Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Having trouble removing Personal Antivirus


  • This topic is locked This topic is locked
21 replies to this topic

#1 chipsummers

chipsummers

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 01:42 PM

I need some help. My PC is infected with the Personal Antivirus and I have been unable to completely remove it from my machine. Any help you could provide would be appreciated!

Here is what I have done so far:

1. Removed Avira Antivir from my PC and replaced it with Kaspersky Internet Security 2009.
2. Ran KIS - KIS did NOT identify the PAV.
3. Contacted Kaspersky Support via 800 # and received direction to run ComboFix and a collection script provided by the Support Rep.
4. Ran the ComboFix and collection Script. The PAV menu and icon on the bottom of my screen disappeared after re-boot.
5. Opened Internet Explorer to verify that it was fuctioning properly after running the ComboFix. It wasn't. PAV prevented me from accessing various websites including my bank.
6. Kaspersky Support is gone for the weekend so I elected to post on Bleeping Computer.
7. Received direction to run Malwarebytes - no malicious files found.
8. Received direction to run Spyware Doctor - a couple malicious files found but SD would not remove them without purchasing the software. I really don't want to do that given that I already invested $80 in Kaspersky without success.
9. Received direction from Moderator (Orange Blossom) to run DDS and post a new topic in this forum.

The Attach.zip file is attached:

Here are the DDS.txt results:

DDS (Ver_09-05-14.01) - NTFSx86
Run by Mike at 11:18:02.67 on Sun 06/21/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2558.1912 [GMT -7:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mike\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: &Helper: {a77d3539-581d-450c-9e44-a84c415a6172} - c:\windows\system32\msxmlm.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [CTSysVol] c:\program files\creative\sound blaster live! 24-bit\surround mixer\CTSysVol.exe /r
mRun: [P17Helper] Rundll32 P17.dll,P17Helper
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\backWeb-7288971.exe
mPolicies-explorer: NoResolveTrack = 1 (0x1)
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245453960296
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB70-AE6D-11cf-96B8-444553540000} -
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://compak.webex.com/client/T27L/webex/ieatgpc.cab
Notify: klogon - c:\windows\system32\klogon.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mike\applic~1\mozilla\firefox\profiles\2x8hf14e.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-6-18 213520]
R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-7-29 206088]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\common files\intuit\update service\IntuitUpdateService.exe [2008-10-10 13088]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
S3 DfSdkS;Defragmentation-Service;c:\program files\ashampoo\ashampoo winoptimizer 6\DfSdkS.exe [2009-6-20 410976]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getplus_helpersvc.exe --> c:\program files\nos\bin\getPlus_HelperSvc.exe [?]

=============== Created Last 30 ================

2009-06-20 17:58 39,776 a------- c:\windows\system32\DfSdkBt64.exe
2009-06-20 17:58 33,632 a------- c:\windows\system32\DfSdkBt.exe
2009-06-20 17:58 <DIR> --d----- c:\program files\Ashampoo
2009-06-20 09:42 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat
2009-06-19 23:27 <DIR> --d----- c:\docume~1\mike\applic~1\Malwarebytes
2009-06-19 23:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-19 16:52 <DIR> --dsh--- c:\documents and settings\mike\PrivacIE
2009-06-19 16:49 <DIR> --dsh--- c:\documents and settings\mike\IETldCache
2009-06-19 16:41 <DIR> --d----- c:\windows\system32\XPSViewer
2009-06-19 16:40 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-06-19 16:40 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-06-19 16:40 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-06-19 16:40 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-06-19 16:40 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-06-19 16:40 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-06-19 16:40 117,760 -------- c:\windows\system32\prntvpt.dll
2009-06-19 16:40 <DIR> --d----- C:\e238990281560fb02383a2
2009-06-19 16:40 <DIR> --d----- c:\windows\SxsCaPendDel
2009-06-19 16:35 11,064,832 -c------ c:\windows\system32\dllcache\ieframe.dll
2009-06-19 16:35 1,985,024 -c------ c:\windows\system32\dllcache\iertutil.dll
2009-06-19 16:35 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-06-19 16:35 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-06-19 16:35 <DIR> --d----- c:\windows\ie8updates
2009-06-19 16:34 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll
2009-06-19 16:32 <DIR> -cd-h--- c:\windows\ie8
2009-06-19 15:31 <DIR> a-dshr-- C:\cmdcons
2009-06-19 15:30 161,792 a------- c:\windows\SWREG.exe
2009-06-19 15:30 155,136 a------- c:\windows\PEV.exe
2009-06-19 15:30 98,816 a------- c:\windows\sed.exe
2009-06-19 15:01 1,108,985 a------- C:\My_CFix_Quarantine.zip
2009-06-18 16:51 3,255 a------- c:\windows\system32\wbem\Outlook_01c9f06fb73c00ae.mof
2009-06-18 16:49 105,395 a------- c:\windows\system32\drivers\klin.dat
2009-06-18 16:49 94,643 a------- c:\windows\system32\drivers\klick.dat
2009-06-18 16:48 3,089,440 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-06-18 16:48 589,856 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-06-18 16:48 25,216 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-06-18 16:48 3,096 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-06-18 16:48 <DIR> --d----- c:\program files\Kaspersky Lab
2009-06-18 16:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-06-17 12:54 374,272 a------- c:\windows\system32\msxmlm.dll
2009-06-17 12:54 <DIR> --d----- c:\program files\common files\Uninstall
2009-06-05 18:58 <DIR> --d----- c:\program files\common files\xing shared
2009-05-26 17:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx
2009-05-26 17:18 57,344 a------- c:\windows\system32\QuickTime.qts

==================== Find3M ====================

2009-06-18 17:10 33,808 a------- c:\windows\system32\drivers\klbg.sys
2009-06-05 18:58 499,712 a------- c:\windows\system32\msvcp71.dll
2009-06-05 18:58 348,160 a------- c:\windows\system32\msvcr71.dll
2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-12 22:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-07 08:32 345,600 a------- c:\windows\system32\localspl.dll
2009-04-17 05:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 07:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2008-01-23 15:43 18,696 a------- c:\docume~1\mike\applic~1\GDIPFONTCACHEV1.DAT

============= FINISH: 11:18:35.14 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:05:58 AM

Posted 21 June 2009 - 01:59 PM

Hello chipsummers,

Posted Image

I read your original topic, so let's see what we can do with what you already have and fix you up! :thumbup2:

First off, I'd like to see the ComboFix report you have, please. Would you post it for me? :)

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 02:06 PM

Hi Tea,

Thanks for responding to my post and offering to help.

Here is the text from ComboFix:

ComboFix 09-06-18.02 - Mike 06/19/2009 16:57.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2558.2149 [GMT -7:00]
Running from: c:\documents and settings\Mike\Desktop\555.exe.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((( Files Created from 2009-05-19 to 2009-06-19 )))))))))))))))))))))))))))))))
.

2009-06-19 23:52 . 2009-06-19 23:52 -------- d-sh--w- c:\documents and settings\Mike\PrivacIE
2009-06-19 23:49 . 2009-06-19 23:49 -------- d-sh--w- c:\documents and settings\Mike\IETldCache
2009-06-19 23:41 . 2009-06-19 23:41 -------- d-----w- c:\windows\system32\XPSViewer
2009-06-19 23:41 . 2009-06-19 23:41 -------- d-----w- c:\program files\MSBuild
2009-06-19 23:41 . 2009-06-19 23:41 -------- d-----w- c:\program files\Reference Assemblies
2009-06-19 23:40 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-06-19 23:40 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-06-19 23:40 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-06-19 23:40 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-06-19 23:40 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-06-19 23:40 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-06-19 23:40 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-06-19 23:40 . 2009-06-19 23:41 -------- d-----w- C:\e238990281560fb02383a2
2009-06-19 23:40 . 2009-06-19 23:48 -------- d-----w- c:\windows\SxsCaPendDel
2009-06-19 23:35 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-19 23:35 . 2009-04-30 21:22 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-06-19 23:35 . 2009-04-30 21:22 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-06-19 23:35 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-19 23:35 . 2009-06-19 23:35 -------- d-----w- c:\windows\ie8updates
2009-06-19 23:34 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-06-19 23:32 . 2009-06-19 23:34 -------- dc-h--w- c:\windows\ie8
2009-06-19 22:01 . 2009-06-19 22:54 1108985 ----a-w- C:\My_CFix_Quarantine.zip
2009-06-19 00:09 . 2009-06-19 00:09 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-06-19 00:09 . 2009-06-19 00:09 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-06-19 00:09 . 2009-06-19 00:09 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-06-19 00:09 . 2009-06-19 00:09 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-06-18 23:49 . 2009-06-19 00:09 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-18 23:49 . 2009-06-19 00:09 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-18 23:48 . 2009-06-19 23:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-18 23:48 . 2009-06-19 23:47 540704 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-18 23:48 . 2009-06-19 23:47 3089440 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-18 23:48 . 2009-06-18 23:48 -------- d-----w- c:\program files\Kaspersky Lab
2009-06-17 19:54 . 2009-06-17 19:54 374272 ----a-w- c:\windows\system32\msxmlm.dll
2009-06-17 19:54 . 2009-06-17 19:54 -------- d-----w- c:\program files\Common Files\Uninstall
2009-06-16 02:03 . 2009-06-16 02:03 390664 ----a-w- c:\documents and settings\Mike\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-15 04:20 . 2009-06-15 04:20 152576 ----a-w- c:\documents and settings\Mike\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-15 04:14 . 2007-05-24 17:59 180224 ----a-w- c:\documents and settings\Mike\Application Data\U3\00001675C673FFAF\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\U3AppWrapper.exe
2009-06-15 04:14 . 2006-12-11 17:20 983829 ----a-w- c:\documents and settings\Mike\Application Data\U3\00001675C673FFAF\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\master.exe
2009-06-15 04:14 . 2006-12-11 17:20 72192 ----a-w- c:\documents and settings\Mike\Application Data\U3\00001675C673FFAF\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\TASKLIST.EXE
2009-06-15 04:14 . 2006-12-11 17:20 72192 ----a-w- c:\documents and settings\Mike\Application Data\U3\00001675C673FFAF\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\TASKKILL.EXE
2009-06-15 04:14 . 2006-12-11 17:20 325 ----a-w- c:\documents and settings\Mike\Application Data\U3\00001675C673FFAF\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\stopApp.bat
2009-06-15 04:14 . 2006-12-11 17:20 15 ----a-w- c:\documents and settings\Mike\Application Data\U3\00001675C673FFAF\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\run_me.bat
2009-06-15 04:14 . 2006-12-01 17:13 40960 ----a-w- c:\documents and settings\Mike\Application Data\U3\00001675C673FFAF\79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8\Exec\appstop.exe
2009-06-06 01:58 . 2009-06-06 01:58 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-31 01:38 . 2009-05-31 01:38 2904064 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\18154-181625.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-19 23:47 . 2009-06-18 23:48 2928 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-19 23:47 . 2009-06-18 23:48 25216 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-19 00:28 . 2008-01-20 23:03 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-19 00:10 . 2008-01-30 01:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-06-18 23:45 . 2008-10-05 01:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-06-17 20:42 . 2009-03-08 20:44 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-15 04:14 . 2009-06-15 04:14 0 ----a-w- C:\LOG28D.tmp
2009-06-15 04:13 . 2008-01-22 04:53 -------- d-----w- c:\documents and settings\Mike\Application Data\U3
2009-06-13 20:29 . 2009-01-02 20:05 -------- d-----w- c:\documents and settings\Jennifer\Application Data\ZoomBrowser EX
2009-06-13 20:08 . 2009-01-02 20:07 -------- d-----w- c:\documents and settings\Jennifer\Application Data\CameraWindowDC
2009-06-06 01:58 . 2008-01-20 23:52 -------- d-----w- c:\program files\Common Files\Real
2009-06-06 01:58 . 2003-03-19 04:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-06 01:58 . 2003-02-21 12:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-31 01:39 . 2008-01-20 22:46 -------- d-----w- c:\program files\Quicken
2009-05-31 01:38 . 2009-03-23 04:18 242976 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\QWPATCH.EXE
2009-05-21 18:33 . 2008-11-29 01:05 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-13 05:15 . 2004-08-10 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-12 03:21 . 2008-01-20 23:50 -------- d-----w- c:\program files\Google
2009-05-12 01:52 . 2009-03-17 17:12 -------- d-----w- c:\program files\The Learning Company
2009-05-12 00:23 . 2008-01-20 21:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-12 00:19 . 2009-05-12 00:18 -------- d-----w- c:\program files\GameSpy Arcade
2009-05-11 23:56 . 2009-05-11 23:56 -------- d-----w- c:\program files\LEGO Media
2009-05-07 15:32 . 2004-08-10 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-25 19:37 . 2009-04-25 19:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\Intuit
2009-04-22 05:19 . 2009-04-21 05:20 -------- d-----w- c:\documents and settings\Mike\Application Data\Move Networks
2009-04-17 12:26 . 2004-08-10 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-08-10 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-03 22:19 . 2008-02-20 16:47 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-03-23 04:19 . 2009-03-23 04:19 3616768 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\181311-181414.dll
2009-03-23 04:19 . 2009-03-23 04:19 1536000 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\181414-18154.dll
2009-03-23 04:18 . 2009-03-23 04:18 223584 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\patchw32.dll
2009-03-23 04:18 . 2009-03-23 04:18 1007616 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\181129-181212.dll
2009-03-23 04:18 . 2009-03-23 04:18 811008 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\181212-181311.dll
2009-03-23 04:17 . 2009-03-23 04:17 997 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\Quicken\Inet\Common\patch\Update\rebase.cmd
2009-03-23 04:02 . 2009-03-23 04:02 0 ----a-w- C:\LOG464.tmp
.

((((((((((((((((((((((((((((( SnapShot@2009-06-19_22.43.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-30 04:10 . 2008-07-30 04:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2008-01-20 21:59 . 2009-01-08 01:21 26144 c:\windows\system32\spupdsvc.exe
+ 2009-06-19 23:41 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2008-01-20 21:59 . 2009-01-08 01:20 16928 c:\windows\system32\spmsg.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 46592 c:\windows\system32\pngfilt.dll
+ 2004-08-10 12:00 . 2009-06-19 23:45 71904 c:\windows\system32\perfc009.dat
+ 2009-01-08 01:20 . 2009-01-08 01:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 24576 c:\windows\system32\nlsdl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 15360 c:\windows\system32\mui\0409\mscorees.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 55296 c:\windows\system32\msfeedsbs.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 83968 c:\windows\system32\mscories.dll
+ 2009-06-19 23:24 . 2009-06-19 23:24 89102 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2004-08-10 12:00 . 2009-03-08 11:34 43008 c:\windows\system32\licmgr10.dll
+ 2004-08-10 12:00 . 2009-04-30 21:22 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-10 12:00 . 2009-03-08 11:32 94720 c:\windows\system32\inseng.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 97800 c:\windows\system32\infocardapi.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-10 12:00 . 2009-03-08 11:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-10 12:00 . 2009-03-08 11:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 26112 c:\windows\system32\idndl.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 11264 c:\windows\system32\icardres.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 59904 c:\windows\system32\icardie.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 73720 c:\windows\system32\dxva2.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2009-03-08 11:34 . 2009-03-08 11:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 11:33 . 2009-04-30 21:22 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2009-03-08 11:24 . 2009-03-08 11:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 96760 c:\windows\system32\dfshim.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96760 c:\windows\system32\dfshim.dll
+ 2004-08-10 12:00 . 2009-03-08 11:33 18944 c:\windows\system32\corpol.dll
+ 2004-08-10 12:00 . 2009-03-08 11:32 72704 c:\windows\system32\admparse.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 04:10 . 2008-07-30 04:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-30 02:59 . 2008-07-30 02:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-30 02:32 . 2008-07-30 02:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-10-24 08:47 . 2007-10-24 08:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
- 2009-06-11 13:44 . 2009-06-11 13:44 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2009-06-19 23:05 . 2009-06-19 23:05 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2009-06-19 23:35 . 2009-03-08 11:33 12288 c:\windows\ie8updates\KB969897-IE8\xpshims.dll
+ 2009-06-19 23:35 . 2009-03-08 11:33 25600 c:\windows\ie8updates\KB969897-IE8\jsproxy.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 37888 c:\windows\ie8\url.dll
+ 2009-06-19 23:33 . 2009-03-08 21:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 39424 c:\windows\ie8\pngfilt.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 96256 c:\windows\ie8\occache.dll
+ 2009-06-19 23:32 . 2008-04-13 16:26 56832 c:\windows\ie8\mshtmler.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 29184 c:\windows\ie8\mshta.exe
+ 2009-06-19 23:32 . 2008-04-14 00:11 22016 c:\windows\ie8\licmgr10.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 15872 c:\windows\ie8\jsproxy.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 96256 c:\windows\ie8\inseng.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 35840 c:\windows\ie8\imgutil.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 93184 c:\windows\ie8\iexplore.exe
+ 2009-06-19 23:32 . 2008-04-14 00:11 62976 c:\windows\ie8\iesetup.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 48640 c:\windows\ie8\iernonce.dll
+ 2009-06-19 23:32 . 2009-04-29 04:46 81920 c:\windows\ie8\ieencode.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 34304 c:\windows\ie8\ie4uinit.exe
+ 2009-06-19 23:32 . 2008-04-14 00:11 38912 c:\windows\ie8\hmmapi.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 35328 c:\windows\ie8\corpol.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 99840 c:\windows\ie8\advpack.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 61440 c:\windows\ie8\admparse.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-06-19 23:53 . 2009-06-19 23:53 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-06-19 23:50 . 2009-06-19 23:50 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-06-19 23:47 . 2009-06-19 23:47 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-06-19 23:41 . 2009-06-19 23:41 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 08:47 . 2007-10-24 08:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 08:47 . 2007-10-24 08:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-06-19 23:35 . 2009-03-08 11:35 2048 c:\windows\ie8updates\KB971180-IE8\iecompat.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-04-12 14:27 . 2008-04-12 14:27 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-12 14:28 . 2008-04-12 14:28 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 04:26 . 2008-07-30 04:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
- 2008-08-23 15:36 . 2008-04-14 00:12 121856 c:\windows\system32\xmllite.dll
+ 2008-08-23 15:36 . 2009-01-08 01:21 121856 c:\windows\system32\xmllite.dll
+ 2008-01-20 20:45 . 2008-10-16 21:12 202776 c:\windows\system32\wuweb.dll
- 2008-01-20 20:45 . 2008-10-16 22:13 202776 c:\windows\system32\wuweb.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-10 12:00 . 2009-03-08 11:34 236544 c:\windows\system32\webcheck.dll
+ 2004-08-10 12:00 . 2009-03-08 11:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-10 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-06-19 23:41 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-06-19 23:41 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-06-19 23:41 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2009-06-19 23:40 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2008-01-20 22:55 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2008-01-20 22:55 . 2007-05-15 08:08 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2008-01-20 22:55 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2008-01-20 22:55 . 2008-04-14 00:12 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2008-01-20 22:55 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-08-24 23:15 . 2006-08-24 23:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-30 03:35 . 2008-07-30 03:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-30 02:59 . 2008-07-30 02:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2004-08-10 12:00 . 2009-06-19 23:45 444028 c:\windows\system32\perfh009.dat
+ 2004-08-10 12:00 . 2009-03-08 11:34 109568 c:\windows\system32\occache.dll
+ 2004-08-10 12:00 . 2009-03-08 11:32 611840 c:\windows\system32\mstime.dll
+ 2004-08-10 12:00 . 2009-03-08 11:34 193536 c:\windows\system32\msrating.dll
+ 2004-08-10 12:00 . 2009-03-08 11:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 265720 c:\windows\system32\msdbg2.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 158720 c:\windows\system32\mscorier.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 282112 c:\windows\system32\mscoree.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 282112 c:\windows\system32\mscoree.dll
+ 2009-02-03 02:07 . 2009-02-03 02:07 240544 c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
+ 2004-08-10 12:00 . 2009-03-08 11:33 726528 c:\windows\system32\jscript.dll
+ 2009-03-08 11:22 . 2009-03-08 11:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 183808 c:\windows\system32\iepeers.dll
+ 2004-08-10 12:00 . 2009-04-30 21:22 385536 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 11:11 . 2009-03-08 11:11 445952 c:\windows\system32\ieapfltr.dll
+ 2004-08-10 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-10 12:00 . 2009-03-08 11:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-10 12:00 . 2009-03-08 11:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-10 12:00 . 2009-04-30 11:21 173056 c:\windows\system32\ie4uinit.exe
+ 2008-07-30 02:24 . 2008-07-30 02:24 622080 c:\windows\system32\icardagt.exe
+ 2008-01-20 12:12 . 2009-06-19 23:48 146016 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-30 04:10 . 2008-07-30 04:10 493048 c:\windows\system32\evr.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-10 12:00 . 2009-03-08 11:31 348160 c:\windows\system32\dxtmsft.dll
+ 2008-01-20 20:45 . 2008-10-16 21:12 202776 c:\windows\system32\dllcache\wuweb.dll
- 2008-01-20 20:45 . 2008-10-16 22:13 202776 c:\windows\system32\dllcache\wuweb.dll
+ 2008-04-21 06:44 . 2009-05-13 05:15 915456 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2008-05-09 10:53 . 2009-03-08 11:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 109568 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-10 12:00 . 2009-03-08 11:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2008-05-09 10:53 . 2009-03-08 11:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-03-08 21:09 . 2009-03-08 21:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 183808 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 21:09 . 2009-04-30 21:22 385536 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-10 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-03-08 11:32 . 2009-04-30 11:21 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-10 12:00 . 2009-03-08 11:32 128512 c:\windows\system32\advpack.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-30 01:47 . 2008-07-30 01:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 06:15 . 2008-07-30 06:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 06:40 . 2008-07-30 06:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 03:35 . 2008-07-30 03:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 11:59 . 2008-11-25 11:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-24 08:47 . 2007-10-24 08:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-06-19 23:35 . 2007-11-30 12:39 382840 c:\windows\ie8updates\KB971180-IE8\spuninst\updspapi.dll
+ 2009-06-19 23:35 . 2007-11-30 12:39 231288 c:\windows\ie8updates\KB971180-IE8\spuninst\spuninst.exe
+ 2009-06-19 23:35 . 2009-03-08 11:34 914944 c:\windows\ie8updates\KB969897-IE8\wininet.dll
+ 2009-06-19 23:35 . 2008-07-09 07:38 382840 c:\windows\ie8updates\KB969897-IE8\spuninst\updspapi.dll
+ 2009-06-19 23:35 . 2007-11-30 12:39 231288 c:\windows\ie8updates\KB969897-IE8\spuninst\spuninst.exe
+ 2009-06-19 23:35 . 2009-03-08 11:33 246784 c:\windows\ie8updates\KB969897-IE8\ieproxy.dll
+ 2009-06-19 23:35 . 2009-03-08 21:09 391536 c:\windows\ie8updates\KB969897-IE8\iedkcs32.dll
+ 2009-06-19 23:35 . 2009-03-08 11:32 173056 c:\windows\ie8updates\KB969897-IE8\ie4uinit.exe
+ 2009-06-19 23:32 . 2009-04-29 04:46 666624 c:\windows\ie8\wininet.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 276480 c:\windows\ie8\webcheck.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 851968 c:\windows\ie8\vgx.dll
+ 2009-06-19 23:32 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2009-06-19 23:32 . 2009-04-29 04:46 620032 c:\windows\ie8\urlmon.dll
+ 2009-06-19 23:33 . 2009-01-08 01:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-06-19 23:33 . 2009-01-08 01:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-06-19 23:32 . 2008-04-14 00:12 532480 c:\windows\ie8\mstime.dll
+ 2009-06-19 23:32 . 2008-04-14 00:12 146432 c:\windows\ie8\msrating.dll
+ 2009-06-19 23:32 . 2004-08-10 12:00 146432 c:\windows\ie8\msls31.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 449024 c:\windows\ie8\mshtmled.dll
+ 2009-06-19 23:32 . 2008-05-09 10:53 512000 c:\windows\ie8\jscript.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 251904 c:\windows\ie8\iepeers.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 323584 c:\windows\ie8\iedkcs32.dll
+ 2009-06-19 23:32 . 2004-08-10 12:00 221184 c:\windows\ie8\ieakui.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 216576 c:\windows\ie8\ieaksie.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 143360 c:\windows\ie8\ieakeng.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 205312 c:\windows\ie8\dxtrans.dll
+ 2009-06-19 23:32 . 2008-04-14 00:11 357888 c:\windows\ie8\dxtmsft.dll
+ 2009-06-19 23:40 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 261120 c:\windows\assembly\temp\ST6V8X23CH\System.Transactions.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 113664 c:\windows\assembly\temp\Q381YNS1MV\System.EnterpriseServices.Wrapper.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 258048 c:\windows\assembly\temp\Q381YNS1MV\System.EnterpriseServices.dll
+ 2008-04-12 14:27 . 2008-04-12 14:27 114688 c:\windows\assembly\temp\MJSLU3GPY7\System.ServiceProcess.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 425984 c:\windows\assembly\temp\MBKLUFCHMR\System.configuration.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 299008 c:\windows\assembly\temp\IV8LUZ8LU3\System.Runtime.Remoting.dll
+ 2008-04-12 14:27 . 2008-04-12 14:27 630784 c:\windows\assembly\temp\2R8XEJOTY3\System.Drawing.dll
+ 2009-06-19 23:53 . 2009-06-19 23:53 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-06-19 23:53 . 2009-06-19 23:53 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-06-19 23:53 . 2009-06-19 23:53 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-06-20 00:01 . 2009-06-20 00:01 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-06-20 00:01 . 2009-06-20 00:01 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-06-19 23:51 . 2009-06-19 23:51 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-06-19 23:51 . 2009-06-19 23:51 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-06-19 23:51 . 2009-06-19 23:51 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-06-19 23:51 . 2009-06-19 23:51 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2008-04-12 14:27 . 2008-04-12 14:27 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2008-04-12 14:27 . 2008-04-12 14:27 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-04-12 14:27 . 2008-04-12 14:27 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-04-12 14:28 . 2008-04-12 14:28 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2004-08-10 12:00 . 2009-04-30 21:22 1207808 c:\windows\system32\urlmon.dll
+ 2009-06-19 23:41 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-06-19 23:41 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-06-19 23:40 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-06-19 23:41 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-06-19 23:40 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2004-08-10 12:00 . 2009-05-13 05:15 5936128 c:\windows\system32\mshtml.dll
+ 2007-10-11 22:12 . 2008-03-21 01:06 1480232 c:\windows\system32\LegitCheckControl.dll
+ 2009-03-08 11:32 . 2009-04-30 21:22 1985024 c:\windows\system32\iertutil.dll
+ 2009-02-07 04:07 . 2009-02-07 04:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2008-06-26 08:15 . 2009-04-30 21:22 1207808 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-21 06:44 . 2009-05-13 05:15 5936128 c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-30 01:47 . 2008-07-30 01:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-06 02:35 . 2008-12-06 02:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-06 03:12 . 2008-12-06 03:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-10-24 08:47 . 2007-10-24 08:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 11:59 . 2008-11-25 11:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2009-06-19 23:35 . 2009-03-08 11:34 1206784 c:\windows\ie8updates\KB969897-IE8\urlmon.dll
+ 2009-06-19 23:35 . 2009-03-08 11:41 5937152 c:\windows\ie8updates\KB969897-IE8\mshtml.dll
+ 2009-06-19 23:35 . 2009-03-08 11:32 1985024 c:\windows\ie8updates\KB969897-IE8\iertutil.dll
+ 2009-06-19 23:32 . 2009-04-29 04:46 3068928 c:\windows\ie8\mshtml.dll
+ 2009-02-03 01:07 . 2009-02-03 01:07 1914440 c:\windows\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe
+ 2008-04-12 14:27 . 2008-04-12 14:27 2068480 c:\windows\assembly\temp\WXE7CT2FOX\System.XML.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 5013504 c:\windows\assembly\temp\UR0127KXQV\System.Windows.Forms.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 3036160 c:\windows\assembly\temp\OLEZKHMRW1\System.Data.dll
+ 2008-04-12 14:28 . 2008-04-12 14:28 3076096 c:\windows\assembly\temp\O9AVO12BOT\System.dll
+ 2009-06-19 23:47 . 2009-06-19 23:47 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-06-19 23:53 . 2009-06-19 23:53 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-06-19 23:47 . 2009-06-19 23:47 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-06-19 23:53 . 2009-06-19 23:53 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-06-20 00:01 . 2009-06-20 00:01 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-06-20 00:01 . 2009-06-20 00:01 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-06-19 23:51 . 2009-06-19 23:51 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-06-19 23:51 . 2009-06-19 23:51 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-06-19 23:47 . 2009-06-19 23:47 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-06-19 23:42 . 2009-06-19 23:42 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-06-19 23:41 . 2009-06-19 23:41 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-06-19 23:45 . 2009-06-19 23:45 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-03-08 11:39 . 2009-04-30 21:22 11064832 c:\windows\system32\ieframe.dll
+ 2009-06-19 23:35 . 2009-03-08 11:39 11063808 c:\windows\ie8updates\KB969897-IE8\ieframe.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-06-19 23:52 . 2009-06-19 23:52 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-06-19 23:51 . 2009-06-19 23:51 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-06-19 23:49 . 2009-06-19 23:49 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-06-19 23:46 . 2009-06-19 23:46 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A77D3539-581D-450C-9E44-A84C415A6172}]
2009-06-17 19:54 374272 ----a-w- c:\windows\system32\msxmlm.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-13 57344]
"CTSysVol"="c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-06 198160]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-06-19 206088]
"P17Helper"="P17.dll" - c:\windows\system32\P17.dll [2004-06-10 60928]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2003-12-13 630915]
Kodak software updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2003-6-8 16432]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 6:29 PM 33808]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 6:45 AM 13088]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [3/13/2008 7:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/30/2008 6:06 PM 24592]
S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [7/20/2008 3:25 PM 31592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-05-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-19 17:02
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2864)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2009-06-20 17:05
ComboFix-quarantined-files.txt 2009-06-20 00:04
ComboFix2.txt 2009-06-19 22:46

Pre-Run: 123,085,582,336 bytes free
Post-Run: 123,068,895,232 bytes free

893 --- E O F --- 2009-06-11 13:45

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:05:58 AM

Posted 21 June 2009 - 02:16 PM

Hello,

You're welcome. :thumbup2:

So from your first post here, you said that you cannot access most security sites. Let's do this :

Download the HostsXpert Here
http://www.funkytoad.com/download/HostsXpert.zip

Unzip HostsXpert to your desktop

Open up the HostsXpert program.

* Make sure that the "make hosts writable?" button in the upper left corner is enabled.
* Click back up Host files
* then click "Restore MS Hosts File"
* close program

Let's also have a HijackThis log. Please do this:
1. Download HijackThis™ here:
http://www.trendsecure.com/portal/en-US/th.../hijackthis.php

2. Click 'Do a System Scan and Save log'.
The HJT log will open in notepad.

When you post that report, please let me know if you can now browse those websites you couldn't before.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 02:31 PM

Hi Tea,

I performed the actions you requested and tried to access my Bank's website without success. I'm still getting the same warning screen.

Here is the HJT Log....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:21:36 PM, on 6/21/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mike\Desktop\HostsXpert\HostsXpert\HostsXpert.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: &Helper - {A77D3539-581D-450C-9E44-A84C415A6172} - C:\WINDOWS\system32\msxmlm.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1844237615-1085031214-725345543-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Jennifer')
O4 - HKUS\S-1-5-21-1844237615-1085031214-725345543-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Jennifer')
O4 - HKUS\S-1-5-21-1844237615-1085031214-725345543-1005\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Kaeli')
O4 - HKUS\S-1-5-21-1844237615-1085031214-725345543-1006\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Ryne')
O4 - HKUS\S-1-5-21-1844237615-1085031214-725345543-1006\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Media Center PC 3.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.noggin.com/games/scribblevision/index.php?modid=10" (User 'Ryne')
O4 - HKUS\S-1-5-21-1844237615-1085031214-725345543-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Keira')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1245453960296
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {D27CDB70-AE6D-11cf-96B8-444553540000} (Macromedia Flash Factory Object) -
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://compak.webex.com/client/T27L/webex/ieatgpc.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

--
End of file - 9149 bytes

#6 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:05:58 AM

Posted 21 June 2009 - 02:49 PM

Hello,

When you ran HostsXpert were there any problems? One more download, please, to look for rootkits :

Download GMER's application from here:
http://www.gmer.net/gmer.zip

Unzip it and start the GMER.exe
Click the Rootkit tab and click the Scan button.

Once done, click the Copy button.
This will copy the results to your clipboard.
Paste the results in your next reply.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#7 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 03:39 PM

Hi Tea,

Just wanted to let you know that GMER is still scanning my PC.....

#8 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 04:09 PM

Hi Tea,

I'm back. That took a bit longer than I expected. My PC seems to be running really slow.

Here are the results from GMER:

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-06-21 14:09:04
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB1417A72]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwClose [0xB141801E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwConnectPort [0xB1419A82]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateFile [0xB1419438]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateKey [0xB14171E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB141B3E4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateThread [0xB1417E1A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeleteKey [0xB141762A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeleteValueKey [0xB141782A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeviceIoControlFile [0xB1419744]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDuplicateObject [0xB141B8F0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateKey [0xB1417940]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateValueKey [0xB14179A8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwFsControlFile [0xB14195FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwLoadDriver [0xB141AEA8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenFile [0xB1419294]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenKey [0xB141734A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenProcess [0xB1417C40]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenSection [0xB141B40E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenThread [0xB1417B96]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryKey [0xB1417A10]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryMultipleValueKey [0xB1417714]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryValueKey [0xB14174F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueueApcThread [0xB141B110]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwReplaceKey [0xB1416E6A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRequestWaitReplyPort [0xB141A30C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRestoreKey [0xB1416FCC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwResumeThread [0xB141B7C0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSaveKey [0xB1416C68]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSecureConnectPort [0xB1419924]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetContextThread [0xB1417F18]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSecurityObject [0xB141AFA2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSystemInformation [0xB141B438]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetValueKey [0xB14173A0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendProcess [0xB141B51C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendThread [0xB141B648]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSystemDebugControl [0xB141ADD4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwTerminateProcess [0xB1417CEA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwWriteVirtualMemory [0xB1417D5C]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwYieldExecution + 46A 804E4CA4 12 Bytes [1C, B5, 41, B1, 48, B6, 41, ...]
.text ntoskrnl.exe!ZwYieldExecution + 47A 804E4CB4 4 Bytes JMP E7B1417C
.text ntoskrnl.exe!IoIsOperationSynchronous 804EAFAE 5 Bytes JMP B142E5A2 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)
.text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804F4593 5 Bytes JMP B142E1E8 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[552] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[552] USER32.dll!AlignRects + FFFA5598 7E412A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[808] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[808] USER32.dll!AlignRects + FFFA5598 7E412A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[2596] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[2596] USER32.dll!AlignRects + FFFA5598 7E412A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [BAB1B670] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [BAB1B670] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\ipnat.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\netbios.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\System32\Drivers\Fips.SYS[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\usbscan.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\usbprint.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\kbdhid.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\mouhid.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\System32\Drivers\Cdfs.SYS[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\drivers\wdmaud.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\drivers\sysaudio.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\mrxdav.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\System32\Drivers\ParVdm.SYS[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\System32\Drivers\HTTP.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
IAT \SystemRoot\system32\drivers\kmixer.sys[ntoskrnl.exe!IoCreateDevice] [BAB1B520] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

---- EOF - GMER 1.0.15 ----

#9 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:05:58 AM

Posted 21 June 2009 - 04:43 PM

Heh, nothing there except from Kaspersky. :thumbup2:

When you ran HostsXpert were there any problems?

:)

Click Start> type cmd in the search box and then press CTRL+Shift+Enter and next "Ok" the UAC prompt. You get an elevated command prompt window and from there type, or copy and paste ipconfig /flushdns and hit Enter.

Please run HijackThis! and click "Scan." Place checks next to the following entries, if present:

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKUS\S-1-5-21-1844237615-1085031214-725345543-1006\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Media Center PC 3.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" -"http://www.noggin.com/games/scribblevision/index.php?modid=10" (User 'Ryne')
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe


Close all browsers and other windows except for HijackThis!, and click "Fix checked".

Go to Start>Run> type in, or copy and paste msconfig and hit Okay. Click on the Services tab and look for Ati HotKey Poller - ATI Technologies Inc. and stop that Service (Uncheck). Apply, close it out, and restart your computer.

Can you please make sure MBAM is fully updated and run a scan for me? Please post the report in your reply and let me know how it's running. :)

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#10 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 06:34 PM

Hi Tea,

Sorry about the delay. I thought I'd lost you for the day given the amount of time it took me to process the GMER scan.

I'm trying to follow your instructions but I can't make it past cmd so I know I am doing something wrong. Please ensure that I am following you correctly...

Start>Search>cmd

When I do this, Internet Explorer opens and the PAV infection blocks me with a warning page.

Please help!

#11 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:05:58 AM

Posted 21 June 2009 - 07:00 PM

Hi there,

Nope, once I answer you, you're pretty much stuck with me I'm afraid. :thumbup2:

Don't worry about the cmd then. :) You can delete GMER.

Now, to clarify.....the "PAV" you keep referring to is Personal AntiVirus, yes? Not having much luck seeing it in anything so far, but we're not out of options :

Go HERE, and download RootRepeal.zip to your Desktop.
Tutorial with images ,if needed >> L@@K.
Unzip that,(7-zip tool if needed) and then click RootRepeal.exe to open the scanner.
Next click on the Report tab, now click on Scan. A Window will open asking what to include in the scan. Check all of the below and then click OK.

Drivers
Files
Processes
SSDT
Stealth Objects
Hidden Services


Now you'll be asked which drive to scan. Check C: and click OK again and the scan will start. Please be patient as the scan runs. When the scan has finished, click on Save Report.
Name the log RootRepeal.txt and save it to your Documents folder (it should automatically save it there).
Please copy and paste that into your next reply.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#12 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 07:31 PM

Hi Tea,

I downloaded the RootRepeal.rar file via your link and attempted to open it using the 7-zip tool. Nothing popped-up but my CPU is at 50% usage and my Task Manager shows an application listed as "busy" and "not responding". I didn't direct it to scan. Is it possible that it started scanning automatically when I initialized the application?

Please advise.

Thanks!

#13 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:05:58 AM

Posted 21 June 2009 - 07:42 PM

Hello,

Then delete it, please. :) This thing has really got you. Please do a Windows search for anything relating to Personal AntiVirus and let me know what you come up with. Also, I would give my right arm to know exactly what the Kaspersky people had you do. It's VERY hard to work after someone else, especially when they don't do a thorough job of it. :thumbup2:

tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#14 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 21 June 2009 - 08:05 PM

Me again.....

Thanks so much for your support on this. It's extremely frustrating for me!

I ran 2 Windows Searches. Here is what they turned up....

Search:"PAV"
NAME LOCATION
pav.exe.vir C:\Qoobox\Quarantine\C\Program Files\PAV
HKLM-RUN-PAV.reg C:\Qoobox\Quarantine\Registry_backups
PAV C:\Program Files\Common Files\Uninstall
PAV C:\Qoobox\Quarantine\C\Program Files
PAV C:\Qoobox\Quarantine\C\Documents and settings\All Users\Start Menu

Search: "Personal Antivirus"
NAME LOCATION
Personal Antivirus.Ink.vir C:\Qoobox\Quarantine\C\Documents and settings\Jennifer\Desktop
Personal Antivirus.Ink.vir C:\Qoobox\Quarantine\C\Documents and settings\All Users\Start Menu\PAV


Here is the email that I received from the Kaspersky Rep:

Could you follow these instructions so we can disinfect you and collect the files?

Step 1 - Download and run ComboFix:

ComboFix is a powerful free program designed to deal with a number of different infections. Since it's not a full security suite, many malware writers do not test against it. You can get a copy of ComboFix from the links included in the attached PDF walkthrough guide. It includes all the steps to download and run ComboFix.

Disclaimer - Removal Tools

Any removal tools given are to be used at your own risk. Kaspersky Lab will not be held liable for any damage and/or loss of data that may result from running these tools. We are unable to provide support for the use of non-Kaspersky removal tools.

Step 2 - Run this collection script:

Open Kaspersky 2009.
Click Support in the lower left.
Click Support Tools in the lower left.
Click Execute AVZ script.
Copy and paste in the below script including the "begin" and "end." lines or the script will not work.
Click Execute.
Click Exit.
Click Close twice.

Alternatively, here's visual instructions on how to get there:
http://usa.kaspersky.com/support/home-supp...08279789#script

The script is also attached to the email.

begin
QuarantineFile('C:\Qoobox\Quarantine\C\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Program Files\A360\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Program Files\Malware Defender 2009\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Program Files\PAV\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Program Files\WinSpyControl\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Windows\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Windows\System\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Windows\System32\*','');
QuarantineFile('C:\Qoobox\Quarantine\C\Windows\System32\Drivers\*','');
CreateQurantineArchive('c:\My_CFix_Quarantine.zip');
end.

Step 3 - Email the ComboFix log and removed files:

Please reply to this email and attach the following files.

C:\ComboFix.txt
C:\My_CFix_Quarantine.zip

#15 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:05:58 AM

Posted 21 June 2009 - 08:33 PM

Hello,

You're welcome. :thumbup2:

The only one I have an interest in is this one: PAV C:\Program Files\Common Files\Uninstall If that folder contains PAV files, then it needs to be deleted.

The rest are what ComboFix deleted. In fact, please delete ComboFix and its accompanying folder C:\Qoobox. Empty your Recycle bin and reboot your computer. Now let's get a fresh one and see what it says :

1. Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users