Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rootkit problem


  • Please log in to reply
19 replies to this topic

#1 griffs50

griffs50

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 22 September 2009 - 05:43 PM

hello, i was refered to this page by another moderator and was instructed to post a rootrepeal log and win32k diag report. when i tried to open the utility download it opened another window with the following: i am not sure if i am doing something wrong
MZ@ !L!This program cannot be run in DOS mode. $PELZJ t?@'j@$.text PEC2TO .rsrc0$ .reloc@PEc}pLH[j%e$.żհeaV؋"2{z7P13w' oS 8!q<ֻG6erՏ=jH`d8dN<p`SYWލӽԞm 5lZQ,? ⍲_'pȷiV^4.VNG\Re=рrAn$W.s܃ԨZ0TEL 諿}t'zQyl3J<*4y =INL;R' .1i6cQcޘDŽ3 ̸wڟ)U,˝sRtkUc`h*Y}1Q )㘚 O+'4v|SMo XX@2vV GFY6[l*4Wh8 bd"kE}sRGrj2N0o*`>3dZP> OWZ珫R^.d`_,,̄ gx(\ 3"/.D[rn%o#_BN bR#Ś=I?ײ錉?~kUT&` -0 R &y\!' %=+VC1RS8'[5CZ.Nb-ۙ@®'B趼.]pKOwpz`.emM!UL1qyDymo8tyz~IŖR* |_kWE~P|Kҥg6w&i z ?m'i pKdg,x1hd"ԝfO =0dxDj"alRgOR7g9gsUn|RIHDI/xq1ѽ]W`A^pYVq_+1y;F9N$[mG@BER2~9"/|[+Js%R :}W7&uV>M+y 8 2?f9E,u; })HB"> 3_ MS"YU[v.

this is the report for the rootrepeal:
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/22 18:12
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF1481000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8D56000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF0F19000 Size: 49152 File Visible: No Signed: -
Status: -

Name: sUBs:1
Image Path: C:\WINDOWS\sUBs:1
Address: 0xF8B9E000 Size: 20480 File Visible: No Signed: -
Status: -

Name: sUBs:2
Image Path: C:\WINDOWS\sUBs:2
Address: 0xF150A000 Size: 61440 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 173 Function Name: NtQuerySystemInformation
Status: Hooked by "C:\WINDOWS\System32\Drivers\Beep.SYS" at address 0xf8b1817e

Stealth Objects
-------------------
Object: Hidden Module [Name: gasfkylnqjooib.dll]
Process: svchost.exe (PID: 900) Address: 0x10000000 Size: 53248

Hidden Services
-------------------
Service Name: gasfkyerrpdwqi
Image Path: C:\WINDOWS\system32\drivers\gasfkypfvmpxxy.sys

==EOF==
thank you
mark

BC AdBot (Login to Remove)

 


#2 jpshortstuff

jpshortstuff

    WhatTheTech Teacher


  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:04 AM

Posted 22 September 2009 - 06:20 PM

Hi,

Let's try something.

Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix. If it doesn't run first time, please rename it to explorer.exe and try again.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

If that runs successfully, please try and run win32kdiag again.

Regardless of whether either of the above works, please try this next item as well.

If you already have a copy of ComboFix, please delete it.

Please download ComboFix to your desktop from one of these locations. You must rename it before saving it. Save it to your desktop.
Link 1
Link 2
Link 3

Posted Image

Posted Image

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on Combo-Fix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Posted Image
  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making IE the default browser.
4. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please advise.
5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Trained at the What The Tech Classroom where you too could learn to help others.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

Posted Image

#3 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 22 September 2009 - 07:50 PM

thank you for responding so quickly. i have tried to run exehelper, when i double click it opens to the black window then quickly shuts down. I then proceded to the combo fix task and ran the program and received a warning box that stated mcafee antivirus is running. The problem i am currently having is that im running avg as my anti and have uninstalled mcafee and am unable to find location(in the taskbar or anywhere else) to disable it. Should i continue with combofix or is there a way to shut down mcafee.
mark

#4 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 22 September 2009 - 07:54 PM

i have also looked in the task manager and do not see the mcvsshld.exe process running

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:04 AM

Posted 22 September 2009 - 08:00 PM

Hello,sorry to intrude. I am closing the topic in the Am I Infected forum.. You are being helped by one of BC's best now.
There is a Rootrepeal log there with an infection for reference.
http://www.bleepingcomputer.com/forums/t/259287/antiviruspro2010/
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 jpshortstuff

jpshortstuff

    WhatTheTech Teacher


  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:04 AM

Posted 23 September 2009 - 04:10 AM

Hi,

Try running the McAfee removal tool to remove all traces of McAfee:
http://download.mcafee.com/products/licens...atches/MCPR.exe

If you still receive the message when running ComboFix after that (or if the above does not work), please just continue with ComboFix when presented with the warning.

Thanks boopme :(
Trained at the What The Tech Classroom where you too could learn to help others.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

Posted Image

#7 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 23 September 2009 - 05:30 PM

hey jp thank you very much for your help so far. i followed your instructions as stated above and was unable to remove mcafee, but i did run the combofix program. here is the report:

ComboFix 09-09-22.02 - Amy Lawrence 09/23/2009 17:39.3.1 - NTFSx86
Running from: c:\documents and settings\Amy Lawrence\Desktop\othername.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\acidasi.lib
c:\documents and settings\All Users\Application Data\gyku.bin
c:\documents and settings\All Users\Application Data\tubyjyv.exe
c:\documents and settings\All Users\Application Data\xijejyceb.bat
c:\documents and settings\All Users\Documents\kufyzes.com
c:\documents and settings\Amy Lawrence\Application Data\aguk.pif
c:\documents and settings\Amy Lawrence\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusPro_2010.lnk
c:\documents and settings\Amy Lawrence\Application Data\pifikytacy.ban
c:\documents and settings\Amy Lawrence\Desktop\AntivirusPro_2010.lnk
c:\documents and settings\Amy Lawrence\Local Settings\Application Data\ofufew.scr
c:\documents and settings\Amy Lawrence\Local Settings\Application Data\pojal.dll
c:\documents and settings\Amy Lawrence\Local Settings\Application Data\synuv.bin
c:\documents and settings\Amy Lawrence\Local Settings\Application Data\ucejipoqo.dll
c:\documents and settings\Amy Lawrence\Local Settings\Temporary Internet Files\bekysoz.com
c:\documents and settings\Amy Lawrence\Local Settings\Temporary Internet Files\jipezomufy.ban
c:\documents and settings\Amy Lawrence\Local Settings\Temporary Internet Files\utat.com
c:\documents and settings\Amy Lawrence\Local Settings\Temporary Internet Files\wybotav.vbs
c:\documents and settings\Amy Lawrence\Local Settings\Temporary Internet Files\zojilikak.dl
c:\documents and settings\Amy Lawrence\My Documents\ZbThumbnail.info
c:\documents and settings\Amy Lawrence\Start Menu\Programs\AntivirusPro_2010
c:\documents and settings\Amy Lawrence\Start Menu\Programs\AntivirusPro_2010\AntivirusPro_2010.lnk
c:\documents and settings\Amy Lawrence\Start Menu\Programs\AntivirusPro_2010\Uninstall.lnk
c:\program files\AdvancedVirusRemover
c:\program files\AntivirusPro_2010
c:\program files\AntivirusPro_2010\AntivirusPro_2010.cfg
c:\program files\AntivirusPro_2010\AntivirusPro_2010.exe
c:\program files\Common Files\lotadod.ban
c:\program files\Common Files\vyjymabuba.vbs
c:\recycler\S-1-5-21-8397779206-9709722051-449603733-0494
c:\recycler\S-1-5-21-8397779206-9709722051-449603733-0494\msimfo32.exe
c:\windows\akone.dl
c:\windows\cumyloqu.reg
c:\windows\DRIVERS\beep.sys
c:\windows\eguzuko.dll
c:\windows\Fonts\acrsec.fon
c:\windows\gyno.inf
c:\windows\iwuku.scr
c:\windows\kri746.dat
c:\windows\system32\~.exe
c:\windows\SYSTEM32\41.exe
c:\windows\system32\bikurifo.exe
c:\windows\system32\braviax.exe
c:\windows\system32\desimuho.exe
c:\windows\system32\drivers\gasfkypfvmpxxy.sys
c:\windows\system32\gasfkyasnvvfhc.dll
c:\windows\system32\gasfkybnyrjcbw.dat
c:\windows\system32\gasfkyesrtliqh.dll
c:\windows\system32\gasfkyivppvagm.dat
c:\windows\system32\gasfkylnqjooib.dll
c:\windows\system32\geyekrefwwxtyc.dat
c:\windows\system32\geyekruuwagncb.dat
c:\windows\system32\horijige.exe
c:\windows\system32\iniasd.txt
c:\windows\system32\jiyazami.dll
c:\windows\system32\kri746.dat
c:\windows\system32\tusiheku.dll
c:\windows\system32\winhelper.dll
c:\windows\system32\wisdstr.exe
c:\windows\system32\zuwupima.exe
c:\windows\ubyfokahu.reg
c:\windows\xijal.ban

Infected copy of c:\windows\system32\drivers\beep.sys was found and disinfected
Restored copy from - c:\windows\SYSTEM32\DLLCACHE\cache\BEEP.SYS

Infected copy of c:\windows\system32\eventlog.dll was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\eventlog.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gasfkyerrpdwqi
-------\Legacy_gasfkyerrpdwqi
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}


((((((((((((((((((((((((( Files Created from 2009-08-23 to 2009-09-23 )))))))))))))))))))))))))))))))
.

2009-09-21 20:25 . 2009-09-21 20:25 396288 ----a-w- C:\HijackThis.exe
2009-09-21 20:24 . 2009-09-21 20:25 -------- d-----w- c:\program files\Trend Micro
2009-09-21 20:08 . 2009-09-21 20:08 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-09-21 19:47 . 2009-09-21 19:47 -------- d-----w- c:\documents and settings\Amy Lawrence\log
2009-09-21 19:47 . 2009-09-21 19:47 153104 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-09-21 19:30 . 2009-09-21 19:31 22698741 ----a-w- c:\program files\EasySpyRemover_setup.exe
2009-09-21 19:23 . 2009-09-21 19:23 18519 ----a-w- c:\windows\tuxelewi.com
2009-09-21 19:23 . 2009-09-21 19:23 17612 ----a-w- c:\windows\odoqytum.dat
2009-09-20 12:17 . 2009-09-20 12:17 -------- d-----w- C:\spoolerlogs
2009-09-19 20:49 . 2009-07-13 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-19 20:49 . 2009-09-21 20:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-19 20:49 . 2009-07-13 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-19 19:25 . 2009-09-19 19:25 13009 ----a-w- c:\windows\ezityzi.com
2009-09-19 13:38 . 2009-09-19 13:38 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-09-18 22:31 . 2009-09-19 15:55 -------- d-----w- c:\documents and settings\All Users\Application Data\13031354
2009-09-18 22:30 . 2009-09-18 22:30 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-09-18 22:23 . 2009-09-18 22:23 6656 ----a-w- C:\rhjdpc.exe
2009-09-18 22:23 . 2009-09-18 22:23 100352 ----a-w- C:\mdnsq.exe
2009-09-18 22:23 . 2009-09-18 22:23 49664 ----a-w- C:\vhlyrkv.exe
2009-09-18 22:23 . 2009-09-18 22:23 17408 ----a-w- c:\windows\system32\dllcache\beep.sys
2009-09-13 14:27 . 2009-09-13 14:27 -------- d-----w- c:\windows\system32\XPSViewer
2009-09-13 14:26 . 2009-09-13 14:26 -------- d-----w- c:\program files\MSBuild
2009-09-13 14:26 . 2009-09-13 14:26 -------- d-----w- c:\program files\Reference Assemblies
2009-09-13 14:24 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-09-13 14:24 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-09-13 14:24 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-09-13 14:24 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-09-13 14:24 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-09-13 14:24 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-09-13 14:24 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-09-13 14:24 . 2009-09-13 14:26 -------- d-----w- C:\ff39608955d4e17af278fcb4500a21ff
2009-09-13 14:23 . 2009-09-18 22:26 -------- d-----w- c:\windows\SxsCaPendDel
2009-09-11 17:48 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-23 21:58 . 2005-10-13 14:13 -------- d-----w- c:\program files\Microsoft AntiSpyware
2009-09-23 00:08 . 2003-08-14 17:37 88512 ----a-w- c:\documents and settings\Amy Lawrence\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-21 19:23 . 2009-09-21 19:23 13145 ----a-w- c:\documents and settings\All Users\Application Data\osofynu.dat
2009-09-19 19:25 . 2009-09-19 19:25 15989 ----a-w- c:\program files\Common Files\mevogu.db
2009-09-19 19:25 . 2009-09-19 19:25 10020 ----a-w- c:\program files\Common Files\yles.lib
2009-09-19 15:54 . 2009-07-17 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-19 13:37 . 2009-06-19 13:37 50176 --sha-w- c:\windows\system32\vuzejofu.dll
2009-09-19 13:37 . 2009-06-19 13:37 88576 --sha-w- c:\windows\system32\bikurifo.dll
2009-09-18 22:30 . 2009-06-18 22:30 89088 --sha-w- c:\windows\system32\guzuyavu.dll
2009-09-11 17:47 . 2009-07-17 23:19 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-11 17:47 . 2009-07-17 23:19 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-11 17:47 . 2009-07-17 23:18 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-05 09:01 . 2007-01-09 19:03 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 23:19 . 2009-07-17 23:19 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-07-17 19:01 . 2002-08-29 10:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 14:08 . 2005-01-28 18:44 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:09 . 2006-06-23 15:33 915456 ----a-w- c:\windows\system32\wininet.dll
2007-12-13 21:31 . 2007-12-13 21:31 18519651 ----a-w- c:\program files\globalops-351.exe
2003-08-30 02:24 . 2003-08-30 02:22 16251072 ----a-w- c:\program files\AdbeRdr60_enu_full.exe
2003-08-27 18:19 . 2004-09-01 02:42 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
2009-06-19 13:38 . 2009-06-19 13:38 50176 --sha-w- c:\windows\SYSTEM32\jegugore.dll
2009-06-19 13:38 . 2009-06-19 13:38 50176 --sha-w- c:\windows\SYSTEM32\ziganave.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-07-18_21.29.38 )))))))))))))))))))))))))))))))))))))))))
.
- 2002-08-29 10:00 . 2008-04-14 00:12 90112 c:\windows\SYSTEM32\wshext.dll
+ 2002-08-29 10:00 . 2008-05-09 10:53 90112 c:\windows\SYSTEM32\wshext.dll
+ 2008-10-22 09:47 . 2009-07-14 11:03 46080 c:\windows\SYSTEM32\tzchange.exe
+ 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\SYSTEM32\TsWpfWrp.exe
+ 2002-08-29 10:00 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\telnet.exe
+ 2009-09-13 14:26 . 2008-07-06 12:06 89088 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\SYSTEM32\PresentationHostProxy.dll
+ 2003-08-08 13:47 . 2009-09-13 14:42 71462 c:\windows\SYSTEM32\PERFC009.DAT
- 2007-10-24 06:47 . 2007-10-24 06:47 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll
- 2009-03-08 08:31 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2009-03-08 08:31 . 2009-07-03 17:09 55296 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\SYSTEM32\mscories.dll
+ 2009-02-15 13:11 . 2009-09-11 20:44 88589 c:\windows\SYSTEM32\Macromed\Flash\uninstall_activeX.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 56320 c:\windows\SYSTEM32\logevent.dll
+ 2002-08-29 10:00 . 2009-07-03 17:09 25600 c:\windows\SYSTEM32\jsproxy.dll
- 2002-08-29 10:00 . 2009-04-30 21:22 25600 c:\windows\SYSTEM32\jsproxy.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\SYSTEM32\infocardapi.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\SYSTEM32\icardres.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\SYSTEM32\dxva2.dll
+ 2009-07-18 00:34 . 2009-07-03 17:09 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
- 2009-07-18 00:34 . 2009-04-30 21:22 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\SYSTEM32\DLLCACHE\wshext.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe
+ 2009-07-29 01:15 . 2009-07-03 17:09 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
- 2009-01-28 12:42 . 2009-04-30 21:22 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2009-01-28 12:42 . 2009-07-03 17:09 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\SYSTEM32\dfshim.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 96760 c:\windows\SYSTEM32\dfshim.dll
+ 2009-09-18 22:30 . 2009-09-21 21:38 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-09-18 22:31 . 2009-09-18 22:31 20992 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\9XVI09R9\aesdfghjgf[1].dll
- 2002-09-03 07:08 . 2009-07-18 15:50 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\INDEX.DAT
+ 2002-09-03 07:08 . 2009-09-21 21:38 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\INDEX.DAT
+ 2002-09-03 07:08 . 2009-09-21 21:38 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\INDEX.DAT
+ 2002-08-29 10:00 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\avifil32.dll
- 2002-08-29 10:00 . 2008-04-14 00:11 84992 c:\windows\SYSTEM32\avifil32.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-10-24 06:47 . 2007-10-24 06:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\57cf07e.msp
+ 2009-09-13 14:21 . 2009-09-13 14:21 88576 c:\windows\Installer\571347d.msi
+ 2009-07-29 19:34 . 2009-04-30 21:22 12800 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-07-29 19:34 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-07-29 19:34 . 2009-04-30 21:22 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\I386\filterpipelineprintproc.dll
+ 2009-09-13 15:00 . 2009-09-13 15:00 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-09-13 15:45 . 2009-09-13 15:45 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-09-13 15:19 . 2009-09-13 15:19 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-09-13 15:19 . 2009-09-13 15:19 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-09-13 14:53 . 2009-09-13 14:53 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-09-13 14:45 . 2009-09-13 14:45 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-09-13 15:22 . 2009-09-13 15:22 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-09-13 15:18 . 2009-09-13 15:18 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-09-13 14:26 . 2009-09-13 14:26 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-08-13 20:58 . 2008-04-14 00:11 58880 c:\windows\$NtUninstallKB973507$\atl.dll
+ 2009-08-13 20:58 . 2008-04-14 00:11 84992 c:\windows\$NtUninstallKB971557$\avifil32.dll
+ 2009-08-13 20:59 . 2008-04-14 00:12 75776 c:\windows\$NtUninstallKB960859$\telnet.exe
+ 2009-07-18 22:55 . 2008-04-14 00:12 90112 c:\windows\$NtUninstallKB951978$\wshext.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973869\update\spcustom.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973869\spmsg.dll
+ 2009-08-13 20:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973815\update\spcustom.dll
+ 2009-08-13 20:51 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973815\spmsg.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973507\update\spcustom.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973507\spmsg.dll
+ 2009-07-17 19:25 . 2009-07-17 19:25 58880 c:\windows\$hf_mig$\KB973507\SP3QFE\atl.dll
+ 2009-08-13 20:57 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973354\update\spcustom.dll
+ 2009-08-13 20:57 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973354\spmsg.dll
+ 2009-07-29 19:34 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB972260-IE8\update\spcustom.dll
+ 2009-07-29 19:34 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB972260-IE8\spmsg.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 12800 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\xpshims.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 55296 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\msfeedsbs.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 25600 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\jsproxy.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971657\update\spcustom.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971657\spmsg.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971557\update\spcustom.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971557\spmsg.dll
+ 2009-06-10 14:01 . 2009-06-10 14:01 84992 c:\windows\$hf_mig$\KB971557\SP3QFE\avifil32.dll
+ 2009-08-13 20:59 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB960859\update\spcustom.dll
+ 2009-08-13 20:59 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB960859\spmsg.dll
+ 2009-06-12 12:03 . 2009-06-12 12:03 80896 c:\windows\$hf_mig$\KB960859\SP3QFE\tlntsess.exe
+ 2009-06-12 12:03 . 2009-06-12 12:03 76288 c:\windows\$hf_mig$\KB960859\SP3QFE\telnet.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956744\update\spcustom.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956744\spmsg.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 26488 c:\windows\$hf_mig$\KB954459\update\spcustom.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 17272 c:\windows\$hf_mig$\KB954459\spmsg.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 26488 c:\windows\$hf_mig$\KB951978\update\spcustom.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 17272 c:\windows\$hf_mig$\KB951978\spmsg.dll
+ 2008-05-09 10:45 . 2008-05-09 10:45 90112 c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 06:47 . 2007-10-24 06:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-09-13 14:30 . 2009-09-13 14:30 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-01-28 02:51 . 2009-01-28 02:51 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-01-28 02:52 . 2009-01-28 02:52 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\SYSTEM32\XPSViewer\XPSViewer.exe
- 2002-08-29 10:00 . 2008-04-14 00:12 155648 c:\windows\SYSTEM32\wscript.exe
+ 2002-08-29 10:00 . 2008-05-08 11:24 155648 c:\windows\SYSTEM32\wscript.exe
+ 2002-08-29 10:00 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\wkssvc.dll
- 2002-08-29 10:00 . 2008-04-14 00:12 132096 c:\windows\SYSTEM32\wkssvc.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\SYSTEM32\UIAutomationCore.dll
+ 2009-09-13 14:26 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\mxdwdrv.dll
+ 2009-09-13 14:26 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-09-13 14:26 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\mxdwdrv.dll
+ 2009-09-13 14:26 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-09-13 14:26 . 2008-07-06 12:06 147456 c:\windows\SYSTEM32\SPOOL\PRTPROCS\x64\filterpipelineprintproc.dll
+ 2009-09-13 14:24 . 2008-07-06 10:50 597504 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfilterpipelinesvc.exe
- 2003-08-28 19:07 . 2007-05-15 08:08 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
+ 2003-08-28 19:07 . 2008-03-13 04:52 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
+ 2003-08-28 19:07 . 2008-07-06 12:06 744960 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll
+ 2003-08-28 19:07 . 2008-07-06 12:06 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
- 2003-08-28 19:07 . 2008-04-14 00:12 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 198656 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdui.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdrv.dll
+ 2002-08-29 10:00 . 2008-05-09 10:53 172032 c:\windows\SYSTEM32\scrrun.dll
- 2002-08-29 10:00 . 2008-04-14 00:12 172032 c:\windows\SYSTEM32\scrrun.dll
+ 2002-08-29 10:00 . 2008-05-09 10:53 180224 c:\windows\SYSTEM32\scrobj.dll
- 2002-08-29 10:00 . 2008-04-14 00:12 180224 c:\windows\SYSTEM32\scrobj.dll
+ 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\SYSTEM32\rgb9rast_2.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\SYSTEM32\PresentationNative_v0300.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 326160 c:\windows\SYSTEM32\PresentationHost.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\SYSTEM32\PresentationCFFRasterizerNative_v0300.dll
+ 2003-08-08 13:47 . 2009-09-13 14:42 441692 c:\windows\SYSTEM32\PERFH009.DAT
+ 2002-08-29 10:00 . 2009-07-03 17:09 206848 c:\windows\SYSTEM32\occache.dll
- 2009-03-08 08:32 . 2009-03-08 08:32 594432 c:\windows\SYSTEM32\msfeeds.dll
+ 2009-03-08 08:32 . 2009-07-03 17:09 594432 c:\windows\SYSTEM32\msfeeds.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\SYSTEM32\mscorier.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 158720 c:\windows\SYSTEM32\mscorier.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 282112 c:\windows\SYSTEM32\mscoree.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 282112 c:\windows\SYSTEM32\mscoree.dll
+ 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\SYSTEM32\Macromed\Flash\FlashUtil10c.exe
+ 2006-05-18 05:58 . 2009-06-22 06:44 726528 c:\windows\SYSTEM32\jscript.dll
- 2006-05-18 05:58 . 2009-03-08 08:33 726528 c:\windows\SYSTEM32\jscript.dll
+ 2006-02-24 18:24 . 2009-07-03 17:09 184320 c:\windows\SYSTEM32\iepeers.dll
+ 2002-08-29 10:00 . 2009-07-03 17:09 386048 c:\windows\SYSTEM32\iedkcs32.dll
- 2002-08-29 10:00 . 2009-04-30 11:21 173056 c:\windows\SYSTEM32\ie4uinit.exe
+ 2002-08-29 10:00 . 2009-07-03 11:01 173056 c:\windows\SYSTEM32\ie4uinit.exe
+ 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\SYSTEM32\icardagt.exe
+ 2002-09-03 14:05 . 2009-09-13 14:49 313176 c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\SYSTEM32\evr.dll
+ 2008-05-08 11:24 . 2008-05-08 11:24 155648 c:\windows\SYSTEM32\DLLCACHE\wscript.exe
+ 2009-07-13 14:08 . 2009-07-13 14:08 286720 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll
+ 2009-01-28 12:42 . 2009-07-03 17:09 915456 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
- 2009-01-28 12:42 . 2009-05-13 05:15 915456 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 172032 c:\windows\SYSTEM32\DLLCACHE\scrrun.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 180224 c:\windows\SYSTEM32\DLLCACHE\scrobj.dll
+ 2009-03-08 08:34 . 2009-07-03 17:09 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\DLLCACHE\mswebdvd.dll
+ 2009-07-29 01:15 . 2009-07-03 17:09 594432 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
- 2003-01-13 19:57 . 2009-03-08 08:33 726528 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
+ 2003-01-13 19:57 . 2009-06-22 06:44 726528 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
- 2009-07-18 00:34 . 2009-04-30 21:22 246272 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
+ 2009-07-18 00:34 . 2009-07-03 17:09 246272 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
+ 2009-01-28 12:42 . 2009-07-03 17:09 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2009-03-08 18:09 . 2009-07-03 17:09 386048 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2009-03-08 08:32 . 2009-07-03 11:01 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
- 2009-03-08 08:32 . 2009-04-30 11:21 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2008-05-07 09:07 . 2008-05-07 09:07 135168 c:\windows\SYSTEM32\DLLCACHE\cscript.exe
+ 2002-08-29 10:00 . 2008-05-07 09:07 135168 c:\windows\SYSTEM32\cscript.exe
- 2009-07-18 15:50 . 2009-07-18 15:50 245760 c:\windows\SYSTEM32\CONFIG\systemprofile\IETldCache\index.dat
+ 2009-07-18 15:50 . 2009-09-21 21:38 245760 c:\windows\SYSTEM32\CONFIG\systemprofile\IETldCache\index.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-09-13 14:29 . 2009-09-13 14:29 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 08:59 . 2008-11-25 08:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-03-20 15:48 . 2009-03-20 15:48 183808 c:\windows\Installer\972d046.msp
+ 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\58fc5ef.msp
+ 2009-09-13 14:30 . 2009-09-13 14:30 648192 c:\windows\Installer\5802b61.msi
+ 2008-07-30 01:23 . 2008-07-30 01:23 250880 c:\windows\Installer\57cf087.msp
+ 2008-07-30 01:28 . 2008-07-30 01:28 278016 c:\windows\Installer\57cf085.msp
+ 2008-07-29 23:40 . 2008-07-29 23:40 291840 c:\windows\Installer\57cf083.msp
+ 2009-09-13 14:28 . 2009-09-13 14:28 137728 c:\windows\Installer\57cf07d.msi
+ 2008-07-29 21:35 . 2008-07-29 21:35 553472 c:\windows\Installer\5713482.msp
+ 2008-07-29 21:33 . 2008-07-29 21:33 506368 c:\windows\Installer\5713480.msp
+ 2008-07-29 21:37 . 2008-07-29 21:37 911360 c:\windows\Installer\571347f.msp
+ 2009-07-29 19:34 . 2009-05-13 05:15 915456 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-07-29 19:34 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-07-29 19:34 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-07-29 19:34 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-07-29 19:34 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-07-29 19:34 . 2009-04-30 21:22 246272 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-07-29 19:34 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-07-29 19:34 . 2009-04-30 21:22 385536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-07-29 19:34 . 2009-04-30 11:21 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-09-12 12:30 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-09-12 12:30 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-09-12 12:30 . 2009-03-08 08:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2009-09-13 14:25 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\I386\unires.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\I386\unidrvui.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\I386\unidrv.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\I386\mxdwdui.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\I386\mxdwdrv.dll
+ 2009-01-28 02:52 . 2009-01-28 02:52 299008 c:\windows\assembly\temp\RZ5BGMRX28\System.Runtime.Remoting.dll
+ 2009-01-28 02:51 . 2009-01-28 02:51 114688 c:\windows\assembly\temp\MV17ELRW27\System.ServiceProcess.dll
+ 2009-01-28 02:52 . 2009-01-28 02:52 261120 c:\windows\assembly\temp\JRX3AHNU06\System.Transactions.dll
+ 2009-01-28 02:51 . 2009-01-28 02:51 425984 c:\windows\assembly\temp\FNSY4AGLRX\System.configuration.dll
+ 2009-01-28 02:52 . 2009-01-28 02:52 113664 c:\windows\assembly\temp\BIOU06CJPV\System.EnterpriseServices.Wrapper.dll
+ 2009-01-28 02:52 . 2009-01-28 02:52 258048 c:\windows\assembly\temp\BIOU06CJPV\System.EnterpriseServices.dll
+ 2009-01-28 02:51 . 2009-01-28 02:51 630784 c:\windows\assembly\temp\5EKQW27DIO\System.Drawing.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-09-13 15:00 . 2009-09-13 15:00 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-09-13 15:00 . 2009-09-13 15:00 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-09-13 15:00 . 2009-09-13 15:00 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-09-13 15:46 . 2009-09-13 15:46 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-09-13 15:45 . 2009-09-13 15:45 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-09-13 15:22 . 2009-09-13 15:22 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-09-13 15:22 . 2009-09-13 15:22 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-09-13 15:22 . 2009-09-13 15:22 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-09-13 15:22 . 2009-09-13 15:22 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-09-13 15:16 . 2009-09-13 15:16 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-09-13 15:16 . 2009-09-13 15:16 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-09-13 14:56 . 2009-09-13 14:56 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-09-13 15:19 . 2009-09-13 15:19 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-09-13 15:19 . 2009-09-13 15:19 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-09-13 15:18 . 2009-09-13 15:18 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-09-13 14:54 . 2009-09-13 14:54 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-09-13 14:54 . 2009-09-13 14:54 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-09-13 14:54 . 2009-09-13 14:54 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-09-13 14:54 . 2009-09-13 14:54 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-09-13 15:18 . 2009-09-13 15:18 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-09-13 15:17 . 2009-09-13 15:17 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-09-13 15:18 . 2009-09-13 15:18 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-09-13 14:47 . 2009-09-13 14:47 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-09-13 14:47 . 2009-09-13 14:47 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-01-28 02:51 . 2009-01-28 02:51 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2009-01-28 02:51 . 2009-01-28 02:51 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-09-13 14:47 . 2009-09-13 14:47 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-09-13 14:47 . 2009-09-13 14:47 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
- 2009-01-28 02:51 . 2009-01-28 02:51 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-09-13 14:27 . 2009-09-13 14:27 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-01-28 02:52 . 2009-01-28 02:52 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-01-28 02:51 . 2009-01-28 02:51 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB973869$\spuninst\updspapi.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe
+ 2009-08-13 20:51 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973815$\spuninst\updspapi.dll
+ 2009-08-13 20:51 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe
+ 2009-08-13 20:51 . 2008-04-14 00:12 203776 c:\windows\$NtUninstallKB973815$\mswebdvd.dll
+ 2009-08-13 20:57 . 2005-01-28 18:44 282624 c:\windows\$NtUninstallKB973540_WM9$\wmpdxm.dll
+ 2009-08-13 20:57 . 2007-07-27 14:41 382840 c:\windows\$NtUninstallKB973540_WM9$\spuninst\updspapi.dll
+ 2009-08-13 20:57 . 2007-07-27 14:41 231288 c:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe
+ 2009-08-13 20:58 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973507$\spuninst\updspapi.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe
+ 2009-08-13 20:57 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973354$\spuninst\updspapi.dll
+ 2009-08-13 20:57 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe
+ 2009-08-13 20:58 . 2008-04-14 00:12 132096 c:\windows\$NtUninstallKB971657$\wkssvc.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971657$\spuninst\updspapi.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe
+ 2009-08-13 20:58 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971557$\spuninst\updspapi.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe
+ 2009-08-13 20:59 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB960859$\spuninst\updspapi.dll
+ 2009-08-13 20:59 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956744$\spuninst\updspapi.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe
+ 2009-07-18 22:55 . 2007-11-30 12:39 382840 c:\windows\$NtUninstallKB954459$\spuninst\updspapi.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 231288 c:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe
+ 2009-07-18 22:55 . 2008-04-14 00:12 155648 c:\windows\$NtUninstallKB951978$\wscript.exe
+ 2009-07-18 22:55 . 2007-11-30 12:39 382840 c:\windows\$NtUninstallKB951978$\spuninst\updspapi.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 231288 c:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe
+ 2009-07-18 22:55 . 2008-04-14 00:12 172032 c:\windows\$NtUninstallKB951978$\scrrun.dll
+ 2009-07-18 22:55 . 2008-04-14 00:12 180224 c:\windows\$NtUninstallKB951978$\scrobj.dll
+ 2009-07-18 22:55 . 2008-04-14 00:12 139264 c:\windows\$NtUninstallKB951978$\cscript.exe
+ 2009-07-18 22:55 . 2007-11-30 11:18 382840 c:\windows\$NtUninstallKB938464-v2$\spuninst\updspapi.dll
+ 2009-07-18 22:55 . 2007-11-30 11:18 231288 c:\windows\$NtUninstallKB938464-v2$\spuninst\spuninst.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973869\update\updspapi.dll
+ 2009-08-13 20:58 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973869\update\update.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973869\spuninst.exe
+ 2009-08-13 20:51 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973815\update\updspapi.dll
+ 2009-08-13 20:51 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973815\update\update.exe
+ 2009-08-13 20:51 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973815\spuninst.exe
+ 2009-08-05 08:52 . 2009-08-05 08:52 204800 c:\windows\$hf_mig$\KB973815\SP3QFE\mswebdvd.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973507\update\updspapi.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973507\update\update.exe
+ 2009-08-13 20:58 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973507\spuninst.exe
+ 2009-08-13 20:57 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973354\update\updspapi.dll
+ 2009-08-13 20:57 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973354\update\update.exe
+ 2009-08-13 20:57 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973354\spuninst.exe
+ 2009-07-29 19:34 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB972260-IE8\update\updspapi.dll
+ 2009-07-29 19:34 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB972260-IE8\update\update.exe
+ 2009-07-29 19:34 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB972260-IE8\spuninst.exe
+ 2009-07-29 01:15 . 2009-07-03 17:06 915456 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 206848 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\occache.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 594432 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\msfeeds.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 246272 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ieproxy.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 184320 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iepeers.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 386048 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iedkcs32.dll
+ 2009-07-29 01:15 . 2009-07-03 11:38 173056 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ie4uinit.exe
+ 2009-08-13 20:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971657\spuninst.exe
+ 2009-06-10 06:17 . 2009-06-10 06:17 134144 c:\windows\$hf_mig$\KB971657\SP3QFE\wkssvc.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971557\update\updspapi.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971557\update\update.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971557\spuninst.exe
+ 2009-08-13 20:59 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
+ 2009-08-13 20:59 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-08-13 20:59 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB960859\spuninst.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956744\update\updspapi.dll
+ 2009-08-13 20:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB956744\update\update.exe
+ 2009-08-13 20:58 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956744\spuninst.exe
+ 2009-07-18 22:55 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2009-07-18 22:55 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB954459\spuninst.exe
+ 2009-07-18 22:55 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB951978\update\updspapi.dll
+ 2009-07-18 22:55 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2009-07-18 22:55 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB951978\spuninst.exe
+ 2008-05-08 11:24 . 2008-05-08 11:24 155648 c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:45 . 2008-05-09 10:45 430080 c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-09 10:45 . 2008-05-09 10:45 172032 c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:45 . 2008-05-09 10:45 180224 c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:45 . 2008-05-09 10:45 512000 c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-07 09:07 . 2008-05-07 09:07 135168 c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2009-07-18 15:57 . 2008-04-15 17:47 1724416 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
+ 2005-01-28 18:44 . 2009-05-20 16:24 2373504 c:\windows\SYSTEM32\WMVCore.dll
+ 2005-01-28 18:44 . 2009-07-13 14:08 5537792 c:\windows\SYSTEM32\wmp.dll
- 2005-01-28 18:44 . 2007-04-30 13:20 5537792 c:\windows\SYSTEM32\wmp.dll
+ 2006-08-31 00:42 . 2009-07-03 17:09 1208832 c:\windows\SYSTEM32\urlmon.dll
+ 2009-09-13 14:26 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\xpssvcs.dll
+ 2009-09-13 14:26 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\xpssvcs.dll
+ 2009-09-13 14:26 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\xpssvcs.dll
+ 2009-09-13 14:26 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-09-13 14:24 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\XpsSvcs.dll
+ 2009-01-28 14:04 . 2008-09-10 01:14 1307648 c:\windows\SYSTEM32\msxml6.dll
+ 2002-08-29 10:00 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\mstscax.dll
+ 2006-06-30 14:28 . 2009-07-19 13:18 5937152 c:\windows\SYSTEM32\mshtml.dll
+ 2009-03-08 08:32 . 2009-07-03 17:09 1985536 c:\windows\SYSTEM32\iertutil.dll
+ 2005-01-28 18:44 . 2009-05-20 16:24 2373504 c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll
+ 2009-07-13 14:08 . 2009-07-13 14:08 5537792 c:\windows\SYSTEM32\DLLCACHE\wmp.dll
+ 2009-01-28 12:42 . 2009-07-03 17:09 1208832 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2009-01-28 14:04 . 2008-09-10 01:14 1307648 c:\windows\SYSTEM32\DLLCACHE\msxml6.dll
+ 2009-06-10 13:19 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\DLLCACHE\mstscax.dll
+ 2009-08-12 23:24 . 2009-07-10 13:27 1315328 c:\windows\SYSTEM32\DLLCACHE\msoe.dll
+ 2009-01-28 12:42 . 2009-07-19 13:18 5937152 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2009-07-18 00:34 . 2009-07-03 17:09 1985536 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
+ 2009-09-18 22:31 . 2009-09-18 22:31 1525760 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\16LPOSS6\SetupAdvancedVirusRemover[1].exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 23:35 . 2008-12-05 23:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-06 00:12 . 2008-12-06 00:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-10-24 06:47 . 2007-10-24 06:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2007-10-24 06:47 . 2007-10-24 06:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 08:59 . 2008-11-25 08:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2008-12-13 13:57 . 2008-12-13 13:57 8397824 c:\windows\Installer\5802b6f.msp
+ 2008-07-29 23:26 . 2008-07-29 23:26 1043456 c:\windows\Installer\57cf086.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37 2679808 c:\windows\Installer\57cf084.msp
+ 2008-07-30 01:15 . 2008-07-30 01:15 3697664 c:\windows\Installer\57cf082.msp
+ 2008-07-29 23:34 . 2008-07-29 23:34 1448448 c:\windows\Installer\57cf081.msp
+ 2008-07-30 00:22 . 2008-07-30 00:22 4137984 c:\windows\Installer\57cf080.msp
+ 2008-07-29 23:18 . 2008-07-29 23:18 3376640 c:\windows\Installer\57cf07f.msp
+ 2008-07-29 21:45 . 2008-07-29 21:45 2543616 c:\windows\Installer\5713486.msp
+ 2008-07-29 21:29 . 2008-07-29 21:29 2926080 c:\windows\Installer\5713485.msp
+ 2008-07-29 21:41 . 2008-07-29 21:41 6487040 c:\windows\Installer\5713484.msp
+ 2008-07-29 21:39 . 2008-07-29 21:39 3403264 c:\windows\Installer\5713483.msp
+ 2008-07-29 21:43 . 2008-07-29 21:43 1013248 c:\windows\Installer\5713481.msp
+ 2008-07-29 21:31 . 2008-07-29 21:31 6083072 c:\windows\Installer\571347e.msp
+ 2009-07-29 19:34 . 2009-04-30 21:22 1207808 c:\windows\ie8updates\KB972260-IE8\urlmon.dll
+ 2009-07-29 19:34 . 2009-05-13 05:15 5936128 c:\windows\ie8updates\KB972260-IE8\mshtml.dll
+ 2009-07-29 19:34 . 2009-04-30 21:22 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll
+ 2009-01-28 02:52 . 2009-01-28 02:52 5013504 c:\windows\assembly\temp\Z8EKRY4AGM\System.Windows.Forms.dll
+ 2009-01-28 02:52 . 2009-01-28 02:52 3076096 c:\windows\assembly\temp\T17CINTZ4A\System.dll
+ 2009-01-28 02:52 . 2009-01-28 02:52 3036160 c:\windows\assembly\temp\IQW28EKQV1\System.Data.dll
+ 2009-01-28 02:51 . 2009-01-28 02:51 2068480 c:\windows\assembly\temp\09FLRW27DI\System.XML.dll
+ 2009-09-13 14:46 . 2009-09-13 14:46 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-09-13 15:00 . 2009-09-13 15:00 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-09-13 14:45 . 2009-09-13 14:45 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-09-13 15:00 . 2009-09-13 15:00 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-09-13 15:46 . 2009-09-13 15:46 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-09-13 15:45 . 2009-09-13 15:45 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-09-13 15:45 . 2009-09-13 15:45 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-09-13 15:45 . 2009-09-13 15:45 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-09-13 15:45 . 2009-09-13 15:45 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-09-13 15:45 . 2009-09-13 15:45 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-09-13 14:57 . 2009-09-13 14:57 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-09-13 15:22 . 2009-09-13 15:22 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-09-13 15:17 . 2009-09-13 15:17 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-09-13 14:56 . 2009-09-13 14:56 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-09-13 15:16 . 2009-09-13 15:16 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-09-13 14:56 . 2009-09-13 14:56 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-09-13 14:55 . 2009-09-13 14:55 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-09-13 14:55 . 2009-09-13 14:55 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-09-13 15:21 . 2009-09-13 15:21 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-09-13 14:55 . 2009-09-13 14:55 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-09-13 14:55 . 2009-09-13 14:55 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-09-13 14:54 . 2009-09-13 14:54 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-09-13 14:45 . 2009-09-13 14:45 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-09-13 15:22 . 2009-09-13 15:22 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-09-13 15:18 . 2009-09-13 15:18 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-09-13 14:41 . 2009-09-13 14:41 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-09-13 14:41 . 2009-09-13 14:41 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-09-13 14:47 . 2009-09-13 14:47 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-09-13 14:46 . 2009-09-13 14:46 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-09-13 14:30 . 2009-09-13 14:30 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-09-13 14:46 . 2009-09-13 14:46 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-09-13 14:26 . 2009-09-13 14:26 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-09-13 14:40 . 2009-09-13 14:40 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-08-13 20:57 . 2007-04-30 13:20 5537792 c:\windows\$NtUninstallKB973540_WM9$\wmp.dll
+ 2009-08-13 20:57 . 2008-04-14 00:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll
+ 2009-08-13 20:58 . 2008-04-14 00:11 2061824 c:\windows\$NtUninstallKB956744$\mstscax.dll
+ 2009-07-18 22:55 . 2008-04-14 00:12 1306624 c:\windows\$NtUninstallKB954459$\msxml6.dll
+ 2009-07-10 22:54 . 2009-07-10 22:54 1315328 c:\windows\$hf_mig$\KB973354\SP3QFE\msoe.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 1208832 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\urlmon.dll
+ 2009-07-29 01:15 . 2009-07-19 13:17 5938176 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
+ 2009-07-29 01:15 . 2009-07-03 17:06 1985536 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iertutil.dll
+ 2009-08-12 23:25 . 2009-06-09 15:21 2067968 c:\windows\$hf_mig$\KB956744\SP3QFE\lhmstscx.dll
+ 2008-09-10 01:10 . 2008-09-10 01:10 1379840 c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll
+ 2009-03-08 08:39 . 2009-07-19 22:48 11067392 c:\windows\SYSTEM32\ieframe.dll
+ 2009-07-18 00:34 . 2009-07-19 22:48 11067392 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
+ 2008-12-13 14:21 . 2008-12-13 14:21 10473472 c:\windows\Installer\58e32d9.msp
+ 2009-07-29 19:34 . 2009-04-30 21:22 11064832 c:\windows\ie8updates\KB972260-IE8\ieframe.dll
+ 2009-09-13 14:58 . 2009-09-13 14:58 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-09-13 15:23 . 2009-09-13 15:23 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-09-13 15:17 . 2009-09-13 15:17 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-09-13 14:56 . 2009-09-13 14:56 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-09-13 14:54 . 2009-09-13 14:54 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-09-13 14:53 . 2009-09-13 14:53 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-09-13 14:44 . 2009-09-13 14:44 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
+ 2009-07-29 01:15 . 2009-07-19 13:17 11068416 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-02-02 98304]
"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2005-04-22 290816]
"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 69632]
"gcasServ"="c:\program files\Microsoft AntiSpyware\gcasServ.exe" [2005-07-12 473928]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2003-08-08 151597]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-11-08 294912]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-11 2007832]
"bisinedun"="c:\windows\system32\bikurifo.dll" [2009-09-19 88576]
"CARPService"="carpserv.exe" - c:\windows\SYSTEM32\carpserv.exe [2003-01-23 4608]
"ATIModeChange"="Ati2mdxx.exe" - c:\windows\SYSTEM32\Ati2mdxx.exe [2001-09-04 28672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{5da66510-f24f-4dc9-86eb-33b50166477f}"= "c:\windows\system32\bikurifo.dll" [2009-09-19 88576]
"{315e888b-2743-4af7-bcfa-195e51285e7e}"= "c:\windows\system32\bikurifo.dll" [2009-09-19 88576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"piviferag"= {5da66510-f24f-4dc9-86eb-33b50166477f} - c:\windows\system32\bikurifo.dll [2009-09-19 88576]
"hupipumig"= {315e888b-2743-4af7-bcfa-195e51285e7e} - c:\windows\system32\bikurifo.dll [2009-09-19 88576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-11 17:47 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R3 LSWPCv4;Wireless-B Notebook Adapter Driver;c:\windows\system32\DRIVERS\LSRTNDS.SYS [2003-04-14 151808]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-09-11 335240]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-07-17 108552]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-09-11 297752]
S2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2008-10-10 13088]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
Trusted Zone: turbotax.com
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://mail.ocrra.org/exchweb/controls/DAX.cab
.
- - - - ORPHANS REMOVED - - - -

AddRemove-WildTangent CDA - c:\program files\WildTangent\Apps\CDA\CDAUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-23 17:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLBTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3852)
c:\windows\system32\WININET.dll
c:\windows\system32\bikurifo.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ati2evxx.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\SYSTEM32\wdfmgr.exe
c:\program files\Dell Photo AIO Printer 922\dlbtbmon.exe
c:\program files\Digital Line Detect\DLG.exe
c:\program files\Microsoft AntiSpyware\gcasDtServ.exe
c:\program files\Canon\CAL\CALMAIN.exe
.
**************************************************************************
.
Completion time: 2009-09-23 18:05 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-23 22:05
ComboFix2.txt 2009-07-18 21:35
ComboFix3.txt 2009-07-17 22:14

Pre-Run: 1,811,836,928 bytes free
Post-Run: 2,234,503,168 bytes free

1174 --- E O F --- 2009-09-23 10:41

#8 jpshortstuff

jpshortstuff

    WhatTheTech Teacher


  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:04 AM

Posted 24 September 2009 - 02:49 AM

Hi,

Looks like we are making good progress :(

1. Please open Notepad
  • Click Start , then Run
  • Type notepad.exe in the Run Box.
2. Now copy/paste the entire content of the codebox below into the Notepad window:
http://www.bleepingcomputer.com/forums/t/259579/rootkit-problem/

Collect::
c:\program files\EasySpyRemover_setup.exe
c:\windows\tuxelewi.com
c:\windows\odoqytum.dat
c:\windows\ezityzi.com
C:\rhjdpc.exe
C:\mdnsq.exe
C:\vhlyrkv.exe
c:\documents and settings\All Users\Application Data\osofynu.dat
c:\program files\Common Files\mevogu.db
c:\program files\Common Files\yles.lib
c:\windows\system32\vuzejofu.dll
c:\windows\system32\bikurifo.dll
c:\windows\system32\guzuyavu.dll
c:\windows\SYSTEM32\jegugore.dll
c:\windows\SYSTEM32\ziganave.dll

DirLook::
c:\program files\Microsoft AntiSpyware

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bisinedun"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"piviferag"=-
"hupipumig"=-

3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image

5. After reboot, (in case it asks to reboot), please post ComboFix.txt in your next reply.[/list]
Next, please run RootRepeal again, this time check all the boxes when scanning. Post the log it gives, along with the ComboFix log, and also this log:
c:\Qoobox\Add-Remove Programs.txt

Let me know how your computer is running now. Give the McAfee Removal Tool another go now as well.
Trained at the What The Tech Classroom where you too could learn to help others.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

Posted Image

#9 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 24 September 2009 - 05:33 PM

hey
its great to know we are making progress. I was able to use the mcafee removal tool and then ran combofix, here is the report:

ComboFix 09-09-23.02 - Amy Lawrence 09/24/2009 17:38.4.1 - NTFSx86
Running from: c:\documents and settings\Amy Lawrence\Desktop\othername.exe
Command switches used :: c:\documents and settings\Amy Lawrence\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point

file zipped: c:\documents and settings\All Users\Application Data\osofynu.dat
file zipped: C:\mdnsq.exe
file zipped: c:\program files\Common Files\mevogu.db
file zipped: c:\program files\Common Files\yles.lib
file zipped: c:\program files\EasySpyRemover_setup.exe
file zipped: C:\rhjdpc.exe
file zipped: C:\vhlyrkv.exe
file zipped: c:\windows\ezityzi.com
file zipped: c:\windows\odoqytum.dat
file zipped: c:\windows\system32\bikurifo.dll
file zipped: c:\windows\system32\guzuyavu.dll
file zipped: c:\windows\SYSTEM32\jegugore.dll
file zipped: c:\windows\system32\vuzejofu.dll
file zipped: c:\windows\SYSTEM32\ziganave.dll
file zipped: c:\windows\tuxelewi.com
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\osofynu.dat
C:\mdnsq.exe
c:\program files\Common Files\mevogu.db
c:\program files\Common Files\yles.lib
c:\program files\EasySpyRemover_setup.exe
C:\rhjdpc.exe
C:\vhlyrkv.exe
c:\windows\ezityzi.com
c:\windows\odoqytum.dat
c:\windows\system32\bikurifo.dll
c:\windows\system32\guzuyavu.dll
c:\windows\SYSTEM32\jegugore.dll
c:\windows\system32\vuzejofu.dll
c:\windows\SYSTEM32\ziganave.dll
c:\windows\tuxelewi.com

.
((((((((((((((((((((((((( Files Created from 2009-08-24 to 2009-09-24 )))))))))))))))))))))))))))))))
.

2009-09-21 20:25 . 2009-09-21 20:25 396288 ----a-w- C:\HijackThis.exe
2009-09-21 20:24 . 2009-09-21 20:25 -------- d-----w- c:\program files\Trend Micro
2009-09-21 20:08 . 2009-09-21 20:08 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-09-21 19:47 . 2009-09-21 19:47 -------- d-----w- c:\documents and settings\Amy Lawrence\log
2009-09-21 19:47 . 2009-09-21 19:47 153104 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-09-20 12:17 . 2009-09-20 12:17 -------- d-----w- C:\spoolerlogs
2009-09-19 20:49 . 2009-07-13 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-19 20:49 . 2009-09-21 20:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-19 20:49 . 2009-07-13 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-19 13:38 . 2009-09-19 13:38 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-09-18 22:31 . 2009-09-19 15:55 -------- d-----w- c:\documents and settings\All Users\Application Data\13031354
2009-09-18 22:30 . 2009-09-18 22:30 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-09-18 22:23 . 2009-09-18 22:23 17408 ----a-w- c:\windows\system32\dllcache\beep.sys
2009-09-13 14:27 . 2009-09-13 14:27 -------- d-----w- c:\windows\system32\XPSViewer
2009-09-13 14:26 . 2009-09-13 14:26 -------- d-----w- c:\program files\MSBuild
2009-09-13 14:26 . 2009-09-13 14:26 -------- d-----w- c:\program files\Reference Assemblies
2009-09-13 14:24 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-09-13 14:24 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-09-13 14:24 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-09-13 14:24 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-09-13 14:24 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-09-13 14:24 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-09-13 14:24 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-09-13 14:24 . 2009-09-13 14:26 -------- d-----w- C:\ff39608955d4e17af278fcb4500a21ff
2009-09-13 14:23 . 2009-09-23 21:53 -------- d-----w- c:\windows\SxsCaPendDel
2009-09-11 17:48 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-24 21:51 . 2005-10-13 14:13 -------- d-----w- c:\program files\Microsoft AntiSpyware
2009-09-23 00:08 . 2003-08-14 17:37 88512 ----a-w- c:\documents and settings\Amy Lawrence\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-19 15:54 . 2009-07-17 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-11 17:47 . 2009-07-17 23:19 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-11 17:47 . 2009-07-17 23:19 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-11 17:47 . 2009-07-17 23:18 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-05 09:01 . 2007-01-09 19:03 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 23:19 . 2009-07-17 23:19 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-07-17 19:01 . 2002-08-29 10:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 14:08 . 2005-01-28 18:44 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:09 . 2006-06-23 15:33 915456 ------w- c:\windows\system32\wininet.dll
2007-12-13 21:31 . 2007-12-13 21:31 18519651 ----a-w- c:\program files\globalops-351.exe
2003-08-30 02:24 . 2003-08-30 02:22 16251072 ----a-w- c:\program files\AdbeRdr60_enu_full.exe
2003-08-27 18:19 . 2004-09-01 02:42 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\Microsoft AntiSpyware ----

2005-12-19 03:22 . 2005-12-29 03:01 540 ----a-w- c:\program files\Microsoft AntiSpyware\softwareupdates.log
2005-12-19 03:20 . 2005-12-29 03:01 6910088 ----a-w- c:\program files\Microsoft AntiSpyware\TempUpdates\microsoftantispywareinstall.exe
2005-10-13 14:29 . 2005-10-13 14:29 3224 ----a-w- c:\program files\Microsoft AntiSpyware\gcThreatAuditSettingsData.gcd
2005-10-13 14:29 . 2009-07-05 23:07 1155 ----a-w- c:\program files\Microsoft AntiSpyware\gcThreatAuditQuarantineData.gcd
2005-10-13 14:29 . 2009-07-05 23:07 37723 ----a-w- c:\program files\Microsoft AntiSpyware\cleaner.log
2005-10-13 14:27 . 2005-12-28 07:29 142490 ----a-w- c:\program files\Microsoft AntiSpyware\gcThreatAuditScanHistoryData.gcd
2005-10-13 14:22 . 2009-09-23 00:00 9459 ----a-w- c:\program files\Microsoft AntiSpyware\errors.log
2005-10-13 14:14 . 2005-10-13 14:14 89 ----a-w- c:\program files\Microsoft AntiSpyware\gcThreatAuditIgnoredThreatsData.gcd
2005-10-13 14:13 . 2009-09-24 21:29 11176 ----a-w- c:\program files\Microsoft AntiSpyware\gcDeterminationDataUser.gcd
2005-10-13 14:13 . 2005-10-13 14:13 3453 ----a-w- c:\program files\Microsoft AntiSpyware\gcExplorersData.gcd
2005-10-13 14:13 . 2009-07-18 21:13 30091 ----a-w- c:\program files\Microsoft AntiSpyware\gcAgentsDataStoreData.gcd
2005-10-13 14:13 . 2005-10-13 14:13 69451 ----a-w- c:\program files\Microsoft AntiSpyware\gcAgentsData.gcd
2005-10-13 14:13 . 2009-07-18 21:14 16135 ----a-w- c:\program files\Microsoft AntiSpyware\gcEventsData.gcd
2005-10-13 14:13 . 2009-09-23 21:58 2090 ----a-w- c:\program files\Microsoft AntiSpyware\gcUserData.gcd
2005-07-12 19:35 . 2005-07-12 19:35 4598608 ----a-w- c:\program files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
2005-07-12 19:35 . 2005-07-12 19:35 756552 ----a-w- c:\program files\Microsoft AntiSpyware\gcasDtServ.exe
2005-07-12 19:35 . 2005-07-12 19:35 826200 ----a-w- c:\program files\Microsoft AntiSpyware\gcasServAlert.exe
2005-07-12 19:35 . 2005-07-12 19:35 1043304 ----a-w- c:\program files\Microsoft AntiSpyware\gcASThreatAudit.dll
2005-07-12 19:35 . 2005-07-12 19:35 375640 ----a-w- c:\program files\Microsoft AntiSpyware\gcAntiSpywareLibrary.dll
2005-07-12 19:35 . 2005-07-12 19:35 473928 ----a-w- c:\program files\Microsoft AntiSpyware\gcasServ.exe
2005-07-12 19:35 . 2005-07-12 19:35 400200 ----a-w- c:\program files\Microsoft AntiSpyware\MSSSRT.exe
2005-07-12 19:35 . 2005-07-12 19:35 187200 ----a-w- c:\program files\Microsoft AntiSpyware\gcASSoapLib.dll
2005-07-12 19:35 . 2005-07-12 19:35 244568 ----a-w- c:\program files\Microsoft AntiSpyware\gcasSWUpdater.exe
2005-07-12 19:35 . 2005-07-12 19:35 191320 ----a-w- c:\program files\Microsoft AntiSpyware\GIANTAntiSpywareUpdater.exe
2005-07-12 19:35 . 2005-07-12 19:35 109384 ----a-w- c:\program files\Microsoft AntiSpyware\gcASNotice.exe
2005-07-12 19:35 . 2005-07-12 19:35 154440 ----a-w- c:\program files\Microsoft AntiSpyware\gcASPrivacyLib.dll
2005-07-12 19:35 . 2005-07-12 19:35 126680 ----a-w- c:\program files\Microsoft AntiSpyware\GCCollection.dll
2005-07-12 19:35 . 2005-07-12 19:35 60240 ----a-w- c:\program files\Microsoft AntiSpyware\gcSoftwareUpdateLib.dll
2005-07-12 19:35 . 2005-07-12 19:35 76608 ----a-w- c:\program files\Microsoft AntiSpyware\gcTCPObjLib.dll
2005-07-12 19:35 . 2005-07-12 19:35 43872 ----a-w- c:\program files\Microsoft AntiSpyware\gcASCleaner.exe
2005-07-12 19:35 . 2005-07-12 19:35 35656 ----a-w- c:\program files\Microsoft AntiSpyware\gcIPtoHostQueue.exe
2005-07-12 19:35 . 2005-07-12 19:35 31568 ----a-w- c:\program files\Microsoft AntiSpyware\gcasInstallHelper.exe
2005-07-12 19:35 . 2005-07-12 19:35 20184 ----a-w- c:\program files\Microsoft AntiSpyware\remlsp.dll
2005-07-12 15:42 . 2005-07-12 15:42 228521 ----a-w- c:\program files\Microsoft AntiSpyware\MicrosoftAntiSpyware.chm
2005-07-06 20:46 . 2005-12-29 03:00 744384 ----a-w- c:\program files\Microsoft AntiSpyware\gcDeterminationData.gcd
2005-07-06 20:46 . 2005-12-19 03:00 1345263 ----a-w- c:\program files\Microsoft AntiSpyware\gcThreatAuditThreatData.gcd
2005-07-06 20:46 . 2005-12-19 03:00 2963787 ----a-w- c:\program files\Microsoft AntiSpyware\gcThreatAuditScanData.gcd
2005-06-24 19:24 . 2005-06-24 19:24 101080 ----a-w- c:\program files\Microsoft AntiSpyware\shellextension.dll
2004-12-31 18:38 . 2004-12-31 18:38 3182 ----a-r- c:\program files\Microsoft AntiSpyware\uncompresslicense.txt
2004-12-31 07:39 . 2004-12-31 07:39 24576 ----a-w- c:\program files\Microsoft AntiSpyware\scan_files.avi
2004-12-31 07:39 . 2004-12-31 07:39 24064 ----a-w- c:\program files\Microsoft AntiSpyware\scan_memory.avi
2004-12-31 07:39 . 2004-12-31 07:39 24064 ----a-w- c:\program files\Microsoft AntiSpyware\scan_registry.avi
2004-12-31 07:39 . 2004-12-31 07:39 8192 ----a-w- c:\program files\Microsoft AntiSpyware\updateprogress.avi
2004-12-31 07:39 . 2004-12-31 07:39 24576 ----a-w- c:\program files\Microsoft AntiSpyware\scan_cookies.avi


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-02-02 98304]
"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2005-04-22 290816]
"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 69632]
"gcasServ"="c:\program files\Microsoft AntiSpyware\gcasServ.exe" [2005-07-12 473928]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2003-08-08 151597]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-11-08 294912]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-11 2007832]
"CARPService"="carpserv.exe" - c:\windows\SYSTEM32\carpserv.exe [2003-01-23 4608]
"ATIModeChange"="Ati2mdxx.exe" - c:\windows\SYSTEM32\Ati2mdxx.exe [2001-09-04 28672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-11 17:47 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R3 LSWPCv4;Wireless-B Notebook Adapter Driver;c:\windows\system32\DRIVERS\LSRTNDS.SYS [2003-04-14 151808]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-09-11 335240]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-07-17 108552]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-09-11 297752]
S2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2008-10-10 13088]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
Trusted Zone: turbotax.com
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://mail.ocrra.org/exchweb/controls/DAX.cab
.
- - - - ORPHANS REMOVED - - - -

SharedTaskScheduler-{5da66510-f24f-4dc9-86eb-33b50166477f} - c:\windows\system32\bikurifo.dll
SharedTaskScheduler-{315e888b-2743-4af7-bcfa-195e51285e7e} - c:\windows\system32\bikurifo.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-24 17:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLBTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3932)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ati2evxx.exe
c:\windows\SYSTEM32\wdfmgr.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Dell Photo AIO Printer 922\dlbtbmon.exe
c:\program files\Digital Line Detect\DLG.exe
c:\program files\Microsoft AntiSpyware\gcasDtServ.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\SYSTEM32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-24 18:00 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-24 22:00
ComboFix2.txt 2009-09-23 22:05
ComboFix3.txt 2009-07-18 21:35
ComboFix4.txt 2009-07-17 22:14

Pre-Run: 2,198,593,536 bytes free
Post-Run: 2,125,561,856 bytes free

271 --- E O F --- 2009-09-24 10:43

#10 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 24 September 2009 - 05:44 PM

here is the \Qoobox\Add-Remove Programs.txt log:



AccessDirect
Ad-Aware SE Personal
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AOL Instant Messenger
ArcSoft PhotoImpression 6
ATI Control Panel
ATI Display Driver
AudibleManager
AVG Free 8.5
BACS
Broadcom Advanced Control Suite
BurnPlugin for Audible
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Conexant D480 MDC V.92 Modem
Cypress USB Mass Storage Driver Installation
Dell Home Systems Services Agreement
Dell Networking Guide
Dell Photo AIO Printer 922
Dell Picture Studio - Dell Image Expert
Dell Solution Center
Dell Support
Digital Camera
Digital Line Detect
DVDSentry
Easy CD Creator 5 Basic
EPSON Printer Software
EPSON Scan
EPSON Stylus CX7400 Series Scanner Driver Update
ffdshow
FinePixViewer Ver.4.2
FotoFinish
Global Operations
Google Toolbar for Internet Explorer
Help and Support Customization
HostExplorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
ImageMixer VCD2 for FinePix
InterVideo WinDVD
iPod Updater 2004-11-15
iTunes
Java 2 Runtime Environment, SE v1.4.1_04
Java Web Start
KODAK EASYSHARE Gallery Upload ActiveX Control
LiveUpdate 2.0 (Symantec Corporation)
Malwarebytes' Anti-Malware
MapSource - US Topo v3.02
Medieval II Total War
Messageware AttachView Add-in for Saving Files x64
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft AntiSpyware
Microsoft Office 2000 Disc 2
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2005 Redistributable
MicroStaff WINASPI
Modem Helper
MUSICMATCH Jukebox
Napster
Napster Burn Engine
NetWaiting
Paint Shop Pro 7
Picasa 2
Quicken 2002 New User Edition
QuickTime
RAW FILE CONVERTER LE
RealOne Player
Rome - Total War
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Synaptics Pointing Device Driver
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wnyiper
TurboTax 2008 wrapper
TurboTax Deluxe 2007
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB973815)
USB Storage Adapter FX (SM1)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Blaster Worm Removal Tool (KB833330)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WordPerfect Office 11
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger

#11 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 24 September 2009 - 06:05 PM

and finally the rootrepeal log:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/24 18:40
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: catchme.sys
Image Path: C:\othername\catchme.sys
Address: 0xF8B3E000 Size: 31744 File Visible: No Signed: -
Status: -

Name: Combo-Fix.sys
Image Path: Combo-Fix.sys
Address: 0xF8896000 Size: 60416 File Visible: No Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF1510000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8D88000 Size: 8192 File Visible: No Signed: -
Status: -

Name: PROCEXP90.SYS
Image Path: C:\WINDOWS\system32\Drivers\PROCEXP90.SYS
Address: 0xF8D7A000 Size: 6464 File Visible: No Signed: -
Status: -

Name: rootrepeal2.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal2.sys
Address: 0xF0885000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: c:\windows\softwaredistribution\eventcache\{15d99bf6-31dc-4233-bb8c-aa0210356652}.bin
Status: Allocation size mismatch (API: 8, Raw: 0)

Path: c:\documents and settings\amy lawrence\local settings\temp\~df6f66.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Music\R. Kelly - I Wish - Remix (To The Homies That We Lost) [Unce.wma
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\Unused Desktop Shortcuts\Microsoft Outlook
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\Risk\Risk Management in the Commercial Airline Industry - Ken's s.ppt
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\BENHAR~1.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\KELLYC~2.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\LONEST~1.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\OAR-BL~1.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\OAR-DE~1.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\PAPARO~1.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\USHER-~2.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\USHER-~1.WMA
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\Bare Naked Ladies\ANOTHE~1.MP3
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\Mozart\Classical-Vivaldi Mozart Beethoven Chopin Ravel - Mascagni Cavalleria Rusticana.MP3
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Amy Lawrence\My Documents\My Documents\My Music\Toby Kieth\TOBYKE~3.WMA
Status: Locked to the Windows API!

==EOF==

#12 jpshortstuff

jpshortstuff

    WhatTheTech Teacher


  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:04 AM

Posted 25 September 2009 - 03:57 AM

Hi

Excellent :(

Click Start >> Control Panel >> Add/Remove Programs. Look for this entry in the list and Remove it:
Java 2 Runtime Environment, SE v1.4.1_04

That was a severely outdated version of Java. Older versions of Java can be exploited to infect your machine. If you need or use Java, then you can get the latest version here:
http://www.java.com/en/download/index.jsp


I notice a remnant of Symantec on your machine. Like McAfee, Symantec also have a removal tool to get rid of their remains:
http://service1.symantec.com/Support/tsgen...005033108162039


OK, the ComboFix log is looking pretty good, how are things running?

Let's get a second opinion on your machine. I notice you have MalwareBytes' Anti-Malware on your computer, this is an excellent program. Please open it, select the Update tab, and Check for Updates. Once updated, go to the Scanner tab and perform a full scan. If it finds anything, please Remove Selected and then post the log it provides.
Trained at the What The Tech Classroom where you too could learn to help others.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

Posted Image

#13 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 25 September 2009 - 02:26 PM

hi
the computer seems to be running very well so far. I m not having any problems with redirects or popups and the speed has picked up. I will update java, remove symantec and post a log for you. This computer is an antique and were forced to use it because we bought a gateway FX and have had to return it 3 x's for motherboard and hard drive issues. Its a great computer but has serious reliabilty issues. thank you for your time

#14 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 25 September 2009 - 06:01 PM

here is the log from the malwarebytes:
Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

9/25/2009 6:58:24 PM
mbam-log-2009-09-25 (18-58-09).txt

Scan type: Full Scan (C:\|)
Objects scanned: 193269
Time elapsed: 2 hour(s), 58 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 4
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
C:\Documents and Settings\All Users\Application Data\13031354 (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\14495424 (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\64515419 (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\94505416 (Rogue.Multiple) -> No action taken.

Files Infected:
C:\Qoobox\Quarantine\C\WINDOWS\kri746.dat.vir (Trojan.FakeAlert) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\DRIVERS\beep.sys.vir (Trojan.KillAV) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\kri746.dat.vir (Trojan.FakeAlert) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS.vir (Trojan.KillAV) -> No action taken.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP59\A0010648.dll (Trojan.Sirefef) -> No action taken.
C:\WINDOWS\SYSTEM32\DLLCACHE\beep.sys (Trojan.KillAV) -> No action taken.
C:\Documents and Settings\All Users\Application Data\13031354\13031354 (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\13031354\pc13031354ins (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\14495424\14495424.glu (Rogue.Multiple) -> No action taken.

#15 griffs50

griffs50
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 25 September 2009 - 06:03 PM

this is the log after removal:

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

9/25/2009 7:02:09 PM
mbam-log-2009-09-25 (19-02-09).txt

Scan type: Full Scan (C:\|)
Objects scanned: 193269
Time elapsed: 2 hour(s), 58 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 4
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\All Users\Application Data\13031354 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\14495424 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\64515419 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\94505416 (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP59\A0010648.dll (Trojan.Sirefef) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\DRIVERS\beep.sys.vir (Trojan.KillAV) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS.vir (Trojan.KillAV) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\DLLCACHE\beep.sys (Trojan.KillAV) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\kri746.dat.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\kri746.dat.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\13031354\13031354 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\13031354\pc13031354ins (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\14495424\14495424.glu (Rogue.Multiple) -> Quarantined and deleted successfully.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users