Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The Knockout Part 1


  • This topic is locked This topic is locked
55 replies to this topic

#1 vom53

vom53

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 25 August 2010 - 07:44 PM

This is my first time here and I would like to say hello to the Bleeping Computer community. I recently joined because I had the urge to ask an issue that I couldn't resolved. Over the years without registering, Bleeping Computer has been one of my sources for survival, but until now I have taken the chance to register because of the many benefits it offered.

This is Knockout Part 1 because this is only for my Windows XP computer. My Windows Vista laptop will be discuss in "Lots of Infections Vista" when I create that topic. I have been with Windows Vista starting from July 2009.

Let's get started shall we?

First,

Avast Free detected nothing.
PSMAntiKeyLogger detect hooks in xul.dll of Firefox and ieframe.dll in IE Explorer.
WinPatrol see no change.
Multi-AV scan with Sophos, McAfee, Kaspersky, Trend Micro detect nothing, but something in the Java directory. AppletX.class to be certain.
Malwarebytes AntiMalware Pro see nothing, and the IP protection is working perfectly in this computer (XP), but my laptop (Vista) the icon for Malwarebytes AntiMalware doesn't work when I right click it though the processes are running.
Combofix found nothing.
GMER(the one from the site) has detected malicious code in my drive sector. Don't know how to get rid of.
SuperAntiSpyware Free found nothing.
Spybot Search & Destroy delete a Gamevance folder since MBAM delete the Gamevance malware a couple of months ago.
Also scanned with Avast Rootkit, AntiVir Rootkit, Dr Web Cure IT, Rootkit Revealer, Helios, IceSword, Rootkit Buster, Rootkit Detector, McAfee Rootkit Detective.

As far as I can see, I have the MBR sector 61 virus and others nasty things.

Here are the logs:

DDS log
DDS (Ver_10-03-17.01) - NTFSx86
Run by Student at 22:44:09.68 on Tue 08/24/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.766.444 [GMT -7:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\PROGRA~1\PSMKorea\ANTIKE~1\PSMAntiS.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\PSMKorea\AntiKeyLogger\PSMAntiSpy.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\All Users\Documents\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mURLSearchHooks: H - No File
BHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - c:\program files\keyscrambler\KeyScramblerIE.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [PSMAntiKeyLogger] c:\program files\psmkorea\antikeylogger\PSMAntiSpy.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-system: HideFastUserSwitching = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-6-25 165456]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-4-27 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-25 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-17 40384]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-2-14 304464]
R2 PSMAntiSpy;PSMAntiSpy;c:\progra~1\psmkorea\antike~1\PSMAntiS.exe [2010-8-6 478720]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-17 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-17 40384]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2010-8-9 115312]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-2-14 20952]
S2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2010-7-19 91456]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-7-19 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2010-7-19 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2010-7-19 42752]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2010-7-19 23936]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]

=============== Created Last 30 ================

2010-08-20 01:37:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-08-18 04:58:25 2626 ----a-w- c:\windows\system32\config.bak
2010-08-18 04:58:25 2577 ----a-w- c:\windows\config.nt
2010-08-18 04:58:25 1688 ----a-w- c:\windows\system32\autoexec.bak
2010-08-18 04:58:25 1688 ----a-w- c:\windows\autoexec.nt
2010-08-17 00:21:36 212 ----a-w- c:\windows\system32\spupdsvc.inf
2010-08-17 00:20:01 0 d-----w- C:\f1cb9d7a5e75fc427cf7
2010-08-16 05:42:33 0 d-----w- C:\a3c7bede03ba3cc9515c0b8e
2010-08-16 05:42:24 0 d-----w- C:\60a4a5acebd8a57ba5
2010-08-16 04:31:07 0 d-----w- c:\program files\MSXML 4.0
2010-08-16 04:22:38 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-08-16 04:10:18 0 d-----w- C:\AV-CLS
2010-08-12 17:30:28 0 d-----w- c:\docume~1\student\applic~1\Auslogics
2010-08-11 02:07:03 0 d-----w- c:\docume~1\student\applic~1\WinPatrol
2010-08-11 02:06:54 0 d-----w- c:\program files\BillP Studios
2010-08-10 02:20:04 0 d-----w- c:\docume~1\student\applic~1\SUPERAntiSpyware.com
2010-08-10 02:18:08 115312 ----a-w- c:\windows\system32\drivers\keyscrambler.sys
2010-08-10 02:18:08 0 d-----w- c:\program files\KeyScrambler
2010-08-06 20:03:55 0 d-----w- c:\documents and settings\student\DoctorWeb
2010-08-06 19:58:39 0 d-----w- c:\program files\ThreatExpert Memory Scanner
2010-08-06 19:56:21 0 d-----w- c:\program files\PSMKorea
2010-08-06 03:02:38 0 d-----w- c:\docume~1\student\applic~1\Malwarebytes
2010-08-04 00:00:07 0 d-----w- c:\program files\BurnAware Free
2010-08-03 01:24:34 0 d-----w- c:\program files\MozBackup
2010-07-29 03:17:56 0 d-----w- c:\docume~1\alluse~1\applic~1\ashampoo

==================== Find3M ====================

2010-07-20 02:36:44 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motport_01007.Wdf
2010-07-20 02:36:40 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01007.Wdf
2010-07-20 02:36:35 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
2010-07-20 02:36:35 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgp_01007.Wdf
2010-07-20 02:36:32 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 20:57:33 38848 ----a-w- c:\windows\avastSS.scr
2010-06-24 12:15:28 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15:26 78336 ------w- c:\windows\system32\ieencode.dll
2010-06-24 12:15:26 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll

============= FINISH: 22:45:43.42 ===============

There are 3 Attachments. GMER log, Attach.txt from DDS, and the Report from RkUnhookerLE.

Attached Files


Edited by vom53, 26 August 2010 - 01:46 PM.
Mod Edit ~ removed code and such to make it easier on a helper's eyes. ~Pandy


BC AdBot (Login to Remove)

 


#2 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:12:06 AM

Posted 30 August 2010 - 09:56 PM

Hi vom53,

Welcome to Bleeping Computer!

My name is mpascal, and I will be helping you fix your problem.

Before we begin, I would like give a few guidelines so that we can fix your problem as quickly and efficiently as possible:
  • Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.
  • Please do not do anything or perform other steps unless I have asked you to do so.
  • Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.
  • Don't attach any logs unless asked. Posting them in the forums will make them easier to analyze.
  • If you are unsure of how to reply, or need help with anything regarding the website, please look here.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

STEP 1 - MBAM

Note: In the event that you already have MBAM installed, you do not need to reinstall it. Simply Updating it and doing a Quickscan is sufficient.

Please download Malwarebytes Anti-Malware (v1.44) and save it to your desktop.MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

STEP 2 - GMER

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.

STEP 3 - OTL

Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • In the Custom Scans box, copy and paste the following:
    CODE
    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of the files, and post it with your next reply.
STEP 4 - Reply

Please reply with the following logs:
  • MBAM Log
  • GMER Log
  • OTL Log

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#3 vom53

vom53
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 31 August 2010 - 12:16 AM

Thank you for your reply, but I already provided those logs in my first post except for the OldTimer log.

I have MBAM Pro and did the scan Quick/Full/Flash and came with no results. Clean.
Gmer found a malicious sector 61 and I found that to be something with mbr (I think).
The OTL log cannot be provided due to problems with the program in my computer so I hope the DDS log from my first post would be enough.

The Gmer log, Attach.txt, and Report can be found from my first post.

Edited by vom53, 31 August 2010 - 12:21 AM.


#4 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:12:06 AM

Posted 31 August 2010 - 10:10 AM

Hi there,

Please download MBRCheck to your desktop.
  • Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
  • It will open a black window, please do not fix anything (if it gives you an option).
  • Exit that window and it will produce a log (MBRCheck_date_time).
  • Please post that log when you reply.

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#5 vom53

vom53
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 31 August 2010 - 02:33 PM

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000d

Kernel Drivers (total 120):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EE000 \WINDOWS\system32\hal.dll
0xF7A64000 \WINDOWS\system32\KDCOM.DLL
0xF7974000 \WINDOWS\system32\BOOTVID.dll
0xF7515000 ACPI.sys
0xF7A66000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF7504000 pci.sys
0xF7564000 isapnp.sys
0xF7B2C000 pciide.sys
0xF77E4000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF7A68000 intelide.sys
0xF7574000 MountMgr.sys
0xF74E5000 ftdisk.sys
0xF77EC000 PartMgr.sys
0xF7584000 VolSnap.sys
0xF74CD000 atapi.sys
0xF7594000 disk.sys
0xF75A4000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF74AD000 fltmgr.sys
0xF7496000 KSecDD.sys
0xF7409000 Ntfs.sys
0xF73DC000 NDIS.sys
0xF73C2000 Mup.sys
0xF7704000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xF6CC5000 \SystemRoot\System32\DRIVERS\ialmnt5.sys
0xF6CB1000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xF7874000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xF6C8D000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF787C000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xF6B80000 \SystemRoot\system32\DRIVERS\BCMSM.sys
0xF6B5D000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7884000 \SystemRoot\System32\Drivers\Modem.SYS
0xF7714000 \SystemRoot\System32\DRIVERS\bcm4sbxp.sys
0xF788C000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF7724000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xF6B42000 \SystemRoot\System32\drivers\keyscrambler.sys
0xF789C000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF7734000 \SystemRoot\System32\DRIVERS\serial.sys
0xF7382000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF6B2E000 \SystemRoot\System32\DRIVERS\parport.sys
0xF7744000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF7754000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF7764000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF6AA8000 \SystemRoot\system32\drivers\smwdm.sys
0xF6A84000 \SystemRoot\system32\drivers\portcls.sys
0xF7774000 \SystemRoot\system32\drivers\drmk.sys
0xF7A8C000 \SystemRoot\system32\drivers\aeaudio.sys
0xF737A000 \SystemRoot\system32\DRIVERS\fsvga.sys
0xF7B70000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF7784000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xF7376000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF6A6D000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF7794000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF77A4000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF78A4000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF78AC000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF78B4000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF77B4000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF78BC000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF7A8E000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF6A0F000 \SystemRoot\System32\DRIVERS\update.sys
0xF736E000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF69E1000 \SystemRoot\system32\DRIVERS\MarvinBus.sys
0xF77C4000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF75C4000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF7A94000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF78C4000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xF7A98000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7B92000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A9A000 \SystemRoot\System32\Drivers\Beep.SYS
0xF78D4000 \SystemRoot\System32\drivers\vga.sys
0xF7A9C000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A9E000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF78DC000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF78E4000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF6D8B000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xEE83E000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xF75E4000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xEE7E5000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xF75F4000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xEE7BF000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xF7604000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xEE797000 \SystemRoot\System32\DRIVERS\netbt.sys
0xEE775000 \SystemRoot\System32\drivers\afd.sys
0xF7614000 \SystemRoot\System32\DRIVERS\netbios.sys
0xEE753000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0xF78EC000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xEE728000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xF7A54000 \??\C:\WINDOWS\system32\drivers\pclepci.sys
0xF7A58000 \SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS
0xEE690000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF7644000 \SystemRoot\System32\Drivers\Fips.SYS
0xF7BAB000 \SystemRoot\System32\Drivers\BANTExt.sys
0xEE669000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF78FC000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF738E000 \SystemRoot\System32\DRIVERS\hidusb.sys
0xF7664000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
0xF7904000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
0xF69DD000 \SystemRoot\System32\DRIVERS\mouhid.sys
0xF7674000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF69D1000 \SystemRoot\System32\drivers\Dxapi.sys
0xF790C000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BD8000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF03F000 \SystemRoot\System32\ialmdev5.DLL
0xBF06B000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xEE58D000 \??\C:\WINDOWS\system32\drivers\mbam.sys
0xEE589000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xEE332000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xF7B0C000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xEDFF9000 \SystemRoot\System32\Drivers\HTTP.sys
0xEDFBC000 \SystemRoot\system32\drivers\wdmaud.sys
0xEE2AA000 \SystemRoot\system32\drivers\sysaudio.sys
0xF78F4000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xEDC9E000 \SystemRoot\System32\DRIVERS\ipfltdrv.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 30):
0 System Idle Process
4 System
440 C:\WINDOWS\system32\smss.exe
500 C:\WINDOWS\system32\csrss.exe
524 C:\WINDOWS\system32\winlogon.exe
568 C:\WINDOWS\system32\services.exe
580 C:\WINDOWS\system32\lsass.exe
732 C:\PROGRA~1\PSMKorea\ANTIKE~1\PSMAntiS.exe
792 C:\WINDOWS\system32\svchost.exe
840 C:\WINDOWS\system32\svchost.exe
940 C:\WINDOWS\system32\svchost.exe
1100 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1256 C:\WINDOWS\explorer.exe
1380 C:\WINDOWS\system32\hkcmd.exe
1388 C:\WINDOWS\BCMSMMSG.exe
1396 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
1404 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1428 C:\Program Files\PSMKorea\AntiKeyLogger\PSMAntiSpy.exe
1452 C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
1476 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1492 C:\WINDOWS\system32\ctfmon.exe
1728 C:\WINDOWS\system32\spoolsv.exe
1828 C:\Program Files\Java\jre6\bin\jqs.exe
1916 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
1980 C:\WINDOWS\system32\svchost.exe
308 C:\WINDOWS\system32\wuauclt.exe
544 C:\Program Files\Mozilla Firefox\firefox.exe
1216 C:\WINDOWS\system32\alg.exe
2916 C:\Documents and Settings\Student\Desktop\MBRCheck.exe
3780 <unknown>

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: ST340014A, Rev: 3.16

Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

#6 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:12:06 AM

Posted 31 August 2010 - 04:35 PM

Hi there,

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#7 vom53

vom53
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 31 August 2010 - 10:11 PM

If you're wondering, "Student" is the admin. I didn't have a better name for the account.

ComboFix 10-08-31.01 - Student 08/31/2010 19:44:32.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.766.439 [GMT -7:00]
Running from: c:\documents and settings\Student\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
The following files were disabled during the run:
c:\progra~1\PSMKorea\ANTIKE~1\PSMAntiK.dll


((((((((((((((((((((((((( Files Created from 2010-08-01 to 2010-09-01 )))))))))))))))))))))))))))))))
.

2010-08-27 22:47 . 2010-08-27 22:47 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-08-27 15:16 . 2010-08-27 15:16 61440 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-10276ae8-n\decora-sse.dll
2010-08-27 15:16 . 2010-08-27 15:16 503808 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1ae8c807-n\msvcp71.dll
2010-08-27 15:16 . 2010-08-27 15:16 499712 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1ae8c807-n\jmc.dll
2010-08-27 15:16 . 2010-08-27 15:16 348160 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1ae8c807-n\msvcr71.dll
2010-08-27 15:16 . 2010-08-27 15:16 12800 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-10276ae8-n\decora-d3d.dll
2010-08-27 01:03 . 2010-08-27 01:03 -------- d-----w- c:\program files\Common Files\Java
2010-08-27 01:02 . 2010-08-27 01:02 503808 ----a-w- c:\documents and settings\Student\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-45e28d65-n\msvcp71.dll
2010-08-27 01:02 . 2010-08-27 01:02 499712 ----a-w- c:\documents and settings\Student\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-45e28d65-n\jmc.dll
2010-08-27 01:02 . 2010-08-27 01:02 348160 ----a-w- c:\documents and settings\Student\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-45e28d65-n\msvcr71.dll
2010-08-27 01:02 . 2010-08-27 01:02 61440 ----a-w- c:\documents and settings\Student\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1d611405-n\decora-sse.dll
2010-08-27 01:02 . 2010-08-27 01:02 12800 ----a-w- c:\documents and settings\Student\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1d611405-n\decora-d3d.dll
2010-08-20 01:37 . 2010-06-01 17:37 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-08-17 00:20 . 2010-08-17 00:21 -------- d-----w- C:\f1cb9d7a5e75fc427cf7
2010-08-16 05:42 . 2010-08-16 05:42 -------- d-----w- C:\a3c7bede03ba3cc9515c0b8e
2010-08-16 05:42 . 2010-08-16 05:42 -------- d-----w- C:\60a4a5acebd8a57ba5
2010-08-16 05:40 . 2010-08-16 05:40 -------- d-----w- c:\documents and settings\Student\Local Settings\Application Data\PCHealth
2010-08-16 04:31 . 2010-08-16 04:31 -------- d-----w- c:\program files\MSXML 4.0
2010-08-16 04:22 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-08-16 04:10 . 2010-08-20 01:10 -------- d-----w- C:\AV-CLS
2010-08-12 17:30 . 2010-08-12 17:30 -------- d-----w- c:\documents and settings\Student\Application Data\Auslogics
2010-08-11 02:22 . 2010-08-11 02:22 -------- d-----w- c:\documents and settings\Owner\Application Data\WinPatrol
2010-08-11 02:07 . 2010-05-26 04:39 95 ----a-w- c:\documents and settings\Student\Application Data\WinPatrol\Autoexec.bat
2010-08-11 02:07 . 2009-02-14 04:58 0 ----a-w- c:\documents and settings\Student\Application Data\WinPatrol\Config.sys
2010-08-11 02:07 . 2010-08-11 02:07 -------- d-----w- c:\documents and settings\Student\Application Data\WinPatrol
2010-08-11 02:06 . 2010-08-11 02:06 -------- d-----w- c:\program files\BillP Studios
2010-08-10 05:40 . 2009-10-05 19:34 796400 ----a-w- c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\imd4m0l9.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
2010-08-10 02:20 . 2010-08-16 04:20 63488 ----a-w- c:\documents and settings\Student\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-08-10 02:20 . 2010-08-10 02:20 52224 ----a-w- c:\documents and settings\Student\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-08-10 02:20 . 2010-08-16 04:20 117760 ----a-w- c:\documents and settings\Student\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-10 02:20 . 2010-08-10 02:20 -------- d-----w- c:\documents and settings\Student\Application Data\SUPERAntiSpyware.com
2010-08-10 02:19 . 2009-10-05 19:34 796400 ----a-w- c:\documents and settings\Student\Application Data\Mozilla\Firefox\Profiles\uy7op82h.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
2010-08-10 02:18 . 2010-08-10 02:18 -------- d-----w- c:\program files\KeyScrambler
2010-08-10 02:18 . 2009-10-04 21:33 115312 ----a-w- c:\windows\system32\drivers\keyscrambler.sys
2010-08-08 02:57 . 2010-08-08 02:57 -------- d-----w- c:\documents and settings\Student\Application Data\vlc
2010-08-06 20:03 . 2010-08-06 20:03 -------- d-----w- c:\documents and settings\Student\DoctorWeb
2010-08-06 19:58 . 2010-08-06 20:02 -------- d-----w- c:\program files\ThreatExpert Memory Scanner
2010-08-06 19:56 . 2010-08-06 19:56 -------- d-----w- c:\program files\PSMKorea
2010-08-06 03:59 . 2010-08-17 01:31 95168 ----a-w- c:\documents and settings\Student\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-06 03:02 . 2010-08-06 03:02 -------- d-----w- c:\documents and settings\Student\Application Data\Malwarebytes
2010-08-04 04:00 . 2010-08-04 04:00 -------- d-----w- c:\documents and settings\Owner\Program Files
2010-08-04 00:51 . 2010-08-04 00:51 364560 ----a-r- c:\documents and settings\Student\Application Data\Microsoft\Installer\{D3880A64-6112-47b7-8BFE-70EEA07B43E0}\SCTUI.exe
2010-08-04 00:00 . 2010-08-04 00:00 -------- d-----w- c:\program files\BurnAware Free
2010-08-03 23:25 . 2009-10-06 09:59 993280 ----a-w- c:\documents and settings\Student\Application Data\Mozilla\Firefox\Profiles\uy7op82h.default\extensions\SolidStateION@solidstatenetworks.com\plugins\solidnm.exe
2010-08-03 23:25 . 2009-10-06 09:59 122880 ----a-w- c:\documents and settings\Student\Application Data\Mozilla\Firefox\Profiles\uy7op82h.default\extensions\SolidStateION@solidstatenetworks.com\plugins\npssn.dll
2010-08-03 23:22 . 2010-08-03 23:22 -------- d-----w- c:\documents and settings\Student\Local Settings\Application Data\Mozilla
2010-08-03 03:58 . 2010-08-03 03:58 364560 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{D3880A64-6112-47b7-8BFE-70EEA07B43E0}\SCTUI.exe
2010-08-03 01:24 . 2010-08-03 01:24 -------- d-----w- c:\program files\MozBackup

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-31 23:55 . 2009-11-14 17:21 -------- d-----w- c:\documents and settings\Owner\Application Data\DNA
2010-08-31 04:52 . 2009-06-13 17:17 -------- d-----w- c:\documents and settings\Owner\Application Data\.purple
2010-08-30 20:42 . 2009-02-14 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-27 01:02 . 2010-04-02 19:17 -------- d-----w- c:\program files\Java
2010-08-17 05:36 . 2009-02-14 06:55 95168 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-16 04:21 . 2009-12-31 20:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-12 17:06 . 2009-04-11 01:54 -------- d-----w- c:\program files\SpywareBlaster
2010-08-11 16:14 . 2009-02-14 21:04 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-10 23:48 . 2009-02-14 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2010-08-10 01:37 . 2009-02-14 07:39 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-05 02:43 . 2009-02-14 05:49 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-04 04:00 . 2009-11-14 17:21 -------- d-----w- c:\program files\DNA
2010-08-03 23:30 . 2009-07-30 17:57 -------- d-----w- c:\program files\CCleaner
2010-07-29 03:18 . 2010-07-29 03:18 -------- d-----w- c:\documents and settings\Owner\Application Data\Ashampoo
2010-07-29 03:17 . 2010-07-29 03:17 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo
2010-07-20 02:36 . 2010-07-20 02:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motport_01007.Wdf
2010-07-20 02:36 . 2010-07-20 02:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01007.Wdf
2010-07-20 02:36 . 2010-07-20 02:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
2010-07-20 02:36 . 2010-07-20 02:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motccgp_01007.Wdf
2010-07-20 02:36 . 2010-07-20 02:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-07-20 02:34 . 2010-07-20 02:33 -------- d-----w- c:\program files\Common Files\Motorola Shared
2010-07-20 02:33 . 2010-07-20 02:33 -------- d-----w- c:\program files\Motorola
2010-07-17 12:00 . 2010-04-24 02:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-12 00:51 . 2010-07-11 18:24 -------- d-----w- c:\documents and settings\Owner\Application Data\vlc
2010-07-11 21:55 . 2009-06-16 20:53 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
2010-07-11 21:53 . 2009-02-15 20:16 -------- d-----w- c:\documents and settings\Owner\Application Data\Media Player Classic
2010-07-09 03:39 . 2010-07-09 03:38 -------- d-----w- c:\program files\TI Education
2010-07-09 03:38 . 2010-07-09 03:38 -------- d-----w- c:\program files\Common Files\TI Shared
2010-07-09 03:37 . 2010-05-02 00:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-09 02:22 . 2010-07-09 00:52 -------- d-----w- c:\program files\FastLink
2010-07-05 05:59 . 2010-07-05 05:59 -------- d-----w- c:\program files\Lame for Audacity
2010-06-30 12:31 . 2003-07-16 20:43 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 20:57 . 2010-06-29 18:38 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2009-06-26 05:55 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2009-06-26 05:55 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2009-06-26 05:55 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2009-06-26 05:55 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2009-06-26 05:55 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2009-06-26 05:55 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2009-06-26 05:55 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2009-06-26 05:55 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-24 12:15 . 2003-07-16 20:51 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2004-08-04 07:56 78336 ------w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2003-07-16 20:25 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-23 13:44 . 2003-07-16 20:51 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2003-07-16 20:46 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2003-07-16 20:29 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-16 03:51 . 2010-06-16 03:51 1089 ----a-w- c:\documents and settings\Owner\Application Data\.purple\certificates\x509\tls_peers\login.yahoo.com
2010-06-14 14:31 . 2009-02-14 04:55 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-14 07:41 . 2003-07-16 20:37 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-12 03:58 . 2010-02-12 05:20 50354 ----a-w- c:\documents and settings\Owner\Application Data\Facebook\uninstall.exe
2010-06-09 10:45 . 2010-06-09 10:45 5591040 ----a-w- c:\documents and settings\Owner\Application Data\Facebook\npfbplugin_1_0_3.dll
2010-06-06 03:33 . 2010-06-06 03:33 1691 ----a-w- c:\documents and settings\Owner\Application Data\.purple\certificates\x509\tls_peers\api.screenname.aol.com
.

((((((((((((((((((((((((((((( SnapShot@2010-08-11_03.15.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-29 06:42 . 2009-06-29 06:42 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2010-09-01 02:34 . 2010-09-01 02:34 16384 c:\windows\Temp\Perflib_Perfdata_57c.dat
+ 2008-10-22 09:47 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2008-10-22 09:47 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
- 2009-02-14 06:18 . 2009-03-23 17:50 26488 c:\windows\system32\spupdsvc.exe
+ 2009-02-14 06:18 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
+ 2009-03-05 05:26 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2009-03-13 18:01 . 2007-11-30 12:39 17272 c:\windows\system32\spmsg.dll
- 2009-03-13 18:01 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2003-07-16 20:41 . 2010-06-24 12:15 44544 c:\windows\system32\pngfilt.dll
- 2003-07-16 20:41 . 2010-01-05 10:00 44544 c:\windows\system32\pngfilt.dll
+ 2003-07-16 20:41 . 2010-09-01 02:39 65080 c:\windows\system32\perfc009.dat
+ 2008-07-25 18:17 . 2008-07-25 18:17 15360 c:\windows\system32\mui\0409\mscorees.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 15360 c:\windows\system32\mui\0409\mscorees.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 52224 c:\windows\system32\msfeedsbs.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 83968 c:\windows\system32\mscories.dll
+ 2003-07-16 20:31 . 2010-06-24 12:15 27648 c:\windows\system32\jsproxy.dll
- 2003-07-16 20:31 . 2010-01-05 10:00 27648 c:\windows\system32\jsproxy.dll
+ 2007-08-14 02:39 . 2010-06-23 12:06 13824 c:\windows\system32\ieudinit.exe
- 2007-08-14 02:39 . 2009-12-31 15:33 13824 c:\windows\system32\ieudinit.exe
- 2003-07-16 20:30 . 2010-01-05 10:00 44544 c:\windows\system32\iernonce.dll
+ 2003-07-16 20:30 . 2010-06-24 12:15 44544 c:\windows\system32\iernonce.dll
+ 2003-07-16 20:30 . 2010-06-23 12:06 70656 c:\windows\system32\ie4uinit.exe
- 2003-07-16 20:30 . 2009-12-31 15:33 70656 c:\windows\system32\ie4uinit.exe
- 2007-08-14 02:36 . 2010-01-05 10:00 63488 c:\windows\system32\icardie.dll
+ 2007-08-14 02:36 . 2010-06-24 12:15 63488 c:\windows\system32\icardie.dll
- 2007-08-14 02:36 . 2010-01-05 10:00 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-08-14 02:36 . 2010-06-24 12:15 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2009-02-16 00:48 . 2010-01-05 10:00 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-02-16 00:48 . 2010-06-24 12:15 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2009-02-16 00:48 . 2009-12-31 15:33 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2009-02-16 00:48 . 2010-06-23 12:06 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2007-08-14 02:39 . 2010-01-05 10:00 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2007-08-14 02:39 . 2010-06-24 12:15 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2007-08-14 02:45 . 2010-06-24 12:15 78336 c:\windows\system32\dllcache\ieencode.dll
- 2007-08-14 02:45 . 2010-01-05 10:00 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-14 02:39 . 2010-06-23 12:06 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-14 02:39 . 2009-12-31 15:33 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-02-16 00:48 . 2010-01-05 10:00 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-02-16 00:48 . 2010-06-24 12:15 63488 c:\windows\system32\dllcache\icardie.dll
+ 2006-10-15 00:43 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
- 2007-08-14 02:42 . 2010-01-05 10:00 17408 c:\windows\system32\dllcache\corpol.dll
+ 2007-08-14 02:42 . 2010-06-24 12:15 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96760 c:\windows\system32\dfshim.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 96760 c:\windows\system32\dfshim.dll
+ 2003-07-16 20:25 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
+ 2003-07-16 20:24 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-10-24 09:47 . 2007-10-24 09:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 33792 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-30 00:27 . 2008-07-30 00:27 93184 c:\windows\Installer\96da2.msi
+ 2008-07-30 04:07 . 2008-07-30 04:07 23040 c:\windows\Installer\43fa59.msp
+ 2010-08-17 00:15 . 2010-08-17 00:15 88576 c:\windows\Installer\3999e9.msi
+ 2010-08-16 04:31 . 2010-08-16 04:31 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2010-08-16 05:19 . 2010-08-16 05:19 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2009-11-20 06:03 . 2009-11-20 06:03 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
+ 2009-04-01 02:21 . 2010-08-16 05:28 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
- 2009-04-01 02:21 . 2010-01-26 06:52 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2010-08-16 05:18 . 2010-08-16 05:18 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2010-03-27 04:12 . 2010-03-27 04:12 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-08-16 04:31 . 2010-08-16 04:31 32768 c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2007-03-23 02:13 . 2007-03-23 02:13 23904 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IPDMCTRL.DLL
+ 2010-08-16 05:26 . 2010-01-05 10:00 44544 c:\windows\ie7updates\KB2183461-IE7\pngfilt.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 52224 c:\windows\ie7updates\KB2183461-IE7\msfeedsbs.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 27648 c:\windows\ie7updates\KB2183461-IE7\jsproxy.dll
+ 2010-08-16 05:26 . 2009-12-31 15:33 13824 c:\windows\ie7updates\KB2183461-IE7\ieudinit.exe
+ 2010-08-16 05:26 . 2010-01-05 10:00 44544 c:\windows\ie7updates\KB2183461-IE7\iernonce.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 78336 c:\windows\ie7updates\KB2183461-IE7\ieencode.dll
+ 2010-08-16 05:26 . 2009-12-31 15:33 70656 c:\windows\ie7updates\KB2183461-IE7\ie4uinit.exe
+ 2010-08-16 05:26 . 2010-01-05 10:00 63488 c:\windows\ie7updates\KB2183461-IE7\icardie.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 17408 c:\windows\ie7updates\KB2183461-IE7\corpol.dll
+ 2010-08-17 00:20 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 73728 c:\windows\assembly\tmp\NU06CIOU\System.ServiceModel.Install.dll
+ 2010-08-16 23:25 . 2010-08-16 23:25 36864 c:\windows\assembly\tmp\4DJPV17D\Microsoft.Build.Framework.dll
+ 2010-08-17 00:32 . 2010-08-17 00:32 51200 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a2315de80fa8b442ac44377cc8aa3218\UIAutomationProvider.ni.dll
+ 2010-08-17 18:49 . 2010-08-17 18:49 33280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\b3d5b24607c290b503ccc0450cb3b067\System.Windows.Presentation.ni.dll
+ 2010-08-17 18:46 . 2010-08-17 18:46 81920 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\ad39190c0302ee83bb31d8d98b82bd2d\System.AddIn.Contract.ni.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 89600 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\294cf9b1340fdabb830119453a91db4f\ServiceModelReg.ni.exe
+ 2010-08-17 00:30 . 2010-08-17 00:30 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\26920a3fb33cd170ed2fa1cce5d54425\PresentationFontCache.ni.exe
+ 2010-08-17 00:32 . 2010-08-17 00:32 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\f45ae9dca1f4e4a74359095560dd32bc\PresentationCFFRasterizer.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\28ea74096df47800fe2c78bb2b9a4f2a\Microsoft.Vsa.ni.dll
+ 2010-08-17 00:31 . 2010-08-17 00:31 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f0e9a97ade4529d4caeccd467aa8e7db\Microsoft.VisualC.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\48f4e304e8c263bb337f5b5a87e56898\Microsoft.Build.Framework.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\36dbc4689f7c51e393504230004c9dec\Microsoft.Build.Framework.ni.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a2865dcec9c5d3cc9c55f026cbad6fcc\dfsvc.ni.exe
+ 2010-08-17 00:31 . 2010-08-17 00:31 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 09:47 . 2007-10-24 09:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-24 09:47 . 2007-10-24 09:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-11-20 06:06 . 2009-11-20 06:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-11-20 06:06 . 2009-11-20 06:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2006-10-15 04:21 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll
+ 2003-07-16 20:51 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2003-07-16 20:51 . 2010-06-24 12:15 233472 c:\windows\system32\webcheck.dll
- 2003-07-16 20:51 . 2010-01-05 10:00 233472 c:\windows\system32\webcheck.dll
+ 2003-07-16 20:49 . 2010-03-09 11:09 430080 c:\windows\system32\vbscript.dll
- 2003-07-16 20:49 . 2008-05-09 10:53 430080 c:\windows\system32\vbscript.dll
- 2003-07-16 20:49 . 2010-01-05 10:00 105984 c:\windows\system32\url.dll
+ 2003-07-16 20:49 . 2010-06-24 12:15 105984 c:\windows\system32\url.dll
+ 2009-03-05 05:26 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-03-05 05:26 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-03-05 05:26 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-03-05 05:26 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-03-05 05:26 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2006-10-15 00:44 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2006-10-15 00:40 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2006-10-15 00:40 . 2007-03-23 05:03 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-15 00:42 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-10-15 00:42 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2006-10-15 00:42 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2006-10-15 00:43 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-10-15 00:43 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll
+ 2003-07-16 20:41 . 2010-09-01 02:39 426070 c:\windows\system32\perfh009.dat
+ 2003-07-16 20:40 . 2010-06-24 12:15 102912 c:\windows\system32\occache.dll
- 2003-07-16 20:40 . 2010-01-05 10:00 102912 c:\windows\system32\occache.dll
+ 2009-10-06 04:44 . 2009-08-07 02:23 274288 c:\windows\system32\mucltui.dll
+ 2003-07-16 20:36 . 2010-06-24 12:15 671232 c:\windows\system32\mstime.dll
- 2003-07-16 20:36 . 2010-01-05 10:00 671232 c:\windows\system32\mstime.dll
- 2003-07-16 20:36 . 2010-01-05 10:00 193024 c:\windows\system32\msrating.dll
+ 2003-07-16 20:36 . 2010-06-24 12:15 193024 c:\windows\system32\msrating.dll
+ 2003-07-16 20:35 . 2010-06-24 12:15 477696 c:\windows\system32\mshtmled.dll
- 2003-07-16 20:35 . 2010-01-05 10:00 477696 c:\windows\system32\mshtmled.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 459264 c:\windows\system32\msfeeds.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 459264 c:\windows\system32\msfeeds.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 158720 c:\windows\system32\mscorier.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 282112 c:\windows\system32\mscoree.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 282112 c:\windows\system32\mscoree.dll
+ 2010-08-27 01:02 . 2010-07-17 12:00 153376 c:\windows\system32\javaws.exe
- 2010-04-24 02:00 . 2010-04-13 00:29 153376 c:\windows\system32\javaws.exe
- 2010-04-24 02:00 . 2010-04-13 00:29 145184 c:\windows\system32\javaw.exe
+ 2010-08-27 01:02 . 2010-07-17 12:00 145184 c:\windows\system32\javaw.exe
- 2010-04-24 02:00 . 2010-04-13 00:29 145184 c:\windows\system32\java.exe
+ 2010-08-27 01:02 . 2010-07-17 12:00 145184 c:\windows\system32\java.exe
+ 2009-02-14 04:55 . 2010-01-29 15:01 691712 c:\windows\system32\inetcomm.dll
- 2009-02-14 04:55 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll
- 2007-08-14 02:34 . 2010-01-05 10:00 268288 c:\windows\system32\iertutil.dll
+ 2007-08-14 02:34 . 2010-06-24 12:15 268288 c:\windows\system32\iertutil.dll
+ 2003-07-16 20:30 . 2010-06-24 12:15 192512 c:\windows\system32\iepeers.dll
- 2003-07-16 20:30 . 2010-01-05 10:00 192512 c:\windows\system32\iepeers.dll
- 2003-07-16 20:30 . 2010-01-05 10:00 385024 c:\windows\system32\iedkcs32.dll
+ 2003-07-16 20:30 . 2010-06-24 12:15 385024 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 20:27 . 2010-06-24 12:15 380928 c:\windows\system32\ieapfltr.dll
- 2007-07-11 20:27 . 2010-01-05 10:00 380928 c:\windows\system32\ieapfltr.dll
- 2003-07-16 20:30 . 2009-12-18 13:04 161792 c:\windows\system32\ieakui.dll
+ 2003-07-16 20:30 . 2010-06-17 15:11 161792 c:\windows\system32\ieakui.dll
+ 2003-07-16 20:30 . 2010-06-24 12:15 230400 c:\windows\system32\ieaksie.dll
- 2003-07-16 20:30 . 2010-01-05 10:00 230400 c:\windows\system32\ieaksie.dll
+ 2003-07-16 20:30 . 2010-06-24 12:15 153088 c:\windows\system32\ieakeng.dll
- 2003-07-16 20:30 . 2010-01-05 10:00 153088 c:\windows\system32\ieakeng.dll
+ 2009-02-13 20:46 . 2010-08-17 01:24 323520 c:\windows\system32\FNTCACHE.DAT
- 2009-02-13 20:46 . 2010-08-04 00:29 323520 c:\windows\system32\FNTCACHE.DAT
- 2004-08-04 07:56 . 2010-01-05 10:00 133120 c:\windows\system32\extmgr.dll
+ 2004-08-04 07:56 . 2010-06-24 12:15 133120 c:\windows\system32\extmgr.dll
- 2003-07-16 20:27 . 2010-01-05 10:00 214528 c:\windows\system32\dxtrans.dll
+ 2003-07-16 20:27 . 2010-06-24 12:15 214528 c:\windows\system32\dxtrans.dll
+ 2003-07-16 20:27 . 2010-06-24 12:15 347136 c:\windows\system32\dxtmsft.dll
- 2003-07-16 20:27 . 2010-01-05 10:00 347136 c:\windows\system32\dxtmsft.dll
+ 2003-07-16 20:47 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2003-07-16 20:34 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys
+ 2006-10-15 04:21 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll
+ 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2009-02-15 00:03 . 2010-06-24 12:15 832512 c:\windows\system32\dllcache\wininet.dll
- 2009-02-15 00:03 . 2010-01-05 10:00 832512 c:\windows\system32\dllcache\wininet.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 233472 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 233472 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-14 02:54 . 2008-05-09 10:53 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2007-08-14 02:54 . 2010-03-09 11:09 430080 c:\windows\system32\dllcache\vbscript.dll
- 2007-08-14 02:44 . 2010-01-05 10:00 105984 c:\windows\system32\dllcache\url.dll
+ 2007-08-14 02:44 . 2010-06-24 12:15 105984 c:\windows\system32\dllcache\url.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2009-02-15 00:01 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys
+ 2008-12-05 06:54 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll
+ 2006-10-15 00:44 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe
- 2007-08-14 02:44 . 2010-01-05 10:00 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-14 02:44 . 2010-06-24 12:15 102912 c:\windows\system32\dllcache\occache.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 671232 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 671232 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-14 02:44 . 2010-06-24 12:15 193024 c:\windows\system32\dllcache\msrating.dll
- 2007-08-14 02:44 . 2010-01-05 10:00 193024 c:\windows\system32\dllcache\msrating.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2009-02-16 00:48 . 2010-01-05 10:00 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-02-16 00:48 . 2010-06-24 12:15 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-02-15 00:01 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
- 2009-02-15 00:01 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-02-15 00:01 . 2010-01-29 15:01 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2007-08-14 02:43 . 2010-06-17 15:12 634656 c:\windows\system32\dllcache\iexplore.exe
+ 2009-02-16 00:48 . 2010-06-24 12:15 268288 c:\windows\system32\dllcache\iertutil.dll
- 2009-02-16 00:48 . 2010-01-05 10:00 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 192512 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 192512 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-14 02:39 . 2010-01-05 10:00 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-14 02:39 . 2010-06-24 12:15 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-02-16 00:48 . 2010-06-24 12:15 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2009-02-16 00:48 . 2010-01-05 10:00 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2003-07-16 20:30 . 2009-12-18 13:04 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2003-07-16 20:30 . 2010-06-17 15:11 161792 c:\windows\system32\dllcache\ieakui.dll
- 2007-08-14 02:39 . 2010-01-05 10:00 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-14 02:39 . 2010-06-24 12:15 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-14 02:39 . 2010-06-24 12:15 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-14 02:39 . 2010-01-05 10:00 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-14 02:35 . 2010-06-24 12:15 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-14 02:35 . 2010-01-05 10:00 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2007-08-14 02:35 . 2010-06-24 12:15 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2007-08-14 02:35 . 2010-01-05 10:00 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2010-04-20 05:30 . 2010-04-20 05:30 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2007-08-14 02:39 . 2010-06-24 12:15 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-08-14 02:39 . 2010-01-05 10:00 124928 c:\windows\system32\dllcache\advpack.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2003-07-16 20:24 . 2010-04-20 05:30 285696 c:\windows\system32\atmfd.dll
- 2003-07-16 20:24 . 2008-04-14 00:09 285696 c:\windows\system32\atmfd.dll
+ 2003-07-16 20:23 . 2010-06-24 12:15 124928 c:\windows\system32\advpack.dll
- 2003-07-16 20:23 . 2010-01-05 10:00 124928 c:\windows\system32\advpack.dll
+ 2003-07-16 20:23 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 438272 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 367104 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 998408 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-24 09:47 . 2007-10-24 09:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-30 00:37 . 2008-07-30 00:37 911360 c:\windows\Installer\96daa.msp
+ 2008-07-30 00:33 . 2008-07-30 00:33 506368 c:\windows\Installer\96da9.msp
+ 2008-07-30 00:35 . 2008-07-30 00:35 553472 c:\windows\Installer\96da7.msp
+ 2008-07-30 04:23 . 2008-07-30 04:23 250880 c:\windows\Installer\43fa62.msp
+ 2008-07-30 04:28 . 2008-07-30 04:28 278016 c:\windows\Installer\43fa60.msp
+ 2008-07-30 02:40 . 2008-07-30 02:40 291840 c:\windows\Installer\43fa5e.msp
+ 2008-07-30 00:35 . 2008-07-30 00:35 553472 c:\windows\Installer\3999ee.msp
+ 2008-07-30 00:33 . 2008-07-30 00:33 506368 c:\windows\Installer\3999ec.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37 911360 c:\windows\Installer\3999eb.msp
+ 2010-08-27 01:03 . 2010-08-27 01:03 180224 c:\windows\Installer\347364.msi
+ 2010-08-20 01:28 . 2010-08-20 01:28 301056 c:\windows\Installer\26a43c.msi
+ 2010-08-16 04:31 . 2010-08-16 04:31 432640 c:\windows\Installer\14c019.msi
+ 2010-08-16 04:31 . 2010-08-16 04:31 429568 c:\windows\Installer\14c012.msi
- 2009-04-01 02:21 . 2010-01-26 06:52 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-04-01 02:21 . 2010-08-16 05:28 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-06 04:29 . 2010-08-16 05:30 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2009-10-06 04:29 . 2010-08-08 00:45 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-04-19 21:01 . 2007-04-19 21:01 238424 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL
+ 2007-01-17 03:32 . 2007-01-17 03:32 136032 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL
+ 2009-10-07 01:37 . 2009-10-07 01:37 103776 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IPATHPIA.DLL
+ 2007-04-19 20:54 . 2007-04-19 20:54 169312 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL
+ 2010-08-16 05:26 . 2010-01-05 10:00 832512 c:\windows\ie7updates\KB2183461-IE7\wininet.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 233472 c:\windows\ie7updates\KB2183461-IE7\webcheck.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 105984 c:\windows\ie7updates\KB2183461-IE7\url.dll
+ 2010-08-16 05:26 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2183461-IE7\spuninst\updspapi.dll
+ 2010-08-16 05:26 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2183461-IE7\spuninst\spuninst.exe
+ 2010-08-16 05:26 . 2010-01-05 10:00 102912 c:\windows\ie7updates\KB2183461-IE7\occache.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 671232 c:\windows\ie7updates\KB2183461-IE7\mstime.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 193024 c:\windows\ie7updates\KB2183461-IE7\msrating.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 477696 c:\windows\ie7updates\KB2183461-IE7\mshtmled.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 459264 c:\windows\ie7updates\KB2183461-IE7\msfeeds.dll
+ 2010-08-16 05:26 . 2009-12-18 13:05 634648 c:\windows\ie7updates\KB2183461-IE7\iexplore.exe
+ 2010-08-16 05:26 . 2010-01-05 10:00 268288 c:\windows\ie7updates\KB2183461-IE7\iertutil.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 192512 c:\windows\ie7updates\KB2183461-IE7\iepeers.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 385024 c:\windows\ie7updates\KB2183461-IE7\iedkcs32.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 380928 c:\windows\ie7updates\KB2183461-IE7\ieapfltr.dll
+ 2010-08-16 05:26 . 2009-12-18 13:04 161792 c:\windows\ie7updates\KB2183461-IE7\ieakui.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 230400 c:\windows\ie7updates\KB2183461-IE7\ieaksie.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 153088 c:\windows\ie7updates\KB2183461-IE7\ieakeng.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 133120 c:\windows\ie7updates\KB2183461-IE7\extmgr.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 214528 c:\windows\ie7updates\KB2183461-IE7\dxtrans.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 347136 c:\windows\ie7updates\KB2183461-IE7\dxtmsft.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 124928 c:\windows\ie7updates\KB2183461-IE7\advpack.dll
+ 2010-08-17 00:20 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2010-08-17 00:20 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2010-08-17 00:20 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2010-08-17 00:20 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2010-08-17 00:20 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-02-15 00:01 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-08-16 23:16 . 2010-08-16 23:16 425984 c:\windows\assembly\tmp\T17DJPV1\System.configuration.dll
+ 2010-08-16 05:00 . 2010-08-16 05:00 299008 c:\windows\assembly\tmp\MV17DJPV\System.Runtime.Remoting.dll
+ 2010-08-16 04:59 . 2010-08-16 04:59 630784 c:\windows\assembly\tmp\LTZ5BHNT\System.Drawing.dll
+ 2010-08-16 05:09 . 2010-08-16 05:09 372736 c:\windows\assembly\tmp\BKQW28EK\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 323072 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\01b6312d304049e46d94a2f56cbbc05c\WsatConfig.ni.exe
+ 2010-08-18 05:57 . 2010-08-18 05:57 224256 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b7e3c5e2637d06bf099a7208cd887616\WindowsFormsIntegration.ni.dll
+ 2010-08-17 00:32 . 2010-08-17 00:32 175616 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\1f4201fd43cc6ac3cb3966d2a1159c59\UIAutomationTypes.ni.dll
+ 2010-08-18 05:56 . 2010-08-18 05:56 450048 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\1f4ffd6509104633b0a88eca044affd6\UIAutomationClient.ni.dll
+ 2010-08-18 05:56 . 2010-08-18 05:56 399360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\0f47c4c6d3a1496e32c9f31384fbc329\System.Xml.Linq.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\70764208219715962d310336b5959dfa\System.Web.RegularExpressions.ni.dll
+ 2010-08-17 18:48 . 2010-08-17 18:48 838144 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\0dda2dbeab0ea10f6cbe147ecbfbabe0\System.Web.Extensions.Design.ni.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll
+ 2010-08-17 00:30 . 2010-08-17 00:30 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
+ 2010-08-17 00:31 . 2010-08-17 00:31 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
+ 2010-08-17 00:31 . 2010-08-17 00:31 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\01dc643b54310ebc5ab7e4696df426bc\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3736ba3ecac186f9c5d85f01bda2be98\System.Runtime.Remoting.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 619008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a871ee1ef50213430e3d61f310f38e8d\System.Net.ni.dll
+ 2010-08-17 18:49 . 2010-08-17 18:49 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\643e95098a9ce99a598d3419b5ce157f\System.Messaging.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 997888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 329216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e54c31130e577b825e1cfadd8de50eab\System.Management.Instrumentation.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\bcfccfa22245d2223a764611c61a7cb9\System.IO.Log.ni.dll
+ 2010-08-17 00:39 . 2010-08-17 00:39 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\b519784e031a2400d774586c123d4e83\System.IO.Log.ni.dll
+ 2010-08-17 00:39 . 2010-08-17 00:39 212480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\9ce7b735283bb1213360e5041a05717c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.Wrapper.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\5f5d64dd0e7991aaaad2d98ee52afe42\System.Drawing.Design.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 865280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\df101798cdb1154d0d9ccfcbfdc37eba\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\44de75caba2b9711b3d9030a30767f8b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 134144 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\5307200cf82a08a0b2d6af9c634f98c5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-17 00:30 . 2010-08-17 00:30 970752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
+ 2010-08-17 00:31 . 2010-08-17 00:31 140800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\22a1629a4dcdd493bbd8be40cc122e94\System.Configuration.Install.ni.dll
+ 2010-08-17 18:46 . 2010-08-17 18:46 631296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\8c4e0bb5138c4210e4c69a8c1edb02ec\System.AddIn.ni.dll
+ 2010-08-17 18:48 . 2010-08-17 18:48 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\6e07cc846884a853b910775fcec87ced\sysglobl.ni.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 304640 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\9ab9c86aa85d1f429100095bdcb4f284\SMSvcHost.ni.exe
+ 2010-08-17 05:49 . 2010-08-17 05:49 258560 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\c4956a8c47c197c85bad91b2f6f87e8d\SMDiagnostics.ni.dll
+ 2010-08-17 18:46 . 2010-08-17 18:46 255488 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\2e19ccefc30d7b827bab3f7d8dcc0ab9\SMDiagnostics.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 356864 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\eccdc7e09544bc0906631c29065dc1a4\PresentationFramework.Aero.ni.dll
+ 2010-08-17 00:36 . 2010-08-17 00:36 246784 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5ca1da9728ea82c9b0a07d8cc278686b\PresentationFramework.Royale.ni.dll
+ 2010-08-17 00:36 . 2010-08-17 00:36 217088 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5043d615c05541efa7da79a81b4c5447\PresentationFramework.Classic.ni.dll
+ 2010-08-17 00:36 . 2010-08-17 00:36 519680 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4726d3a2fcf966ffcbb64bc6bbc2a6c9\PresentationFramework.Luna.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eb909a705a3d8d915a6e34e047ba6643\MSBuild.ni.exe
+ 2010-08-17 05:51 . 2010-08-17 05:51 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\539e297cc9bc67fbf2fbdc9dc5fcd0f1\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 361472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\506b6ed145861d30a84f8b7a196e55e6\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-17 05:51 . 2010-08-17 05:51 172032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\8fd3fe3db9f33799dcd1be8c1c47c234\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-17 05:51 . 2010-08-17 05:51 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\43dceeb2d0601d79af40752fb20283c2\Microsoft.Build.Utilities.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 838656 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\daf5ff5e06c80eefa80c6fcc79aec963\Microsoft.Build.Engine.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 222208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\adda00e46f42fe8fd8f5065aedfb9356\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 406528 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\8e0869b3c92fa4b33344c4b5a3ca1aa5\ComSvcConfig.ni.exe
+ 2010-08-17 00:39 . 2010-08-17 00:39 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c7ffd8c23e8de4018a88185b3b60631e\AspNetMMCExt.ni.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2009-11-06 06:46 . 2009-11-06 06:46 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2009-11-06 06:46 . 2009-11-06 06:46 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-11-06 06:46 . 2009-11-06 06:46 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-11-20 06:06 . 2009-11-20 06:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-08-16 04:29 . 2010-08-16 04:29 111624 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2009-07-21 07:03 . 2009-07-21 07:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2008-09-30 23:42 . 2008-09-30 23:42 1286152 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2006-10-15 04:22 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
+ 2003-07-16 20:52 . 2010-04-06 11:52 2462720 c:\windows\system32\WMVCore.dll
- 2003-07-16 20:49 . 2010-01-05 10:00 1168384 c:\windows\system32\urlmon.dll
+ 2003-07-16 20:49 . 2010-06-24 12:15 1168384 c:\windows\system32\urlmon.dll
+ 2009-03-05 05:26 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-03-05 05:26 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-03-05 05:26 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-03-05 05:26 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2006-10-15 04:22 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2003-07-16 20:44 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
- 2003-07-16 20:42 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll
+ 2003-07-16 20:42 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2003-07-16 20:39 . 2010-04-28 02:25 2189952 c:\windows\system32\ntoskrnl.exe
+ 2002-08-29 01:04 . 2010-04-27 13:05 2066816 c:\windows\system32\ntkrnlpa.exe
+ 2009-07-21 07:05 . 2009-07-21 07:05 1348432 c:\windows\system32\msxml4.dll
+ 2003-07-16 20:35 . 2010-06-24 12:15 3600896 c:\windows\system32\mshtml.dll
- 2007-08-14 02:54 . 2010-01-05 10:00 6067200 c:\windows\system32\ieframe.dll
+ 2007-08-14 02:54 . 2010-06-24 12:15 6067200 c:\windows\system32\ieframe.dll
+ 2006-10-15 04:22 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2008-11-08 02:32 . 2010-04-06 11:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2009-02-15 00:02 . 2010-06-23 13:44 1851904 c:\windows\system32\dllcache\win32k.sys
- 2009-02-15 00:03 . 2010-01-05 10:00 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2009-02-15 00:03 . 2010-06-24 12:15 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2008-05-07 05:12 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
- 2008-05-07 05:12 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2009-02-15 00:02 . 2010-04-28 02:25 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-02-15 00:02 . 2010-04-27 13:05 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-15 00:02 . 2010-04-27 13:05 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-15 00:02 . 2010-04-27 13:59 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2006-09-13 05:01 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2006-09-13 05:01 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-09-12 16:57 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-09-12 16:57 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2009-02-15 00:03 . 2010-06-24 12:15 3600896 c:\windows\system32\dllcache\mshtml.dll
- 2010-03-27 03:52 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2010-03-27 03:52 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2009-02-16 00:48 . 2010-01-05 10:00 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-02-16 00:48 . 2010-06-24 12:15 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-10-24 09:47 . 2007-10-24 09:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5238784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 5815296 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2008-07-30 00:31 . 2008-07-30 00:31 6083072 c:\windows\Installer\96dab.msp
+ 2008-07-30 00:43 . 2008-07-30 00:43 1013248 c:\windows\Installer\96da8.msp
+ 2008-07-30 00:39 . 2008-07-30 00:39 3403264 c:\windows\Installer\96da6.msp
+ 2008-07-30 00:41 . 2008-07-30 00:41 6487040 c:\windows\Installer\96da5.msp
+ 2008-07-30 00:29 . 2008-07-30 00:29 2926080 c:\windows\Installer\96da4.msp
+ 2008-07-30 00:45 . 2008-07-30 00:45 2543616 c:\windows\Installer\96da3.msp
+ 2010-04-23 05:52 . 2010-04-23 05:52 2302976 c:\windows\Installer\484d4.msp
+ 2010-05-19 09:45 . 2010-05-19 09:45 5496832 c:\windows\Installer\484cc.msp
+ 2008-07-30 02:26 . 2008-07-30 02:26 1043456 c:\windows\Installer\43fa61.msp
+ 2008-07-30 03:37 . 2008-07-30 03:37 2679808 c:\windows\Installer\43fa5f.msp
+ 2008-07-30 04:15 . 2008-07-30 04:15 3697664 c:\windows\Installer\43fa5d.msp
+ 2008-07-30 02:34 . 2008-07-30 02:34 1448448 c:\windows\Installer\43fa5c.msp
+ 2008-07-30 03:22 . 2008-07-30 03:22 4137984 c:\windows\Installer\43fa5b.msp
+ 2008-07-30 02:18 . 2008-07-30 02:18 3376640 c:\windows\Installer\43fa5a.msp
+ 2008-07-30 00:45 . 2008-07-30 00:45 2543616 c:\windows\Installer\3999f2.msp
+ 2008-07-30 00:29 . 2008-07-30 00:29 2926080 c:\windows\Installer\3999f1.msp
+ 2008-07-30 00:41 . 2008-07-30 00:41 6487040 c:\windows\Installer\3999f0.msp
+ 2008-07-30 00:39 . 2008-07-30 00:39 3403264 c:\windows\Installer\3999ef.msp
+ 2008-07-30 00:43 . 2008-07-30 00:43 1013248 c:\windows\Installer\3999ed.msp
+ 2008-07-30 00:31 . 2008-07-30 00:31 6083072 c:\windows\Installer\3999ea.msp
+ 2009-10-17 01:07 . 2009-10-17 01:07 6115328 c:\windows\Installer\26e070.msp
+ 2010-07-20 18:41 . 2010-07-20 18:41 3750912 c:\windows\Installer\26e05b.msp
+ 2010-06-28 23:01 . 2010-06-28 23:01 7677952 c:\windows\Installer\26e052.msp
+ 2010-05-25 18:45 . 2010-05-25 18:45 8445440 c:\windows\Installer\26e022.msp
+ 2010-06-12 00:55 . 2010-06-12 00:55 1827328 c:\windows\Installer\26dfff.msp
+ 2010-04-23 05:52 . 2010-04-23 05:52 2302976 c:\windows\Installer\26dfdb.msp
+ 2010-05-03 23:11 . 2010-05-03 23:11 4149760 c:\windows\Installer\26dfd9.msp
+ 2010-05-19 09:45 . 2010-05-19 09:45 5496832 c:\windows\Installer\26dfbe.msp
+ 2010-06-29 05:53 . 2010-06-29 05:53 6819840 c:\windows\Installer\26dfbc.msp
+ 2010-07-27 00:02 . 2010-07-27 00:02 5519360 c:\windows\Installer\14c03d.msp
+ 2010-04-25 00:10 . 2010-04-25 00:10 8486400 c:\windows\Installer\14c028.msp
+ 2010-07-11 03:14 . 2010-07-11 03:14 2850816 c:\windows\Installer\14c020.msp
+ 2010-05-03 23:06 . 2010-05-03 23:06 5053952 c:\windows\Installer\14c00b.msp
+ 2010-03-30 19:34 . 2010-03-30 19:34 3826688 c:\windows\Installer\14bff6.msp
+ 2007-05-10 20:43 . 2007-05-10 20:43 6688096 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSACCESS.EXE
+ 2007-04-30 21:57 . 2007-04-30 21:57 7084384 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\INFOPATH.EXE
+ 2010-08-16 05:26 . 2010-01-05 10:00 1168384 c:\windows\ie7updates\KB2183461-IE7\urlmon.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 3599360 c:\windows\ie7updates\KB2183461-IE7\mshtml.dll
+ 2010-08-16 05:26 . 2010-01-05 10:00 6067200 c:\windows\ie7updates\KB2183461-IE7\ieframe.dll
+ 2009-02-15 00:02 . 2010-04-28 02:25 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-02-15 00:02 . 2010-04-27 13:05 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-15 00:02 . 2010-04-27 13:05 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-15 00:02 . 2010-04-27 13:59 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-08-16 05:11 . 2010-08-16 05:11 2068480 c:\windows\assembly\tmp\U39FLRX3\System.XML.dll
+ 2010-08-16 23:27 . 2010-08-16 23:27 3036160 c:\windows\assembly\tmp\6EKQW28E\System.Data.dll
+ 2010-08-16 05:00 . 2010-08-16 05:00 5070848 c:\windows\assembly\tmp\3CIOU06C\System.Design.dll
+ 2010-08-17 00:32 . 2010-08-17 00:32 3158528 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\040295c8d0468ccc867cf88705aa00dc\WindowsBase.ni.dll
+ 2010-08-18 05:57 . 2010-08-18 05:57 1043456 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\410599a107d44721506e0a85f8897e42\UIAutomationClientsideProviders.ni.dll
+ 2010-08-17 00:29 . 2010-08-17 00:29 7867392 c:\windows\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
+ 2010-08-17 00:30 . 2010-08-17 00:30 5449728 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
+ 2010-08-18 05:56 . 2010-08-18 05:56 1338880 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\7a1f501b7a79683b22febf31931607ad\System.WorkflowServices.ni.dll
+ 2010-08-17 18:49 . 2010-08-17 18:49 1897984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f6bb11c9b952152fb0887b38fdcec034\System.Workflow.Runtime.ni.dll
+ 2010-08-17 18:49 . 2010-08-17 18:49 4423680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\89f99c99dfbf243005b8dd36843f595a\System.Workflow.ComponentModel.ni.dll
+ 2010-08-17 18:49 . 2010-08-17 18:49 2965504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\8f371da6c59608dcf446cf4082412f4f\System.Workflow.Activities.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 1840128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll
+ 2010-08-17 18:49 . 2010-08-17 18:49 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\e5995a34d44ad5af7d9f335075bded4d\System.Web.Mobile.ni.dll
+ 2010-08-17 18:48 . 2010-08-17 18:48 2320384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\9e0ffb8477366b44c05477f204334f02\System.Web.Extensions.ni.dll
+ 2010-08-17 18:48 . 2010-08-17 18:48 1912832 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2e7a6c977ac9f8d46ebe2982697a0c8d\System.Speech.ni.dll
+ 2010-08-17 18:48 . 2010-08-17 18:48 1387520 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\806937ddcfd3ca2d817093d1fbf8a1d1\System.ServiceModel.Web.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bb748f8ef8c98eb5c7f79b8faee95397\System.Runtime.Serialization.ni.dll
+ 2010-08-17 00:39 . 2010-08-17 00:39 2278912 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\5db84ee52234ef81167990a410a2442c\System.Runtime.Serialization.ni.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 1011712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\c36d27705bfcb46f7f77586df6eee142\System.Printing.ni.dll
+ 2010-08-17 00:39 . 2010-08-17 00:39 1037824 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\dcdd557d35bb47efe5cf238d094807b4\System.IdentityModel.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\94b2ca600c860c76e387f8bd317bd4c3\System.IdentityModel.ni.dll
+ 2010-08-17 00:31 . 2010-08-17 00:31 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6bcc481030a56c24d5990d199812c594\System.DirectoryServices.ni.dll
+ 2010-08-17 00:31 . 2010-08-17 00:31 1800704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\df1efcbac5973454c608890f72eb994d\System.Deployment.ni.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 6614016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll
+ 2010-08-17 00:31 . 2010-08-17 00:31 2508800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0ec1b690c5ee057fa92ecff78de1457c\System.Data.SqlXml.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\57f7cf02ea17b36bc3d9c75c22d0f551\System.Data.OracleClient.ni.dll
+ 2010-08-17 00:37 . 2010-08-17 00:37 2432512 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c61f94f749307f89e2d4a45eb1112911\System.Data.Linq.ni.dll
+ 2010-08-17 00:37 . 2010-08-17 00:37 2195968 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\4480a2db1b1be65b89924b6181f8be45\System.Core.ni.dll
+ 2010-08-17 00:34 . 2010-08-17 00:34 2148864 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\79f48cd6d4f715b1a611eb0325db862d\ReachFramework.ni.dll
+ 2010-08-17 00:33 . 2010-08-17 00:33 1699840 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\45a781377984f967ec581f0318bda570\PresentationUI.ni.dll
+ 2010-08-17 05:51 . 2010-08-17 05:51 1497088 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\eb6658b7434e43c2151f67bdb908e077\PresentationBuildTasks.ni.dll
+ 2010-08-17 05:51 . 2010-08-17 05:51 1711104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 1094144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c297b00b3579be653d8772e6fe09d445\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-17 05:51 . 2010-08-17 05:51 1092608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\21bb6244c91b6207fbcb038884a641ef\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-17 18:47 . 2010-08-17 18:47 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\7d61e63dea85f4f77ea4c13df7651ec7\Microsoft.JScript.ni.dll
+ 2010-08-17 05:51 . 2010-08-17 05:51 1880064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\ec0912b0bbe76c20b3b7b58bf70c10fc\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 1620480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\152cf75db013f0523933ac45177b4217\Microsoft.Build.Tasks.ni.dll
+ 2010-08-17 05:50 . 2010-08-17 05:50 1834496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a1f1247462dd23f24933d4fc527b1c99\Microsoft.Build.Engine.ni.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-08-17 00:24 . 2010-08-17 00:24 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-08-17 00:14 . 2010-08-17 00:14 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-17 00:15 . 2010-08-17 00:15 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-02-14 07:00 . 2010-08-03 18:09 35962312 c:\windows\system32\MRT.exe
+ 2010-05-11 18:30 . 2010-05-11 18:30 11194880 c:\windows\Installer\26e02b.msp
+ 2010-04-25 00:09 . 2010-04-25 00:09 11750912 c:\windows\Installer\26e008.msp
+ 2010-06-12 00:52 . 2010-06-12 00:52 45542912 c:\windows\Installer\26e000.msp
+ 2009-04-04 01:46 . 2009-04-04 01:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\MSO.DLL
+ 2010-08-17 00:31 . 2010-08-17 00:31 12428800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 11791360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
+ 2010-08-17 05:49 . 2010-08-17 05:49 17061376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\61173eec316737dd04261a2f33747355\System.ServiceModel.ni.dll
+ 2010-08-17 18:48 . 2010-08-17 18:48 17313792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\0e28705feabeb7696829cd49fa1cf066\System.ServiceModel.ni.dll
+ 2010-08-17 00:35 . 2010-08-17 00:35 10681344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\204db7071fb26343b0fd3f3d140c0bf8\System.Design.ni.dll
+ 2010-08-17 00:33 . 2010-08-17 00:33 14165504 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbc502adeb31e41a14ee3c966e32049e\PresentationFramework.ni.dll
+ 2010-08-17 00:32 . 2010-08-17 00:32 12019712 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\1614b0890537ea85f7146871f16ff566\PresentationCore.ni.dll
+ 2010-08-17 00:27 . 2010-08-17 00:27 11485184 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-22 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-22 126976]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"PSMAntiKeyLogger"="c:\program files\PSMKorea\AntiKeyLogger\PSMAntiSpy.exe" [2004-10-01 726016]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2010-05-31 323976]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-2-14 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideFastUserSwitching"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SBC Self Support Tool.lnk]
backup=c:\windows\pss\SBC Self Support Tool.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2003-07-16 20:22 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 05:31 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2005-08-24 15:51 442455 ----a-w- c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2003-07-16 20:22 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mumservice]
2010-05-12 21:43 1066304 ----a-w- c:\program files\Motorola\Software Update\mumservice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE2 Reminder]
2003-03-07 18:18 729088 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 20:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2003-07-16 20:23 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2003-07-16 20:23 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
2009-03-19 15:55 460216 ----a-w- c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 18:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ASKService"=2 (0x2)
"WZCSVC"=2 (0x2)
"Schedule"=2 (0x2)
"UPS"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"wuauserv"=2 (0x2)
"EventSystem"=3 (0x3)
"COMSysApp"=3 (0x3)
"TrkWks"=2 (0x2)
"MSDTC"=3 (0x3)
"helpsvc"=2 (0x2)
"CiSvc"=3 (0x3)
"mnmsrvc"=3 (0x3)
"SysmonLog"=3 (0x3)
"RSVP"=3 (0x3)
"RDSessMgr"=3 (0x3)
"SCardSvr"=3 (0x3)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"SENS"=2 (0x2)
"upnphost"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Pidgin\\pidgin.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\AV-CLS\\WGET.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57173:TCP"= 57173:TCP:Pando Media Booster
"57173:UDP"= 57173:UDP:Pando Media Booster
"57640:TCP"= 57640:TCP:Pando Media Booster
"57640:UDP"= 57640:UDP:Pando Media Booster

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/25/2009 10:55 PM 165456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4/27/2010 5:30 PM 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/25/2009 10:55 PM 17744]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/14/2009 12:40 AM 304464]
R2 PSMAntiSpy;PSMAntiSpy;c:\progra~1\PSMKorea\ANTIKE~1\PSMAntiS.exe [8/6/2010 12:56 PM 478720]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [8/9/2010 7:18 PM 115312]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2/14/2009 12:40 AM 20952]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [7/19/2010 7:34 PM 91456]
S3 aswArKrn;aswArKrn;\??\c:\docume~1\Student\LOCALS~1\Temp\aswArKrn.sys --> c:\docume~1\Student\LOCALS~1\Temp\aswArKrn.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [7/19/2010 7:35 PM 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [7/19/2010 7:35 PM 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [7/19/2010 7:35 PM 42752]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [7/19/2010 7:35 PM 23936]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys --> c:\windows\system32\DRIVERS\TMPassthru.sys [?]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-31 19:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(524)
c:\progra~1\PSMKorea\ANTIKE~1\PSMAntiK.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'lsass.exe'(580)
c:\progra~1\PSMKorea\ANTIKE~1\PSMAntiK.dll

- - - - - - - > 'explorer.exe'(3192)
c:\windows\system32\WININET.dll
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll

- - - - - - - > 'csrss.exe'(500)
c:\progra~1\PSMKorea\ANTIKE~1\PSMAntiK.dll
.
Completion time: 2010-08-31 19:53:44
ComboFix-quarantined-files.txt 2010-09-01 02:53
ComboFix2.txt 2010-08-12 17:59
ComboFix3.txt 2010-08-11 03:17
ComboFix4.txt 2010-03-10 06:29

Pre-Run: 26,956,472,320 bytes free
Post-Run: 26,962,563,072 bytes free

- - End Of File - - E752F2AD7A60BBDEEFE01E8A6363EB04

Edited by vom53, 31 August 2010 - 10:15 PM.


#8 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:12:06 AM

Posted 31 August 2010 - 10:22 PM

Hi there,

This isn't a Dell computer, or it doesn't have a recovery partition on it at all correct?

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#9 vom53

vom53
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 31 August 2010 - 10:46 PM

This is a Dell computer and does have the recovery console.
It does not a recovery partition.

It just been that Combofix is used for a couple of years now.

Edited by vom53, 31 August 2010 - 10:48 PM.


#10 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:12:06 AM

Posted 31 August 2010 - 11:18 PM

Do you have the recovery partition on your computer though? Unless you have done complete reformats in the past, then you probably still have it.

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#11 vom53

vom53
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 31 August 2010 - 11:32 PM

In 2005, Dell did not issue it in this computer model.

#12 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:12:06 AM

Posted 01 September 2010 - 12:21 AM

Hi there,

Okay, we'll try fixing the MBR then. You're only running a single operating system, right?


Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#13 vom53

vom53
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 01 September 2010 - 09:30 AM

You are correct, sir.

#14 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:12:06 AM

Posted 01 September 2010 - 11:51 AM

Hi there,

Alright, we can try fixing the MBR then.

We need to use the Recovery Console. Please print or make a copy of the next steps so you will not make any mistakes.
  • Please restart your computer.
  • During restart, you will see an option on which operating system to use.
  • Please use arrow key and choose Microsoft Windows Recovery Console and hit enter.
  • The Recovery Console will start and ask you which Windows installation you would like to log onto.
    Note: If you have multiple Windows installations, it will list each one, and you would enter the number associated with the installation you would like to work on and press enter. If you have just one Windows installation, type 1 and press enter.
  • It will then prompt you for the Administrator's password. If there is no password, simply press enter.
  • You will now be presented with a C:\Windows> prompt
  • Please type the bolded text below and hit enter key:
    fixmbr
  • type exit to exit the command prompt and restart your computer normally.

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#15 vom53

vom53
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Location:East Coast
  • Local time:09:06 PM

Posted 01 September 2010 - 11:58 AM

I have done that countless times and (scan with MBAM, AVAST, Housecall. SuperAntiSpyware afterward), and GMER still show up with the same problem in sector 61.

fixmbr doesn't resolve the problem.

Edited by vom53, 01 September 2010 - 12:03 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users