Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Http Tideserv Request


  • This topic is locked This topic is locked
8 replies to this topic

#1 sdesmon

sdesmon

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 04 August 2010 - 10:12 PM

I keep getting messages from Norton Internet Security saying it has blocked a problem. It's called Http Tideserv Request and the location is the path to Firefox or Internet Explorer depending on which one I'm using at the time.

Thanks for your help



DDS (Ver_10-03-17.01) - NTFSx86
Run by Rick at 21:49:54.31 on Tue 08/03/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.174 [GMT -6:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\USB TV\EM28XX\BDARemote.exe
svchost.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Rick\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uWinlogon: Shell=c:\documents and settings\rick\application data\armanager\apmanager.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\17.7.0.12\IPSBHO.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bdarem~1.lnk - c:\program files\usb tv\em28xx\BDARemote.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
LSA: Notification Packages = scecli scecli scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rick\applic~1\mozilla\firefox\profiles\y7b58ive.default\
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\rick\local settings\application data\yahoo!\browserplus\2.4.21\plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1107000.00c\symds.sys [2010-8-3 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1107000.00c\symefa.sys [2010-8-3 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\bashdefs\20100709.001\BHDrvx86.sys [2010-6-18 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1107000.00c\cchpx86.sys [2010-8-3 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1107000.00c\ironx86.sys [2010-8-3 116784]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\17.7.0.12\ccsvchst.exe [2010-8-3 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-8-3 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\ipsdefs\20100803.001\IDSXpx86.sys [2010-8-3 331640]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\virusdefs\20100803.024\NAVENG.SYS [2010-8-3 85424]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\virusdefs\20100803.024\NAVEX15.SYS [2010-8-3 1362608]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 rak;rak;c:\windows\system32\rakion.sys [2010-1-18 60928]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 XDva311;XDva311;\??\c:\windows\system32\xdva311.sys --> c:\windows\system32\XDva311.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]

=============== Created Last 30 ================

2010-08-04 03:33:40 0 d--h--w- c:\windows\PIF
2010-08-04 03:28:18 77312 ----a-w- c:\windows\mbr.exe
2010-08-04 00:25:48 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-04 00:04:49 0 d-----w- c:\windows\pss
2010-08-03 23:40:53 0 d-----w- c:\program files\CCleaner
2010-08-03 16:52:15 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-08-03 16:52:15 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-03 16:52:15 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-08-03 16:52:15 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-03 16:52:14 0 d-----w- c:\program files\Symantec
2010-08-03 16:50:31 0 d-----w- c:\windows\system32\drivers\NIS
2010-08-03 16:50:26 0 d-----w- c:\program files\Norton Internet Security
2010-07-30 00:21:31 0 d-----w- c:\program files\NickOnline
2010-07-23 03:21:55 0 d-----w- C:\AHA
2010-07-10 00:57:58 0 d-----w- C:\AeriaGames

==================== Find3M ====================

2010-01-30 04:13:06 43355858 ----a-w- c:\program files\ec_patch_233-263.cup
2010-01-02 06:05:31 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012010010120100102\index.dat

============= FINISH: 21:52:51.67 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:15 PM

Posted 05 August 2010 - 05:28 PM

Good evening. smile.gif

Take a trip to this webpage for download links and instructions for running Combofix by sUBs.*
  • Please be aware that this tool may require the PC to be rebooted so close any programs you have open before you start.
  • When CF has finished, it will produce a log - C:\ComboFix.txt - copy and paste it into your next reply.
  • Let me know how the PC is behaving.
* There are two points to note from the instructions page:

1) The Recovery Console.

It is recommended that you install this as, in certain circumstances, it may be the difference between a successful repair and a reformat. If you are uncertain as to whether or not you already have the Recovery Console installed, simply run CF and it will prompt you if it does not detect it.
CF will complete some, but not all, of it's removal tasks without the installation of the Console so, should you choose not to allow the installation, you may not get the results you hoped for.

2) Disabling your Anti-Virus.

CF has been the victim of false-positive detections on occasion and a resident AV may incorrectly identify and delete part of the tool which won't do it much good. If you don't disable your AV, you may not get the results you hoped for either.

So long, and thanks for all the fish.

 

 


#3 sdesmon

sdesmon
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 05 August 2010 - 09:57 PM

It looks like that may have solved the problem. The main symptoms before were random pop-ups when on the internet as well as not being able to access the microsoft update website. After running the scan, I am able to access the update website. Let me know if I have any lingering problems. Here is the log from ComboFix, thanks a million.


ComboFix 10-08-05.02 - Rick 08/05/2010 19:53:25.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.643 [GMT -6:00]
Running from: c:\documents and settings\Rick\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Favorites\_favdata.dat
c:\documents and settings\Rick\Application Data\ARManager
c:\documents and settings\Rick\Application Data\ARManager\languages\template.lng
c:\documents and settings\Rick\Application Data\ARManager\settings.ini
c:\documents and settings\Rick\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
C:\Install.exe
c:\windows\herjek.config
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
H:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-07-06 to 2010-08-06 )))))))))))))))))))))))))))))))
.

2010-08-04 03:33 . 2010-08-04 03:33 -------- d--h--w- c:\windows\PIF
2010-08-04 00:27 . 2010-08-04 00:27 -------- d-----w- c:\program files\Common Files\Java
2010-08-04 00:25 . 2010-07-17 11:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-03 23:40 . 2010-08-03 23:41 -------- d-----w- c:\program files\CCleaner
2010-08-03 18:03 . 2010-05-06 04:01 361904 ----a-w- c:\windows\system32\drivers\symtdi.sys
2010-08-03 18:03 . 2010-04-22 03:02 173104 ----a-w- c:\windows\system32\drivers\symefa.sys
2010-08-03 18:03 . 2010-02-04 01:40 328752 ----a-r- c:\windows\system32\drivers\symds.sys
2010-08-03 18:03 . 2010-04-22 02:29 43696 ----a-w- c:\windows\system32\drivers\srtspx.sys
2010-08-03 18:02 . 2010-04-29 05:03 116784 ----a-w- c:\windows\system32\drivers\ironx86.sys
2010-08-03 18:02 . 2010-02-26 00:22 501888 ----a-w- c:\windows\system32\drivers\cchpx86.sys
2010-08-03 16:52 . 2010-08-03 16:52 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-08-03 16:52 . 2010-08-03 16:52 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-03 16:52 . 2010-08-03 16:52 -------- d-----w- c:\program files\Symantec
2010-08-03 16:50 . 2010-08-04 00:01 -------- d-----w- c:\windows\system32\drivers\NIS
2010-08-03 16:50 . 2010-08-03 16:50 -------- d-----w- c:\program files\Norton Internet Security
2010-08-03 16:50 . 2010-08-03 16:50 -------- d-----w- c:\program files\Windows Sidebar
2010-07-30 00:21 . 2010-07-30 00:21 -------- d-----w- c:\program files\NickOnline
2010-07-30 00:19 . 2010-07-30 00:19 -------- d-----w- c:\documents and settings\Rick\Local Settings\Application Data\Downloaded Installations
2010-07-23 03:21 . 2010-07-23 03:22 -------- d-----w- C:\AHA
2010-07-10 00:57 . 2010-07-10 00:57 -------- d-----w- C:\AeriaGames

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-06 01:27 . 2010-02-01 23:24 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-04 01:12 . 2009-07-08 20:19 -------- d-----w- c:\program files\Google
2010-08-04 00:26 . 2010-08-04 00:26 503808 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-740610f7-n\msvcp71.dll
2010-08-04 00:26 . 2010-08-04 00:26 499712 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-740610f7-n\jmc.dll
2010-08-04 00:26 . 2010-08-04 00:26 348160 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-740610f7-n\msvcr71.dll
2010-08-04 00:26 . 2010-08-04 00:26 12800 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-67089445-n\decora-d3d.dll
2010-08-04 00:26 . 2010-08-04 00:26 61440 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-67089445-n\decora-sse.dll
2010-08-04 00:25 . 2009-07-08 21:44 -------- d-----w- c:\program files\Java
2010-08-04 00:00 . 2009-06-19 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-08-04 00:00 . 2010-04-23 20:01 -------- d-----w- c:\program files\NortonInstaller
2010-08-03 23:27 . 2010-08-03 23:27 2568656 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2010-08-03 23:24 . 2010-04-23 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-08-03 17:09 . 2010-04-24 02:44 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-03 16:52 . 2010-08-03 16:52 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-08-03 16:52 . 2010-08-03 16:52 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-03 00:32 . 2010-01-17 03:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-07-10 00:57 . 2009-08-09 22:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-18 20:20 . 2010-06-18 20:20 -------- d-----w- c:\documents and settings\Rick\Application Data\Malwarebytes
2010-06-18 20:20 . 2010-06-18 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-23 17:35 . 2010-05-23 17:35 503808 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4766d1dc-n\msvcp71.dll
2010-05-23 17:35 . 2010-05-23 17:35 499712 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4766d1dc-n\jmc.dll
2010-05-23 17:35 . 2010-05-23 17:35 348160 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4766d1dc-n\msvcr71.dll
2010-05-21 06:06 . 2009-12-22 03:23 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-11 13:59 . 2010-02-14 00:36 246073 ----a-w- c:\documents and settings\Rick\Application Data\Sony Online Entertainment\npsoeact.dll
2010-01-30 04:13 . 2010-01-30 04:12 43355858 ----a-w- c:\program files\ec_patch_233-263.cup
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-04 00:37 . 2009-09-04 00:37 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2009-09-04 00:58 . 2009-09-04 00:58 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
CODE
<pre>
c:\program files\AVG\AVG8\avgtray .exe
c:\program files\Common Files\Adobe\CS4ServiceManager\cs4servicemanager .exe
c:\program files\Common Files\LightScribe\lightscribecontrolpanel .exe
c:\program files\DAEMON Tools Lite\dtlite .exe
c:\program files\DNA\btdna .exe
c:\program files\iTunes\ituneshelper .exe
c:\program files\QuickTime\qttask .exe
c:\program files\TechSmith\Jing\jing .exe
c:\windows\system32\ctfmon .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BDARemote.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk
backup=c:\windows\pss\BDARemote.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^Antimalware Doctor.lnk]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\Antimalware Doctor.lnk
backup=c:\windows\pss\Antimalware Doctor.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\PowerReg Scheduler.exe
backup=c:\windows\pss\PowerReg Scheduler.exeStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^Registration .LNK]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\Registration .LNK
backup=c:\windows\pss\Registration .LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^Registration Myst V]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\Registration Myst V
backup=c:\windows\pss\Registration Myst VStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 23:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 14:20 57344 ----a-w- c:\windows\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 17:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WmiApSrv"=3 (0x3)
"Wmi"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"winmgmt"=2 (0x2)
"WebClient"=2 (0x2)
"W32Time"=2 (0x2)
"VSS"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=2 (0x2)
"TlntSvr"=3 (0x3)
"Themes"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"Spooler"=2 (0x2)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"seclogon"=2 (0x2)
"Schedule"=2 (0x2)
"SCardSvr"=3 (0x3)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RemoteRegistry"=2 (0x2)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"PnkBstrA"=2 (0x2)
"PlugPlay"=2 (0x2)
"ose"=3 (0x3)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"npggsvc"=3 (0x3)
"Nla"=3 (0x3)
"NIS"=2 (0x2)
"Netman"=3 (0x3)
"Netlogon"=3 (0x3)
"napagent"=3 (0x3)
"MSIServer"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"MDM"=2 (0x2)
"LmHosts"=2 (0x2)
"LightScribeService"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"ImapiService"=3 (0x3)
"idsvc"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hkmsvc"=3 (0x3)
"HidServ"=2 (0x2)
"helpsvc"=2 (0x2)
"FontCache3.0.0.0"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"EventSystem"=3 (0x3)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=2 (0x2)
"dmadmin"=3 (0x3)
"Dhcp"=2 (0x2)
"CryptSvc"=2 (0x2)
"COMSysApp"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"ClipSrv"=3 (0x3)
"CiSvc"=3 (0x3)
"Browser"=2 (0x2)
"Bonjour Service"=2 (0x2)
"BITS"=2 (0x2)
"AudioSrv"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"ALG"=3 (0x3)
"Akamai"=2 (0x2)
"AgereModemAudio"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [8/3/2010 12:03 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [8/3/2010 12:03 PM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys [7/19/2010 5:28 PM 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [8/3/2010 12:02 PM 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [8/3/2010 12:02 PM 116784]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [8/3/2010 11:59 AM 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/3/2010 5:57 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100805.004\IDSXpx86.sys [8/5/2010 7:19 PM 331640]
S3 rak;rak;c:\windows\system32\rakion.sys [1/18/2010 10:09 PM 60928]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 XDva311;XDva311;\??\c:\windows\system32\XDva311.sys --> c:\windows\system32\XDva311.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
S4 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/4/2004 6:00 AM 14336]
S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/1/2010 1:29 PM 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 18:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5555
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Rick\Application Data\Mozilla\Firefox\Profiles\y7b58ive.default\
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\Rick\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-BitTorrent DNA - c:\program files\DNA\btdna.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-05 20:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(960)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(200)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WgaTray.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-08-05 20:19:11 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-06 02:19

Pre-Run: 28,978,843,648 bytes free
Post-Run: 31,863,566,336 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - E3B27ACE8B69052CCC26B03BD829AAA9


#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:15 PM

Posted 06 August 2010 - 05:11 PM

Good evening. smile.gif

Pay a visit to the ESET Online Scanner.
  • Click the ESET Online Scanner button, read the info in the new window, check the appropriate box and click Start.
  • Accept the ActiveX download, and allow it to install.
  • Once this has been completed, you will see the Computer Scan settings page - ensure that you uncheck the "Remove found threats" box and then click Start.
  • The virus signature database will now need to be downloaded, so don't forget to instruct your firewall to permit it if it asks.
  • The above will take a little time, so now is a good time to fire up the kettle and open the biccies.
  • Once the scan has completed you will be shown the results - assuming that the scanner has found anything.
  • Click List of found threats and then Export to text file... and save the log somewhere convenient.
  • You can then close out the scanner - don't bother uninstalling it as you may need to use it again.
  • Please post the contents of this file in your next reply, or let me know that nothing was identified.

So long, and thanks for all the fish.

 

 


#5 sdesmon

sdesmon
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 07 August 2010 - 11:27 AM

Alright, looks like 1 threat found:

C:\Qoobox\32788R22FWJFW\rasacd.sys Win32/Olmarik.ZC trojan




#6 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:15 PM

Posted 08 August 2010 - 02:35 PM

Good evening. smile.gif

That detection is a file that ComboFix has placed in quarantine, so it is no risk to your machine. There's still a little work to do:

Copy and paste the following into Notepad (Start > All Programs > Accessories > Notepad):

RenV::
c:\program files\Common Files\Adobe\CS4ServiceManager\cs4servicemanager .exe
c:\program files\Common Files\LightScribe\lightscribecontrolpanel .exe
c:\program files\DAEMON Tools Lite\dtlite .exe
c:\program files\DNA\btdna .exe
c:\program files\iTunes\ituneshelper .exe
c:\program files\QuickTime\qttask .exe
c:\program files\TechSmith\Jing\jing .exe
c:\windows\system32\ctfmon .exe


Save it to your Desktop with the following filename: CFScript
Drag and drop CFScript.txt onto your copy of Combofix and let it do it's thing.
Let me have the log produced, as before, and a description of how the PC is behaving.

So long, and thanks for all the fish.

 

 


#7 sdesmon

sdesmon
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 09 August 2010 - 10:49 PM

I haven't had a chance to use the problem computer much in the last couple of days, but it seems to be doing fine. I'm not seeing the problem I had before. Thanks for your help, here's the ComboFix log.



ComboFix 10-08-09.02 - Rick 08/09/2010 21:35:40.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2524 [GMT -6:00]
Running from: c:\documents and settings\Rick\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Rick\Desktop\CFScript.txt
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\SET4BC.tmp
c:\program files\Internet Explorer\SET4BD.tmp

.
((((((((((((((((((((((((( Files Created from 2010-07-10 to 2010-08-10 )))))))))))))))))))))))))))))))
.

2010-08-07 14:39 . 2010-08-07 14:39 -------- d-----w- c:\program files\ESET
2010-08-06 15:01 . 2010-08-06 15:22 -------- d-----w- c:\documents and settings\Rick\Local Settings\Application Data\ApplicationHistory
2010-08-06 04:06 . 2010-08-06 04:06 -------- d-----w- c:\documents and settings\Rick\Local Settings\Application Data\PCHealth
2010-08-06 04:05 . 2010-08-06 04:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-08-06 04:02 . 2010-08-06 04:02 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2010-08-06 03:33 . 2010-08-06 03:33 -------- d-----w- c:\windows\system32\winrm
2010-08-06 03:33 . 2010-08-06 03:34 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2010-08-06 03:10 . 2010-08-06 03:10 -------- d-----w- c:\documents and settings\Rick\Application Data\Windows Desktop Search
2010-08-06 03:10 . 2010-08-06 15:02 -------- d-----w- c:\program files\Windows Desktop Search
2010-08-06 03:10 . 2010-08-06 03:10 -------- d-----w- c:\windows\system32\GroupPolicy
2010-08-06 03:09 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-08-06 03:09 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-08-06 03:09 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-08-06 03:07 . 2010-08-06 03:08 -------- d-----w- c:\program files\Windows Media Connect 2
2010-08-06 03:05 . 2010-08-06 03:06 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-08-06 03:03 . 2010-08-06 03:03 -------- d-----w- c:\windows\system32\URTTEMP
2010-08-06 03:02 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-08-06 03:01 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-08-04 03:33 . 2010-08-04 03:33 -------- d--h--w- c:\windows\PIF
2010-08-04 00:27 . 2010-08-04 00:27 -------- d-----w- c:\program files\Common Files\Java
2010-08-04 00:26 . 2010-08-04 00:26 503808 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-740610f7-n\msvcp71.dll
2010-08-04 00:26 . 2010-08-04 00:26 499712 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-740610f7-n\jmc.dll
2010-08-04 00:26 . 2010-08-04 00:26 348160 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-740610f7-n\msvcr71.dll
2010-08-04 00:26 . 2010-08-04 00:26 12800 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-67089445-n\decora-d3d.dll
2010-08-04 00:26 . 2010-08-04 00:26 61440 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-67089445-n\decora-sse.dll
2010-08-04 00:25 . 2010-07-17 11:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-03 23:40 . 2010-08-03 23:41 -------- d-----w- c:\program files\CCleaner
2010-08-03 23:27 . 2010-08-03 23:27 2568656 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2010-08-03 18:03 . 2010-05-06 04:01 361904 ----a-w- c:\windows\system32\drivers\symtdi.sys
2010-08-03 18:03 . 2010-04-22 03:02 173104 ----a-w- c:\windows\system32\drivers\symefa.sys
2010-08-03 18:03 . 2010-02-04 01:40 328752 ----a-r- c:\windows\system32\drivers\symds.sys
2010-08-03 18:03 . 2010-04-22 02:29 43696 ----a-w- c:\windows\system32\drivers\srtspx.sys
2010-08-03 18:02 . 2010-04-29 05:03 116784 ----a-w- c:\windows\system32\drivers\ironx86.sys
2010-08-03 18:02 . 2010-02-26 00:22 501888 ----a-w- c:\windows\system32\drivers\cchpx86.sys
2010-08-03 16:52 . 2010-08-03 16:52 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-08-03 16:52 . 2010-08-03 16:52 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-03 16:52 . 2010-08-03 16:52 -------- d-----w- c:\program files\Symantec
2010-08-03 16:50 . 2010-08-04 00:01 -------- d-----w- c:\windows\system32\drivers\NIS
2010-08-03 16:50 . 2010-08-03 16:50 -------- d-----w- c:\program files\Norton Internet Security
2010-08-03 16:50 . 2010-08-03 16:50 -------- d-----w- c:\program files\Windows Sidebar
2010-07-30 00:21 . 2010-07-30 00:21 -------- d-----w- c:\program files\NickOnline
2010-07-30 00:19 . 2010-07-30 00:19 -------- d-----w- c:\documents and settings\Rick\Local Settings\Application Data\Downloaded Installations
2010-07-23 03:21 . 2010-07-23 03:22 -------- d-----w- C:\AHA

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-10 03:35 . 2010-01-05 04:50 -------- d-----w- c:\program files\QuickTime
2010-08-10 03:35 . 2009-06-19 13:16 -------- d-----w- c:\program files\iTunes
2010-08-10 03:35 . 2010-04-17 04:09 -------- d-----w- c:\program files\Common Files\LightScribe
2010-08-10 03:35 . 2010-02-09 21:30 -------- d-----w- c:\program files\DNA
2010-08-10 03:35 . 2010-01-01 19:29 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-08-10 03:32 . 2010-02-01 23:24 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-06 04:01 . 2010-04-27 05:36 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-06 03:36 . 2010-04-17 04:08 -------- d-----w- c:\program files\Microsoft.NET
2010-08-06 03:11 . 2009-06-17 13:23 -------- d-----w- c:\program files\LSI SoftModem
2010-08-04 01:12 . 2009-07-08 20:19 -------- d-----w- c:\program files\Google
2010-08-04 00:25 . 2009-07-08 21:44 -------- d-----w- c:\program files\Java
2010-08-04 00:00 . 2009-06-19 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-08-04 00:00 . 2010-04-23 20:01 -------- d-----w- c:\program files\NortonInstaller
2010-08-03 23:24 . 2010-04-23 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-08-03 17:09 . 2010-04-24 02:44 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-03 16:52 . 2010-08-03 16:52 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-08-03 16:52 . 2010-08-03 16:52 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-03 00:32 . 2010-01-17 03:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-07-10 00:57 . 2009-08-09 22:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-18 20:20 . 2010-06-18 20:20 -------- d-----w- c:\documents and settings\Rick\Application Data\Malwarebytes
2010-06-18 20:20 . 2010-06-18 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-14 14:31 . 2009-06-17 03:49 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-23 17:35 . 2010-05-23 17:35 503808 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4766d1dc-n\msvcp71.dll
2010-05-23 17:35 . 2010-05-23 17:35 499712 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4766d1dc-n\jmc.dll
2010-05-23 17:35 . 2010-05-23 17:35 348160 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4766d1dc-n\msvcr71.dll
2010-05-21 06:06 . 2009-12-22 03:23 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-30 04:13 . 2010-01-30 04:12 43355858 ----a-w- c:\program files\ec_patch_233-263.cup
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-04 00:37 . 2009-09-04 00:37 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2009-09-04 00:58 . 2009-09-04 00:58 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
CODE
<pre>
c:\program files\AVG\AVG8\avgtray .exe
</pre>


((((((((((((((((((((((((((((( SnapShot@2010-08-06_02.13.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-10 03:31 . 2010-08-10 03:31 16384 c:\windows\Temp\Perflib_Perfdata_94.dat
+ 2010-08-10 03:33 . 2010-08-10 03:33 16384 c:\windows\Temp\Perflib_Perfdata_2e4.dat
+ 2010-08-10 03:31 . 2010-08-10 03:31 16384 c:\windows\Temp\Perflib_Perfdata_18c.dat
+ 2008-05-27 04:18 . 2008-05-27 04:18 56320 c:\windows\system32\xmlfilter.dll
+ 2006-09-29 00:56 . 2006-09-29 00:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-29 02:13 . 2006-09-29 02:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 20:56 . 2009-10-09 20:56 12288 c:\windows\system32\wsmplpxy.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 38400 c:\windows\system32\wpdshextres.dll
+ 2006-10-19 02:00 . 2006-10-19 02:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-19 03:47 . 2006-10-19 03:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 99840 c:\windows\system32\wmpshell.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 33792 c:\windows\system32\wmdmlog.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 22:22 . 2009-10-09 22:22 69632 c:\windows\system32\winrs.exe
+ 2009-10-09 20:56 . 2009-10-09 20:56 25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 24064 c:\windows\system32\WindowsPowerShell\v1.0\pwrshsip.dll
+ 2003-02-21 11:16 . 2003-02-21 11:16 49152 c:\windows\system32\URTTEMP\regtlib.exe
+ 2008-05-27 04:19 . 2008-05-27 04:19 97792 c:\windows\system32\UncCplExt.dll
+ 2008-10-22 09:47 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2008-10-22 09:47 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
+ 2008-05-27 03:59 . 2008-05-27 03:59 18904 c:\windows\system32\structuredqueryschematrivial.bin
- 2009-06-17 13:24 . 2009-01-08 00:21 26144 c:\windows\system32\spupdsvc.exe
+ 2009-06-17 13:24 . 2009-05-12 21:12 26144 c:\windows\system32\spupdsvc.exe
+ 2010-08-06 03:08 . 2009-05-12 21:12 16928 c:\windows\system32\spmsg.dll
- 2009-06-17 13:24 . 2009-01-08 00:20 16928 c:\windows\system32\spmsg.dll
+ 2008-05-27 04:17 . 2008-05-27 04:17 87552 c:\windows\system32\searchfilterhost.exe
+ 2008-05-27 04:18 . 2008-05-27 04:18 38400 c:\windows\system32\rtffilt.dll
+ 2010-08-06 03:11 . 2008-08-27 01:02 14336 c:\windows\system32\ReinstallBackups\0003\DriverFiles\agrsmsvc.exe
+ 2010-08-06 03:11 . 2008-09-26 21:13 55816 c:\windows\system32\ReinstallBackups\0003\DriverFiles\agrsmdel.exe
+ 2010-08-06 03:11 . 2008-08-26 20:32 13824 c:\windows\system32\ReinstallBackups\0003\DriverFiles\agrscoin.dll
+ 2009-10-09 22:22 . 2009-10-09 22:22 42496 c:\windows\system32\pwrshplugin.dll
+ 2008-05-27 04:18 . 2008-05-27 04:18 71680 c:\windows\system32\propdefs.dll
+ 2010-03-18 16:09 . 2010-03-18 16:09 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2005-10-29 05:49 . 2005-10-29 05:49 84480 c:\windows\system32\pintool.exe
+ 2004-08-04 12:00 . 2010-08-10 03:36 87376 c:\windows\system32\perfc009.dat
+ 2008-05-27 04:19 . 2008-05-27 04:19 11264 c:\windows\system32\oephRes.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 98304 c:\windows\system32\nlhtml.dll
+ 2004-08-04 12:00 . 2008-03-07 17:02 98304 c:\windows\system32\nlhtml.dll
+ 2010-03-18 16:09 . 2010-03-18 16:09 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-12 02:06 . 2009-11-12 02:06 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-05-27 04:18 . 2008-05-27 04:18 44032 c:\windows\system32\msstrc.dll
+ 2008-05-27 04:17 . 2008-05-27 04:17 32768 c:\windows\system32\mssprxy.dll
+ 2008-05-27 04:17 . 2008-05-27 04:17 87552 c:\windows\system32\mssitlb.dll
+ 2008-05-27 04:17 . 2008-05-27 04:17 11776 c:\windows\system32\msshooks.dll
+ 2008-05-27 04:17 . 2008-05-27 04:17 60416 c:\windows\system32\msscntrs.dll
+ 2008-05-27 04:17 . 2008-05-27 04:17 34816 c:\windows\system32\msscb.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 27136 c:\windows\system32\mspmsnsv.dll
- 2009-03-08 10:31 . 2010-02-25 06:24 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 10:31 . 2010-05-06 10:41 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 29696 c:\windows\system32\mimefilt.dll
+ 2004-08-04 12:00 . 2008-03-07 17:02 29696 c:\windows\system32\mimefilt.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 11264 c:\windows\system32\LAPRXY.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 25600 c:\windows\system32\jsproxy.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 70472 c:\windows\system32\dxva2.dll
+ 2006-09-29 01:00 . 2006-09-29 01:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-29 00:55 . 2006-09-29 00:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2006-10-19 02:00 . 2006-10-19 02:00 38528 c:\windows\system32\drivers\wpdusb.sys
- 2009-06-17 13:39 . 2010-02-25 06:24 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-17 13:39 . 2010-05-06 10:41 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 99840 c:\windows\system32\dllcache\wmpshell.dll
+ 2009-06-17 03:49 . 2006-10-19 03:46 64000 c:\windows\system32\dllcache\wmplayer.exe
+ 2009-06-17 03:49 . 2006-10-19 03:47 96256 c:\windows\system32\dllcache\wmpband.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 27136 c:\windows\system32\dllcache\mspmsnsv.dll
- 2009-07-29 13:31 . 2010-02-25 06:24 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-07-29 13:31 . 2010-05-06 10:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 11264 c:\windows\system32\dllcache\LAPRXY.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-06-17 13:38 . 2010-04-16 11:43 41984 c:\windows\system32\dllcache\iecompat.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2005-10-29 05:49 . 2005-10-29 05:49 25600 c:\windows\system32\bcsprsrc.dll
+ 2005-10-28 22:40 . 2005-10-28 22:40 96792 c:\windows\system32\basecsp.dll
+ 2004-08-04 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 2008-08-26 20:32 . 2009-03-28 04:12 13824 c:\windows\system32\agrscoin.dll
- 2008-08-26 20:32 . 2008-08-26 20:32 13824 c:\windows\system32\agrscoin.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 87408 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsFormsIntegration.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 93024 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationTypes.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 35688 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationProvider.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 17784 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Presentation.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 58240 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Input.Manipulations.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 67912 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PenIMC.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 31576 c:\windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 44920 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.ApplicationServices.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 37240 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Channels.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 64352 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Numerics.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 45952 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Thunk.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 51032 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Device.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 50552 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.DataSetExtensions.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 81784 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Configuration.Install.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 81800 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.DataAnnotations.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 39784 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.Contract.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 68952 c:\windows\Microsoft.NET\Framework\v4.0.30319\SMDiagnostics.dll
+ 2010-03-18 19:58 . 2010-03-18 19:58 96088 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\SetupUtility.exe
+ 2010-03-18 20:16 . 2010-03-18 20:16 78152 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe
+ 2010-03-18 20:16 . 2010-03-18 20:16 18776 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\3082\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 14168 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\3076\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18776 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\2070\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 14168 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\2052\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 17752 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1055\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 17752 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1053\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1049\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1046\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1045\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 17752 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1044\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 19288 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1043\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 15192 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1042\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 15704 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1041\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1040\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18776 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1038\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 16728 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1037\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18776 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1036\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1035\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 17240 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1033\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 19288 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1032\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18776 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1031\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1030\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 18264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1029\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 14168 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1028\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 17240 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1025\SetupResources.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\v4.0.30319\SbsNclPerf.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 58192 c:\windows\Microsoft.NET\Framework\v4.0.30319\regtlibv12.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 32592 c:\windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 52040 c:\windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 21336 c:\windows\Microsoft.NET\Framework\v4.0.30319\normalization.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 27984 c:\windows\Microsoft.NET\Framework\v4.0.30319\MUI\0409\mscorsecr.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 40784 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpe.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 20816 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreeis.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 12128 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualC.Dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 97680 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 36168 c:\windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 78168 c:\windows\Microsoft.NET\Framework\v4.0.30319\ISymWrapper.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 58200 c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtilLib.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 27992 c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 42312 c:\windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 11592 c:\windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 88904 c:\windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 31048 c:\windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 81248 c:\windows\Microsoft.NET\Framework\v4.0.30319\CustomMarshalers.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 95048 c:\windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 29008 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 29528 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 29016 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 17240 c:\windows\Microsoft.NET\Framework\v4.0.30319\Accessibility.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 10064 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\CvtResUI.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 24400 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\alinkui.dll
- 2008-07-30 01:16 . 2008-07-30 01:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 05:57 . 2010-04-08 05:57 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 05:57 . 2010-04-08 05:57 17256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2004-07-15 08:11 . 2004-07-15 08:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2009-06-25 01:56 . 2009-06-25 01:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2004-07-15 20:28 . 2004-07-15 20:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2010-04-01 17:42 . 2010-04-01 17:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 06:35 . 2004-07-15 06:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2003-02-21 13:26 . 2003-02-21 13:26 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2003-02-21 13:26 . 2003-02-21 13:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll
+ 2003-02-21 13:25 . 2003-02-21 13:25 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe
+ 2004-07-15 20:28 . 2004-07-15 20:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2003-02-21 13:25 . 2003-02-21 13:25 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe
+ 2004-07-15 06:34 . 2004-07-15 06:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2003-02-21 01:09 . 2003-02-21 01:09 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe
+ 2003-02-21 00:43 . 2003-02-21 00:43 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll
+ 2003-02-21 01:18 . 2003-02-21 01:18 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll
+ 2010-03-31 20:51 . 2010-03-31 20:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2004-07-15 06:33 . 2004-07-15 06:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2003-02-21 01:06 . 2003-02-21 01:06 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
+ 2010-03-31 20:51 . 2010-03-31 20:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2004-07-15 06:32 . 2004-07-15 06:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 20:28 . 2004-07-15 20:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2003-02-21 13:25 . 2003-02-21 13:25 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe
+ 2003-02-21 13:24 . 2003-02-21 13:24 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
+ 2003-02-21 01:22 . 2003-02-21 01:22 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
+ 2004-07-15 20:31 . 2004-07-15 20:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-10-08 20:30 . 2003-10-08 20:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
+ 2003-02-21 10:12 . 2003-02-21 10:12 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
+ 2003-02-21 13:24 . 2003-02-21 13:24 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
+ 2004-07-15 17:23 . 2004-07-15 17:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2010-03-31 20:51 . 2010-03-31 20:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
+ 2003-02-21 13:24 . 2003-02-21 13:24 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
+ 2010-03-31 21:32 . 2010-03-31 21:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2004-07-15 07:49 . 2004-07-15 07:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-15 07:49 . 2004-07-15 07:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2003-02-21 01:19 . 2003-02-21 01:19 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
+ 2010-03-31 21:32 . 2010-03-31 21:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2003-02-21 11:00 . 2003-02-21 11:00 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll
+ 2003-02-21 09:55 . 2003-02-21 09:55 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
+ 2003-02-21 08:59 . 2003-02-21 08:59 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorlib.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 13648 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-08-06 03:37 . 2010-08-06 03:37 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-06-17 04:25 . 2010-08-06 03:52 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2010-04-29 09:09 . 2010-04-29 09:09 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-08-06 03:25 . 2010-08-06 03:25 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-04-27 05:36 . 2010-08-06 03:22 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-04-27 05:36 . 2010-04-27 05:36 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_e6dde620\System.Drawing.Design.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_fac89c0d\CustomMarshalers.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\0eb3c18ec758534395684f3ca286a201\UIAutomationProvider.ni.dll
+ 2010-08-06 04:37 . 2010-08-06 04:37 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\9bbefd2263d8f2169ab3695798208293\System.Windows.Presentation.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\02068ef9dafba3308b13444b8f4e5940\System.Web.ApplicationServices.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\5c87f21925d5a61059ee68cef72841f4\System.AddIn.Contract.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\552a460a8bcf608aecc6418db0d40216\Microsoft.VisualC.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\01254caa0efc15b5cd48fb3178018701\Accessibility.ni.dll
+ 2010-08-06 04:00 . 2010-08-06 04:00 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\68749ffb24d38d95b53e186158143204\UIAutomationProvider.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\a36a4fe1d57f0df8c7f0a5fc626646d8\System.Windows.Presentation.ni.dll
+ 2010-08-06 04:00 . 2010-08-06 04:00 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\749bed19e3f40900f4572ba206e376e0\PresentationFontCache.ni.exe
+ 2010-08-06 03:58 . 2010-08-06 03:58 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\9089898936376a77fc14f1284f8aff92\PresentationCFFRasterizer.ni.dll
+ 2010-08-06 03:41 . 2010-08-06 03:41 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\2f6d26933767848fd267b84b8b3b0cb3\Microsoft.WSMan.Runtime.ni.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\84511052318cb515e2939c9f18160ad3\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-10-12 04:22 . 2009-10-12 04:22 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-08-06 03:31 . 2010-08-06 03:31 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 13824 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 16896 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.resources.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.resources.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Editor.resources.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.resources.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 49152 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.resources.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.resources.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 10752 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 57344 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\1.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 66560 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 65536 c:\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 90112 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 77824 c:\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 32768 c:\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 11264 c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 28672 c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 26112 c:\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 33792 c:\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 12288 c:\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-09-26 21:13 . 2009-06-09 23:28 64000 c:\windows\agrsmdel.exe
+ 2009-10-09 20:57 . 2009-10-09 20:57 20480 c:\windows\$968930Uinstall_KB968930$\PSCustomSetupUtil.exe
+ 2010-08-06 15:43 . 2010-08-06 15:43 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\wmvdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\wmvdmod.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-19 03:47 . 2006-10-19 03:47 4096 c:\windows\system32\WMVADVD.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\wmsdmod.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 2048 c:\windows\system32\winrsmgr.dll
+ 2009-10-09 22:23 . 2009-10-09 22:23 4608 c:\windows\system32\WindowsPowerShell\v1.0\pwrshmsg.dll
+ 2009-10-09 22:23 . 2009-10-09 22:23 4096 c:\windows\system32\WindowsPowerShell\v1.0\powershell_ise.resources.dll
+ 2006-10-19 03:58 . 2006-10-19 03:58 8704 c:\windows\system32\wdfmgr.exe
+ 2006-10-19 03:47 . 2006-10-19 03:47 4096 c:\windows\system32\wdfapi.dll
+ 2006-10-19 03:58 . 2006-10-19 03:58 8704 c:\windows\system32\uwdf.exe
+ 2008-05-27 04:19 . 2008-05-27 04:19 2048 c:\windows\system32\UncRes.dll
+ 2003-02-21 00:43 . 2003-02-21 00:43 4096 c:\windows\system32\mui\0409\mscoreer.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\MPG4DMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\dllcache\wmvdmod.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\dllcache\MPG4DMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\dllcache\MP4SDMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 4096 c:\windows\system32\dllcache\MP43DMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 7168 c:\windows\system32\dllcache\asferror.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 7168 c:\windows\system32\asferror.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.3082.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.3076.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.2070.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8024 c:\windows\Microsoft.NET\NETFXRepair.2052.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1055.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1053.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1049.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1046.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1045.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1044.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1043.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1042.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1041.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1040.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1038.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1037.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1036.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1035.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1033.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1032.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1031.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1030.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1029.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8024 c:\windows\Microsoft.NET\NETFXRepair.1028.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1025.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8032 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelRegUI.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8040 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 8032 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
+ 2003-02-21 01:09 . 2003-02-21 01:09 9216 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll
+ 2003-02-21 13:25 . 2003-02-21 13:25 6656 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll
+ 2003-02-21 13:25 . 2003-02-21 13:25 6144 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 4608 c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2003-02-21 13:24 . 2003-02-21 13:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe
+ 2003-02-21 13:24 . 2003-02-21 13:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll
- 2009-06-17 04:25 . 2010-04-29 09:09 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2010-08-06 04:32 . 2010-08-06 04:32 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
- 2009-10-17 09:06 . 2009-10-17 09:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 7168 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 9216 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.resources.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 7168 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 6656 c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 6144 c:\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 4608 c:\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 8192 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 7680 c:\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 9216 c:\windows\$968930Uinstall_KB968930$\PSSetupNativeUtils.exe
+ 2010-08-06 03:37 . 2010-08-06 03:37 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2006-09-29 00:56 . 2006-09-29 00:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-09-29 00:56 . 2006-09-29 00:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-09-29 00:56 . 2006-09-29 00:56 146432 c:\windows\system32\WudfHost.exe
+ 2009-10-09 20:56 . 2009-10-09 20:56 209408 c:\windows\system32\WsmWmiPl.dll
+ 2009-10-09 22:22 . 2009-10-09 22:22 368640 c:\windows\system32\WsmRes.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 139776 c:\windows\system32\WsmAuto.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 225280 c:\windows\system32\wsmanhttpconfig.exe
+ 2006-10-19 03:47 . 2006-10-19 03:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 154624 c:\windows\system32\wpdmtp.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2004-08-04 12:00 . 2009-04-02 05:02 604160 c:\windows\system32\wmspdmod.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 130048 c:\windows\system32\wmpps.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-10-19 03:47 . 2008-06-25 00:12 295936 c:\windows\system32\wmpeffects.dll
+ 2004-08-04 12:00 . 2009-07-14 05:43 286208 c:\windows\system32\wmpdxm.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 242688 c:\windows\system32\wmpasf.dll
+ 2004-08-04 12:00 . 2008-06-18 11:03 938496 c:\windows\system32\WMNetmgr.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 157184 c:\windows\system32\wmidx.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 227328 c:\windows\system32\wmerror.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2004-08-04 12:00 . 2007-10-27 23:40 222720 c:\windows\system32\wmasf.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 757248 c:\windows\system32\WMADMOD.dll
+ 2009-10-09 20:56 . 2009-10-09 20:56 233984 c:\windows\system32\winrscmd.dll
+ 2009-08-01 05:27 . 2009-08-01 05:27 201184 c:\windows\system32\winrm.vbs
- 2004-08-04 12:00 . 2010-02-25 06:24 916480 c:\windows\system32\wininet.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 916480 c:\windows\system32\wininet.dll
+ 2009-10-09 22:23 . 2009-10-09 22:23 148480 c:\windows\system32\WindowsPowerShell\v1.0\pspluginwkr.dll
+ 2009-10-09 20:57 . 2009-10-09 20:57 204800 c:\windows\system32\WindowsPowerShell\v1.0\powershell_ise.exe
+ 2009-10-09 20:56 . 2009-10-09 20:56 448000 c:\windows\system32\WindowsPowerShell\v1.0\powershell.exe
+ 2009-10-09 20:57 . 2009-10-09 20:57 112640 c:\windows\system32\WindowsPowerShell\v1.0\Modules\BitsTransfer\microsoft.backgroundintelligenttransfer.management.interop.dll
+ 2009-07-16 16:22 . 2009-07-16 16:22 126976 c:\windows\system32\WindowsPowerShell\v1.0\CompiledComposition.Microsoft.PowerShell.GPowerShell.dll
+ 2009-10-09 22:23 . 2009-10-09 22:23 178176 c:\windows\system32\wevtfwd.dll
+ 2008-05-27 04:19 . 2008-05-27 04:19 131072 c:\windows\system32\UncPH.dll
+ 2008-05-27 04:19 . 2008-05-27 04:19 108032 c:\windows\system32\UncNE.dll
+ 2008-05-27 04:19 . 2008-05-27 04:19 143872 c:\windows\system32\UncDMS.dll
+ 2008-05-27 03:59 . 2008-05-27 03:59 106605 c:\windows\system32\structuredqueryschema.bin
+ 2008-05-27 04:17 . 2008-05-27 04:17 301568 c:\windows\system32\srchadmin.dll
+ 2008-05-27 04:18 . 2008-05-27 04:18 184832 c:\windows\system32\searchprotocolhost.exe
+ 2008-05-27 04:18 . 2008-05-27 04:18 439808 c:\windows\system32\searchindexer.exe
+ 2004-08-04 12:00 . 2006-10-19 03:47 211456 c:\windows\system32\qasf.dll
+ 2008-05-27 04:17 . 2008-05-27 04:17 754176 c:\windows\system32\propsys.dll
+ 2010-03-18 16:09 . 2010-03-18 16:09 295264 c:\windows\system32\PresentationHost.exe
+ 2006-10-19 03:47 . 2006-10-19 03:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2004-08-04 12:00 . 2010-08-10 03:36 503870 c:\windows\system32\perfh009.dat
+ 2009-08-03 21:07 . 2009-08-03 21:07 230768 c:\windows\system32\OGAEXEC.exe
+ 2009-08-03 21:07 . 2009-08-03 21:07 403816 c:\windows\system32\OGACheckControl.dll
+ 2009-08-03 21:07 . 2009-08-03 21:07 322928 c:\windows\system32\OGAAddin.dll
+ 2004-08-04 12:00 . 2008-03-07 17:02 192000 c:\windows\system32\offfilt.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 192000 c:\windows\system32\offfilt.dll
+ 2008-05-27 04:19 . 2008-05-27 04:19 273408 c:\windows\system32\oeph.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 206848 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 321536 c:\windows\system32\mswmdm.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 771424 c:\windows\system32\msvcr100_clr0400.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 611840 c:\windows\system32\mstime.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 611840 c:\windows\system32\mstime.dll
+ 2008-05-27 04:18 . 2008-05-27 04:18 203776 c:\windows\system32\mssphtb.dll
+ 2008-05-27 04:18 . 2009-05-25 06:24 350208 c:\windows\system32\mssph.dll
+ 2008-05-27 04:18 . 2008-05-27 04:18 231936 c:\windows\system32\msshsq.dll
+ 2004-08-04 12:00 . 2006-12-04 22:21 414720 c:\windows\system32\msscp.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 175616 c:\windows\system32\mspmsp.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 179712 c:\windows\system32\msnetobj.dll
+ 2009-03-08 10:32 . 2010-05-06 10:41 599040 c:\windows\system32\msfeeds.dll
+ 2006-10-02 21:28 . 2006-10-02 21:28 312128 c:\windows\system32\msdelta.dll
+ 2009-09-24 06:30 . 2009-09-24 06:30 156488 c:\windows\system32\mscorier.dll
+ 2010-03-18 16:09 . 2010-03-18 16:09 297808 c:\windows\system32\mscoree.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 212992 c:\windows\system32\MFPLAT.dll
+ 2004-08-04 12:00 . 2008-06-18 07:09 100864 c:\windows\system32\logagent.exe
- 2009-06-17 03:48 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll
+ 2009-06-17 03:48 . 2010-01-29 15:01 691712 c:\windows\system32\inetcomm.dll
+ 2005-10-29 05:49 . 2005-10-29 05:49 151552 c:\windows\system32\ifxcardm.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
- 2004-08-04 12:00 . 2010-02-24 09:54 173056 c:\windows\system32\ie4uinit.exe
+ 2009-06-16 21:36 . 2010-08-06 04:47 174672 c:\windows\system32\FNTCACHE.DAT
- 2009-06-16 21:36 . 2010-04-28 22:13 174672 c:\windows\system32\FNTCACHE.DAT
+ 2010-03-18 19:16 . 2010-03-18 19:16 486216 c:\windows\system32\evr.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-10-19 02:00 . 2006-10-19 02:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-10-19 03:47 . 2006-10-19 03:47 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2004-08-04 12:00 . 2009-04-02 05:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2004-08-04 12:00 . 2009-07-14 05:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 242688 c:\windows\system32\dllcache\wmpasf.dll
+ 2004-08-04 12:00 . 2008-06-18 11:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 227328 c:\windows\system32\dllcache\wmerror.dll
+ 2004-08-04 12:00 . 2007-10-27 23:40 222720 c:\windows\system32\dllcache\wmasf.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 757248 c:\windows\system32\dllcache\WMADMOD.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-04 12:00 . 2007-06-27 04:10 317440 c:\windows\system32\dllcache\unregmp2.exe
+ 2004-08-04 12:00 . 2010-05-06 10:41 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 321536 c:\windows\system32\dllcache\mswmdm.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 12:00 . 2006-12-04 22:21 414720 c:\windows\system32\dllcache\msscp.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 175616 c:\windows\system32\dllcache\mspmsp.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 179712 c:\windows\system32\dllcache\msnetobj.dll
+ 2009-07-29 13:31 . 2010-05-06 10:41 599040 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-06-17 03:49 . 2006-10-19 03:47 243712 c:\windows\system32\dllcache\mpvis.dll
+ 2004-08-04 12:00 . 2008-06-18 07:09 100864 c:\windows\system32\dllcache\logagent.exe
- 2009-06-17 13:30 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-06-17 13:30 . 2010-01-29 15:01 691712 c:\windows\system32\dllcache\inetcomm.dll
- 2009-06-17 13:39 . 2010-02-25 06:24 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-06-17 13:39 . 2010-05-06 10:41 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 12:00 . 2010-02-24 09:54 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-04 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-04 12:00 . 2006-10-19 03:47 991744 c:\windows\system32\dllcache\drmv2clt.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 229376 c:\windows\system32\dllcache\cewmdm.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 542720 c:\windows\system32\dllcache\blackbox.dll
+ 2010-04-20 05:30 . 2010-04-20 05:30 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 229376 c:\windows\system32\cewmdm.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 542720 c:\windows\system32\blackbox.dll
+ 2005-10-29 05:49 . 2005-10-29 05:49 133120 c:\windows\system32\axaltocm.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 276992 c:\windows\system32\audiodev.dll
+ 2004-08-04 12:00 . 2010-04-20 05:30 285696 c:\windows\system32\atmfd.dll
- 2004-08-04 12:00 . 2008-04-14 00:09 285696 c:\windows\system32\atmfd.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 114520 c:\windows\Microsoft.NET\NETFXRepair.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 915800 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 753504 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 350592 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClientsideProviders.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 163168 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClient.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 675672 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Speech.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 334688 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Printing.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 581464 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\ReachFramework.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 832856 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationUI.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 801136 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 181096 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 194424 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Royale.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 478576 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Luna.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 167288 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Classic.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 232304 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Aero.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 807264 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NaturalLanguage6.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 138592 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Linq.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 699224 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xaml.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 857960 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Services.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 269672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Transactions.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 113512 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceProcess.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 129912 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Routing.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 390008 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Discovery.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 505208 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activities.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 261472 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Security.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 122264 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 291184 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Remoting.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 349568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.DurableInstancing.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 231760 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 253280 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Messaging.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 134528 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.Instrumentation.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 378720 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 123736 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IO.Log.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 125816 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.Selectors.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 392552 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.dll
+ 2010-03-18 06:51 . 2010-03-18 06:51 109568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Wrapper.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 246128 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 120152 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Dynamic.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 607064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 182144 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.Protocols.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 395120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 285072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.AccountManagement.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 829280 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Deployment.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 747360 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.SqlXml.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 436600 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.Client.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 683872 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Linq.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 409448 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.configuration.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 210816 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.Composition.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 149848 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 122248 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.DurableInstancing.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 525704 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Core.Presentation.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 112976 c:\windows\Microsoft.NET\Framework\v4.0.30319\sysglobl.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 124240 c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
+ 2009-08-31 10:44 . 2009-08-31 10:44 144416 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\sqmapi.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 295248 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\SetupUi.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 807256 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\SetupEngine.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 173920 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 121688 c:\windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 150856 c:\windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 130384 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 335184 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 110936 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 372048 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 145752 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpehost.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 413008 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 955728 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 661352 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 349576 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 170368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 387960 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 746336 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.JScript.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 505184 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.CSharp.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 794464 c:\windows\Microsoft.NET\Framework\v4.0.30319\EventLogMessages.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 688472 c:\windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 129880 c:\windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 105808 c:\windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 105288 c:\windows\Microsoft.NET\Framework\v4.0.30319\alink.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 139088 c:\windows\Microsoft.NET\Framework\v4.0.30319\AdoNetDiag.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 255304 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\vbc7ui.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 255896 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\Microsoft.VisualBasic.Activities.CompilerUI.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 182088 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\cscui.dll
+ 2010-03-30 07:06 . 2010-03-30 07:06 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 05:57 . 2010-04-08 05:57 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-30 01:16 . 2008-07-30 01:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-08 05:57 . 2010-04-08 05:57 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2004-07-15 17:23 . 2004-07-15 17:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 20:31 . 2004-07-15 20:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 303104 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-15 06:35 . 2004-07-15 06:35 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2003-02-21 01:09 . 2003-02-21 01:09 122880 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusres.dll
+ 2003-02-21 01:09 . 2003-02-21 01:09 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusion.dll
+ 2004-08-10 22:20 . 2004-08-10 22:20 106496 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2003-02-21 10:42 . 2003-02-21 10:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
+ 2004-07-15 06:33 . 2004-07-15 06:33 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2003-02-21 00:43 . 2003-02-21 00:43 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll
+ 2010-03-31 20:51 . 2010-03-31 20:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 20:49 . 2010-03-31 20:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2004-07-15 06:32 . 2004-07-15 06:32 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 720896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 06:35 . 2004-07-15 06:35 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-15 06:24 . 2004-07-15 06:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-02-21 01:16 . 2003-02-21 01:16 798720 c:\windows\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll
+ 2003-02-21 16:21 . 2003-02-21 16:21 524288 c:\windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
+ 2004-07-15 17:23 . 2004-07-15 17:23 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2002-07-29 17:11 . 2002-07-29 17:11 219136 c:\windows\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll
+ 2010-03-31 21:32 . 2010-03-31 21:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2003-02-21 11:04 . 2003-02-21 11:04 155648 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll
+ 2003-02-21 09:02 . 2003-02-21 09:02 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-02-25 06:14 . 2010-02-25 06:14 543232 c:\windows\Installer\43703d.msp
+ 2010-08-06 03:11 . 2010-08-06 03:11 119296 c:\windows\Installer\229c7e.msi
+ 2009-06-17 04:25 . 2010-08-06 03:52 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-06-17 04:25 . 2010-08-06 03:52 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-06-17 04:25 . 2010-04-29 09:09 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2004-08-04 12:00 . 2007-06-27 04:10 317440 c:\windows\inf\unregmp2.exe
+ 2010-08-06 03:21 . 2009-05-26 09:01 382840 c:\windows\ie8updates\KB982632-IE8\spuninst\updspapi.dll
+ 2010-08-06 03:21 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB982632-IE8\spuninst\spuninst.exe
+ 2010-08-06 03:21 . 2009-05-12 05:11 102912 c:\windows\ie8updates\KB982632-IE8\iecompat.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-08-06 03:33 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-08-06 03:33 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-08-06 03:33 . 2010-02-25 06:24 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-08-06 03:33 . 2009-03-08 10:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-08-06 03:33 . 2010-02-24 09:54 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-08-06 15:20 . 2010-08-06 15:20 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cdd1f0c6\System.Drawing.dll
+ 2010-08-06 15:21 . 2010-08-06 15:21 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_385663af\System.Drawing.Design.dll
+ 2010-08-06 15:21 . 2010-08-06 15:21 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_dd72f8fc\CustomMarshalers.dll
+ 2010-08-06 04:37 . 2010-08-06 04:37 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\cc063533b04f9420d1aa571a36d1fabd\WindowsFormsIntegration.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5786f917a7b62d63ca8dd5b47aaf9610\UIAutomationTypes.ni.dll
+ 2010-08-06 04:37 . 2010-08-06 04:37 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ece129234f9ba9ad856d0e77e4849137\UIAutomationClient.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\18419dd13ced512c5f8dc15a79a601eb\System.Windows.Input.Manipulations.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 721920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\09a97525ae5583cc2685e2c39a3078bd\System.Security.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 758784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e30ded9b9c19a264a974b1cc40d7d2cc\System.Runtime.Remoting.ni.dll
+ 2010-08-06 03:38 . 2010-08-06 03:38 144896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\b07f0d26a34ad53fc369248f289d1126\System.Numerics.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd5c866d2462dd913ed0a0287396aa50\System.Net.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ab3e80af8e5e95a5a62092cc9293c91\System.Messaging.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\8b5fe7aff54a7aed07287257a9b8e420\System.Management.Instrumentation.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\150da10324f2811a48da58d3496bbe10\System.IO.Log.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\386f41f744eedacd1517c8a15750a48b\System.IdentityModel.Selectors.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 373248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\1331ee3a7146218388537aa7e41303af\System.Dynamic.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\7f4419b6f829a2485d83b3c3e7b26a97\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\46a7f51ef1a9d917598b96f7a758a459\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-06 04:35 . 2010-08-06 04:35 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\36342e6024e2844502d0bdaa9d30971a\System.Device.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\caecc65b5c0ede0fe0d55b9f48ada80f\System.Data.DataSetExtensions.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 973312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 145920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\aea1d325200e1a7b1ee7ec86fba33db4\System.Configuration.Install.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 193536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\7d8e51e92fede804332703770695afdb\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4a518b841f06ee4f07320159cf918a2c\System.ComponentModel.Composition.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 613888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\767e70aec1ffb52f95c2b07c08fa0781\System.AddIn.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 402944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\8594d07d18330843968d649ed6ef6166\System.Activities.DurableInstancing.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 316928 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.exe
+ 2010-08-06 04:33 . 2010-08-06 04:33 142336 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 283648 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f5e029e2215c95ab38a1eefef7b32ac9\PresentationFramework.Classic.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 450048 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3555f5f74c56fa92c0ab7a635af91bfa\PresentationFramework.Aero.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 327168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\040571d65dc822e5df020d5e084f4b45\PresentationFramework.Royale.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\016f9a150fce0e0a4c93532d8fa4c749\PresentationFramework.Luna.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a038973772308ebcb92e16ed1f0d5087\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 418304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5f595338c63c2fdb5a171760c29d5bcf\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 193024 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d2574c8ae333ff959be2e0d83121ad10\CustomMarshalers.ni.dll
+ 2010-08-06 04:09 . 2010-08-06 04:09 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\42865a9d1fae70a11165e8422c062796\WindowsFormsIntegration.ni.dll
+ 2010-08-06 04:09 . 2010-08-06 04:09 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\025b4a7092b19f268d9ffc26e61937fd\UIAutomationClient.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\110155b58d16c4c83fb55543872e54cd\System.Web.DynamicData.ni.dll
+ 2010-08-06 03:42 . 2010-08-06 03:42 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\839c5491c4679c834208b26e2ef7b74b\System.IO.Log.ni.dll
+ 2010-08-06 03:45 . 2010-08-06 03:45 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\9393841243d057e86f3decdcb550f84e\System.IdentityModel.Selectors.ni.dll
+ 2010-08-06 03:43 . 2010-08-06 03:43 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\ea74bf8bfd3249e532f1e4f91913eed2\SMSvcHost.ni.exe
+ 2010-08-06 03:43 . 2010-08-06 03:43 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\85996eb3a566f1002134fdb5c56dcdf5\SMDiagnostics.ni.dll
+ 2010-08-06 03:43 . 2010-08-06 03:43 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\fe6f6f7f6bed0033b1937c984fe38dc0\ServiceModelReg.ni.exe
+ 2010-08-06 04:08 . 2010-08-06 04:08 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b2ef5026f2bc32a1d64dc4432a45752a\PresentationFramework.Aero.ni.dll
+ 2010-08-06 04:08 . 2010-08-06 04:08 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\93819b9cb6570ad270cfd5df15a96f94\PresentationFramework.Royale.ni.dll
+ 2010-08-06 04:08 . 2010-08-06 04:08 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8945fb809558e668770f5247762be480\PresentationFramework.Classic.ni.dll
+ 2010-08-06 04:08 . 2010-08-06 04:08 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2b04ea745849aa35d6d2ac2f388ae9f6\PresentationFramework.Luna.ni.dll
+ 2010-08-06 03:41 . 2010-08-06 03:41 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\333d4715b7c6e99d2cdba4a3edc65d51\Microsoft.WSMan.Management.ni.dll
+ 2010-08-06 03:43 . 2010-08-06 03:43 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\5867bf25f2db27389473ff7335798efa\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86affe3b4a1382114b533ccf7f5f560f\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\861acb15092a21e516d387e7ee7815e6\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4c3ba58468aeb0315c31705354357c99\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2010-08-06 04:31 . 2010-08-06 04:31 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4b00d9e3c6352fc3feb35323a222dac2\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2010-08-06 03:41 . 2010-08-06 03:41 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2529703d3e0d2f9fd06cc0230f2bda3f\Microsoft.PowerShell.Security.ni.dll
+ 2010-08-06 03:43 . 2010-08-06 03:43 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\27f2396b30b0e6e4c6b94b62f33fc8be\ComSvcConfig.ni.exe
- 2009-10-17 09:06 . 2009-10-17 09:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-06 03:31 . 2010-08-06 03:31 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 253952 c:\windows\assembly\GAC_MSIL\System.Management.Automation.resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.resources.dll
+ 2010-08-06 03:31 . 2010-08-06 03:31 442368 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-06 03:31 . 2010-08-06 03:31 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-10-12 04:22 . 2009-10-12 04:22 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 274432 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 278528 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 651264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 991232 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Editor.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 200704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 618496 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 262144 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 102400 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 573440 c:\windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 819200 c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 126976 c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 131072 c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 323584 c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 241664 c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 372736 c:\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 241664 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 466944 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 303104 c:\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 299008 c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 720896 c:\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-06 03:33 . 2009-06-18 00:59 379184 c:\windows\$968930Uinstall_KB968930$\spuninst\updspapi.dll
+ 2010-08-06 03:33 . 2009-06-18 00:59 221488 c:\windows\$968930Uinstall_KB968930$\spuninst\spuninst.exe
+ 2009-10-09 22:23 . 2009-10-09 22:23 1107456 c:\windows\system32\WsmSvc.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2004-08-04 12:00 . 2010-04-06 10:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 8231936 c:\windows\system32\wmploc.dll
+ 2006-10-19 03:47 . 2006-10-19 03:47 1661440 c:\windows\system32\wmpencen.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2009-06-17 14:00 . 2010-05-02 05:22 1851264 c:\windows\system32\win32k.sys
+ 2004-08-04 12:00 . 2010-05-06 10:41 1209344 c:\windows\system32\urlmon.dll
- 2004-08-04 12:00 . 2010-02-25 06:24 1209344 c:\windows\system32\urlmon.dll
+ 2008-05-27 04:21 . 2008-05-27 04:21 1582592 c:\windows\system32\tquery.dll
+ 2004-08-04 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 2010-08-06 03:11 . 2008-10-30 02:43 1204128 c:\windows\system32\ReinstallBackups\0003\DriverFiles\AGRSM.sys
- 2004-08-04 12:00 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll
+ 2004-08-04 12:00 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2008-05-27 04:21 . 2008-05-27 04:21 1418240 c:\windows\system32\mssrch.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 5950976 c:\windows\system32\mshtml.dll
- 2009-03-08 10:32 . 2010-02-25 06:24 1985536 c:\windows\system32\iertutil.dll
+ 2009-03-08 10:32 . 2010-05-06 10:41 1985536 c:\windows\system32\iertutil.dll
+ 2008-10-30 02:43 . 2009-08-13 21:07 1163328 c:\windows\system32\drivers\AGRSM.sys
+ 2004-08-04 12:00 . 2010-04-06 10:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 8231936 c:\windows\system32\dllcache\wmploc.dll
+ 2004-08-04 12:00 . 2006-10-19 03:47 1117696 c:\windows\system32\dllcache\WMADMOE.dll
+ 2009-04-17 12:26 . 2010-05-02 05:22 1851264 c:\windows\system32\dllcache\win32k.sys
- 2004-08-04 12:00 . 2010-02-25 06:24 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2009-06-17 03:49 . 2006-11-02 00:31 1669120 c:\windows\system32\dllcache\setup_wm.exe
+ 2008-12-20 22:14 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
- 2008-12-20 22:14 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2010-01-01 20:15 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2010-01-01 20:15 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2004-08-04 12:00 . 2010-05-06 10:41 5950976 c:\windows\system32\dllcache\mshtml.dll
- 2009-06-17 13:39 . 2010-02-25 06:24 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-06-17 13:39 . 2010-05-06 10:41 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-11-12 02:06 . 2009-11-12 02:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1303896 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 6346600 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 3545952 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 2650464 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsLexicons0009.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 4881752 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsData0009.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 2199880 c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 4982120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1711496 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.DataVisualization.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 6067048 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1026936 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 3481928 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 4464480 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 2970968 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1339736 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1462648 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Presentation.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1199968 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.dll
+ 2010-03-18 20:26 . 2010-03-18 20:26 1163264 c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\netfx_core_x86.msi
+ 2010-03-18 19:16 . 2010-03-18 19:16 5196112 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1141592 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 2989456 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2010-03-18 19:16 . 2010-03-18 19:16 1972552 c:\windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
+ 2010-03-18 19:16 . 2010-03-18 19:16 6730056 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2010-04-08 05:57 . 2010-04-08 05:57 5988352 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2004-07-15 14:15 . 2004-07-15 14:15 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 20:29 . 2004-07-15 20:29 1339392 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 20:32 . 2004-07-15 20:32 2052096 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2010-04-01 17:42 . 2010-04-01 17:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-04-01 17:42 . 2010-04-01 17:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2004-07-15 20:29 . 2004-07-15 20:29 1703936 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 20:32 . 2004-07-15 20:32 1294336 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2010-03-31 20:50 . 2010-03-31 20:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 20:50 . 2010-03-31 20:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-04-01 17:42 . 2010-04-01 17:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2003-02-21 13:25 . 2003-02-21 13:25 1564672 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 3481928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 4982120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 5196112 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-08-06 03:37 . 2010-08-06 03:37 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2009-11-09 06:25 . 2009-11-09 06:25 1935360 c:\windows\Installer\437068.msp
+ 2010-07-01 04:52 . 2010-07-01 04:52 5522944 c:\windows\Installer\437061.msp
+ 2010-05-25 17:45 . 2010-05-25 17:45 8445440 c:\windows\Installer\43704f.msp
+ 2010-08-06 03:37 . 2010-08-06 03:37 1160192 c:\windows\Installer\229d4f.msi
+ 2010-04-12 04:17 . 2010-04-12 04:17 2607104 c:\windows\Installer\229d21.msp
+ 2010-04-12 04:17 . 2010-04-12 04:17 4210688 c:\windows\Installer\229d20.msp
+ 2010-04-24 23:10 . 2010-04-24 23:10 8486400 c:\windows\Installer\229d18.msp
+ 2010-05-05 04:25 . 2010-05-05 04:25 7681024 c:\windows\Installer\229cf3.msp
+ 2010-05-03 22:27 . 2010-05-03 22:27 6825472 c:\windows\Installer\229ce0.msp
+ 2010-05-03 22:06 . 2010-05-03 22:06 5053952 c:\windows\Installer\229ccd.msp
+ 2009-10-17 00:07 . 2009-10-17 00:07 6115328 c:\windows\Installer\229caf.msp
+ 2010-08-06 03:04 . 2010-08-06 03:04 3443712 c:\windows\Installer\1bc7f8.msi
+ 2009-02-05 08:09 . 2009-02-05 08:09 5283840 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\PresentationFramework_x86.dll
+ 2010-04-17 04:08 . 2010-04-17 04:08 5283840 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\PresentationFramework_GAC_x86.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-08-06 03:33 . 2010-02-25 06:24 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-08-06 15:21 . 2010-08-06 15:21 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ff3d7267\System.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_c1cbb9b7\System.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_ecc300aa\System.Xml.dll
+ 2010-08-06 15:21 . 2010-08-06 15:21 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_2ee27f1e\System.Xml.dll
+ 2010-08-06 15:21 . 2010-08-06 15:21 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_e9a9e0e5\System.Windows.Forms.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9d369b4e\System.Windows.Forms.dll
+ 2010-08-06 15:22 . 2010-08-06 15:22 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_6f051dbb\System.Drawing.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_199e9434\System.Design.dll
+ 2010-08-06 15:21 . 2010-08-06 15:21 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_166adfa7\System.Design.dll
+ 2010-08-06 15:22 . 2010-08-06 15:22 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ad11d8c1\mscorlib.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_6151c224\mscorlib.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 3779072 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
+ 2010-08-06 04:37 . 2010-08-06 04:37 1055744 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\5904383f7c86f1374a14198872dfa7d8\UIAutomationClientsideProviders.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 9000960 c:\windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 5571584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1776640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
+ 2010-08-06 04:37 . 2010-08-06 04:37 4496384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\9cf13572472dc2efe8f3b7c2ab6198d3\System.Windows.Forms.DataVisualization.ni.dll
+ 2010-08-06 04:37 . 2010-08-06 04:37 1828352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\87e09dfbe3a44d6b00d3a5895f5a21a6\System.Web.Services.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 1992192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\61a931da70f8078539a51cef3888d02d\System.Speech.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 1127424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dbf07cb14b4dcc210cdf8b5d90a12a56\System.ServiceModel.Discovery.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 1388032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\52481fccddb053768631c640d5059d4b\System.ServiceModel.Activities.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 2625024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1011200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1047040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\eb9369fc9393d29afe51e45cb49aa4be\System.Printing.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 1159168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 1065984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 1651200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1151488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\5166bf93ac5239837c9c92b58d183ea6\System.DirectoryServices.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1872384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\90fd7fc9fbf5f4eed9135996b515a38a\System.Deployment.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 6754816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\92cccedc7cda413ff6fc6492cb256b58\System.Data.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 2538496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\1fdd0961d8d07ef4d1fcaf30f0050c0a\System.Data.SqlXml.ni.dll
+ 2010-08-06 04:35 . 2010-08-06 04:35 1332736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\685c7df1332a74aaa899f2bdb3beabc3\System.Data.Services.Client.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 2499072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\87a713cee613d08ee04ae9483a9d4716\System.Data.Linq.ni.dll
+ 2010-08-06 03:39 . 2010-08-06 03:39 7025664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 4103168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\931ad0783c03deb967760d5c2387274a\System.Activities.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 3691520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a57e34a36f38a007aa24f1bd07a167ab\System.Activities.Presentation.ni.dll
+ 2010-08-06 04:34 . 2010-08-06 04:34 1506304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\607df7a11c3334146664bc74130bc38f\System.Activities.Core.Presentation.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 2842624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\42f0e1a4e3081c50503d74ebc0540a60\ReachFramework.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1622528 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\15578874ee1464dc6a3545d4be842e59\PresentationUI.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1819648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e8ab3b63bade82c3522613f2b1240c0d\Microsoft.VisualBasic.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1137664 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a21da853846463dd6a3e98bf9629372d\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1167872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2eef2f34c0295f1fe5d6d4441f9e790b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2010-08-06 04:33 . 2010-08-06 04:33 1079808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9952f66fc592ffc21b024803c8c955fd\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 2441728 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\08b2c2639708ab20748653185d6b67be\Microsoft.JScript.ni.dll
+ 2010-08-06 03:40 . 2010-08-06 03:40 1612288 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\05503f37aef5261d80ccca19f8078679\Microsoft.CSharp.ni.dll
+ 2010-08-06 03:58 . 2010-08-06 03:58 3346944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\25ff2322f1c8332eea006a5909939379\WindowsBase.ni.dll
+ 2010-08-06 04:09 . 2010-08-06 04:09 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\d22ad33e31956dde9987df16661faaae\UIAutomationClientsideProviders.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a1c436b0bd767343a1d6d6b78f542e28\System.WorkflowServices.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8a5f4465bdfa255a064f55ee78a16d93\System.Web.Extensions.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\d9e7dbdc2194199b8bda8aee5f870d5b\System.ServiceModel.Web.ni.dll
+ 2010-08-06 03:42 . 2010-08-06 03:42 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0b364243a87dd00ace32302814e93a38\System.Runtime.Serialization.ni.dll
+ 2010-08-06 04:08 . 2010-08-06 04:08 1039872 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\5e1fee65874ce9f5dcd4cb4fa281bfa2\System.Printing.ni.dll
+ 2010-08-06 03:41 . 2010-08-06 03:41 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\4fddbe9c2ff96b543a624459cad647b6\System.Management.Automation.ni.dll
+ 2010-08-06 03:42 . 2010-08-06 03:42 1075200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a15203084a0502d264c2a63af61b9ab7\System.IdentityModel.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\d692a8f434c9a24f3547f03ab7bf17be\System.Data.Services.ni.dll
+ 2010-08-06 03:32 . 2010-08-06 03:32 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c80ebd4174b87b33c01893f6593889a6\System.Data.Linq.ni.dll
+ 2010-08-06 04:32 . 2010-08-06 04:32 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\d55ff4dd57667e8aaff0a0ec7dbef33f\System.Data.Entity.ni.dll
+ 2010-08-06 04:08 . 2010-08-06 04:08 2132480 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\91bab88c40e9067cc3d363611443876a\ReachFramework.ni.dll
+ 2010-08-06 04:08 . 2010-08-06 04:08 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f650a8c78c9cb65aab91aff5188281ee\PresentationUI.ni.dll
+ 2010-08-06 03:43 . 2010-08-06 03:43 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cb836bafe3adbd03755ec9f79b1964e\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\74362bea6bc8a906a45d74c393969423\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2010-08-06 04:31 . 2010-08-06 04:31 3722240 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5dfb5531f1f601328f5c78f6c1d6d6c9\Microsoft.PowerShell.Editor.ni.dll
+ 2010-08-06 04:31 . 2010-08-06 04:31 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3c9fe38e5f6032e07fe077f47ebc91bc\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2010-08-06 03:57 . 2010-08-06 03:57 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-08-06 03:31 . 2010-08-06 03:31 5988352 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-08-06 03:34 . 2010-08-06 03:34 2682880 c:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-08-06 03:57 . 2010-08-06 03:57 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2009-10-17 09:06 . 2009-10-17 09:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-06 15:43 . 2010-08-06 15:43 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-06 03:57 . 2010-08-06 03:57 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 1339392 c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 2052096 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-08-06 15:20 . 2010-08-06 15:20 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 1703936 c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-08-06 15:00 . 2010-08-06 15:00 1294336 c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2010-08-06 03:03 . 2010-08-06 03:03 1564672 c:\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2004-08-04 12:00 . 2009-07-14 05:43 10841088 c:\windows\system32\wmp.dll
+ 2009-06-17 13:39 . 2010-07-02 18:39 34045896 c:\windows\system32\MRT.exe
+ 2009-03-08 10:39 . 2010-05-06 10:41 11076096 c:\windows\system32\ieframe.dll
+ 2004-08-04 12:00 . 2009-07-14 05:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-06-17 13:39 . 2010-05-06 10:41 11076096 c:\windows\system32\dllcache\ieframe.dll
+ 2010-04-03 01:29 . 2010-04-03 01:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-03-31 07:23 . 2010-03-31 07:23 15638528 c:\windows\Installer\437073.msp
+ 2010-04-02 18:30 . 2010-04-02 18:30 17456640 c:\windows\Installer\3bcaca.msp
+ 2010-08-06 14:59 . 2010-08-06 14:59 19210240 c:\windows\Installer\29b556.msp
+ 2010-04-12 04:17 . 2010-04-12 04:17 14599680 c:\windows\Installer\229d31.msp
+ 2010-04-24 23:09 . 2010-04-24 23:09 11750912 c:\windows\Installer\229d0f.msp
+ 2010-05-11 17:30 . 2010-05-11 17:30 11194880 c:\windows\Installer\229d06.msp
+ 2010-08-06 03:21 . 2010-08-06 03:21 20242432 c:\windows\Installer\229cbb.msp
+ 2009-10-27 20:57 . 2009-10-27 20:57 14009856 c:\windows\Installer\229c9c.msp
+ 2009-10-27 23:11 . 2009-10-27 23:11 11146240 c:\windows\Installer\229c89.msp
+ 2010-08-06 03:33 . 2010-02-25 17:54 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-08-06 03:40 . 2010-08-06 03:40 13006336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
+ 2010-08-06 04:36 . 2010-08-06 04:36 17919488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
+ 2010-08-06 04:35 . 2010-08-06 04:35 13273600 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\642a7b3d47828fb0070a55cfeb58f42b\System.Data.Entity.ni.dll
+ 2010-08-06 03:40 . 2010-08-06 03:40 17629184 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
+ 2010-08-06 03:40 . 2010-08-06 03:40 11057664 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
+ 2010-08-06 03:38 . 2010-08-06 03:38 14415872 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
+ 2010-08-06 03:43 . 2010-08-06 03:43 17383424 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\6c45c565806a245d7e1cfcff3bf7097f\System.ServiceModel.ni.dll
+ 2010-08-06 04:05 . 2010-08-06 04:05 14337024 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\013ea261fc17fa25fd515a4aa244f972\PresentationFramework.ni.dll
+ 2010-08-06 03:59 . 2010-08-06 03:59 12236288 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\8ed8c11db4dc6206ae09f91aabf56e89\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
BDARemote.lnk - c:\program files\USB TV\EM28XX\BDARemote.exe [2009-12-21 81997]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^Antimalware Doctor.lnk]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\Antimalware Doctor.lnk
backup=c:\windows\pss\Antimalware Doctor.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\PowerReg Scheduler.exe
backup=c:\windows\pss\PowerReg Scheduler.exeStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^Registration .LNK]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\Registration .LNK
backup=c:\windows\pss\Registration .LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Rick^Start Menu^Programs^Startup^Registration Myst V]
path=c:\documents and settings\Rick\Start Menu\Programs\Startup\Registration Myst V
backup=c:\windows\pss\Registration Myst VStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"1069:TCP"= 1069:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [8/3/2010 12:03 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [8/3/2010 12:03 PM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys [7/19/2010 5:28 PM 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [8/3/2010 12:02 PM 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [8/3/2010 12:02 PM 116784]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/4/2004 6:00 AM 14336]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [8/3/2010 11:59 AM 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/3/2010 5:57 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100805.004\IDSXpx86.sys [8/5/2010 7:19 PM 331640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 rak;rak;c:\windows\system32\rakion.sys [1/18/2010 10:09 PM 60928]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/4/2004 6:00 AM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
S3 XDva311;XDva311;\??\c:\windows\system32\XDva311.sys --> c:\windows\system32\XDva311.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/1/2010 1:29 PM 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
WINRM REG_MULTI_SZ WINRM

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 18:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5555
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Rick\Application Data\Mozilla\Firefox\Profiles\y7b58ive.default\
FF - prefs.js: browser.startup.homepage - www.msn.com
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\Rick\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-09 21:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(956)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-08-09 21:44:13
ComboFix-quarantined-files.txt 2010-08-10 03:43
ComboFix2.txt 2010-08-06 02:19

Pre-Run: 28,144,123,904 bytes free
Post-Run: 28,996,542,464 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - ACD0B66848AE8400E88798864DD71237


#8 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:15 PM

Posted 10 August 2010 - 02:09 PM

Good evening. smile.gif

As you are no longer using AVG, you can delete the following folder: c:\program files\AVG Other than that, I think you're done.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I want you to run your PC as normal for a few days and when you are happy that everything is fine, do the following:

Go to Start > Run, enter the following into the textbox and click OK: ComboFix /Uninstall
This will uninstall Combofix and do a little housework besides.

Create a new Restore Point with a memorable name - this will give a clean one should you need it in the future. If you use a Restore Point from before this point you may reinstall any infection that was present at the time, so only do so if using this latest one doesn't solve any issues.
A tutorial for System Restore is available here.

Some bedtime reading: This is a very good tutorial about keeping your computer safe and secure on the internet.

So long, and thanks for all the fish.

 

 


#9 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:08:15 PM

Posted 14 August 2010 - 01:59 PM

As this issue appears to have been resolved this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users