Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Aiuto.. possibile MBR Rootkit

Aiuto.. possibile MBR Rootkit Opzioni
Topic Precedente · Topic Sucessivo
gig1987
Inviato: Saturday, February 27, 2010 11:02:20 PM
Rank: Newbie

Iscritto dal : 2/27/2010
Posts: 7
Salve a tutti, sono ormai 4-5 giorni che ogni volta che accendo il pc oltre il mio account ne trovo anche un altro denominato "remote desktop help assistant" che continua a ricomparire nonostante lo cancelli ogni volta.! Controllando su google ho visto che si tratta di un MBR Rootkit pero non riesco ad eliminarlo..!! Chi mi puo dare una mano?
Torna in alto
 
Sponsor
Inviato: Saturday, February 27, 2010 11:02:20 PM

 
Torna in alto
 
r16
Inviato: Saturday, February 27, 2010 11:14:14 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Fai così:
Start\Esegui\ copia-incolla questa stringa:
control userpasswords2
clicca ok.
Scrivimi quali account trovi.
Torna in alto
 
gig1987
Inviato: Saturday, February 27, 2010 11:17:52 PM
Rank: Newbie

Iscritto dal : 2/27/2010
Posts: 7
administrator

davide

remoteuser
Torna in alto
 
r16
Inviato: Saturday, February 27, 2010 11:20:07 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Seleziona Remoteuser, e lo rimuovi.
Riavvia il pc.

Poi fai questa scansione:
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.
Torna in alto
 
gig1987
Inviato: Saturday, February 27, 2010 11:37:50 PM
Rank: Newbie

Iscritto dal : 2/27/2010
Posts: 7
ComboFix 10-02-26.01 - Davide 27/02/2010 23.26.31.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.2047.1613 [GMT 1:00]
Eseguito da: c:\documents and settings\Davide\Documenti\Davide\Programmi\Programmi per virus\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100227-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ModemLog_ONDA USB Modem .txt

.
((((((((((((((((((((((((( Files Creati Da 2010-01-27 al 2010-02-27 )))))))))))))))))))))))))))))))))))
.

2010-02-26 23:28 . 2010-02-26 23:28 -------- d-----w- c:\programmi\MSXML 6.0
2010-02-26 23:23 . 2010-02-26 23:23 -------- d-----w- c:\programmi\Trend Micro
2010-02-26 23:13 . 2010-02-26 23:13 -------- d-----w- c:\programmi\CCleaner
2010-02-26 22:48 . 2010-02-25 10:21 77312 ----a-w- C:\mbr.exe
2010-02-26 13:58 . 2010-02-27 20:17 -------- d-----w- c:\programmi\Everest Poker
2010-02-26 12:01 . 2010-02-27 12:37 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-26 11:45 . 2010-02-26 11:45 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\P5
2010-02-26 11:45 . 2010-02-26 11:45 -------- d-----w- c:\programmi\MSXML 4.0
2010-02-25 21:10 . 2009-08-04 17:03 2061440 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-25 21:10 . 2009-08-04 17:03 2184064 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-25 21:10 . 2009-08-04 17:03 2139648 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-25 21:10 . 2009-08-04 17:03 2019328 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-25 21:02 . 2009-12-04 14:41 453760 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-25 20:59 . 2010-02-25 20:59 -------- d-----w- c:\programmi\File comuni\Doctor Web
2010-02-25 20:59 . 2010-02-26 11:43 -------- d-----w- c:\programmi\DrWeb
2010-02-25 20:59 . 2010-02-25 23:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Doctor Web
2010-02-25 20:25 . 2008-06-14 17:59 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-25 20:25 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-25 18:25 . 2010-02-25 23:01 -------- d-----w- c:\documents and settings\Davide\DoctorWeb
2010-02-25 16:51 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-25 16:51 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-25 14:13 . 2010-02-25 23:00 -------- d-----w- c:\programmi\a-squared Free
2010-02-25 14:05 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-25 14:05 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-25 01:33 . 2010-02-25 01:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sports Interactive
2010-02-25 01:33 . 2010-02-25 01:33 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Sports Interactive
2010-02-25 01:22 . 2010-02-25 01:30 -------- d--h--w- c:\programmi\Zero G Registry
2010-02-25 01:22 . 2010-02-25 01:22 -------- d-----w- c:\programmi\Sports Interactive
2010-02-25 01:22 . 2010-02-25 01:22 -------- d--h--w- c:\documents and settings\Davide\InstallAnywhere
2010-02-25 00:44 . 2008-04-14 09:43 39936 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPSON SX100 Series\Language\0410.E_DIX0RE.DLL
2010-02-25 00:32 . 2010-02-25 00:32 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\DAEMON Tools Pro
2010-02-25 00:32 . 2010-02-25 00:32 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\DAEMON Tools
2010-02-25 00:30 . 2010-02-25 00:30 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-02-25 00:26 . 2010-02-25 00:26 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Temp
2010-02-25 00:25 . 2010-02-25 00:25 -------- d-----w- c:\documents and settings\Default User\Impostazioni locali\Dati applicazioni\Adobe
2010-02-25 00:21 . 2010-02-25 00:21 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-02-25 00:10 . 2010-02-26 11:50 -------- d-----w- C:\bwinPoker
2010-02-25 00:09 . 2010-02-25 00:09 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Shareaza
2010-02-25 00:02 . 2010-02-25 00:02 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\vlc
2010-02-24 23:57 . 2010-02-24 23:57 5018 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-02-24 23:57 . 2010-02-24 23:57 8 --sh--r- c:\windows\system32\646C5BC8E1.sys
2010-02-24 23:57 . 2010-02-24 23:58 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Corel
2010-02-24 23:38 . 2010-02-24 23:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\UDL
2010-02-24 23:38 . 2010-02-24 23:38 -------- d-----w- c:\programmi\Epson Software
2010-02-24 23:36 . 2010-02-24 23:37 -------- d-----w- c:\programmi\ABBYY FineReader 6.0 Sprint
2010-02-24 23:34 . 2008-04-14 09:42 53248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPSON SX100 Series\Language\0410.E_S9E0D7.DLL
2010-02-24 23:33 . 2010-02-25 00:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2010-02-24 23:31 . 2010-02-24 23:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EPSON
2010-02-24 23:31 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2010-02-24 23:31 . 2010-02-24 23:37 -------- d-----w- c:\programmi\epson
2010-02-24 23:26 . 2010-02-24 23:26 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\pdfforge
2010-02-24 23:26 . 2010-02-24 23:26 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Search Settings
2010-02-24 23:22 . 2010-02-24 23:22 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\Application Updater
2010-02-24 23:22 . 2010-02-24 23:22 -------- d-----w- c:\programmi\Application Updater
2010-02-24 23:21 . 2010-02-24 23:21 -------- d-----w- c:\programmi\gs
2010-02-24 23:20 . 2010-02-24 23:21 -------- d-----w- c:\programmi\Ghostgum
2010-02-24 23:20 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2010-02-24 23:20 . 2010-02-24 23:22 -------- d-----w- c:\programmi\PDFCreator
2010-02-24 23:20 . 1998-08-05 07:45 122128 ----a-w- c:\windows\system32\VB6IT.DLL
2010-02-24 23:20 . 1998-08-05 07:45 150528 ----a-w- c:\windows\system32\MSCMCIT.DLL
2010-02-24 23:20 . 1998-08-05 07:45 63488 ----a-w- c:\windows\system32\MSCC2IT.DLL
2010-02-24 23:20 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2010-02-24 23:16 . 2010-02-24 23:18 -------- d-----w- c:\programmi\Transform XP to Vista
2010-02-24 23:11 . 2010-02-24 23:11 -------- d-----w- c:\programmi\QuickTime
2010-02-24 23:09 . 2010-02-24 23:09 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\java
2010-02-24 23:09 . 2010-02-24 15:59 49152 --sha-r- c:\documents and settings\Davide\Dati applicazioni\java\autorun.exe
2010-02-24 23:07 . 2010-02-24 23:16 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Apple Computer
2010-02-24 23:07 . 2010-02-24 23:16 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Apple Computer
2010-02-24 23:03 . 2010-02-24 23:03 0 ----a-w- c:\windows\nsreg.dat
2010-02-24 23:03 . 2010-02-24 23:03 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Mozilla
2010-02-24 22:52 . 2010-02-24 22:52 -------- d-sh--w- c:\documents and settings\Davide\IECompatCache
2010-02-24 22:52 . 2010-02-24 22:52 -------- d-sh--w- c:\documents and settings\Davide\PrivacIE
2010-02-24 22:51 . 2010-02-24 22:51 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-24 22:51 . 2010-02-24 22:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Lite
2010-02-24 22:50 . 2010-02-24 22:50 -------- d-----w- c:\programmi\DAEMON Tools Toolbar
2010-02-24 22:50 . 2010-02-25 00:29 -------- d-----w- c:\programmi\DAEMON Tools Lite
2010-02-24 22:49 . 2010-02-24 22:49 -------- d-sh--w- c:\documents and settings\Davide\IETldCache
2010-02-24 22:44 . 2010-02-24 23:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2010-02-24 22:44 . 2008-04-04 13:51 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-24 22:44 . 2010-02-24 22:45 354560 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-02-24 22:44 . 2010-02-24 22:44 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\TuneUp Software
2010-02-24 22:44 . 2010-02-24 22:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2010-02-24 22:44 . 2010-02-24 22:45 -------- d-----w- c:\programmi\TuneUp Utilities 2008
2010-02-24 22:43 . 2010-02-24 22:43 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2010-02-24 22:42 . 2010-02-25 12:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-02-24 22:41 . 2010-02-25 22:58 -------- d-----w- c:\windows\ie8updates
2010-02-24 22:40 . 2010-02-24 22:41 -------- d-----w- c:\windows\system32\it-IT
2010-02-24 22:40 . 2010-02-24 22:41 -------- dc-h--w- c:\windows\ie8
2010-02-24 22:35 . 2010-02-24 22:35 -------- d-----w- c:\programmi\Lame for Audacity
2010-02-24 22:34 . 2010-02-24 22:35 -------- d-----w- c:\programmi\PokerStars.IT
2010-02-24 22:32 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-24 22:32 . 2009-12-21 19:06 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-24 22:32 . 2009-12-21 19:06 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-24 22:32 . 2009-12-21 19:06 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-24 22:32 . 2009-12-21 19:06 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-24 22:32 . 2009-12-21 19:06 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-24 22:32 . 2009-12-21 19:06 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-24 22:21 . 2010-02-24 23:24 -------- d-----w- c:\programmi\Messenger Plus! Live
2010-02-24 22:20 . 2010-02-27 21:54 -------- d-----w- c:\documents and settings\Davide\Tracing
2010-02-24 22:19 . 2010-02-24 22:49 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-02-24 22:17 . 2010-02-24 22:19 -------- d-----w- c:\programmi\Microsoft
2010-02-24 22:17 . 2010-02-24 22:17 -------- d-----w- c:\programmi\Windows Live SkyDrive
2010-02-24 22:17 . 2010-02-24 22:19 -------- d-----w- c:\programmi\Windows Live
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\programmi\Safari
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\programmi\Bonjour
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Apple
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\programmi\Apple Software Update
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2010-02-24 22:05 . 2010-02-25 17:13 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Shareaza
2010-02-24 22:05 . 2010-02-25 00:29 -------- d-----w- c:\programmi\Shareaza
2010-02-24 22:04 . 2010-02-24 22:04 -------- d-----w- c:\programmi\VideoLAN
2010-02-24 22:02 . 2010-02-24 22:02 -------- d-----w- c:\windows\system32\LogFiles
2010-02-24 22:01 . 2010-02-24 22:02 -------- d-----w- c:\windows\system32\drivers\umdf
2010-02-24 21:41 . 2010-02-24 21:41 -------- d-----w- c:\programmi\File comuni\Windows Live
2010-02-24 21:40 . 2010-02-24 21:40 -------- d-----w- c:\programmi\GIMP-2.0
2010-02-24 21:38 . 2010-02-24 21:38 -------- d-----w- c:\programmi\Audacity
2010-02-24 21:37 . 2010-02-25 00:21 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Adobe
2010-02-24 21:37 . 2010-02-24 21:37 -------- d-----w- c:\programmi\File comuni\Adobe
2010-02-24 20:03 . 2010-02-27 22:09 -------- d--h--w- c:\windows\$hf_mig$

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-27 22:13 . 2010-02-24 19:10 -------- d-----w- c:\programmi\MH600HS Wizard
2010-02-27 22:10 . 2001-08-31 11:00 79514 ----a-w- c:\windows\system32\perfc010.dat
2010-02-27 22:10 . 2001-08-31 11:00 479180 ----a-w- c:\windows\system32\perfh010.dat
2010-02-27 11:31 . 2010-02-24 19:52 20128 ----a-w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-26 23:30 . 2010-02-26 23:30 -------- d-----w- c:\programmi\MSBuild
2010-02-26 23:30 . 2010-02-26 23:30 -------- d-----w- c:\programmi\Reference Assemblies
2010-02-25 01:21 . 2010-02-24 21:39 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\DAEMON Tools Lite
2010-02-25 00:21 . 2010-02-24 23:34 -------- d-----w- c:\programmi\Google
2010-02-24 23:59 . 2010-02-24 19:49 -------- d-----w- c:\programmi\Corel
2010-02-24 23:59 . 2010-02-24 19:49 -------- d-----w- c:\programmi\File comuni\Corel
2010-02-24 23:38 . 2010-02-24 19:02 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-24 23:34 . 2010-02-24 23:33 1975408 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NOS\Adobe_Downloads\GoogleToolbarInstaller_en32_signed.exe
2010-02-24 23:34 . 2010-02-24 23:33 1955472 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NOS\Adobe_Downloads\install_flash_player_ax.exe
2010-02-24 23:16 . 2010-02-24 23:16 -------- d-----w- c:\programmi\iTunes
2010-02-24 23:16 . 2010-02-24 23:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2010-02-24 23:16 . 2010-02-24 23:16 -------- d-----w- c:\programmi\iPod
2010-02-24 23:16 . 2010-02-24 23:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-02-24 23:15 . 2010-02-24 23:15 -------- d-----w- c:\programmi\File comuni\Apple
2010-02-24 23:14 . 2010-02-24 23:14 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Ahead
2010-02-24 23:14 . 2010-02-24 23:14 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2010-02-24 23:14 . 2010-02-24 23:13 -------- d-----w- c:\programmi\File comuni\Ahead
2010-02-24 23:13 . 2010-02-24 23:13 -------- d-----w- c:\programmi\Nero
2010-02-24 23:13 . 2010-02-24 23:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2010-02-24 23:03 . 2010-02-24 18:44 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-24 21:39 . 2010-02-24 21:39 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-24 21:39 . 2010-02-24 21:39 -------- d-----w- c:\programmi\Alwil Software
2010-02-24 19:50 . 2010-02-24 19:50 -------- d-----w- c:\programmi\InterVideo
2010-02-24 19:50 . 2010-02-24 18:51 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-02-24 19:49 . 2010-02-24 19:49 29990 ----a-r- c:\documents and settings\Davide\Dati applicazioni\Microsoft\Installer\{17E14D89-3A9F-4706-9F9B-C2DFC7ABE94B}\ARPPRODUCTICON.exe
2010-02-24 19:49 . 2010-02-24 19:49 10134 ----a-r- c:\documents and settings\Davide\Dati applicazioni\Microsoft\Installer\{12665B01-3F3A-4433-B179-9D8E352D7547}\ARPPRODUCTICON.exe
2010-02-24 19:49 . 2010-02-24 19:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Corel
2010-02-24 19:04 . 2010-02-24 19:04 -------- d-----w- c:\programmi\Realtek
2010-02-24 19:03 . 2010-02-24 19:03 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\InstallShield
2010-02-24 19:02 . 2010-02-24 19:01 -------- d-----w- c:\programmi\VIA
2010-02-24 18:58 . 2010-02-24 18:58 -------- d-----w- c:\programmi\Intel
2010-02-24 18:56 . 2010-02-24 18:50 -------- d-----w- c:\programmi\EXPERTool
2010-02-24 18:45 . 2010-02-24 18:45 -------- d-----w- c:\programmi\microsoft frontpage
2010-02-24 18:44 . 2010-02-24 18:44 -------- d-----w- c:\programmi\Servizi in linea
2010-02-24 18:43 . 2010-02-24 18:43 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:06 . 2004-08-19 13:39 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:58 . 2010-02-24 18:42 346112 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35 . 2004-08-19 13:39 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 14:41 . 2004-08-03 21:15 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-02-26_23.10.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-27 22:25 . 2010-02-27 22:25 16384 c:\windows\Temp\Perflib_Perfdata_4ec.dat
+ 2004-08-19 13:39 . 2006-10-04 13:32 50176 c:\windows\system32\utilman.exe
- 2004-08-19 13:39 . 2004-08-19 13:39 50176 c:\windows\system32\utilman.exe
- 2004-08-19 13:39 . 2004-08-19 13:39 36352 c:\windows\system32\umandlg.dll
+ 2004-08-19 13:39 . 2006-10-04 13:33 36352 c:\windows\system32\umandlg.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2010-02-26 23:30 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2001-08-31 11:00 . 2010-02-27 22:10 67448 c:\windows\system32\perfc009.dat
- 2004-08-19 13:39 . 2004-08-19 13:39 54784 c:\windows\system32\narrator.exe
+ 2004-08-19 13:39 . 2006-10-04 13:32 54784 c:\windows\system32\narrator.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2007-05-08 16:08 . 2007-05-08 16:08 86728 c:\windows\system32\msxml6r.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 83968 c:\windows\system32\mscories.dll
+ 2004-08-19 13:39 . 2006-10-04 13:32 73216 c:\windows\system32\magnify.exe
- 2004-08-19 13:39 . 2004-08-19 13:39 73216 c:\windows\system32\magnify.exe
+ 2008-07-29 18:24 . 2008-07-29 18:24 97800 c:\windows\system32\infocardapi.dll
+ 2008-07-29 18:24 . 2008-07-29 18:24 11264 c:\windows\system32\icardres.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 73720 c:\windows\system32\dxva2.dll
- 2004-08-19 13:39 . 2004-08-19 13:39 50176 c:\windows\system32\dllcache\utilman.exe
+ 2004-08-19 13:39 . 2006-10-04 13:32 50176 c:\windows\system32\dllcache\utilman.exe
+ 2004-08-19 13:39 . 2006-10-04 13:33 36352 c:\windows\system32\dllcache\umandlg.dll
- 2004-08-19 13:39 . 2004-08-19 13:39 36352 c:\windows\system32\dllcache\umandlg.dll
+ 2004-08-19 13:39 . 2006-10-04 13:32 54784 c:\windows\system32\dllcache\narrator.exe
- 2004-08-19 13:39 . 2004-08-19 13:39 54784 c:\windows\system32\dllcache\narrator.exe
- 2004-08-19 13:39 . 2004-08-19 13:39 73216 c:\windows\system32\dllcache\magnify.exe
+ 2004-08-19 13:39 . 2006-10-04 13:32 73216 c:\windows\system32\dllcache\magnify.exe
+ 2010-02-26 23:30 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 96760 c:\windows\system32\dfshim.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 20:10 . 2008-07-29 20:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 18:59 . 2008-07-29 18:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 18:32 . 2008-07-29 18:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 10:17 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-29 20:07 . 2008-07-29 20:07 23040 c:\windows\Installer\7b0ee.msp
+ 2010-02-26 23:29 . 2010-02-26 23:29 88576 c:\windows\Installer\6035b.msi
+ 2010-02-26 23:30 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2010-02-27 22:12 . 2010-02-27 22:12 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2010-02-26 23:30 . 2010-02-26 23:30 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-02-27 22:08 . 2010-02-27 22:11 4292 c:\windows\SoftwareDistribution\EventCache\{B593984F-A7BD-46D2-8557-D12175B61967}.bin
+ 2008-07-29 22:40 . 2008-07-29 22:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2005-09-23 06:29 . 2005-09-23 06:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2010-02-26 23:31 . 2010-02-26 23:31 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-02-24 22:18 . 2010-02-24 22:18 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-29 20:26 . 2008-07-29 20:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2010-02-26 23:30 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll
+ 2006-10-24 11:30 . 2006-10-24 11:30 276992 c:\windows\system32\WMPhoto.dll
+ 2006-10-24 11:29 . 2006-10-24 11:29 352256 c:\windows\system32\WindowsCodecsExt.dll
+ 2006-10-24 11:30 . 2006-10-24 11:30 716288 c:\windows\system32\WindowsCodecs.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2010-02-26 23:30 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2010-02-26 23:30 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-08-24 15:15 . 2006-08-24 15:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-29 19:35 . 2008-07-29 19:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-29 18:59 . 2008-07-29 18:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-10-24 11:30 . 2006-10-24 11:30 412160 c:\windows\system32\photometadatahandler.dll
+ 2001-08-31 11:00 . 2010-02-27 22:10 432492 c:\windows\system32\perfh009.dat
+ 2004-08-19 13:39 . 2006-10-04 13:32 216576 c:\windows\system32\osk.exe
- 2004-08-19 13:39 . 2004-08-19 13:39 216576 c:\windows\system32\osk.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 282112 c:\windows\system32\mscoree.dll
+ 2008-07-29 18:24 . 2008-07-29 18:24 622080 c:\windows\system32\icardagt.exe
+ 2010-02-24 19:35 . 2010-02-27 11:13 122136 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-29 20:10 . 2008-07-29 20:10 493048 c:\windows\system32\evr.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll
+ 2010-02-26 23:30 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe
- 2004-08-19 13:39 . 2004-08-19 13:39 216576 c:\windows\system32\dllcache\osk.exe
+ 2004-08-19 13:39 . 2006-10-04 13:32 216576 c:\windows\system32\dllcache\osk.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 17:47 . 2008-07-29 17:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 17:47 . 2008-07-29 17:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 22:15 . 2008-07-29 22:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 22:40 . 2008-07-29 22:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 19:35 . 2008-07-29 19:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 18:24 . 2008-07-29 18:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 03:59 . 2008-11-25 03:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2005-09-23 06:29 . 2005-09-23 06:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 06:29 . 2005-09-23 06:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2005-09-23 06:28 . 2005-09-23 06:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 06:28 . 2005-09-23 06:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-12-13 08:58 . 2008-12-13 08:58 754688 c:\windows\Installer\84ebf.msp
+ 2010-02-26 23:31 . 2010-02-26 23:31 648192 c:\windows\Installer\84e9c.msi
+ 2008-07-29 20:23 . 2008-07-29 20:23 250880 c:\windows\Installer\7b0f7.msp
+ 2008-07-29 20:28 . 2008-07-29 20:28 278016 c:\windows\Installer\7b0f5.msp
+ 2008-07-29 18:40 . 2008-07-29 18:40 291840 c:\windows\Installer\7b0f3.msp
+ 2010-02-26 23:30 . 2010-02-26 23:30 137728 c:\windows\Installer\7b0ed.msi
+ 2008-07-29 16:35 . 2008-07-29 16:35 553472 c:\windows\Installer\60360.msp
+ 2008-07-29 16:33 . 2008-07-29 16:33 506368 c:\windows\Installer\6035e.msp
+ 2008-07-29 16:37 . 2008-07-29 16:37 911360 c:\windows\Installer\6035d.msp
+ 2010-02-27 22:09 . 2010-02-27 22:09 969728 c:\windows\Installer\181d40.msi
+ 2009-03-20 10:48 . 2009-03-20 10:48 183808 c:\windows\Installer\181d30.msp
+ 2010-02-26 23:30 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2010-02-26 23:33 . 2010-02-26 23:33 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2010-02-26 23:33 . 2010-02-26 23:33 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-02-26 23:33 . 2010-02-26 23:33 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2010-02-26 23:33 . 2010-02-26 23:33 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-02-24 22:18 . 2010-02-24 22:18 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2010-02-26 23:30 . 2008-07-06 16:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2010-02-26 23:30 . 2008-07-06 16:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2009-08-19 16:07 . 2009-08-19 16:07 1415000 c:\windows\system32\msxml6.dll
+ 2010-02-26 23:30 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 17:47 . 2008-07-29 17:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 18:35 . 2008-12-05 18:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-05 19:12 . 2008-12-05 19:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 03:59 . 2008-11-25 03:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2008-12-13 08:57 . 2008-12-13 08:57 8397824 c:\windows\Installer\84eaa.msp
+ 2008-07-29 18:26 . 2008-07-29 18:26 1043456 c:\windows\Installer\7b0f6.msp
+ 2008-07-29 19:37 . 2008-07-29 19:37 2679808 c:\windows\Installer\7b0f4.msp
+ 2008-07-29 20:15 . 2008-07-29 20:15 3697664 c:\windows\Installer\7b0f2.msp
+ 2008-07-29 18:34 . 2008-07-29 18:34 1448448 c:\windows\Installer\7b0f1.msp
+ 2008-07-29 19:22 . 2008-07-29 19:22 4137984 c:\windows\Installer\7b0f0.msp
+ 2008-07-29 18:18 . 2008-07-29 18:18 3376640 c:\windows\Installer\7b0ef.msp
+ 2008-07-29 16:45 . 2008-07-29 16:45 2543616 c:\windows\Installer\60364.msp
+ 2008-07-29 16:29 . 2008-07-29 16:29 2926080 c:\windows\Installer\60363.msp
+ 2008-07-29 16:41 . 2008-07-29 16:41 6487040 c:\windows\Installer\60362.msp
+ 2008-07-29 16:39 . 2008-07-29 16:39 3403264 c:\windows\Installer\60361.msp
+ 2008-07-29 16:43 . 2008-07-29 16:43 1013248 c:\windows\Installer\6035f.msp
+ 2008-07-29 16:31 . 2008-07-29 16:31 6083072 c:\windows\Installer\6035c.msp
+ 2010-02-27 22:13 . 2010-02-27 22:13 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2010-02-27 22:12 . 2010-02-27 22:12 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2010-02-27 22:12 . 2010-02-27 22:12 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-02-26 23:33 . 2010-02-26 23:33 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-02-26 23:32 . 2010-02-26 23:32 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-02-26 23:31 . 2010-02-26 23:31 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2010-02-26 23:32 . 2010-02-26 23:32 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-02-26 23:30 . 2010-02-26 23:30 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-02-27 22:10 . 2010-02-27 22:10 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-12-13 09:21 . 2008-12-13 09:21 10473472 c:\windows\Installer\84eb4.msp
+ 2009-08-14 19:32 . 2009-08-14 19:32 11110912 c:\windows\Installer\181d4b.msp
+ 2010-02-27 22:14 . 2010-02-27 22:14 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2010-02-27 22:14 . 2010-02-27 22:14 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2010-02-27 22:13 . 2010-02-27 22:13 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2010-02-27 22:12 . 2010-02-27 22:12 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\programmi\EXPERTool\TBPanel.exe" [2008-07-10 2177576]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-24 39408]
"MSMSGS"="c:\documents and settings\Davide\Dati applicazioni\java\autorun.exe" [2010-02-24 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"HDAudDeck"="c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-14 29831168]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2009-01-05 413696]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
InterVideo WinCinema Manager.lnk - c:\programmi\InterVideo\Common\Bin\WinCinemaMgr.exe [2010-2-24 303104]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Shareaza\\Shareaza.exe"=
"c:\\Programmi\\Sports Interactive\\Football Manager 2010\\fm.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [25/02/2010 15.05.26 114768]
R2 Application Updater;Application Updater;c:\programmi\Application Updater\ApplicationUpdater.exe [08/01/2010 0.51.02 380928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/02/2010 15.05.26 20560]
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);c:\programmi\File comuni\Doctor Web\Scanning Engine\dwengine.exe [29/09/2009 14.46.42 869688]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [24/02/2010 20.01.57 238080]
S0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys --> c:\windows\system32\drivers\pxscan.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/02/2010 22.39.36 717296]
S2 Autorun CDROM Monitor;Autorun CDROM Monitor;c:\windows\system32\SupportAppMH\cdrom_mon.exe [24/02/2010 20.09.56 81920]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [25/02/2010 1.21.23 135664]
S2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys --> c:\windows\system32\drivers\pxrts.sys [?]
S3 ONDAUsbDiag;ONDA USB Diagnostics Port;c:\windows\system32\drivers\ONDAUsbDiag.sys [24/02/2010 20.10.42 92928]
S3 ONDAUsbModem;ONDA USB MODEM DRIVER;c:\windows\system32\drivers\ONDAUsbModem.sys [24/02/2010 20.10.42 92928]
S3 ONDAUsbNmea;ONDA USB NMEA Port;c:\windows\system32\drivers\ONDAusbnmea.sys [24/02/2010 20.10.42 92928]
S3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys --> c:\windows\system32\drivers\pxkbf.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-25 00:21]

2010-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-25 00:21]

2010-02-27 c:\windows\Tasks\Verifica e correzione automatica.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe [2008-03-03 11:05]

2010-02-27 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-25 21:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Download with &Shareaza - c:\programmi\shareaza\razawebhook32.dll/3000
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
FF - ProfilePath - c:\documents and settings\Davide\Dati applicazioni\Mozilla\Firefox\Profiles\lmhu4ae9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - plugin: c:\programmi\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************
scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????

Scansione files nascosti ...

Scansione completata con successo
Files nascosti:

**************************************************************************
.
Ora fine scansione: 2010-02-27 23:29:18
ComboFix-quarantined-files.txt 2010-02-27 22:29

Pre-Run: 466.088.566.784 byte disponibili
Post-Run: 466.098.495.488 byte disponibili

- - End Of File - - 546E26B89F9F1530696B37502EC34CCF
Torna in alto
 
r16
Inviato: Saturday, February 27, 2010 11:50:06 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Non hai eseguito alla lettera le mie indicazioni.
Avevo scritto che dovevi scaricare Combofix, sul DESKTOP.
Adesso non posso farti uno script.
Devi eliminare Combofix così:
Scarica OTC by OldTimer sul desktop:
http://oldtimer.geekstogo.com/OTC.exe
doppio clic per eseguirlo
Clicca su CleanUp.
Ti chiederà di riavviare il pc.
Clicca sì.
Devi riscaricarlo,(combofix) e questa volta ricorda di scaricarlo sul DESKTOP.
Fai una nuova scansione.
Posta il log.
Torna in alto
 
gig1987
Inviato: Sunday, February 28, 2010 12:22:29 AM
Rank: Newbie

Iscritto dal : 2/27/2010
Posts: 7
ComboFix 10-02-27.04 - Davide 28/02/2010 0.18.25.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.39.1040.18.2047.1611 [GMT 1:00]
Eseguito da: c:\documents and settings\Davide\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100227-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ModemLog_ONDA USB Modem .txt

.
((((((((((((((((((((((((( Files Creati Da 2010-01-27 al 2010-02-27 )))))))))))))))))))))))))))))))))))
.

2010-02-26 23:28 . 2010-02-26 23:28 -------- d-----w- c:\programmi\MSXML 6.0
2010-02-26 23:23 . 2010-02-26 23:23 -------- d-----w- c:\programmi\Trend Micro
2010-02-26 22:48 . 2010-02-25 10:21 77312 ----a-w- C:\mbr.exe
2010-02-26 13:58 . 2010-02-27 20:17 -------- d-----w- c:\programmi\Everest Poker
2010-02-26 12:01 . 2010-02-27 12:37 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-26 11:45 . 2010-02-26 11:45 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\P5
2010-02-26 11:45 . 2010-02-26 11:45 -------- d-----w- c:\programmi\MSXML 4.0
2010-02-25 21:10 . 2009-08-04 17:03 2061440 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-25 21:10 . 2009-08-04 17:03 2184064 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-25 21:10 . 2009-08-04 17:03 2139648 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-25 21:10 . 2009-08-04 17:03 2019328 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-25 21:02 . 2009-12-04 14:41 453760 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-25 20:59 . 2010-02-25 20:59 -------- d-----w- c:\programmi\File comuni\Doctor Web
2010-02-25 20:59 . 2010-02-26 11:43 -------- d-----w- c:\programmi\DrWeb
2010-02-25 20:59 . 2010-02-25 23:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Doctor Web
2010-02-25 20:25 . 2008-06-14 17:59 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-25 20:25 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-25 18:25 . 2010-02-25 23:01 -------- d-----w- c:\documents and settings\Davide\DoctorWeb
2010-02-25 16:51 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-25 16:51 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-25 14:13 . 2010-02-25 23:00 -------- d-----w- c:\programmi\a-squared Free
2010-02-25 14:05 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-25 14:05 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-25 01:33 . 2010-02-25 01:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sports Interactive
2010-02-25 01:33 . 2010-02-25 01:33 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Sports Interactive
2010-02-25 01:22 . 2010-02-25 01:30 -------- d--h--w- c:\programmi\Zero G Registry
2010-02-25 01:22 . 2010-02-25 01:22 -------- d-----w- c:\programmi\Sports Interactive
2010-02-25 01:22 . 2010-02-25 01:22 -------- d--h--w- c:\documents and settings\Davide\InstallAnywhere
2010-02-25 00:44 . 2008-04-14 09:43 39936 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPSON SX100 Series\Language\0410.E_DIX0RE.DLL
2010-02-25 00:32 . 2010-02-25 00:32 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\DAEMON Tools Pro
2010-02-25 00:32 . 2010-02-25 00:32 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\DAEMON Tools
2010-02-25 00:30 . 2010-02-25 00:30 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-02-25 00:26 . 2010-02-25 00:26 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Temp
2010-02-25 00:25 . 2010-02-25 00:25 -------- d-----w- c:\documents and settings\Default User\Impostazioni locali\Dati applicazioni\Adobe
2010-02-25 00:21 . 2010-02-25 00:21 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-02-25 00:10 . 2010-02-26 11:50 -------- d-----w- C:\bwinPoker
2010-02-25 00:09 . 2010-02-25 00:09 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Shareaza
2010-02-25 00:02 . 2010-02-25 00:02 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\vlc
2010-02-24 23:57 . 2010-02-24 23:57 5018 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-02-24 23:57 . 2010-02-24 23:57 8 --sh--r- c:\windows\system32\646C5BC8E1.sys
2010-02-24 23:57 . 2010-02-24 23:58 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Corel
2010-02-24 23:38 . 2010-02-24 23:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\UDL
2010-02-24 23:38 . 2010-02-24 23:38 -------- d-----w- c:\programmi\Epson Software
2010-02-24 23:36 . 2010-02-24 23:37 -------- d-----w- c:\programmi\ABBYY FineReader 6.0 Sprint
2010-02-24 23:34 . 2008-04-14 09:42 53248 ----a-w- c:\documents and settings\All Users\Dati applicazioni\EPSON\EPSON SX100 Series\Language\0410.E_S9E0D7.DLL
2010-02-24 23:33 . 2010-02-25 00:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2010-02-24 23:31 . 2010-02-24 23:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EPSON
2010-02-24 23:31 . 2007-07-12 23:00 71680 ----a-w- c:\windows\system32\escwiad.dll
2010-02-24 23:31 . 2010-02-24 23:37 -------- d-----w- c:\programmi\epson
2010-02-24 23:26 . 2010-02-24 23:26 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\pdfforge
2010-02-24 23:26 . 2010-02-24 23:26 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Search Settings
2010-02-24 23:22 . 2010-02-24 23:22 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\Application Updater
2010-02-24 23:22 . 2010-02-24 23:22 -------- d-----w- c:\programmi\Application Updater
2010-02-24 23:21 . 2010-02-24 23:21 -------- d-----w- c:\programmi\gs
2010-02-24 23:20 . 2010-02-24 23:21 -------- d-----w- c:\programmi\Ghostgum
2010-02-24 23:20 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2010-02-24 23:20 . 2010-02-24 23:22 -------- d-----w- c:\programmi\PDFCreator
2010-02-24 23:20 . 1998-08-05 07:45 122128 ----a-w- c:\windows\system32\VB6IT.DLL
2010-02-24 23:20 . 1998-08-05 07:45 150528 ----a-w- c:\windows\system32\MSCMCIT.DLL
2010-02-24 23:20 . 1998-08-05 07:45 63488 ----a-w- c:\windows\system32\MSCC2IT.DLL
2010-02-24 23:20 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2010-02-24 23:16 . 2010-02-24 23:18 -------- d-----w- c:\programmi\Transform XP to Vista
2010-02-24 23:11 . 2010-02-24 23:11 -------- d-----w- c:\programmi\QuickTime
2010-02-24 23:09 . 2010-02-24 23:09 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\java
2010-02-24 23:09 . 2010-02-24 15:59 49152 --sha-r- c:\documents and settings\Davide\Dati applicazioni\java\autorun.exe
2010-02-24 23:07 . 2010-02-24 23:16 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Apple Computer
2010-02-24 23:07 . 2010-02-24 23:16 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Apple Computer
2010-02-24 23:03 . 2010-02-24 23:03 0 ----a-w- c:\windows\nsreg.dat
2010-02-24 23:03 . 2010-02-24 23:03 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Mozilla
2010-02-24 22:52 . 2010-02-24 22:52 -------- d-sh--w- c:\documents and settings\Davide\IECompatCache
2010-02-24 22:52 . 2010-02-24 22:52 -------- d-sh--w- c:\documents and settings\Davide\PrivacIE
2010-02-24 22:51 . 2010-02-24 22:51 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-24 22:51 . 2010-02-24 22:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Lite
2010-02-24 22:50 . 2010-02-24 22:50 -------- d-----w- c:\programmi\DAEMON Tools Toolbar
2010-02-24 22:50 . 2010-02-25 00:29 -------- d-----w- c:\programmi\DAEMON Tools Lite
2010-02-24 22:49 . 2010-02-24 22:49 -------- d-sh--w- c:\documents and settings\Davide\IETldCache
2010-02-24 22:44 . 2010-02-24 23:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2010-02-24 22:44 . 2008-04-04 13:51 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-24 22:44 . 2010-02-24 22:45 354560 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-02-24 22:44 . 2010-02-24 22:44 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\TuneUp Software
2010-02-24 22:44 . 2010-02-24 22:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TuneUp Software
2010-02-24 22:44 . 2010-02-24 22:45 -------- d-----w- c:\programmi\TuneUp Utilities 2008
2010-02-24 22:43 . 2010-02-24 22:43 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2010-02-24 22:42 . 2010-02-25 12:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2010-02-24 22:41 . 2010-02-25 22:58 -------- d-----w- c:\windows\ie8updates
2010-02-24 22:40 . 2010-02-24 22:41 -------- d-----w- c:\windows\system32\it-IT
2010-02-24 22:40 . 2010-02-24 22:41 -------- dc-h--w- c:\windows\ie8
2010-02-24 22:35 . 2010-02-24 22:35 -------- d-----w- c:\programmi\Lame for Audacity
2010-02-24 22:34 . 2010-02-24 22:35 -------- d-----w- c:\programmi\PokerStars.IT
2010-02-24 22:32 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-24 22:32 . 2009-12-21 19:06 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-24 22:32 . 2009-12-21 19:06 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-24 22:32 . 2009-12-21 19:06 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-24 22:32 . 2009-12-21 19:06 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-24 22:32 . 2009-12-21 19:06 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-24 22:32 . 2009-12-21 19:06 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-24 22:21 . 2010-02-24 23:24 -------- d-----w- c:\programmi\Messenger Plus! Live
2010-02-24 22:20 . 2010-02-27 22:46 -------- d-----w- c:\documents and settings\Davide\Tracing
2010-02-24 22:19 . 2010-02-24 22:49 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-02-24 22:17 . 2010-02-24 22:19 -------- d-----w- c:\programmi\Microsoft
2010-02-24 22:17 . 2010-02-24 22:17 -------- d-----w- c:\programmi\Windows Live SkyDrive
2010-02-24 22:17 . 2010-02-24 22:19 -------- d-----w- c:\programmi\Windows Live
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\programmi\Safari
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\programmi\Bonjour
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Apple
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\programmi\Apple Software Update
2010-02-24 22:06 . 2010-02-24 22:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple
2010-02-24 22:05 . 2010-02-27 22:56 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Shareaza
2010-02-24 22:05 . 2010-02-27 23:02 -------- d-----w- c:\programmi\Shareaza
2010-02-24 22:04 . 2010-02-24 22:04 -------- d-----w- c:\programmi\VideoLAN
2010-02-24 22:02 . 2010-02-24 22:02 -------- d-----w- c:\windows\system32\LogFiles
2010-02-24 22:01 . 2010-02-24 22:02 -------- d-----w- c:\windows\system32\drivers\umdf
2010-02-24 21:41 . 2010-02-24 21:41 -------- d-----w- c:\programmi\File comuni\Windows Live
2010-02-24 21:40 . 2010-02-24 21:40 -------- d-----w- c:\programmi\GIMP-2.0
2010-02-24 21:38 . 2010-02-24 21:38 -------- d-----w- c:\programmi\Audacity
2010-02-24 21:37 . 2010-02-25 00:21 -------- d-----w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\Adobe
2010-02-24 21:37 . 2010-02-24 21:37 -------- d-----w- c:\programmi\File comuni\Adobe
2010-02-24 20:03 . 2010-02-27 22:09 -------- d--h--w- c:\windows\$hf_mig$

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-27 23:15 . 2010-02-24 19:10 -------- d-----w- c:\programmi\MH600HS Wizard
2010-02-27 22:10 . 2001-08-31 11:00 79514 ----a-w- c:\windows\system32\perfc010.dat
2010-02-27 22:10 . 2001-08-31 11:00 479180 ----a-w- c:\windows\system32\perfh010.dat
2010-02-27 11:31 . 2010-02-24 19:52 20128 ----a-w- c:\documents and settings\Davide\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-26 23:30 . 2010-02-26 23:30 -------- d-----w- c:\programmi\MSBuild
2010-02-26 23:30 . 2010-02-26 23:30 -------- d-----w- c:\programmi\Reference Assemblies
2010-02-25 01:21 . 2010-02-24 21:39 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\DAEMON Tools Lite
2010-02-25 00:21 . 2010-02-24 23:34 -------- d-----w- c:\programmi\Google
2010-02-24 23:59 . 2010-02-24 19:49 -------- d-----w- c:\programmi\Corel
2010-02-24 23:59 . 2010-02-24 19:49 -------- d-----w- c:\programmi\File comuni\Corel
2010-02-24 23:38 . 2010-02-24 19:02 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-24 23:34 . 2010-02-24 23:33 1975408 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NOS\Adobe_Downloads\GoogleToolbarInstaller_en32_signed.exe
2010-02-24 23:34 . 2010-02-24 23:33 1955472 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NOS\Adobe_Downloads\install_flash_player_ax.exe
2010-02-24 23:16 . 2010-02-24 23:16 -------- d-----w- c:\programmi\iTunes
2010-02-24 23:16 . 2010-02-24 23:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2010-02-24 23:16 . 2010-02-24 23:16 -------- d-----w- c:\programmi\iPod
2010-02-24 23:16 . 2010-02-24 23:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-02-24 23:15 . 2010-02-24 23:15 -------- d-----w- c:\programmi\File comuni\Apple
2010-02-24 23:14 . 2010-02-24 23:14 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\Ahead
2010-02-24 23:14 . 2010-02-24 23:14 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ahead
2010-02-24 23:14 . 2010-02-24 23:13 -------- d-----w- c:\programmi\File comuni\Ahead
2010-02-24 23:13 . 2010-02-24 23:13 -------- d-----w- c:\programmi\Nero
2010-02-24 23:13 . 2010-02-24 23:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2010-02-24 23:03 . 2010-02-24 18:44 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-24 21:39 . 2010-02-24 21:39 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-24 21:39 . 2010-02-24 21:39 -------- d-----w- c:\programmi\Alwil Software
2010-02-24 19:50 . 2010-02-24 19:50 -------- d-----w- c:\programmi\InterVideo
2010-02-24 19:50 . 2010-02-24 18:51 -------- d-----w- c:\programmi\File comuni\InstallShield
2010-02-24 19:49 . 2010-02-24 19:49 29990 ----a-r- c:\documents and settings\Davide\Dati applicazioni\Microsoft\Installer\{17E14D89-3A9F-4706-9F9B-C2DFC7ABE94B}\ARPPRODUCTICON.exe
2010-02-24 19:49 . 2010-02-24 19:49 10134 ----a-r- c:\documents and settings\Davide\Dati applicazioni\Microsoft\Installer\{12665B01-3F3A-4433-B179-9D8E352D7547}\ARPPRODUCTICON.exe
2010-02-24 19:49 . 2010-02-24 19:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Corel
2010-02-24 19:04 . 2010-02-24 19:04 -------- d-----w- c:\programmi\Realtek
2010-02-24 19:03 . 2010-02-24 19:03 -------- d-----w- c:\documents and settings\Davide\Dati applicazioni\InstallShield
2010-02-24 19:02 . 2010-02-24 19:01 -------- d-----w- c:\programmi\VIA
2010-02-24 18:58 . 2010-02-24 18:58 -------- d-----w- c:\programmi\Intel
2010-02-24 18:56 . 2010-02-24 18:50 -------- d-----w- c:\programmi\EXPERTool
2010-02-24 18:45 . 2010-02-24 18:45 -------- d-----w- c:\programmi\microsoft frontpage
2010-02-24 18:44 . 2010-02-24 18:44 -------- d-----w- c:\programmi\Servizi in linea
2010-02-24 18:43 . 2010-02-24 18:43 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:06 . 2004-08-19 13:39 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:58 . 2010-02-24 18:42 346112 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35 . 2004-08-19 13:39 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 14:41 . 2004-08-03 21:15 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\programmi\EXPERTool\TBPanel.exe" [2008-07-10 2177576]
"DAEMON Tools Lite"="c:\programmi\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-24 39408]
"MSMSGS"="c:\documents and settings\Davide\Dati applicazioni\java\autorun.exe" [2010-02-24 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"HDAudDeck"="c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-14 29831168]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2009-01-05 413696]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
InterVideo WinCinema Manager.lnk - c:\programmi\InterVideo\Common\Bin\WinCinemaMgr.exe [2010-2-24 303104]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Sports Interactive\\Football Manager 2010\\fm.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [25/02/2010 15.05.26 114768]
R2 Application Updater;Application Updater;c:\programmi\Application Updater\ApplicationUpdater.exe [08/01/2010 0.51.02 380928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/02/2010 15.05.26 20560]
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);c:\programmi\File comuni\Doctor Web\Scanning Engine\dwengine.exe [29/09/2009 14.46.42 869688]
R3 ONDAUsbDiag;ONDA USB Diagnostics Port;c:\windows\system32\drivers\ONDAUsbDiag.sys [24/02/2010 20.10.42 92928]
R3 ONDAUsbModem;ONDA USB MODEM DRIVER;c:\windows\system32\drivers\ONDAUsbModem.sys [24/02/2010 20.10.42 92928]
R3 ONDAUsbNmea;ONDA USB NMEA Port;c:\windows\system32\drivers\ONDAusbnmea.sys [24/02/2010 20.10.42 92928]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [24/02/2010 20.01.57 238080]
S0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys --> c:\windows\system32\drivers\pxscan.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/02/2010 22.39.36 717296]
S2 Autorun CDROM Monitor;Autorun CDROM Monitor;c:\windows\system32\SupportAppMH\cdrom_mon.exe [24/02/2010 20.09.56 81920]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [25/02/2010 1.21.23 135664]
S2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys --> c:\windows\system32\drivers\pxrts.sys [?]
S3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys --> c:\windows\system32\drivers\pxkbf.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'

2010-02-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-25 00:21]

2010-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-02-25 00:21]

2010-02-27 c:\windows\Tasks\Verifica e correzione automatica.job
- c:\programmi\TuneUp Utilities 2008\OneClickStarter.exe [2008-03-03 11:05]

2010-02-27 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-25 21:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
FF - ProfilePath - c:\documents and settings\Davide\Dati applicazioni\Mozilla\Firefox\Profiles\lmhu4ae9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - plugin: c:\programmi\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 00:20
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2010-02-28 00:21:23
ComboFix-quarantined-files.txt 2010-02-27 23:21

Pre-Run: 466.185.027.584 byte disponibili
Post-Run: 466.149.629.952 byte disponibili

- - End Of File - - 2081CF66C944ABBFB7E56F3ED4FAE6C8
Torna in alto
 
r16
Inviato: Sunday, February 28, 2010 12:29:49 AM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Elimina gli eventuali file infetti trovati.
Posta il log.
Torna in alto
 
gig1987
Inviato: Sunday, February 28, 2010 12:55:30 AM
Rank: Newbie

Iscritto dal : 2/27/2010
Posts: 7
Malwarebytes' Anti-Malware 1.44
Versione del database: 3805
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

28/02/2010 0.55.57
mbam-log-2010-02-28 (00-55-57).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 162972
Tempo trascorso: 18 minute(s), 12 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
Torna in alto
 
r16
Inviato: Sunday, February 28, 2010 11:03:58 AM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Si sono risolti i problemi?
Posta un log di hijackthis.
http://www.aiutamici.com/software?ID=11175
Torna in alto
 
gig1987
Inviato: Sunday, February 28, 2010 12:00:06 PM
Rank: Newbie

Iscritto dal : 2/27/2010
Posts: 7
no non si sono risolti, l'account continua a comparire.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.59.20, on 28/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\EXPERTool\TBPanel.exe
C:\Programmi\DAEMON Tools Lite\daemon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Davide\Dati applicazioni\java\autorun.exe
C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\system32\SupportAppMH\cdrom_mon.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\File comuni\Doctor Web\Scanning Engine\dwengine.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\MH600HS Wizard\Modem.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programmi\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HDAudDeck] C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GAINWARD] C:\Programmi\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmi\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] C:\Documents and Settings\Davide\Dati applicazioni\java\autorun.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmi\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programmi\Bonjour\ExplorerPlugin.dll
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C57DDB80-5595-4EBE-A9A7-CC482E31EEBD}: NameServer = 62.13.171.5 62.13.171.4
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Programmi\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autorun CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppMH\cdrom_mon.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) - Doctor Web, Ltd. - C:\Programmi\File comuni\Doctor Web\Scanning Engine\dwengine.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9317 bytes
Torna in alto
 
gabnik
Inviato: Sunday, February 28, 2010 1:57:29 PM
Rank: AiutAmico

Iscritto dal : 1/5/2010
Posts: 2,559
r16,

O4 - HKCU\..\Run: [MSMSGS] C:\Documents and Settings\Davide\Dati applicazioni\java\autorun.exe
Torna in alto
 
r16
Inviato: Sunday, February 28, 2010 1:58:30 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su fix checked

O4 - HKCU\..\Run: [MSMSGS] C:\Documents and Settings\Davide\Dati applicazioni\java\autorun.exe

Riavvia il pc.

Fai Start\Esegui\ copia-incolla ancora il comando:
control userpasswords2
Vedi se l'account Remoteuser si è rigenerato.
Torna in alto
 
gig1987
Inviato: Sunday, February 28, 2010 2:52:34 PM
Rank: Newbie

Iscritto dal : 2/27/2010
Posts: 7
finalmente non si rigenera più..!! ti ringrazio per il tempo che mi hai dedicato..!!
Torna in alto
 
r16
Inviato: Sunday, February 28, 2010 2:58:35 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Mezzo ringraziamento và anche a gabnik , che mi ha battuto in velocità nel scrivere l'indicazione.Drool
Ciao!
Torna in alto
 
paolopa
Inviato: Sunday, February 28, 2010 3:35:58 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
devi aggiornare il so all sp3 e sarebbe meglio installare l ultima versione di avast
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Aiuto.. possibile MBR Rootkit


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.