Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

problema rootkit

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

problema rootkit

Messaggioda Lovescream » mar nov 03, 2009 6:03 pm

Salve a tutti!
Stavolta vi chiedo aiuto per un problema di sicurezza riguardante i rootkit. Dato che il pc da un po' si comportava in modo anomalo (per esempio al posto dei suoni di windows si sentivano solamente dei fischi poco attraenti [sh] ) ho deciso di fare una scansione col mio antivirus nod32 che ha trovato 4 minacce.
Non essendo riuscita ad eliminarne due ho tentato di utilizzare combofix (l'avevo già usato una volta per un problema di virus), di cui vi allego il log spezzato in due parti in quanto troppo lungo per essere contenuto dal messaggio:

ComboFix 09-11-02.02 - Client 03/11/2009 15.10.33.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.1022.545 [GMT 1:00]
Eseguito da: c:\documents and settings\Client\Desktop\baye.exe
AV: Sistema Antivirus NOD32 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Creato nuovo punto di ripristino
* Resident AV is active


ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2009-10-03 al 2009-11-03 )))))))))))))))))))))))))))))))))))
.

Nessun nuovo file creato in questo arco di tempo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-30 17:00 . 2008-01-22 16:50 247128 ----a-w- c:\documents and settings\Client\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-10-25 17:58 . 2006-03-02 12:00 85330 ----a-w- c:\windows\system32\perfc010.dat
2009-10-25 17:58 . 2006-03-02 12:00 492504 ----a-w- c:\windows\system32\perfh010.dat
2009-10-15 08:46 . 2009-07-10 16:20 -------- d-----w- c:\programmi\SUPERAntiSpyware
2009-09-16 05:30 . 2008-01-22 18:53 -------- d-----w- c:\programmi\MSN Messenger
2009-09-16 05:30 . 2009-09-16 05:30 -------- d-----w- c:\programmi\Microsoft
2009-09-16 05:29 . 2008-01-23 11:26 -------- d-----w- c:\programmi\Windows Live
2009-09-16 05:29 . 2009-09-16 05:29 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-09-16 05:25 . 2009-09-16 05:25 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-09-11 14:34 . 2006-03-02 12:00 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:14 . 2006-03-02 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-06 18:24 . 2008-01-22 16:41 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2008-01-22 16:41 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2008-01-22 16:41 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2007-07-30 18:19 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2008-01-22 16:41 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2006-03-02 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2008-01-22 16:41 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2009-09-17 05:48 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 18:23 . 2009-09-17 05:48 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2008-01-22 16:41 1929952 ----a-w- c:\windows\system32\wuaueng.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-11_12.58.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-03-02 12:00 . 2009-06-25 08:44 59392 c:\windows\system32\wdigest.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 50176 c:\windows\system32\utilman.exe
+ 2006-03-02 12:00 . 2006-10-04 13:32 50176 c:\windows\system32\utilman.exe
+ 2006-03-02 12:00 . 2006-10-04 13:33 36352 c:\windows\system32\umandlg.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 36352 c:\windows\system32\umandlg.dll
+ 2007-11-13 11:31 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2006-03-02 12:00 . 2009-06-15 11:32 78336 c:\windows\system32\telnet.exe
+ 2009-08-16 06:51 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2009-10-30 17:00 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-30 17:00 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2009-07-26 14:44 . 2009-07-26 14:44 48448 c:\windows\system32\sirenacm.dll
+ 2006-03-02 12:00 . 2009-06-25 08:44 56320 c:\windows\system32\secur32.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2006-03-02 12:00 . 2009-10-25 17:58 72238 c:\windows\system32\perfc009.dat
- 2006-03-02 12:00 . 2006-03-02 12:00 54784 c:\windows\system32\narrator.exe
+ 2006-03-02 12:00 . 2006-10-04 13:32 54784 c:\windows\system32\narrator.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 15360 c:\windows\system32\mui\0409\mscorees.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2007-05-08 15:08 . 2007-05-08 15:08 86728 c:\windows\system32\msxml6r.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 83968 c:\windows\system32\mscories.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 73216 c:\windows\system32\magnify.exe
+ 2006-03-02 12:00 . 2006-10-04 13:32 73216 c:\windows\system32\magnify.exe
+ 2008-07-29 17:24 . 2008-07-29 17:24 97800 c:\windows\system32\infocardapi.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 11264 c:\windows\system32\icardres.dll
+ 2006-03-02 12:00 . 2009-06-16 14:53 82432 c:\windows\system32\fontsub.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 73720 c:\windows\system32\dxva2.dll
+ 2006-03-02 12:00 . 2009-06-22 11:34 92544 c:\windows\system32\drivers\ksecdd.sys
+ 2008-01-22 16:41 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-01-22 16:41 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2006-03-02 12:00 . 2009-06-25 08:44 59392 c:\windows\system32\dllcache\wdigest.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 50176 c:\windows\system32\dllcache\utilman.exe
+ 2006-03-02 12:00 . 2006-10-04 13:32 50176 c:\windows\system32\dllcache\utilman.exe
- 2006-03-02 12:00 . 2006-03-02 12:00 36352 c:\windows\system32\dllcache\umandlg.dll
+ 2006-03-02 12:00 . 2006-10-04 13:33 36352 c:\windows\system32\dllcache\umandlg.dll
+ 2006-03-02 12:00 . 2009-06-15 11:32 78336 c:\windows\system32\dllcache\telnet.exe
+ 2006-03-02 12:00 . 2009-06-25 08:44 56320 c:\windows\system32\dllcache\secur32.dll
+ 2006-03-02 12:00 . 2006-10-04 13:32 54784 c:\windows\system32\dllcache\narrator.exe
- 2006-03-02 12:00 . 2006-03-02 12:00 54784 c:\windows\system32\dllcache\narrator.exe
+ 2006-03-02 12:00 . 2009-09-04 20:45 58880 c:\windows\system32\dllcache\msasn1.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 73216 c:\windows\system32\dllcache\magnify.exe
+ 2006-03-02 12:00 . 2006-10-04 13:32 73216 c:\windows\system32\dllcache\magnify.exe
+ 2006-03-02 12:00 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2006-03-02 12:00 . 2009-06-16 14:53 82432 c:\windows\system32\dllcache\fontsub.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2006-03-02 12:00 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2009-07-11 12:58 . 2008-10-16 13:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-07-11 12:58 . 2006-03-02 12:00 82944 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-07-11 12:58 . 2006-03-02 12:00 25088 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-07-11 12:58 . 2006-03-02 12:00 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-07-11 12:58 . 2005-06-10 23:53 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-07-11 12:58 . 2006-03-02 12:00 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-07-11 12:58 . 2006-03-02 12:00 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-07-11 12:58 . 2006-03-02 12:00 25088 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-07-11 12:58 . 2006-03-02 12:00 29056 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-07-11 12:58 . 2006-03-02 12:00 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2006-03-02 12:00 . 2009-06-10 14:23 85504 c:\windows\system32\dllcache\avifil32.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2006-03-02 12:00 . 2009-07-17 18:56 58880 c:\windows\system32\dllcache\atl.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 58880 c:\windows\system32\dllcache\atl.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 96760 c:\windows\system32\dfshim.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 96760 c:\windows\system32\dfshim.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 85504 c:\windows\system32\avifil32.dll
+ 2006-03-02 12:00 . 2009-06-10 14:23 85504 c:\windows\system32\avifil32.dll
- 2006-03-02 12:00 . 2006-03-02 12:00 58880 c:\windows\system32\atl.dll
+ 2006-03-02 12:00 . 2009-07-17 18:56 58880 c:\windows\system32\atl.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 17:32 . 2008-07-29 17:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-10-23 23:47 . 2007-10-23 23:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-29 19:07 . 2008-07-29 19:07 23040 c:\windows\Installer\7a70c.msp
+ 2009-09-16 05:29 . 2009-09-16 05:29 27136 c:\windows\Installer\76306.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 83456 c:\windows\Installer\762e8.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 59904 c:\windows\Installer\762e2.msi
+ 2009-08-16 06:50 . 2009-08-16 06:50 88576 c:\windows\Installer\36668.msi
+ 2009-09-16 05:30 . 2009-09-16 05:30 80395 c:\windows\Installer\{E0ABA486-A39B-4B96-BD80-757396151079}\MsblIco.Exe
- 2008-01-22 18:25 . 2008-01-22 18:25 23040 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 23040 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 61440 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 61440 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 27136 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 27136 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 11264 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 11264 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 86016 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 86016 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 12288 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 12288 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-09-16 05:29 . 2009-09-16 05:29 62304 c:\windows\Installer\{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}\IconWlc.exe
+ 2009-08-16 06:51 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_3f13018e\System.Drawing.Design.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_350529d6\CustomMarshalers.dll
+ 2009-10-16 16:38 . 2009-10-16 16:38 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2009-10-16 16:35 . 2009-10-16 16:35 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-16 18:28 . 2009-10-16 18:28 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2009-10-16 18:27 . 2009-10-16 18:27 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-08-16 06:52 . 2009-08-16 06:52 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-08-13 11:24 . 2006-03-02 12:00 58880 c:\windows\$NtUninstallKB973507$\atl.dll
+ 2009-08-13 11:24 . 2006-03-02 12:00 85504 c:\windows\$NtUninstallKB971557$\avifil32.dll
+ 2009-08-26 14:22 . 2008-10-22 09:47 62976 c:\windows\$NtUninstallKB970653-v3$\tzchange.exe
+ 2009-08-26 14:22 . 2009-07-16 04:14 14336 c:\windows\$NtUninstallKB970653-v3$\spuninst\tzchange.dll
+ 2009-08-28 10:56 . 2006-03-02 12:00 49152 c:\windows\$NtUninstallKB968389$\wdigest.dll
+ 2009-08-28 10:56 . 2009-02-03 20:08 55808 c:\windows\$NtUninstallKB968389$\secur32.dll
+ 2009-08-28 10:56 . 2006-03-02 12:00 92032 c:\windows\$NtUninstallKB968389$\ksecdd.sys
+ 2009-07-15 18:46 . 2005-10-17 21:20 80896 c:\windows\$NtUninstallKB961371$\fontsub.dll
+ 2009-08-13 11:24 . 2005-05-11 02:29 77824 c:\windows\$NtUninstallKB960859$\telnet.exe
+ 2009-08-17 06:32 . 2006-03-02 12:00 50176 c:\windows\$NtUninstallKB925720$\utilman.exe
+ 2009-08-17 06:32 . 2006-03-02 12:00 36352 c:\windows\$NtUninstallKB925720$\umandlg.dll
+ 2009-08-17 06:32 . 2006-03-02 12:00 54784 c:\windows\$NtUninstallKB925720$\narrator.exe
+ 2009-08-17 06:32 . 2006-03-02 12:00 73216 c:\windows\$NtUninstallKB925720$\magnify.exe
+ 2009-08-13 11:24 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB973869\update\spcustom.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB973869\spmsg.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB973815\update\spcustom.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB973815\spmsg.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB973507\update\spcustom.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB973507\spmsg.dll
+ 2009-07-17 19:25 . 2009-07-17 19:25 58880 c:\windows\$hf_mig$\KB973507\SP3QFE\atl.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\$hf_mig$\KB973507\SP3GDR\atl.dll
+ 2009-07-17 18:44 . 2009-07-17 18:44 58880 c:\windows\$hf_mig$\KB973507\SP2QFE\atl.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB973354\update\spcustom.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB973354\spmsg.dll
+ 2009-07-15 18:49 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB973346\update\spcustom.dll
+ 2009-07-15 18:49 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB973346\spmsg.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB971657\update\spcustom.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB971657\spmsg.dll
+ 2009-07-15 18:48 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB971633\update\spcustom.dll
+ 2009-07-15 18:48 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB971633\spmsg.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB971557\update\spcustom.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB971557\spmsg.dll
+ 2009-06-10 14:02 . 2009-06-10 14:02 85504 c:\windows\$hf_mig$\KB971557\SP3QFE\avifil32.dll
+ 2009-06-10 14:13 . 2009-06-10 14:13 85504 c:\windows\$hf_mig$\KB971557\SP3GDR\avifil32.dll
+ 2009-06-10 14:52 . 2009-06-10 14:52 85504 c:\windows\$hf_mig$\KB971557\SP2QFE\avifil32.dll
+ 2009-08-28 10:56 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB968389\update\spcustom.dll
+ 2009-08-28 10:56 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB968389\spmsg.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 54272 c:\windows\$hf_mig$\KB968389\SP3QFE\wdigest.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 56832 c:\windows\$hf_mig$\KB968389\SP3QFE\secur32.dll
+ 2009-06-24 10:28 . 2009-06-24 10:28 92928 c:\windows\$hf_mig$\KB968389\SP3QFE\ksecdd.sys
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\$hf_mig$\KB968389\SP3GDR\wdigest.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 56832 c:\windows\$hf_mig$\KB968389\SP3GDR\secur32.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\$hf_mig$\KB968389\SP3GDR\ksecdd.sys
+ 2009-06-25 08:17 . 2009-06-25 08:17 59392 c:\windows\$hf_mig$\KB968389\SP2QFE\wdigest.dll
+ 2009-06-25 08:17 . 2009-06-25 08:17 56320 c:\windows\$hf_mig$\KB968389\SP2QFE\secur32.dll
+ 2009-06-22 11:35 . 2009-06-22 11:35 92544 c:\windows\$hf_mig$\KB968389\SP2QFE\ksecdd.sys
+ 2009-09-17 19:40 . 2007-11-30 12:39 26488 c:\windows\$hf_mig$\KB961503\update\spcustom.dll
+ 2009-09-17 19:40 . 2007-11-30 12:39 18808 c:\windows\$hf_mig$\KB961503\spmsg.dll
+ 2009-07-15 18:46 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB961371\update\spcustom.dll
+ 2009-07-15 18:46 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB961371\spmsg.dll
+ 2009-06-16 14:43 . 2009-06-16 14:43 81920 c:\windows\$hf_mig$\KB961371\SP3QFE\fontsub.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\$hf_mig$\KB961371\SP3GDR\fontsub.dll
+ 2009-06-16 14:45 . 2009-06-16 14:45 81920 c:\windows\$hf_mig$\KB961371\SP2QFE\fontsub.dll
+ 2009-08-17 06:33 . 2007-11-30 11:19 26488 c:\windows\$hf_mig$\KB961118\update\spcustom.dll
+ 2009-08-17 06:33 . 2007-11-30 11:19 18808 c:\windows\$hf_mig$\KB961118\spmsg.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB960859\update\spcustom.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB960859\spmsg.dll
+ 2009-06-15 11:13 . 2009-06-15 11:13 82432 c:\windows\$hf_mig$\KB960859\SP3QFE\tlntsess.exe
+ 2009-06-15 11:13 . 2009-06-15 11:13 78336 c:\windows\$hf_mig$\KB960859\SP3QFE\telnet.exe
+ 2009-06-15 10:43 . 2009-06-15 10:43 82432 c:\windows\$hf_mig$\KB960859\SP3GDR\tlntsess.exe
+ 2009-06-15 10:43 . 2009-06-15 10:43 78336 c:\windows\$hf_mig$\KB960859\SP3GDR\telnet.exe
+ 2009-06-15 12:08 . 2009-06-15 12:08 82432 c:\windows\$hf_mig$\KB960859\SP2QFE\tlntsess.exe
+ 2009-06-15 12:08 . 2009-06-15 12:08 78336 c:\windows\$hf_mig$\KB960859\SP2QFE\telnet.exe
+ 2009-08-13 11:23 . 2007-03-06 01:48 22752 c:\windows\$hf_mig$\KB958470\update\spcustom.dll
+ 2009-08-13 10:45 . 2009-06-05 07:42 17408 c:\windows\$hf_mig$\KB958470\update\msrdpcustom.dll
+ 2009-08-13 11:23 . 2007-03-06 01:48 15584 c:\windows\$hf_mig$\KB958470\spmsg.dll
+ 2009-09-10 13:45 . 2008-07-08 13:06 26488 c:\windows\$hf_mig$\KB956844\update\spcustom.dll
+ 2009-09-10 13:45 . 2008-07-08 13:06 18808 c:\windows\$hf_mig$\KB956844\spmsg.dll
+ 2009-08-17 06:32 . 2005-10-12 23:21 22752 c:\windows\$hf_mig$\KB925720\update\spcustom.dll
+ 2009-08-17 06:32 . 2005-10-12 23:21 15584 c:\windows\$hf_mig$\KB925720\spmsg.dll
+ 2006-10-04 14:04 . 2006-10-04 14:04 50176 c:\windows\$hf_mig$\KB925720\SP2QFE\utilman.exe
+ 2006-10-04 14:10 . 2006-10-04 14:10 36352 c:\windows\$hf_mig$\KB925720\SP2QFE\umandlg.dll
+ 2006-10-04 14:04 . 2006-10-04 14:04 54784 c:\windows\$hf_mig$\KB925720\SP2QFE\narrator.exe
+ 2006-10-04 14:04 . 2006-10-04 14:04 73216 c:\windows\$hf_mig$\KB925720\SP2QFE\magnify.exe
- 2008-04-12 09:37 . 2008-04-12 09:37 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2007-10-23 23:47 . 2007-10-23 23:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 4096 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 4096 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-08-16 06:54 . 2009-08-16 06:54 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 19:23 . 2007-11-06 19:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2006-12-01 20:54 . 2006-12-01 20:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 20:54 . 2006-12-01 20:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 20:54 . 2006-12-01 20:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-29 19:26 . 2008-07-29 19:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2009-08-16 06:51 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll
+ 2006-03-02 12:00 . 2009-04-01 21:02 604160 c:\windows\system32\wmspdmod.dll
+ 2006-10-24 10:30 . 2006-10-24 10:30 276992 c:\windows\system32\WMPhoto.dll
+ 2006-03-02 12:00 . 2009-07-13 21:43 286208 c:\windows\system32\wmpdxm.dll
+ 2006-03-02 12:00 . 2009-06-10 06:30 132096 c:\windows\system32\wkssvc.dll
- 2006-03-02 12:00 . 2006-08-17 12:29 132096 c:\windows\system32\wkssvc.dll
+ 2006-10-24 10:29 . 2006-10-24 10:29 352256 c:\windows\system32\WindowsCodecsExt.dll
+ 2006-10-24 10:30 . 2006-10-24 10:30 716288 c:\windows\system32\WindowsCodecs.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2006-03-02 12:00 . 2009-06-16 14:53 119808 c:\windows\system32\t2embed.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2009-08-16 06:51 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2009-08-16 06:51 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-03-02 12:00 . 2009-06-25 08:44 168448 c:\windows\system32\schannel.dll
+ 2006-08-24 14:15 . 2006-08-24 14:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2009-07-14 10:24 . 2007-02-12 19:40 557056 c:\windows\system32\ReinstallBackups\0007\DriverFiles\Netw2c32.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-10-24 10:30 . 2006-10-24 10:30 412160 c:\windows\system32\photometadatahandler.dll
+ 2006-03-02 12:00 . 2009-10-25 17:58 444362 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2006-10-04 13:32 216576 c:\windows\system32\osk.exe
- 2006-03-02 12:00 . 2006-03-02 12:00 216576 c:\windows\system32\osk.exe
+ 2009-07-13 07:10 . 2007-02-12 19:40 557056 c:\windows\system32\Netw2c32.dll
+ 2006-03-02 12:00 . 2009-08-05 09:05 205312 c:\windows\system32\mswebdvd.dll
+ 2008-01-22 16:39 . 2009-06-05 07:42 655872 c:\windows\system32\mstscax.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 158720 c:\windows\system32\mscorier.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 158720 c:\windows\system32\mscorier.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 282112 c:\windows\system32\mscoree.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 282112 c:\windows\system32\mscoree.dll
+ 2006-03-02 12:00 . 2009-06-25 08:44 730112 c:\windows\system32\lsasrv.dll
+ 2006-03-02 12:00 . 2009-06-25 08:44 298496 c:\windows\system32\kerberos.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 622080 c:\windows\system32\icardagt.exe
+ 2008-01-22 17:31 . 2009-10-30 16:58 637944 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-29 19:10 . 2008-07-29 19:10 493048 c:\windows\system32\evr.dll
+ 2009-07-13 07:10 . 2007-02-12 19:40 557056 c:\windows\system32\DRVSTORE\w29n51_AEF466EE116FDF742A02BFF75E6143DB4A91003C\Netw2c32.dll
+ 2009-07-13 07:10 . 2008-06-20 17:32 663552 c:\windows\system32\DRVSTORE\netw5x32_89C90A37830F348FCEEF2A9500D9D51FD91050A9\NETw5c32.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll
+ 2008-01-22 16:41 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2008-01-22 16:41 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2008-01-22 16:41 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2006-03-02 12:00 . 2009-04-01 21:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-03-02 12:00 . 2009-07-13 21:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
- 2006-03-02 12:00 . 2006-08-17 12:29 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2006-03-02 12:00 . 2009-06-10 06:30 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2008-01-22 16:40 . 2009-06-21 22:05 153088 c:\windows\system32\dllcache\triedit.dll
- 2008-01-22 16:40 . 2006-03-02 12:00 153088 c:\windows\system32\dllcache\triedit.dll
+ 2006-03-02 12:00 . 2009-06-16 14:53 119808 c:\windows\system32\dllcache\t2embed.dll
- 2006-03-02 12:00 . 2008-10-03 10:15 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2006-03-02 12:00 . 2009-08-26 08:14 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2006-03-02 12:00 . 2009-06-25 08:44 168448 c:\windows\system32\dllcache\schannel.dll
+ 2009-08-16 06:51 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe
- 2006-03-02 12:00 . 2006-03-02 12:00 216576 c:\windows\system32\dllcache\osk.exe
+ 2006-03-02 12:00 . 2006-10-04 13:32 216576 c:\windows\system32\dllcache\osk.exe
+ 2006-03-02 12:00 . 2009-08-05 09:05 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2006-03-02 12:00 . 2009-09-11 14:34 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2008-01-22 16:39 . 2009-06-05 07:42 655872 c:\windows\system32\dllcache\mstscax.dll
+ 2006-03-02 12:00 . 2009-06-25 08:44 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2006-03-02 12:00 . 2009-06-25 08:44 298496 c:\windows\system32\dllcache\kerberos.dll
+ 2009-07-11 12:58 . 2006-03-02 12:00 504832 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-07-11 12:58 . 2008-08-22 02:08 878592 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-07-11 12:58 . 2007-03-08 15:37 578560 c:\windows\system32\dllcache\cache\user32.dll

+


Il problema è che a quanto pare combofix ha rilevato la presenza di un rootkit "MBR rootkit infection detected ! Use: "mbr.exe -f" to fix." quindi seguendo la vostra guida per l'utilizzo di GMER posterò anche il suo log, sperando che qualcuno possa aiutarmi per sapere cosa e se devo eliminare qualche file etc e se sì in che modo. [:)]
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Lovescream » mar nov 03, 2009 6:06 pm

II parte del log

+ 2009-07-11 12:58 . 2006-03-02 12:00 296960 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-07-11 12:58 . 2008-06-20 10:45 360320 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-07-11 12:58 . 2009-02-09 10:05 111104 c:\windows\system32\dllcache\cache\services.exe
+ 2009-07-11 12:58 . 2006-03-02 12:00 182912 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-07-11 12:58 . 2006-03-02 12:00 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 16:47 . 2008-07-29 16:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 21:15 . 2008-07-29 21:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 21:40 . 2008-07-29 21:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 02:59 . 2008-11-25 02:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 19:56 . 2007-04-13 19:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-12-13 07:58 . 2008-12-13 07:58 754688 c:\windows\Installer\9377b.msp
+ 2009-08-16 06:54 . 2009-08-16 06:54 648192 c:\windows\Installer\93755.msi
+ 2009-03-20 09:48 . 2009-03-20 09:48 183808 c:\windows\Installer\8275fc.msp
+ 2008-07-29 19:23 . 2008-07-29 19:23 250880 c:\windows\Installer\7a715.msp
+ 2008-07-29 19:28 . 2008-07-29 19:28 278016 c:\windows\Installer\7a713.msp
+ 2008-07-29 17:40 . 2008-07-29 17:40 291840 c:\windows\Installer\7a711.msp
+ 2009-08-16 06:52 . 2009-08-16 06:52 137728 c:\windows\Installer\7a70b.msi
+ 2009-09-16 05:30 . 2009-09-16 05:30 430080 c:\windows\Installer\76316.msi
+ 2009-09-16 05:30 . 2009-09-16 05:30 155648 c:\windows\Installer\7630c.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 140288 c:\windows\Installer\76300.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 202752 c:\windows\Installer\762f4.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 152576 c:\windows\Installer\762ee.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 107008 c:\windows\Installer\762dc.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 301056 c:\windows\Installer\762d6.msi
+ 2009-08-17 06:33 . 2009-08-17 06:33 972800 c:\windows\Installer\39aef.msi
+ 2008-07-29 15:35 . 2008-07-29 15:35 553472 c:\windows\Installer\3666d.msp
+ 2008-07-29 15:33 . 2008-07-29 15:33 506368 c:\windows\Installer\3666b.msp
+ 2008-07-29 15:37 . 2008-07-29 15:37 911360 c:\windows\Installer\3666a.msp
+ 2008-01-22 18:25 . 2009-10-16 16:23 409600 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 409600 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 286720 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 286720 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 249856 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 249856 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 794624 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 794624 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 135168 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 135168 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 593920 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 593920 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2003-07-08 18:48 . 2003-07-08 18:48 115288 c:\windows\Installer\$PatchCache$\Managed\0140110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DLL
+ 2009-08-16 06:51 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-05-28 06:02 . 2009-05-28 06:02 439600 c:\windows\Downloaded Program Files\sysreqlab_srlx.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_25d42dc4\System.Drawing.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b4ae3361\System.Drawing.Design.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_15748ca4\CustomMarshalers.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2009-10-16 16:38 . 2009-10-16 16:38 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2009-10-16 16:38 . 2009-10-16 16:38 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2009-10-16 16:38 . 2009-10-16 16:38 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2009-10-16 18:52 . 2009-10-16 18:52 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2009-10-16 18:27 . 2009-10-16 18:27 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2009-10-16 18:27 . 2009-10-16 18:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2009-10-16 18:39 . 2009-10-16 18:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-16 18:39 . 2009-10-16 18:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2009-10-16 18:29 . 2009-10-16 18:29 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2009-10-16 16:36 . 2009-10-16 16:36 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2009-10-16 18:28 . 2009-10-16 18:28 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-16 18:28 . 2009-10-16 18:28 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-16 18:27 . 2009-10-16 18:27 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Lovescream » mar nov 03, 2009 6:09 pm

III parte del log

- 2007-10-23 23:47 . 2007-10-23 23:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 19:56 . 2007-04-13 19:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-12-13 07:58 . 2008-12-13 07:58 754688 c:\windows\Installer\9377b.msp
+ 2009-08-16 06:54 . 2009-08-16 06:54 648192 c:\windows\Installer\93755.msi
+ 2009-03-20 09:48 . 2009-03-20 09:48 183808 c:\windows\Installer\8275fc.msp
+ 2008-07-29 19:23 . 2008-07-29 19:23 250880 c:\windows\Installer\7a715.msp
+ 2008-07-29 19:28 . 2008-07-29 19:28 278016 c:\windows\Installer\7a713.msp
+ 2008-07-29 17:40 . 2008-07-29 17:40 291840 c:\windows\Installer\7a711.msp
+ 2009-08-16 06:52 . 2009-08-16 06:52 137728 c:\windows\Installer\7a70b.msi
+ 2009-09-16 05:30 . 2009-09-16 05:30 430080 c:\windows\Installer\76316.msi
+ 2009-09-16 05:30 . 2009-09-16 05:30 155648 c:\windows\Installer\7630c.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 140288 c:\windows\Installer\76300.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 202752 c:\windows\Installer\762f4.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 152576 c:\windows\Installer\762ee.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 107008 c:\windows\Installer\762dc.msi
+ 2009-09-16 05:29 . 2009-09-16 05:29 301056 c:\windows\Installer\762d6.msi
+ 2009-08-17 06:33 . 2009-08-17 06:33 972800 c:\windows\Installer\39aef.msi
+ 2008-07-29 15:35 . 2008-07-29 15:35 553472 c:\windows\Installer\3666d.msp
+ 2008-07-29 15:33 . 2008-07-29 15:33 506368 c:\windows\Installer\3666b.msp
+ 2008-07-29 15:37 . 2008-07-29 15:37 911360 c:\windows\Installer\3666a.msp
+ 2008-01-22 18:25 . 2009-10-16 16:23 409600 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 409600 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 286720 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 286720 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 249856 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 249856 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 794624 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 794624 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 135168 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 135168 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-01-22 18:25 . 2009-10-16 16:23 593920 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-01-22 18:25 . 2008-01-22 18:25 593920 c:\windows\Installer\{90110410-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2003-07-08 18:48 . 2003-07-08 18:48 115288 c:\windows\Installer\$PatchCache$\Managed\0140110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DLL
+ 2009-08-16 06:51 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-05-28 06:02 . 2009-05-28 06:02 439600 c:\windows\Downloaded Program Files\sysreqlab_srlx.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_25d42dc4\System.Drawing.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b4ae3361\System.Drawing.Design.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_15748ca4\CustomMarshalers.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2009-10-16 16:38 . 2009-10-16 16:38 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2009-10-16 16:38 . 2009-10-16 16:38 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2009-10-16 16:38 . 2009-10-16 16:38 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2009-10-16 18:52 . 2009-10-16 18:52 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2009-10-16 18:27 . 2009-10-16 18:27 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2009-10-16 18:27 . 2009-10-16 18:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2009-10-16 18:39 . 2009-10-16 18:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-16 18:39 . 2009-10-16 18:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2009-10-16 18:29 . 2009-10-16 18:29 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2009-10-16 16:36 . 2009-10-16 16:36 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2009-10-16 18:28 . 2009-10-16 18:28 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-16 18:28 . 2009-10-16 18:28 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-16 18:27 . 2009-10-16 18:27 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-08-16 06:53 . 2009-08-16 06:53 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-04-12 09:37 . 2008-04-12 09:37 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-04-12 09:38 . 2008-04-12 09:38 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2009-08-16 06:47 . 2006-10-16 14:10 379184 c:\windows\$NtUninstallWIC$\spuninst\updspapi.dll
+ 2009-08-16 06:47 . 2006-10-16 14:10 221488 c:\windows\$NtUninstallWIC$\spuninst\spuninst.exe
+ 2009-08-13 11:24 . 2008-07-08 13:06 402296 c:\windows\$NtUninstallKB973869$\spuninst\updspapi.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe
+ 2009-08-13 11:23 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB973815$\spuninst\updspapi.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe
+ 2009-08-13 11:23 . 2006-03-02 12:00 204800 c:\windows\$NtUninstallKB973815$\mswebdvd.dll
+ 2009-08-13 11:24 . 2006-10-18 20:47 314880 c:\windows\$NtUninstallKB973540_WM9L$\wmpdxm.dll
+ 2009-08-13 11:24 . 2007-07-27 08:41 382840 c:\windows\$NtUninstallKB973540_WM9L$\spuninst\updspapi.dll
+ 2009-08-13 11:24 . 2007-07-27 06:35 233848 c:\windows\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB973507$\spuninst\updspapi.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe
+ 2009-08-13 11:23 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB973354$\spuninst\updspapi.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe
+ 2009-07-15 18:49 . 2008-07-08 13:06 402296 c:\windows\$NtUninstallKB973346$\spuninst\updspapi.dll
+ 2009-07-15 18:49 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB973346$\spuninst\spuninst.exe
+ 2009-08-13 11:24 . 2006-08-17 12:29 132096 c:\windows\$NtUninstallKB971657$\wkssvc.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB971657$\spuninst\updspapi.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe
+ 2009-07-15 18:48 . 2008-07-09 07:42 402296 c:\windows\$NtUninstallKB971633$\spuninst\updspapi.dll
+ 2009-07-15 18:48 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB971557$\spuninst\updspapi.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe
+ 2009-08-26 14:22 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB970653-v3$\spuninst\updspapi.dll
+ 2009-08-26 14:22 . 2009-05-26 11:41 233848 c:\windows\$NtUninstallKB970653-v3$\spuninst\spuninst.exe
+ 2009-09-10 13:43 . 2007-07-27 08:41 382840 c:\windows\$NtUninstallKB968816_WM9$\spuninst\updspapi.dll
+ 2009-09-10 13:43 . 2007-07-27 06:35 233848 c:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe
+ 2009-08-28 10:56 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB968389$\spuninst\updspapi.dll
+ 2009-08-28 10:56 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe
+ 2009-08-28 10:56 . 2008-12-05 07:12 144896 c:\windows\$NtUninstallKB968389$\schannel.dll
+ 2009-08-28 10:56 . 2006-03-02 12:00 129536 c:\windows\$NtUninstallKB968389$\msv1_0.dll
+ 2009-08-28 10:56 . 2009-02-09 10:19 729088 c:\windows\$NtUninstallKB968389$\lsasrv.dll
+ 2009-08-28 10:56 . 2005-06-15 17:50 295936 c:\windows\$NtUninstallKB968389$\kerberos.dll
+ 2009-09-17 19:40 . 2007-11-30 12:39 402296 c:\windows\$NtUninstallKB961503$\spuninst\updspapi.dll
+ 2009-09-17 19:40 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB961503$\spuninst\spuninst.exe
+ 2009-07-15 18:46 . 2005-10-17 21:20 118272 c:\windows\$NtUninstallKB961371$\t2embed.dll
+ 2009-07-15 18:46 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB961371$\spuninst\updspapi.dll
+ 2009-07-15 18:46 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB961371$\spuninst\spuninst.exe
+ 2009-08-17 06:33 . 2007-11-30 11:19 402296 c:\windows\$NtUninstallKB961118$\spuninst\updspapi.dll
+ 2009-08-17 06:33 . 2007-11-30 11:19 233848 c:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$NtUninstallKB960859$\spuninst\updspapi.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe
+ 2009-08-13 11:23 . 2007-03-06 01:49 390880 c:\windows\$NtUninstallKB958470$\spuninst\updspapi.dll
+ 2009-08-13 11:23 . 2007-03-06 01:48 215776 c:\windows\$NtUninstallKB958470$\spuninst\spuninst.exe
+ 2009-08-13 11:23 . 2006-03-02 12:00 655360 c:\windows\$NtUninstallKB958470$\mstscax.dll
+ 2009-09-10 13:45 . 2006-03-02 12:00 153088 c:\windows\$NtUninstallKB956844$\triedit.dll
+ 2009-09-10 13:45 . 2008-07-08 13:06 402296 c:\windows\$NtUninstallKB956844$\spuninst\updspapi.dll
+ 2009-09-10 13:45 . 2008-07-08 13:06 233848 c:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe
+ 2009-08-17 06:32 . 2005-10-12 23:21 390880 c:\windows\$NtUninstallKB925720$\spuninst\updspapi.dll
+ 2009-08-17 06:32 . 2005-10-12 23:21 215776 c:\windows\$NtUninstallKB925720$\spuninst\spuninst.exe
+ 2009-08-17 06:32 . 2006-03-02 12:00 216576 c:\windows\$NtUninstallKB925720$\osk.exe
+ 2009-08-13 11:24 . 2008-07-08 13:06 402296 c:\windows\$hf_mig$\KB973869\update\updspapi.dll
+ 2009-08-13 11:24 . 2008-07-08 13:06 763768 c:\windows\$hf_mig$\KB973869\update\update.exe
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB973869\spuninst.exe
+ 2009-08-13 11:23 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB973815\update\updspapi.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB973815\update\update.exe
+ 2009-08-13 11:23 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB973815\spuninst.exe
+ 2009-08-05 08:53 . 2009-08-05 08:53 205312 c:\windows\$hf_mig$\KB973815\SP3QFE\mswebdvd.dll
+ 2009-08-05 08:59 . 2009-08-05 08:59 205312 c:\windows\$hf_mig$\KB973815\SP3GDR\mswebdvd.dll
+ 2009-08-05 08:46 . 2009-08-05 08:46 205312 c:\windows\$hf_mig$\KB973815\SP2QFE\mswebdvd.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB973507\update\updspapi.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB973507\update\update.exe
+ 2009-08-13 11:24 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB973507\spuninst.exe
+ 2009-08-13 11:23 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB973354\update\updspapi.dll
+ 2009-08-13 11:23 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB973354\update\update.exe
+ 2009-08-13 11:23 . 2009-05-26 11:41 233848 c:\windows\$hf_mig$\KB973354\spuninst.exe
+ 2009-07-15 18:49 . 2008-07-08 13:06 402296 c:\windows\$hf_mig$\KB973346\update\updspapi.dll
+ 2009-07-15 18:49 . 2008-07-08 13:06 763768 c:\windows\$hf_mig$\KB973346\update\update.exe
+ 2009-07-15 18:49 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB973346\spuninst.exe
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB971657\spuninst.exe
+ 2009-06-10 06:17 . 2009-06-10 06:17 134144 c:\windows\$hf_mig$\KB971657\SP3QFE\wkssvc.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\$hf_mig$\KB971657\SP3GDR\wkssvc.dll
+ 2009-06-10 06:26 . 2009-06-10 06:26 134144 c:\windows\$hf_mig$\KB971657\SP2QFE\wkssvc.dll
+ 2009-07-15 18:48 . 2008-07-09 07:42 402296 c:\windows\$hf_mig$\KB971633\update\updspapi.dll
+ 2009-07-15 18:48 . 2008-07-09 07:42 763768 c:\windows\$hf_mig$\KB971633\update\update.exe
+ 2009-07-15 18:48 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB971633\spuninst.exe
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB971557\update\updspapi.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB971557\update\update.exe
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB971557\spuninst.exe
+ 2009-08-28 10:56 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
+ 2009-08-28 10:56 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB968389\update\update.exe
+ 2009-08-28 10:56 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB968389\spuninst.exe
+ 2009-06-25 08:41 . 2009-06-25 08:41 147456 c:\windows\$hf_mig$\KB968389\SP3QFE\schannel.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 136704 c:\windows\$hf_mig$\KB968389\SP3QFE\msv1_0.dll
+ 2009-06-26 09:41 . 2009-06-26 09:41 735744 c:\windows\$hf_mig$\KB968389\SP3QFE\lsasrv.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 301568 c:\windows\$hf_mig$\KB968389\SP3QFE\kerberos.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 147456 c:\windows\$hf_mig$\KB968389\SP3GDR\schannel.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\$hf_mig$\KB968389\SP3GDR\msv1_0.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 735744 c:\windows\$hf_mig$\KB968389\SP3GDR\lsasrv.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\$hf_mig$\KB968389\SP3GDR\kerberos.dll
+ 2009-06-25 08:17 . 2009-06-25 08:17 168448 c:\windows\$hf_mig$\KB968389\SP2QFE\schannel.dll
+ 2009-02-06 18:46 . 2009-02-06 18:46 408064 c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
+ 2009-06-25 08:17 . 2009-06-25 08:17 136192 c:\windows\$hf_mig$\KB968389\SP2QFE\msv1_0.dll
+ 2009-06-25 08:17 . 2009-06-25 08:17 735232 c:\windows\$hf_mig$\KB968389\SP2QFE\lsasrv.dll
+ 2009-06-25 08:17 . 2009-06-25 08:17 301568 c:\windows\$hf_mig$\KB968389\SP2QFE\kerberos.dll
+ 2009-09-17 19:40 . 2007-11-30 12:39 402296 c:\windows\$hf_mig$\KB961503\update\updspapi.dll
+ 2009-09-17 19:40 . 2007-11-30 12:39 763768 c:\windows\$hf_mig$\KB961503\update\update.exe
+ 2009-09-17 19:40 . 2007-11-30 12:39 233848 c:\windows\$hf_mig$\KB961503\spuninst.exe
+ 2009-07-15 18:46 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB961371\update\updspapi.dll
+ 2009-07-15 18:46 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB961371\update\update.exe
+ 2009-07-15 18:46 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB961371\spuninst.exe
+ 2009-06-16 14:43 . 2009-06-16 14:43 119808 c:\windows\$hf_mig$\KB961371\SP3QFE\t2embed.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\$hf_mig$\KB961371\SP3GDR\t2embed.dll
+ 2009-06-16 14:45 . 2009-06-16 14:45 119808 c:\windows\$hf_mig$\KB961371\SP2QFE\t2embed.dll
+ 2009-08-17 06:33 . 2007-11-30 11:19 402296 c:\windows\$hf_mig$\KB961118\update\updspapi.dll
+ 2009-08-17 06:33 . 2007-11-30 11:19 763768 c:\windows\$hf_mig$\KB961118\update\update.exe
+ 2009-08-17 06:33 . 2007-11-30 11:19 233848 c:\windows\$hf_mig$\KB961118\spuninst.exe
+ 2009-08-13 11:24 . 2009-05-26 11:41 402296 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
+ 2009-08-13 11:24 . 2009-05-26 11:41 763768 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-08-13 11:24 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB960859\spuninst.exe
+ 2009-08-13 11:23 . 2007-03-06 01:49 390880 c:\windows\$hf_mig$\KB958470\update\updspapi.dll
+ 2009-08-13 11:23 . 2007-03-06 01:48 724192 c:\windows\$hf_mig$\KB958470\update\update.exe
+ 2009-08-13 11:23 . 2007-03-06 01:48 215776 c:\windows\$hf_mig$\KB958470\spuninst.exe
+ 2009-08-13 10:45 . 2009-06-05 10:26 655872 c:\windows\$hf_mig$\KB958470\SP2QFE\mstscax.dll
+ 2009-09-10 13:45 . 2008-07-08 13:06 402296 c:\windows\$hf_mig$\KB956844\update\updspapi.dll
+ 2009-09-10 13:45 . 2008-07-08 13:06 763768 c:\windows\$hf_mig$\KB956844\update\update.exe
+ 2009-09-10 13:45 . 2008-07-08 13:06 233848 c:\windows\$hf_mig$\KB956844\spuninst.exe
+ 2009-09-10 09:30 . 2009-06-21 21:49 153088 c:\windows\$hf_mig$\KB956844\SP3QFE\triedit.dll
+ 2009-09-10 09:30 . 2009-06-21 21:47 153088 c:\windows\$hf_mig$\KB956844\SP3GDR\triedit.dll
+ 2009-09-10 09:30 . 2009-06-21 21:57 153088 c:\windows\$hf_mig$\KB956844\SP2QFE\triedit.dll
+ 2009-08-17 06:32 . 2005-10-12 23:21 390880 c:\windows\$hf_mig$\KB925720\update\updspapi.dll
+ 2009-08-17 06:32 . 2005-10-12 23:21 724192 c:\windows\$hf_mig$\KB925720\update\update.exe
+ 2009-08-17 06:32 . 2005-10-12 23:21 215776 c:\windows\$hf_mig$\KB925720\spuninst.exe
+ 2006-10-04 14:04 . 2006-10-04 14:04 216576 c:\windows\$hf_mig$\KB925720\SP2QFE\osk.exe
+ 2009-10-15 10:42 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
- 2006-03-02 12:00 . 2008-06-18 04:03 2458112 c:\windows\system32\WMVCore.dll
+ 2006-03-02 12:00 . 2009-05-20 02:56 2458112 c:\windows\system32\WMVCore.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-08-16 06:51 . 2008-07-06 15:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-08-16 06:51 . 2008-07-06 15:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-08-16 06:51 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2009-07-14 10:24 . 2008-01-07 21:36 2216064 c:\windows\system32\ReinstallBackups\0007\DriverFiles\w29n51.sys
+ 2009-07-14 10:24 . 2007-02-12 19:41 2732032 c:\windows\system32\ReinstallBackups\0007\DriverFiles\Netw2r32.dll
- 2006-03-02 12:00 . 2006-06-22 05:06 1439232 c:\windows\system32\query.dll
+ 2006-03-02 12:00 . 2009-07-17 16:26 1439232 c:\windows\system32\query.dll
+ 2006-03-02 12:00 . 2009-06-03 19:25 1295872 c:\windows\system32\quartz.dll
+ 2006-03-02 12:00 . 2009-08-04 17:03 2184064 c:\windows\system32\ntoskrnl.exe
+ 2004-08-19 15:34 . 2009-08-04 17:03 2061440 c:\windows\system32\ntkrnlpa.exe
- 2004-08-19 15:34 . 2009-02-09 11:48 2061440 c:\windows\system32\ntkrnlpa.exe
+ 2009-07-13 07:10 . 2007-02-12 19:41 2732032 c:\windows\system32\Netw2r32.dll
+ 2008-08-29 18:06 . 2008-08-29 18:06 1350664 c:\windows\system32\msxml6.dll
+ 2009-07-13 07:10 . 2008-01-07 21:36 2216064 c:\windows\system32\DRVSTORE\w29n51_AEF466EE116FDF742A02BFF75E6143DB4A91003C\w29n51.sys
+ 2009-07-13 07:10 . 2008-01-07 21:39 2212352 c:\windows\system32\DRVSTORE\w29n51_AEF466EE116FDF742A02BFF75E6143DB4A91003C\w29n50.sys
+ 2009-07-13 07:10 . 2007-02-12 19:41 2732032 c:\windows\system32\DRVSTORE\w29n51_AEF466EE116FDF742A02BFF75E6143DB4A91003C\Netw2r32.dll
+ 2009-07-13 07:10 . 2009-03-04 17:31 4202496 c:\windows\system32\DRVSTORE\netw5x32_89C90A37830F348FCEEF2A9500D9D51FD91050A9\NETw5x32.sys
+ 2009-07-13 07:10 . 2008-06-20 17:33 2756608 c:\windows\system32\DRVSTORE\netw5x32_89C90A37830F348FCEEF2A9500D9D51FD91050A9\NETw5r32.dll
+ 2008-01-22 15:18 . 2008-01-07 21:36 2216064 c:\windows\system32\drivers\w29n51.sys
+ 2009-08-16 06:51 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2008-01-22 16:41 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
- 2006-03-02 12:00 . 2008-06-18 04:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2006-03-02 12:00 . 2009-05-20 02:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
- 2006-03-02 12:00 . 2006-06-22 05:06 1439232 c:\windows\system32\dllcache\query.dll
+ 2006-03-02 12:00 . 2009-07-17 16:26 1439232 c:\windows\system32\dllcache\query.dll
+ 2006-03-02 12:00 . 2009-06-03 19:25 1295872 c:\windows\system32\dllcache\quartz.dll
+ 2007-02-28 16:02 . 2009-08-04 17:03 2184064 c:\windows\system32\dllcache\ntoskrnl.exe
- 2007-02-28 16:02 . 2009-02-09 11:49 2019328 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2007-02-28 16:02 . 2009-08-04 17:03 2019328 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2007-02-28 16:02 . 2009-08-04 17:03 2061440 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 16:02 . 2009-02-09 11:48 2061440 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2007-02-28 16:02 . 2009-08-04 17:03 2139648 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 16:02 . 2009-02-09 11:48 2139648 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-01-22 16:40 . 2009-07-10 13:41 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2009-07-11 12:58 . 2006-03-02 12:00 1548288 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-07-11 12:58 . 2009-02-09 11:48 2184192 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-07-11 12:58 . 2009-02-09 11:48 2061440 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-07-11 12:58 . 2009-03-21 14:18 1030144 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-07-11 12:58 . 2007-06-13 13:22 1035776 c:\windows\system32\dllcache\cache\explorer.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 17:35 . 2008-12-05 17:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-05 18:12 . 2008-12-05 18:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 02:59 . 2008-11-25 02:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 19:50 . 2007-04-13 19:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-12-13 07:57 . 2008-12-13 07:57 8397824 c:\windows\Installer\93764.msp
+ 2008-07-29 17:26 . 2008-07-29 17:26 1043456 c:\windows\Installer\7a714.msp
+ 2008-07-29 18:37 . 2008-07-29 18:37 2679808 c:\windows\Installer\7a712.msp
+ 2008-07-29 19:15 . 2008-07-29 19:15 3697664 c:\windows\Installer\7a710.msp
+ 2008-07-29 17:34 . 2008-07-29 17:34 1448448 c:\windows\Installer\7a70f.msp
+ 2008-07-29 18:22 . 2008-07-29 18:22 4137984 c:\windows\Installer\7a70e.msp
+ 2008-07-29 17:18 . 2008-07-29 17:18 3376640 c:\windows\Installer\7a70d.msp
+ 2009-09-21 14:53 . 2009-09-21 14:53 5518848 c:\windows\Installer\4d38d.msp
+ 2008-07-29 15:45 . 2008-07-29 15:45 2543616 c:\windows\Installer\36671.msp
+ 2008-07-29 15:29 . 2008-07-29 15:29 2926080 c:\windows\Installer\36670.msp
+ 2008-07-29 15:41 . 2008-07-29 15:41 6487040 c:\windows\Installer\3666f.msp
+ 2008-07-29 15:39 . 2008-07-29 15:39 3403264 c:\windows\Installer\3666e.msp
+ 2008-07-29 15:43 . 2008-07-29 15:43 1013248 c:\windows\Installer\3666c.msp
+ 2008-07-29 15:31 . 2008-07-29 15:31 6083072 c:\windows\Installer\36669.msp
+ 2005-10-26 12:59 . 2005-10-26 12:59 2883072 c:\windows\Installer\16ad997.msp
+ 2009-08-25 12:57 . 2009-08-25 12:57 5518336 c:\windows\Installer\16ad981.msp
+ 2003-07-07 20:36 . 2003-07-07 20:36 2058343 c:\windows\Installer\$PatchCache$\Managed\0140110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DAT
+ 2005-03-02 18:07 . 2009-08-04 17:03 2184064 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2005-03-02 18:07 . 2009-08-04 17:03 2019328 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2005-03-02 18:07 . 2009-02-09 11:49 2019328 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2005-03-02 18:06 . 2009-08-04 17:03 2061440 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2005-03-02 18:06 . 2009-02-09 11:48 2061440 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2005-03-02 18:07 . 2009-08-04 17:03 2139648 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2005-03-02 18:07 . 2009-02-09 11:48 2139648 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-16 16:25 . 2009-10-16 16:25 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b8a535ef\System.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_5189fc92\System.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_f67b9cb0\System.Xml.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_ccedab7d\System.Xml.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_fec60486\System.Windows.Forms.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_7dc5f927\System.Windows.Forms.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7d281978\System.Drawing.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f3c95d09\System.Design.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_0624acf9\System.Design.dll
+ 2009-10-16 16:25 . 2009-10-16 16:25 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_94d8ac42\mscorlib.dll
+ 2009-10-16 16:25 . 2009-10-16 16:26 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_86b8ddac\mscorlib.dll
+ 2009-10-16 16:35 . 2009-10-16 16:35 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2009-10-16 16:38 . 2009-10-16 16:38 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2009-10-16 16:35 . 2009-10-16 16:35 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2009-10-16 16:38 . 2009-10-16 16:38 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2009-10-16 18:52 . 2009-10-16 18:52 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll
+ 2009-10-16 18:51 . 2009-10-16 18:51 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll
+ 2009-10-16 18:51 . 2009-10-16 18:51 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm


Re: problema rootkit

Messaggioda Lovescream » mar nov 03, 2009 6:10 pm

IV parte: e ultima [bleh]

+ 2009-10-16 18:28 . 2009-10-16 18:28 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2009-10-16 18:27 . 2009-10-16 18:27 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2009-08-16 11:19 . 2009-08-16 11:19 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2009-10-16 18:38 . 2009-10-16 18:38 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2009-10-16 16:35 . 2009-10-16 16:35 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2009-10-16 18:31 . 2009-10-16 18:31 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll
+ 2009-10-16 18:28 . 2009-10-16 18:28 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll
+ 2009-10-16 18:49 . 2009-10-16 18:49 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll
+ 2009-10-16 18:30 . 2009-10-16 18:30 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-10-16 18:29 . 2009-10-16 18:29 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-08-16 07:00 . 2009-08-16 07:00 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-08-16 06:59 . 2009-08-16 06:59 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-08-16 06:54 . 2009-08-16 06:54 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-08-16 06:59 . 2009-08-16 06:59 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-10-16 16:31 . 2009-10-16 16:31 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-08-16 06:52 . 2009-08-16 06:52 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-10-16 16:32 . 2009-10-16 16:32 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-10-16 16:24 . 2009-10-16 16:24 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-01-26 18:08 . 2008-01-26 18:08 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-10-16 16:24 . 2009-10-16 16:24 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-26 18:08 . 2008-01-26 18:08 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-08-13 11:23 . 2007-05-16 15:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll
+ 2009-07-15 18:48 . 2008-12-20 22:42 1292800 c:\windows\$NtUninstallKB971633$\quartz.dll
+ 2009-09-10 13:43 . 2008-06-18 04:03 2458112 c:\windows\$NtUninstallKB968816_WM9$\wmvcore.dll
+ 2009-07-10 16:55 . 2009-07-10 16:55 1315328 c:\windows\$hf_mig$\KB973354\SP3QFE\msoe.dll
+ 2009-08-13 10:45 . 2009-07-10 13:26 1315328 c:\windows\$hf_mig$\KB973354\SP3GDR\msoe.dll
+ 2009-08-13 10:45 . 2009-07-10 13:37 1315328 c:\windows\$hf_mig$\KB973354\SP2QFE\msoe.dll
+ 2009-06-03 19:11 . 2009-06-03 19:11 1296384 c:\windows\$hf_mig$\KB971633\SP3QFE\quartz.dll
+ 2009-06-03 19:09 . 2009-06-03 19:09 1296384 c:\windows\$hf_mig$\KB971633\SP3GDR\quartz.dll
+ 2009-06-03 19:24 . 2009-06-03 19:24 1296384 c:\windows\$hf_mig$\KB971633\SP2QFE\quartz.dll
+ 2006-03-02 12:00 . 2009-07-13 21:43 10841088 c:\windows\system32\wmp.dll
+ 2008-11-02 13:20 . 2009-10-02 18:01 25198016 c:\windows\system32\MRT.exe
+ 2006-03-02 12:00 . 2009-07-13 21:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-08-10 19:08 . 2009-08-10 19:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2008-12-13 08:21 . 2008-12-13 08:21 10473472 c:\windows\Installer\9376f.msp
+ 2009-08-14 18:32 . 2009-08-14 18:32 11110912 c:\windows\Installer\4d3ae.msp
+ 2009-08-10 12:09 . 2009-08-10 12:09 17254912 c:\windows\Installer\4d3a5.msp
+ 2009-10-16 16:38 . 2009-10-16 16:38 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2009-10-16 18:50 . 2009-10-16 18:50 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll
+ 2009-10-16 18:28 . 2009-10-16 18:28 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll
+ 2009-10-16 16:37 . 2009-10-16 16:37 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2009-10-16 16:36 . 2009-10-16 16:36 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2009-10-16 16:34 . 2009-10-16 16:34 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
+ 2009-08-13 11:24 . 2008-11-11 17:34 10838016 c:\windows\$NtUninstallKB973540_WM9L$\wmp.dll
+ 2007-07-27 06:47 . 2007-07-27 06:47 131022336 c:\windows\Installer\16ad967.msp
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\programmi\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2004-10-13 1694208]
"CTSyncU.exe"="c:\programmi\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-15 2000112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"Apoint"="c:\programmi\Apoint2K\Apoint.exe" [2004-03-24 196608]
"CeEKEY"="c:\programmi\TOSHIBA\E-KEY\CeEKey.exe" [2005-09-06 671744]
"HWSetup"="c:\programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 28672]
"PadTouch"="c:\programmi\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077329]
"TPNF"="c:\programmi\TOSHIBA\TouchPad\TPTray.exe" [2005-08-25 53248]
"Tvs"="c:\programmi\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 73728]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"nod32kui"="c:\programmi\Eset\nod32kui.exe" [2008-01-22 949376]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 49263]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"WinampAgent"="c:\programmi\Winamp\winampa.exe" [2006-11-21 35328]
"OpwareSE2"="c:\programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"CTCheck"="c:\programmi\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"TFncKy"="TFncKy.exe" [BU]
"NDSTray.exe"="NDSTray.exe" [BU]
"TCtryIOHook"="TCtrlIOHook.exe" - c:\windows\system32\TCtrlIOHook.exe [2005-08-22 28672]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\agrsmmsg.exe [2004-12-22 88358]
"Zooming"="ZoomingHook.exe" - c:\windows\system32\ZoomingHook.exe [2005-06-06 24576]
"CFSServ.exe"="CFSServ.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\Client\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Reader Synchronizer.lnk - c:\programmi\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Alice ti aiuta.lnk - c:\programmi\Alice ti aiuta\bin\matcli.exe [2008-1-23 217088]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Bluetooth Manager.lnk - c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-3-22 487424]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2008-1-22 155648]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 16:13 548352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\TVAnts\\Tvants.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [22/01/2008 19.26.09 15424]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [23/06/2009 10.01.40 9968]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [23/06/2009 10.01.40 74480]
R3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [23/06/2009 10.01.42 7408]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Aggiungi all'elenco di stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Anteprima Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stampa ad alta velocità Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
LSP: c:\windows\system32\imon.dll
TCP: {A4C482F8-F126-4347-98E7-EBB119BC7385} = 85.37.17.16 85.38.28.68
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirements ... b_srlx.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-03 15:16
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x85758250]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x85758250
Warning: possible MBR rootkit infection !
copy of MBR has been found in sector 0x0BA50E41
malicious code @ sector 0x0BA50E44 !
PE file found in sector at 0x0BA50E5A !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(996)
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1052)
c:\windows\system32\imon.dll
c:\programmi\Eset\pr_imon.dll

- - - - - - - > 'explorer.exe'(1664)
c:\progra~1\ALICET~1\SMARTB~1\SBHook.dll
c:\programmi\ScanSoft\OmniPageSE2.0\ophookSE2.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\TosBtExt.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2009-11-03 15.18.37
ComboFix-quarantined-files.txt 2009-11-03 14:18
ComboFix2.txt 2009-07-11 12:59

Pre-Run: 5.560.475.648 byte disponibili
Post-Run: 5.565.538.304 byte disponibili

- - End Of File - - 3D74935DBA20190C46EB32C10B363B51
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Lovescream » mar nov 03, 2009 6:12 pm

e infine log di GMER

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-11-03 17:53:37
Windows 5.1.2600 Service Pack 2
Running: x6068525.exe; Driver: C:\DOCUME~1\Client\IMPOST~1\Temp\axtdrpod.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF23DF0B0]

Code \??\C:\DOCUME~1\Client\IMPOST~1\Temp\catchme.sys pIofCallDriver

---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\Client\IMPOST~1\Temp\catchme.sys Impossibile trovare il file specificato. !
? C:\WINDOWS\system32\Drivers\PROCEXP113.SYS Impossibile trovare il file specificato. !

---- User code sections - GMER 1.0.15 ----

.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!UnhookWindowsHookEx 7E39F21E 1 Byte [E9]
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!UnhookWindowsHookEx 7E39F21E 5 Bytes JMP 0134175D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!CallNextHookEx 7E39F85B 5 Bytes JMP 01341776 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 011AECEE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!DialogBoxParamW 7E3A555F 5 Bytes JMP 0111E0B3 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!SetWindowsHookExW 7E3ADDB5 5 Bytes JMP 01341712 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!DialogBoxIndirectParamW 7E3B2032 5 Bytes JMP 0134157B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!MessageBoxIndirectA 7E3BA04A 5 Bytes JMP 013414AD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!DialogBoxParamA 7E3BB10C 5 Bytes JMP 01341518 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!MessageBoxExW 7E3D05D8 5 Bytes JMP 0134137E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!MessageBoxExA 7E3D05FC 5 Bytes JMP 013413E0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!DialogBoxIndirectParamA 7E3D6B50 5 Bytes JMP 013415DE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 01341442 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[1440] ole32.dll!CoCreateInstance 774CFAC3 5 Bytes JMP 01131420 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!UnhookWindowsHookEx 7E39F21E 1 Byte [E9]
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!UnhookWindowsHookEx 7E39F21E 5 Bytes JMP 0134175D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!CallNextHookEx 7E39F85B 5 Bytes JMP 01341776 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 011AECEE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxParamW 7E3A555F 5 Bytes JMP 0111E0B3 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!SetWindowsHookExW 7E3ADDB5 5 Bytes JMP 01341712 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxIndirectParamW 7E3B2032 5 Bytes JMP 0134157B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxIndirectA 7E3BA04A 5 Bytes JMP 013414AD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxParamA 7E3BB10C 5 Bytes JMP 01341518 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxExW 7E3D05D8 5 Bytes JMP 0134137E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxExA 7E3D05FC 5 Bytes JMP 013413E0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxIndirectParamA 7E3D6B50 5 Bytes JMP 013415DE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 01341442 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3064] ole32.dll!CoCreateInstance 774CFAC3 5 Bytes JMP 01131420 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 011AECEE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!DialogBoxParamW 7E3A555F 5 Bytes JMP 0111E0B3 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!DialogBoxIndirectParamW 7E3B2032 5 Bytes JMP 0134157B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!MessageBoxIndirectA 7E3BA04A 5 Bytes JMP 013414AD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!DialogBoxParamA 7E3BB10C 5 Bytes JMP 01341518 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!MessageBoxExW 7E3D05D8 5 Bytes JMP 0134137E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!MessageBoxExA 7E3D05FC 5 Bytes JMP 013413E0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!DialogBoxIndirectParamA 7E3D6B50 5 Bytes JMP 013415DE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programmi\Internet Explorer\iexplore.exe[3888] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 01341442 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

Device \FileSystem\Udfs \UdfsCdRom tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_Disk tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_CdRom tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 85758250
Device \Driver\atapi \Device\Ide\IdePort0 85758250
Device \Driver\atapi \Device\Ide\IdePort1 85758250
Device \Driver\atapi \Device\Ide\IdePort2 85758250
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e 85758250
Device \FileSystem\Cdfs \Cdfs EE9BA400

---- Threads - GMER 1.0.15 ----

Thread System [4:1396] 8578E260
Thread System [4:2424] 8577905F
Thread System [4:3084] 857AC5D7
Thread System [4:3400] 8577BCD1

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 (rootkit like behavior) sector 00: rootkit-like behavior;

---- EOF - GMER 1.0.15 ----


chiedo scusa per i ripetuti messaggi ma non potevo fare altrimenti in quanto il limite massimo di caratteri è 600000 (Mi è venuto in mente solo ora che avrei potuto uppare il file txt su mediafire ma è alquanto tardivo [acc2] )
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda crazy.cat » mar nov 03, 2009 6:30 pm

Segui le istruzioni di Amantide
post447777.html#p447777
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: problema rootkit

Messaggioda Lovescream » mar nov 03, 2009 7:14 pm

ho provato a seguire le istruzioni e questo è il log:
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x0BA50E41
malicious code @ sector 0x0BA50E44 !
PE file found in sector at 0x0BA50E5A !

Ho provato anche a immettere il comando mbr.exe -f come diceva Amantide ma non ha funzionato, ossia il log prodotto è stato uguale a quello appena copiato, senza segni di "guarigione" [V]

Non è proprio possibile eliminare questo rootkit? [cry]
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Amantide » mar nov 03, 2009 9:12 pm

Prova ad eseguire il comando mbr.exe -f dalla modalità provvisoria.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: problema rootkit

Messaggioda Lovescream » mer nov 04, 2009 2:36 pm

ho provato ad utilizzarlo con la modalità provvisoria come da te consigliato Amantide, ma purtroppo non è cambiato nulla. [cry] Il log è sempre lo stesso pare che il rootkit non venga eliminato; non ci sono altre soluzioni possibili? (non ditemi la formattazione vi prego! [8)] )
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Amantide » mer nov 04, 2009 3:35 pm

Prova con questi tool:

Norman Sinowal Cleaner

FixMebroot
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: problema rootkit

Messaggioda Lovescream » mer nov 04, 2009 7:23 pm

Ho usato il primo tool senza risulati, infatti non ha trovato nessun file infetto. [V]
Per quanto riguarda il secondo non sono riuscita a scaricarlo perché il link mi porta ad una pagina vuota. non c'è un link alternativo per scaricarlo?
Ho anche provato, dopo aver letto su internet di un ragazzo che aveva un problema simile al mio, ad effettuare una scansione con Dr.Web, ma anche quest'ultimo non ha trovato nulla.
che cosa posso fare? [cry]
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Amantide » mer nov 04, 2009 7:32 pm

Te lo allego qui.

In alternativa puoi entrare nella console di ripristino dal CD di XP ed eseguire il comando
Codice: Seleziona tutto
fixmbr
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: problema rootkit

Messaggioda Lovescream » mer nov 04, 2009 7:54 pm

mi ha dato questo errore.
Immagine
è normale? devo ignorarlo? [V]
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Amantide » mer nov 04, 2009 8:44 pm

Effettivamente mi era sembrato strano che il file fosse di soli 14 KB. [uhm]

Prova a a scaricarlo da qui o da qui.
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: problema rootkit

Messaggioda Lovescream » gio nov 05, 2009 10:49 am

grazie per i link!
sono riuscita a scaricare ed eseguire. ho effettuato due tentativi di cui uno in modalità provvisoria.

ecco il primo log in modalità normale:

Symantec Trojan.Mebroot Removal Tool 1.0.1
Found drive \\.\PhysicalDrive0, analyzing MBR...
Creating FixMebroot service driver
Running driver...
Trojan.Mebroot has not been found active on your computer.
Delete service driver
Delete driver file
End


The tool initiated a system reboot.


ed infine il log in modalità provvisoria:

Symantec Trojan.Mebroot Removal Tool 1.0.1
Found drive \\.\PhysicalDrive0, analyzing MBR...
Creating FixMebroot service driver
Running driver...
ERROR! Cannot start FixMebroot service driver
Delete service driver
Delete driver file
End
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Amantide » gio nov 05, 2009 3:11 pm

Beh, il Mebroot Removal dice che il rootkit non è stato rilevato:

Trojan.Mebroot has not been found active on your computer.


Se provi ad eseguire Gmer ti rileva ancora il rootkit in MBR?
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: problema rootkit

Messaggioda Lovescream » gio nov 05, 2009 3:20 pm

ho eseguito gmer come tu mi hai consigliato [:)] e questo è il log:

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit quick scan 2009-11-05 15:24:23
Windows 5.1.2600 Service Pack 2
Running: x6068525.exe; Driver: C:\DOCUME~1\Client\IMPOST~1\Temp\axtdrpod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

---- EOF - GMER 1.0.15 ----
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Re: problema rootkit

Messaggioda Amantide » gio nov 05, 2009 3:36 pm

Lovescream ha scritto:ho eseguito gmer come tu mi hai consigliato e questo è il log:

E' un po' cortino [acc2]

Comunque, quando l'hai avviato ti ha indicato la presenza di rootkit o no?
...per volare alto, bisogna saper cadere...
Avatar utente
Amantide
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 8126
Iscritto il: lun feb 06, 2006 4:13 pm
Località: Abruzzo

Re: problema rootkit

Messaggioda dario-vr » gio nov 05, 2009 5:14 pm

Lovescream ha scritto:ho provato ad utilizzarlo con la modalità provvisoria come da te consigliato Amantide, ma purtroppo non è cambiato nulla. [cry] Il log è sempre lo stesso pare che il rootkit non venga eliminato; non ci sono altre soluzioni possibili? (non ditemi la formattazione vi prego! [8)] )


Ciao scusate se mi permetto di portare la mia "esperienza"
Avevo anche io MBR rootkit ed ho risolto così:

1) Prova a sistemarlo in questo modo (MBR), ripristino disattivato:

Clicca Start

Clicca Esegui...

Digita: cmd

si apre la finestra DOS, digita: CD \
premi invio

digita: mbr -f
premi invio

Poi digita: exit
premi invio

Riavvia il pc

2) Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)
Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.
E' probabile che ti siano inviati messaggi dall'antivirus, tu ignorali.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.



3) Poi scarica sul desktop

http://www.suspectfile.com/systemscan
Aprilo ed assicurati che tutte le opzioni siano spuntate, clicca su "Scan Now"
Finita la scansione verranno rilasciati (sempre sul desktop all'interno della cartella suspectfile) due file.
Collegati ad internet e vai alla pagina WikiSend: http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.
Ricordati d'effettuare la scansione senza connessione attiva e con l'antivirus disabilitato salvo poi riattivarlo a scansione terminata.

NB:
la durata della scansione può risultare lunga, potrebbe addirittura sembrare che il programma non stia lavorando, non preoccuparti non è così.
SystemScan viene riconosciuto, erroneamente, da alcuni antivirus come infetto.

Posta qui il contenuto del log C:\mbr.log
Il log che trovi sul Desktop, chiamato C:\ComboFix.txt
Posta il report suspect file di Systemscan che troverai sempre sul desktop


Alla fine solo a problema risolto disinstalla in questo modo Combofix:
Start
Esegui
nella finestra di dialogo, copia ed incolla questo comando: Combofix /u e premi Invio poi cancella le cartelle in "C" di Combofix e (qoobox)

Ps la procedura è lunga ma semplice, stampati il messagi come promemoria, ciao buona fortuna.
Si impara dagli errori degli altri: non si può vivere cosi' a lungo per farli tutti.
Avatar utente
dario-vr
Senior Member
Senior Member
 
Messaggi: 160
Iscritto il: gio gen 08, 2009 9:59 am
Località: Verona

Re: problema rootkit

Messaggioda Lovescream » gio nov 05, 2009 6:39 pm

scusami Amantide, ecco il log prodotto da una scansione completa con GMER
(a quanto pare l'elemento con "rootkit-like behavior" del log precedente sembra essere sparito [...] o forse sono io a non vederlo...)

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-11-05 18:40:23
Windows 5.1.2600 Service Pack 2
Running: x6068525.exe; Driver: C:\DOCUME~1\Client\IMPOST~1\Temp\axtdrpod.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF239A0B0]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\meiudf \MeiUDF_CdRom tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_Disk tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

Device \FileSystem\Udfs \UdfsCdRom tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- User code sections - GMER 1.0.15 ----

.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] ADVAPI32.dll!CryptDecrypt 77F5A2D1 7 Bytes JMP 28001060 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] ADVAPI32.dll!CryptDeriveKey 77F5A1A5 7 Bytes JMP 28001000 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!CreateEventA 7C8308C9 5 Bytes JMP 28001840 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!FindResourceA 7C80BE99 7 Bytes JMP 28001CF0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!FindResourceExA 7C835FC0 7 Bytes JMP 28001D80 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!FindResourceExW 7C80AC98 7 Bytes JMP 28001C60 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!FindResourceW 7C80BBDE 7 Bytes JMP 28001BE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!LoadResource 7C809FC5 7 Bytes JMP 28001E20 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!LockResource 7C80CCA7 5 Bytes JMP 28001F50 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] kernel32.dll!SizeofResource 7C80BC79 7 Bytes JMP 28001EE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] ole32.dll!CoCreateInstance 774CFAC3 5 Bytes JMP 28002600 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] ole32.dll!CoInitializeEx 774CEF6B 5 Bytes JMP 28002260 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] ole32.dll!CoRegisterClassObject 774E8720 5 Bytes JMP 28002360 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] SHELL32.dll!Shell_NotifyIconW 7CA31BEA 5 Bytes JMP 28003440 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!CreateDialogParamW 7E3A7D4F 5 Bytes JMP 28006120 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 28003CF0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!GetWindowLongW 7E3988A6 7 Bytes JMP 28006B00 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!LoadIconW 7E3A0894 5 Bytes JMP 28006960 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!LoadImageW 7E3A2CFE 5 Bytes JMP 28006770 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 28006310 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 280046C0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!SetWindowPlacement 7E3AD84C 5 Bytes JMP 28005EA0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!SetWindowRgn 7E39FFB2 7 Bytes JMP 28005FE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] USER32.dll!TrackPopupMenuEx 7E3ECD28 5 Bytes JMP 28004FA0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WININET.dll!HttpOpenRequestA 63039FE5 5 Bytes JMP 2800A220 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WININET.dll!HttpSendRequestA 63012EEA 5 Bytes JMP 2800A490 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WININET.dll!InternetCloseHandle 630378BE 5 Bytes JMP 2800A560 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WININET.dll!InternetReadFile 63040EC4 5 Bytes JMP 2800A3B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WS2_32.dll!closesocket 71A39639 5 Bytes JMP 2800BB90 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WS2_32.dll!recv 71A3615A 5 Bytes JMP 2800B3B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WS2_32.dll!send 71A3428A 5 Bytes JMP 2800B770 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WS2_32.dll!WSARecv 71A34318 5 Bytes JMP 2800B550 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[1608] WS2_32.dll!WSASend 71A36233 5 Bytes JMP 2800B950 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] ADVAPI32.dll!CryptDecrypt 77F5A2D1 7 Bytes JMP 28001060 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] ADVAPI32.dll!CryptDeriveKey 77F5A1A5 7 Bytes JMP 28001000 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!CreateEventA 7C8308C9 5 Bytes JMP 28001840 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!FindResourceA 7C80BE99 7 Bytes JMP 28001CF0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!FindResourceExA 7C835FC0 7 Bytes JMP 28001D80 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!FindResourceExW 7C80AC98 7 Bytes JMP 28001C60 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!FindResourceW 7C80BBDE 7 Bytes JMP 28001BE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!LoadResource 7C809FC5 7 Bytes JMP 28001E20 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!LockResource 7C80CCA7 5 Bytes JMP 28001F50 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] kernel32.dll!SizeofResource 7C80BC79 7 Bytes JMP 28001EE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] ole32.dll!CoCreateInstance 774CFAC3 5 Bytes JMP 28002600 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] ole32.dll!CoInitializeEx 774CEF6B 5 Bytes JMP 28002260 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] ole32.dll!CoRegisterClassObject 774E8720 5 Bytes JMP 28002360 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] SHELL32.dll!Shell_NotifyIconW 7CA31BEA 5 Bytes JMP 28003440 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!CreateDialogParamW 7E3A7D4F 5 Bytes JMP 28006120 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 28003CF0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!GetWindowLongW 7E3988A6 7 Bytes JMP 28006B00 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!LoadIconW 7E3A0894 5 Bytes JMP 28006960 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!LoadImageW 7E3A2CFE 5 Bytes JMP 28006770 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 28006310 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 280046C0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!SetWindowPlacement 7E3AD84C 5 Bytes JMP 28005EA0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!SetWindowRgn 7E39FFB2 7 Bytes JMP 28005FE0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] USER32.dll!TrackPopupMenuEx 7E3ECD28 5 Bytes JMP 28004FA0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WININET.dll!HttpOpenRequestA 63039FE5 5 Bytes JMP 2800A220 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WININET.dll!HttpSendRequestA 63012EEA 5 Bytes JMP 2800A490 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WININET.dll!InternetCloseHandle 630378BE 5 Bytes JMP 2800A560 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WININET.dll!InternetReadFile 63040EC4 5 Bytes JMP 2800A3B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WS2_32.dll!closesocket 71A39639 5 Bytes JMP 2800BB90 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WS2_32.dll!recv 71A3615A 5 Bytes JMP 2800B3B0 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WS2_32.dll!send 71A3428A 5 Bytes JMP 2800B770 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WS2_32.dll!WSARecv 71A34318 5 Bytes JMP 2800B550 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Programmi\Windows Live\Messenger\msnmsgr.exe[3684] WS2_32.dll!WSASend 71A36233 5 Bytes JMP 2800B950 C:\Programmi\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

---- EOF - GMER 1.0.15 ----
Avatar utente
Lovescream
Neo Iscritto
Neo Iscritto
 
Messaggi: 19
Iscritto il: ven lug 10, 2009 5:48 pm

Prossimo

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising