2011-08-10 01:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21 . 2011-08-10 01:05 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21 . 2011-08-10 01:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-14 13:29 . 2011-05-28 05:16 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-12 15:34 . 2011-07-12 15:34 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 15:34 . 2011-07-12 15:34 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 15:34 . 2011-07-12 15:34 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-12 15:20 . 2011-07-12 15:20 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-07-12 15:20 . 2011-07-12 15:20 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-07-12 15:20 . 2011-07-12 15:20 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-09-04_12.47.14 )))))))))))))))))))))))))))))))))))))))))

Edit: Lengthy SnapShot deleted by Bobbye
.

brainiac9x · Oct 9, 2011

c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8395f4672c4fe938a6db7dfa19dd1bf4\PresentationCFFRasterizer.ni.dll
+ 2011-09-22 02:25 . 2011-09-22 02:25 24064 c:\windows\assembly\NativeImages_v2.0.50727_32\PerformanceCounter\4306fe0f32e608914e395bfb87d4f335\PerformanceCounter.ni.dll
- 2011-08-10 07:42 . 2011-08-10 07:42 24064 c:\windows\assembly\NativeImages_v2.0.50727_32\PerformanceCounter\4306fe0f32e608914e395bfb87d4f335\PerformanceCounter.ni.dll
+ 2011-09-22 02:40 . 2011-09-22 02:40 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\1d312fff41010364fac3b45fcc267c4b\napcrypt.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\1d312fff41010364fac3b45fcc267c4b\napcrypt.ni.dll
+ 2011-09-22 02:37 . 2011-09-22 02:37 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\MusicDataAccessIF\932e145a7b36b51a4f8c8262aac21e33\MusicDataAccessIF.ni.dll
- 2011-08-10 07:42 . 2011-08-10 07:42 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\MusicDataAccessIF\932e145a7b36b51a4f8c8262aac21e33\MusicDataAccessIF.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\2fa8711fcbe4f277edbbdaf5ef75eae8\Microsoft.WSMan.Runtime.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\2fa8711fcbe4f277edbbdaf5ef75eae8\Microsoft.WSMan.Runtime.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ecf78a76d679f911e23ebf3ef33f2b5e\Microsoft.Windows.Diagnosis.SDHost.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ecf78a76d679f911e23ebf3ef33f2b5e\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d7ee37204954317e04a434f10660270e\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d7ee37204954317e04a434f10660270e\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8a1d7a90314ab9634f2db1fe388ef86d\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8a1d7a90314ab9634f2db1fe388ef86d\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\78515d457e19db2b3cf2b593dece6362\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\78515d457e19db2b3cf2b593dece6362\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\3e9e7a37106f143b6931fab60839392c\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\3e9e7a37106f143b6931fab60839392c\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\338d94115e3e841a5bbf05409db54cfa\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\338d94115e3e841a5bbf05409db54cfa\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\12cd3d14ddb9d0785f659434c3ba69d5\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\12cd3d14ddb9d0785f659434c3ba69d5\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\19abbb37d3d1469e7234fcd4950b7f2a\Microsoft.Vsa.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\19abbb37d3d1469e7234fcd4950b7f2a\Microsoft.Vsa.ni.dll
+ 2011-09-22 00:19 . 2011-09-22 00:19 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ea183e8b958908d26680bb6e88d4fbb0\Microsoft.VisualC.ni.dll
- 2011-08-10 07:25 . 2011-08-10 07:25 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ea183e8b958908d26680bb6e88d4fbb0\Microsoft.VisualC.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\fe5d9316c72a2669fdd97d47837d76fd\Microsoft.SqlServer.SqlTDiagM.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\fe5d9316c72a2669fdd97d47837d76fd\Microsoft.SqlServer.SqlTDiagM.ni.dll
- 2011-08-10 07:40 . 2011-08-10 07:40 98816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\fd7b845a8b30b7a6b64c74ec7dafd748\Microsoft.SqlServer.DlgGrid.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 98816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\fd7b845a8b30b7a6b64c74ec7dafd748\Microsoft.SqlServer.DlgGrid.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 96256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\f7b5ed4beebc1ce368e4262a613b827d\Microsoft.SqlServer.OlapEnum.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 96256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\f7b5ed4beebc1ce368e4262a613b827d\Microsoft.SqlServer.OlapEnum.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 34816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\eb4677947d0338a1c243a428c3a69ed7\Microsoft.SqlServer.SQLTaskConnectionsWrap.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 34816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\eb4677947d0338a1c243a428c3a69ed7\Microsoft.SqlServer.SQLTaskConnectionsWrap.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\da3dc094a85137b686cd2c41cbe21416\Microsoft.SqlServer.SString.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\da3dc094a85137b686cd2c41cbe21416\Microsoft.SqlServer.SString.ni.dll
- 2011-08-10 07:26 . 2011-08-10 07:26 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\c3711de65184ddefb5a313ede3026b83\Microsoft.SqlServer.SqlClrProvider.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\c3711de65184ddefb5a313ede3026b83\Microsoft.SqlServer.SqlClrProvider.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 22528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\c15560cbf0e7e2a224d6a35019e187e2\Microsoft.SqlServer.DTSUtilities.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 22528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\c15560cbf0e7e2a224d6a35019e187e2\Microsoft.SqlServer.DTSUtilities.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b17513555ebefc526519e32349ab8835\Microsoft.SqlServer.TransferJobsTask.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b17513555ebefc526519e32349ab8835\Microsoft.SqlServer.TransferJobsTask.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 84480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\aa558d1d3a2a2d26569d1614409efbf4\Microsoft.SqlServer.TransferDatabasesTask.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 84480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\aa558d1d3a2a2d26569d1614409efbf4\Microsoft.SqlServer.TransferDatabasesTask.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a6842d8a7ff8f6ee592349accf7f854f\Microsoft.SqlServer.ForEachNodeListEnumerator.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a6842d8a7ff8f6ee592349accf7f854f\Microsoft.SqlServer.ForEachNodeListEnumerator.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 55808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a3e6a9c8930bcfc26b618d153ae96243\Microsoft.SqlServer.ManagedConnections.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 55808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a3e6a9c8930bcfc26b618d153ae96243\Microsoft.SqlServer.ManagedConnections.ni.dll
+ 2011-09-22 01:25 . 2011-09-22 01:25 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\94eee30b8fb58764cee8040e4292e812\Microsoft.SqlServer.FileSystemTask.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\94eee30b8fb58764cee8040e4292e812\Microsoft.SqlServer.FileSystemTask.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 88064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\9436366d0a2c456f0a85d3c82a8b745c\Microsoft.SqlServer.TransferErrorMessagesTask.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 88064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\9436366d0a2c456f0a85d3c82a8b745c\Microsoft.SqlServer.TransferErrorMessagesTask.ni.dll
- 2011-08-10 07:42 . 2011-08-10 07:42 65536 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\8ad37d47e2a00308be434477ea42a958\Microsoft.SqlServer.Instapi.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 65536 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\8ad37d47e2a00308be434477ea42a958\Microsoft.SqlServer.Instapi.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 65536 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\89527515f38931dcc154d49d452dd57b\Microsoft.SqlServer.WmiEnum.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 65536 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\89527515f38931dcc154d49d452dd57b\Microsoft.SqlServer.WmiEnum.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 32768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\76e17243b663a444b8618ec1db06b781\Microsoft.SqlServer.PolicyEnum.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 32768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\76e17243b663a444b8618ec1db06b781\Microsoft.SqlServer.PolicyEnum.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\72f73ee28badacc071adeadf220b61b6\Microsoft.SqlServer.Management.PowerShellTasks.ni.dll
- 2011-08-10 07:42 . 2011-08-10 07:42 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\72f73ee28badacc071adeadf220b61b6\Microsoft.SqlServer.Management.PowerShellTasks.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 52224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\6ebd636d3b45c05965b03ec9c4a64b06\Microsoft.SqlServer.SqlCEDest.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 52224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\6ebd636d3b45c05965b03ec9c4a64b06\Microsoft.SqlServer.SqlCEDest.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 69120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\6872469360846c160b0273952fb7ad75\Microsoft.SqlServer.WMIEWTask.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 69120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\6872469360846c160b0273952fb7ad75\Microsoft.SqlServer.WMIEWTask.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 69632 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5d8f953ba18114546bb75508292dec59\Microsoft.SqlServer.WMIDRTask.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 69632 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5d8f953ba18114546bb75508292dec59\Microsoft.SqlServer.WMIDRTask.ni.dll
- 2011-08-10 07:40 . 2011-08-10 07:40 76288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5ba9d8c0adb8220124d412c29343e9b3\Microsoft.SqlServer.CustomControls.ni.dll
+ 2011-09-22 00:19 . 2011-09-22 00:19 76288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5ba9d8c0adb8220124d412c29343e9b3\Microsoft.SqlServer.CustomControls.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4f1a1b4afc3a18e7fefd92f1e8e90d49\Microsoft.SqlServer.ForEachFromVarEnumerator.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4f1a1b4afc3a18e7fefd92f1e8e90d49\Microsoft.SqlServer.ForEachFromVarEnumerator.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4ac8395dc8af19fb8f063258994be960\Microsoft.SqlServer.ServiceBrokerEnum.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4ac8395dc8af19fb8f063258994be960\Microsoft.SqlServer.ServiceBrokerEnum.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\478f21f20d9356d9c41cc0bbda1a64ed\Microsoft.SqlServer.DTEnum.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\478f21f20d9356d9c41cc0bbda1a64ed\Microsoft.SqlServer.DTEnum.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 51712 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\368283ee585f9494d83192527ff57538\Microsoft.SqlServer.ForEachSMOEnumerator.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 51712 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\368283ee585f9494d83192527ff57538\Microsoft.SqlServer.ForEachSMOEnumerator.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 94720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\35898fa8a077b99364a8e9fcec66122c\Microsoft.SqlServer.TransferLoginsTask.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 94720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\35898fa8a077b99364a8e9fcec66122c\Microsoft.SqlServer.TransferLoginsTask.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1d5064143e1be344a6f68495616f4701\Microsoft.SqlServer.Dts.Design.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1d5064143e1be344a6f68495616f4701\Microsoft.SqlServer.Dts.Design.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1bd199080a5a5c6f5baf876713ca1c6d\Microsoft.SqlServer.ForEachADOEnumerator.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1bd199080a5a5c6f5baf876713ca1c6d\Microsoft.SqlServer.ForEachADOEnumerator.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1ab2540850ebe4327b5ee7eda4bd5bc0\Microsoft.SqlServer.ForEachFileEnumeratorWrap.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1ab2540850ebe4327b5ee7eda4bd5bc0\Microsoft.SqlServer.ForEachFileEnumeratorWrap.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 72704 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\16c67d8122b4f9e614614139de845bf6\Microsoft.SqlServer.BatchParserClient.ni.dll
- 2011-08-10 07:44 . 2011-08-10 07:44 72704 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\16c67d8122b4f9e614614139de845bf6\Microsoft.SqlServer.BatchParserClient.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 89088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\068beb96d68e8ac23fe11fd3ac1b774d\Microsoft.SqlServer.TransferStoredProceduresTask.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 89088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\068beb96d68e8ac23fe11fd3ac1b774d\Microsoft.SqlServer.TransferStoredProceduresTask.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\052b3a917d0187ca3846874c36addd74\Microsoft.SqlServer.TableTransferGeneratorTask.ni.dll
+ 2011-09-22 02:24 . 2011-09-22 02:24 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\052b3a917d0187ca3846874c36addd74\Microsoft.SqlServer.TableTransferGeneratorTask.ni.dll
+ 2011-09-22 02:39 . 2011-09-22 02:39 53248 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataWareh#\a4838bd8f3ce4e1ac165b8c7164769b2\Microsoft.DataWarehouse.Interfaces.ni.dll
- 2011-08-10 07:43 . 2011-08-10 07:43 53248 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataWareh#\a4838bd8f3ce4e1ac165b8c7164769b2\Microsoft.DataWarehouse.Interfaces.ni.dll
+ 2011-09-22 02:38 . 2011-09-22 02:38 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\b20f6742224b9c733f41e2ea1b834fc2\Microsoft.Build.Framework.ni.dll
- 2011-08-10 07:43 . 2011-08-10 07:43 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\b20f6742224b9c733f41e2ea1b834fc2\Microsoft.Build.Framework.ni.dll
- 2011-08-10 07:43 . 2011-08-10 07:43 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9d58ae6973a51b87eaf4141686f20fec\Microsoft.Build.Framework.ni.dll
+ 2011-09-22 02:38 . 2011-09-22 02:38 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9d58ae6973a51b87eaf4141686f20fec\Microsoft.Build.Framework.ni.dll
- 2011-08-10 07:41 . 2011-08-10 07:41 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.msdasc\58384860f6141230b234888c6bf07d32\interop.msdasc.ni.dll
+ 2011-09-22 00:20 . 2011-09-22 00:20 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.msdasc\58384860f6141230b234888c6bf07d32\interop.msdasc.ni.dll
- 2011-08-10 07:43 . 2011-08-10 07:43 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\8065ab477932e0308175a4ac031456c5\ehiUserXp.ni.dll
+ 2011-09-22 02:38 . 2011-09-22 02:38 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\8065ab477932e0308175a4ac031456c5\ehiUserXp.ni.dll
- 2011-08-10 07:43 . 2011-08-10 07:43 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\1040a6847fcc7f5c3245fe8a68623597\dfsvc.ni.exe
+ 2011-09-22 02:38 . 2011-09-22 02:38 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\1040a6847fcc7f5c3245fe8a68623597\dfsvc.ni.exe
+ 2011-09-22 00:19 . 2011-09-22 00:19 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5c6e1a094b1e65c69b528151cc19b1ee\Accessibility.ni.dll
- 2011-08-10 07:25 . 2011-08-10 07:25 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5c6e1a094b1e65c69b528151cc19b1ee\Accessibility.ni.dll
+ 2011-09-26 23:36 . 2011-09-26 23:36 10096 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.dll
+ 2011-09-26 23:36 . 2011-09-26 23:36 10096 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe.Entity\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.Entity.dll
+ 2011-09-26 23:36 . 2011-09-26 23:36 92016 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.SqlServerCe.dll
+ 2011-10-04 21:53 . 2011-10-04 21:53 9560 c:\windows\system32\NetworkList\Icons\{1492944E-D22E-4333-8D0B-7664C3AE7D14}_48.bin
+ 2011-10-04 21:53 . 2011-10-04 21:53 4280 c:\windows\system32\NetworkList\Icons\{1492944E-D22E-4333-8D0B-7664C3AE7D14}_32.bin
+ 2011-10-04 21:53 . 2011-10-04 21:53 2456 c:\windows\system32\NetworkList\Icons\{1492944E-D22E-4333-8D0B-7664C3AE7D14}_24.bin
+ 2011-10-03 16:35 . 2011-10-03 16:35 9560 c:\windows\system32\NetworkList\Icons\{10488E73-1A95-4BE3-BEE6-C1FBF85D2676}_48.bin
+ 2011-10-03 16:35 . 2011-10-03 16:35 4280 c:\windows\system32\NetworkList\Icons\{10488E73-1A95-4BE3-BEE6-C1FBF85D2676}_32.bin
+ 2011-10-03 16:35 . 2011-10-03 16:35 2456 c:\windows\system32\NetworkList\Icons\{10488E73-1A95-4BE3-BEE6-C1FBF85D2676}_24.bin
- 2011-08-31 03:17 . 2011-08-31 03:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-08 02:56 . 2011-10-08 02:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-31 03:17 . 2011-08-31 03:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-08 02:56 . 2011-10-08 02:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-22 02:44 . 2011-09-22 02:44 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\1a890e72269abe36365d861bca8fca70\System.Xml.Serialization.ni.dll
+ 2011-09-22 02:41 . 2011-09-22 02:41 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\e335cdfdb3e46fb0f75cb2ce83dabf48\dfsvc.ni.exe
- 2009-07-13 23:26 . 2009-07-14 01:15 361472 c:\windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL
+ 2011-09-14 12:28 . 2011-07-27 04:30 361472 c:\windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL
+ 2010-02-10 01:52 . 2011-10-09 13:19 246992 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-01-28 19:46 . 2011-10-09 20:48 261256 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2011-08-24 00:35 689490 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-09-21 14:44 689490 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-08-24 00:35 130444 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-09-21 14:44 130444 c:\windows\system32\perfc009.dat
- 2009-07-13 23:40 . 2009-07-14 01:41 546304 c:\windows\system32\IME\IMEJP10\IMJPAPI.DLL
+ 2011-09-14 12:28 . 2011-07-27 05:31 546304 c:\windows\system32\IME\IMEJP10\IMJPAPI.DLL
+ 2009-07-14 04:45 . 2011-10-08 02:30 375056 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:12 . 2011-10-08 12:57 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-08-31 03:18 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-10-08 02:56 335716 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-10-08 02:29 . 2011-10-08 02:56 679964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-121214720-3111092246-484046315-1005-12288.dat
+ 2011-04-06 20:48 . 2011-04-06 20:48 236880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Net.dll
- 2011-04-13 02:16 . 2011-04-13 02:16 597832 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2011-05-17 14:08 . 2011-05-17 14:08 597832 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2011-04-06 21:45 . 2011-04-06 21:45 260448 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe
+ 2011-05-17 14:08 . 2011-05-17 14:08 578896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 578896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
+ 2011-04-06 20:48 . 2011-04-06 20:48 236880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
- 2011-04-12 19:11 . 2011-04-12 19:11 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-05-17 13:27 . 2011-05-17 13:27 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-04-06 20:48 . 2011-04-06 20:48 191840 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
+ 2011-05-17 13:27 . 2011-05-17 13:27 413520 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2011-05-17 13:27 . 2011-05-17 13:27 956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2011-04-12 19:11 . 2011-04-12 19:11 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2011-05-17 13:27 . 2011-05-17 13:27 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-08-10 07:05 . 2011-08-10 07:05 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-21 14:45 . 2011-09-21 14:45 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-08-10 07:04 . 2011-08-10 07:04 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

brainiac9x · Oct 9, 2011

Edit: Lengthy Snap Shot deleted by Bobbye

brainiac9x · Oct 9, 2011

Edit: Lengthy Snap Shot deleted by Bobbye

brainiac9x · Oct 9, 2011

Edit: Lengthy Snap Shot deleted by Bobbye

brainiac9x · Oct 9, 2011

Edit: Lengthy Snap Shot deleted by Bobbye

brainiac9x · Oct 9, 2011

Edit: Previous lengthy Snap Shot deleted by Bobbye

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\Scott W Nebel\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-10-05 80384]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-27 320880]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"HKSERV.EXE"="c:\program files (x86)\Sony\HotKey Utility\HKserv.exe" [2004-06-29 122880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-11-05 02:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R1 edlsfook;edlsfook;c:\windows\system32\drivers\edlsfook.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-16 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-16 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-16 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-16 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-16 91432]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2011-08-13 49152]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-09-17 189984]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files (x86)\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-11 565760]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-17 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-09-17 1833504]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.comcast.net/
mStart Page = hxxp://www.comcast.net/
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Scott W Nebel\AppData\Roaming\Mozilla\Firefox\Profiles\3aj0lrmw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 57818
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} - c:\programdata\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}\VAIO Messenger Setup 2.0.348.0.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-10-09 18:12:07
ComboFix-quarantined-files.txt 2011-10-09 22:12
ComboFix2.txt 2011-09-10 01:56
ComboFix3.txt 2011-09-04 12:50
ComboFix4.txt 2011-07-13 01:36
.
Pre-Run: 189,987,299,328 bytes free
Post-Run: 190,202,908,672 bytes free
.
- - End Of File - - 968991807FEFD3F9039066C79DE6567A

Ran HijackThis as directed.

Uninstalled the Viewpoint programs as directed.

I'm not sure what you mean by 'reset' the Vaio services? Could you be a little bit more specific/in depth on how to do this?

Bobbye · Oct 10, 2011

'reset' the Vaio services? Could you be a little bit more specific/in depth on how to do this?

This list I gave you are the Sony/Vaio Services that are pre-loaded. Most are put on Automatic Startup type: that means that every time you boot, those Services will start, then stay running in the background. That uses resources. The startup can be set to Manual instead.

Your list may be slightly different. The point is just because Sony pre-loaded the processes doesn't mean 1. That the need to start on boot and 2. There will be many you won't even use> for those, a Service can be Disabled and the Service stopped.

Note: where I added after the Service "May be xxx" it is because I'm not sure how the Service name will be listed.

This is not something you have to do, but I usually leave the info because Sony loads so many processes.
=======================================
Please run this Custom CFScript:

[1]. Close any open browsers.
[2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
[3]. Open notepad> click on Format> Uncheck 'Word Wrap'> and copy/paste the text in the code below into it:Be sure to scroll down to include ALL lines.

Code:

File::

Extra::
File::
Firefox::
Firefox-:-Profile-c:\users\ScottWNebel\AppData\Roaming\Mozilla\Firefox\Profiles\3aj0lrmw.default\
Firefox-: prefs.js- Search.DefaultURL

Save this as CFScript.txt, in the same location as ComboFix.exe

Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . No log needed.
======================================
How is the system running now?.

Inactive Redirect virus after 6 steps

Bobbye

Posts: 16,313 +36

brainiac9x

Posts: 27 +0

Bobbye

Posts: 16,313 +36

brainiac9x

Posts: 27 +0

Bobbye

Posts: 16,313 +36

brainiac9x

Posts: 27 +0

Bobbye

Posts: 16,313 +36

brainiac9x

Posts: 27 +0

Bobbye

Posts: 16,313 +36

brainiac9x

Posts: 27 +0

brainiac9x

Posts: 27 +0

brainiac9x

Posts: 27 +0

brainiac9x

Posts: 27 +0

brainiac9x

Posts: 27 +0

brainiac9x

Posts: 27 +0

brainiac9x

Posts: 27 +0

Bobbye

Posts: 16,313 +36

Similar threads

Latest posts