Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Downloader: Win32/Sirefef.B Infection


  • This topic is locked This topic is locked
17 replies to this topic

#1 orion311976

orion311976

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 22 October 2011 - 06:21 AM

Heres my logs DDS and two GMER logs one zipped. The link to my original post ( http://www.bleepingcomputer.com/forums/topic424433.html )
and I have run a few things just to see if they'd clean it but not sure what I was doing so I haven't made any changes. I haven't done anything since these logs so's I dont mess up anything.

First my DDS log and the attached zip file!!!!!
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by orion311976 at 21:20:39 on 2011-10-21
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.655 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Outdated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} -
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
mPolicies-explorer: NoStrCmpLogical = 1 (0x1)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 64.13.32.5 64.13.46.12
TCP: Interfaces\{BEFD105B-29EA-4D27-BF91-9E890B7F7D29} : DhcpNameServer = 64.13.32.5 64.13.46.12
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl37b42852;MpKsl37b42852;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3de1e45b-4ffb-4b85-bd5b-e55a79b90bf0}\MpKsl37b42852.sys [2011-10-21 28752]
R1 MpKsl556cdfc8;MpKsl556cdfc8;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3de1e45b-4ffb-4b85-bd5b-e55a79b90bf0}\MpKsl556cdfc8.sys [2011-10-20 28752]
S1 MpKsl104968b9;MpKsl104968b9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6d096b5c-9d55-4745-b2f0-61335ce438f4}\mpksl104968b9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6d096b5c-9d55-4745-b2f0-61335ce438f4}\MpKsl104968b9.sys [?]
S1 MpKsl19a8b888;MpKsl19a8b888;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{957d3326-e54a-4ac7-aead-d96a576dc0dc}\mpksl19a8b888.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{957d3326-e54a-4ac7-aead-d96a576dc0dc}\MpKsl19a8b888.sys [?]
S1 MpKsl4a8665a0;MpKsl4a8665a0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41f04755-fce7-4476-9153-df33c890e30c}\mpksl4a8665a0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41f04755-fce7-4476-9153-df33c890e30c}\MpKsl4a8665a0.sys [?]
S1 MpKsl6ac4316a;MpKsl6ac4316a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0700a600-fafe-4082-8cf7-b95ce6a0eec8}\mpksl6ac4316a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0700a600-fafe-4082-8cf7-b95ce6a0eec8}\MpKsl6ac4316a.sys [?]
S1 MpKsl8e3eaa02;MpKsl8e3eaa02;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{938e2a11-868c-4db6-b25e-2213eac7cfe2}\mpksl8e3eaa02.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{938e2a11-868c-4db6-b25e-2213eac7cfe2}\MpKsl8e3eaa02.sys [?]
S2 MBAMService;MBAMService;"c:\program files\malwarebytes' anti-malware\mbamservice.exe" --> c:\program files\malwarebytes' anti-malware\mbamservice.exe [?]
S3 BlackBox;BlackBox SR2; [x]
S3 icsak;icsak;\??\c:\program files\checkpoint\zaforcefield\ak\icsak.sys --> c:\program files\checkpoint\zaforcefield\ak\icsak.sys [?]
S3 LinksysFVNETusbl(AR)®;Linksys FVNETusbl(AR)® Service for Instant Wireless USB Network Adapter ver.2.6;c:\windows\system32\drivers\vnetusbl.sys [2004-3-9 108032]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 TrufosAlt;TrufosAlt;c:\windows\system32\drivers\TrufosAlt.sys [2011-10-6 339600]
S3 vdrive;vdrive;c:\windows\system32\drivers\vdrive.sys --> c:\windows\system32\drivers\vdrive.sys [?]
S3 XBAudio;XBox Audio Module;c:\windows\system32\drivers\xbaudio.sys --> c:\windows\system32\drivers\xbaudio.sys [?]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-10-22 04:06:36 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3de1e45b-4ffb-4b85-bd5b-e55a79b90bf0}\MpKsl37b42852.sys
2011-10-22 04:06:23 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3de1e45b-4ffb-4b85-bd5b-e55a79b90bf0}\offreg.dll
2011-10-21 03:17:18 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3de1e45b-4ffb-4b85-bd5b-e55a79b90bf0}\MpKsl556cdfc8.sys
2011-10-21 03:14:49 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3de1e45b-4ffb-4b85-bd5b-e55a79b90bf0}\mpengine.dll
2011-10-19 00:20:02 -------- d-sh--w- c:\documents and settings\orion311976\PrivacIE
2011-10-18 15:37:41 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Downloaded Installations
2011-10-18 15:33:06 -------- d-----w- c:\documents and settings\orion311976\application data\Malwarebytes
2011-10-17 08:17:07 -------- d-sha-r- C:\cmdcons
2011-10-17 08:14:10 98816 ----a-w- c:\windows\sed.exe
2011-10-17 08:14:10 518144 ----a-w- c:\windows\SWREG.exe
2011-10-17 08:14:10 256000 ----a-w- c:\windows\PEV.exe
2011-10-17 08:14:10 208896 ----a-w- c:\windows\MBR.exe
2011-10-09 14:21:21 89136 ----a-w- c:\program files\common files\microsoft shared\vs7debug\MDM.EXE
2011-10-09 14:05:44 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-10-09 11:38:55 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-10-06 12:14:31 339600 ----a-w- c:\windows\system32\drivers\TrufosAlt.sys
2011-10-06 04:27:50 -------- d-----w- c:\documents and settings\all users\application data\RFA_Backups
2011-10-06 03:23:49 266360 ----a-w- c:\windows\system32\TweakUI.exe
2011-10-05 22:57:36 -------- d-----w- c:\program files\mpg123dsf
2011-10-05 09:13:49 -------- d-----w- c:\program files\Escape The Emerald Star
2011-10-04 23:00:43 -------- d-----w- C:\???
2011-10-04 17:13:59 -------- d-----w- c:\documents and settings\all users\application data\Electronics 2000
2011-10-04 17:13:33 -------- d-----w- c:\program files\Electronics 2000
2011-09-29 05:24:40 -------- d-----w- c:\program files\GRETECH
2011-09-28 06:45:39 -------- d-----w- c:\program files\UPHClean
2011-09-25 09:35:04 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-09-23 20:27:20 -------- d-----w- c:\documents and settings\all users\application data\5Spice Analysis
2011-09-23 18:24:25 -------- d-----w- c:\program files\Microsoft Security Client
2011-09-23 03:52:58 94208 ----a-w- c:\windows\system32\drivers\ezplay.sys
2011-09-22 17:13:32 -------- d-----w- c:\program files\Xvid
2011-09-22 15:00:04 -------- d-----w- c:\program files\Orbitdownloader
.
==================== Find3M ====================
.
2011-10-09 13:18:28 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2011-09-29 05:23:56 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 09:28:36 81920 -c--a-w- c:\windows\ALCFDRTM.VER
2011-09-02 09:28:36 81920 ----a-w- c:\windows\ALCFDRTM.EXE
2011-09-01 00:09:42 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-09-01 00:09:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ------w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-06 04:15:26 156672 -c--a-w- c:\windows\system32\rmc_fixasf.exe
2011-08-06 04:15:25 237568 -c--a-w- c:\windows\system32\rmc_rtspdl.dll
.
============= FINISH: 21:20:53.53 ===============


The GMER log is having trouble saving, when I try my computer freezes up and I have to hard reboot.




Attached Files



BC AdBot (Login to Remove)

 


#2 orion311976

orion311976
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 23 October 2011 - 11:31 PM

Its been a couple of days, just check'n if I'm still in line for help.....

#3 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:37 PM

Posted 26 October 2011 - 01:30 PM

Hello and welcome to Bleeping Computer.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:


Step # 1 Download and run DDS

Download DDS and save it to your desktop from here or here or here
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop. Post them back to your topic.


Step # 2: Download and Run Gmer

Please download gmer.zip from Gmer and save it to your desktop.

***Please close any open programs ***

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security Analyst


If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.

If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure that the 'Sections' button is ticked and the 'Show All' button is unticked.
  • Click the Scan button and let the program do its work. GMER will produce a log.
  • Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.

DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

Please post the results from the GMER scan in your reply.


In your next post/reply, I need to see the following:

1. The two DDS Logs (DDS and Attach.txt)
2. The GMER Log

Use multiple posts if you can't fit everything into one post.

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#4 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:37 PM

Posted 29 October 2011 - 11:47 AM

orion311976? Do you still need help?

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#5 orion311976

orion311976
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 30 October 2011 - 04:52 AM

K. Hello... Yes, I still need it checked out. I think I've gotten rid of it but, theres a mess leftover. Heres my DDS Logs:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by orion311976 at 1:02:52 on 2011-10-30
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.228 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Outdated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch3.exe
C:\WINDOWS\system32\MpSigStub.exe
.
============== Pseudo HJT Report ===============
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} -
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
mPolicies-explorer: NoStrCmpLogical = 1 (0x1)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 64.13.32.5 64.13.46.12
TCP: Interfaces\{BEFD105B-29EA-4D27-BF91-9E890B7F7D29} : DhcpNameServer = 64.13.32.5 64.13.46.12
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\orion311976\application data\mozilla\firefox\profiles\xvzrdf3p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/login.php
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl4a44d9f0;MpKsl4a44d9f0;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8d95e4c4-fc1d-4965-bc1a-3baf269fdc9f}\MpKsl4a44d9f0.sys [2011-10-30 28752]
S1 MpKsl104968b9;MpKsl104968b9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6d096b5c-9d55-4745-b2f0-61335ce438f4}\mpksl104968b9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6d096b5c-9d55-4745-b2f0-61335ce438f4}\MpKsl104968b9.sys [?]
S1 MpKsl19a8b888;MpKsl19a8b888;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{957d3326-e54a-4ac7-aead-d96a576dc0dc}\mpksl19a8b888.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{957d3326-e54a-4ac7-aead-d96a576dc0dc}\MpKsl19a8b888.sys [?]
S1 MpKsl4a8665a0;MpKsl4a8665a0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41f04755-fce7-4476-9153-df33c890e30c}\mpksl4a8665a0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41f04755-fce7-4476-9153-df33c890e30c}\MpKsl4a8665a0.sys [?]
S1 MpKsl6ac4316a;MpKsl6ac4316a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0700a600-fafe-4082-8cf7-b95ce6a0eec8}\mpksl6ac4316a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0700a600-fafe-4082-8cf7-b95ce6a0eec8}\MpKsl6ac4316a.sys [?]
S1 MpKsl8e3eaa02;MpKsl8e3eaa02;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{938e2a11-868c-4db6-b25e-2213eac7cfe2}\mpksl8e3eaa02.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{938e2a11-868c-4db6-b25e-2213eac7cfe2}\MpKsl8e3eaa02.sys [?]
S2 MBAMService;MBAMService;"c:\program files\malwarebytes' anti-malware\mbamservice.exe" --> c:\program files\malwarebytes' anti-malware\mbamservice.exe [?]
S3 BlackBox;BlackBox SR2; [x]
S3 icsak;icsak;\??\c:\program files\checkpoint\zaforcefield\ak\icsak.sys --> c:\program files\checkpoint\zaforcefield\ak\icsak.sys [?]
S3 LinksysFVNETusbl(AR)®;Linksys FVNETusbl(AR)® Service for Instant Wireless USB Network Adapter ver.2.6;c:\windows\system32\drivers\vnetusbl.sys [2004-3-9 108032]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 SirefefRemover;SirefefRemover;\??\c:\docume~1\orion3~1\locals~1\temp\4ef412cf.tmp --> c:\docume~1\orion3~1\locals~1\temp\4ef412cf.tmp [?]
S3 TrufosAlt;TrufosAlt;c:\windows\system32\drivers\TrufosAlt.sys [2011-10-6 339600]
S3 vdrive;vdrive;c:\windows\system32\drivers\vdrive.sys --> c:\windows\system32\drivers\vdrive.sys [?]
S3 XBAudio;XBox Audio Module;c:\windows\system32\drivers\xbaudio.sys --> c:\windows\system32\drivers\xbaudio.sys [?]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-10-30 08:04:42 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{63e4cdfd-9ee9-4631-8c5c-9d36e8587b6a}\MpKsldd02acf6.sys
2011-10-30 08:02:44 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{63e4cdfd-9ee9-4631-8c5c-9d36e8587b6a}\offreg.dll
2011-10-30 08:01:49 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{63e4cdfd-9ee9-4631-8c5c-9d36e8587b6a}\mpengine.dll
2011-10-29 04:24:19 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Paint.NET
2011-10-29 04:08:45 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Adobe
2011-10-29 01:49:56 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Mozilla
2011-10-24 10:15:08 -------- d-----w- c:\documents and settings\orion311976\application data\SpinTop Games
2011-10-19 00:20:02 -------- d-sh--w- c:\documents and settings\orion311976\PrivacIE
2011-10-18 15:37:41 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Downloaded Installations
2011-10-18 15:33:06 -------- d-----w- c:\documents and settings\orion311976\application data\Malwarebytes
2011-10-17 08:17:07 -------- d-sha-r- C:\cmdcons
2011-10-17 08:14:10 98816 ----a-w- c:\windows\sed.exe
2011-10-17 08:14:10 518144 ----a-w- c:\windows\SWREG.exe
2011-10-17 08:14:10 256000 ----a-w- c:\windows\PEV.exe
2011-10-17 08:14:10 208896 ----a-w- c:\windows\MBR.exe
2011-10-09 14:21:21 89136 ----a-w- c:\program files\common files\microsoft shared\vs7debug\MDM.EXE
2011-10-09 14:05:44 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-10-09 11:38:55 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-10-06 12:14:31 339600 ----a-w- c:\windows\system32\drivers\TrufosAlt.sys
2011-10-06 04:27:50 -------- d-----w- c:\documents and settings\all users\application data\RFA_Backups
2011-10-06 03:23:49 266360 ----a-w- c:\windows\system32\TweakUI.exe
2011-10-05 22:57:36 -------- d-----w- c:\program files\mpg123dsf
2011-10-05 09:13:49 -------- d-----w- c:\program files\Escape The Emerald Star
2011-10-04 23:00:43 -------- d-----w- C:\???
2011-10-04 17:13:59 -------- d-----w- c:\documents and settings\all users\application data\Electronics 2000
2011-10-04 17:13:33 -------- d-----w- c:\program files\Electronics 2000
.
==================== Find3M ====================
.
2011-10-09 13:18:28 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2011-09-29 05:23:56 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-23 03:52:58 94208 ----a-w- c:\windows\system32\drivers\ezplay.sys
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 09:28:36 81920 -c--a-w- c:\windows\ALCFDRTM.VER
2011-09-02 09:28:36 81920 ----a-w- c:\windows\ALCFDRTM.EXE
2011-09-01 00:09:42 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-09-01 00:09:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ------w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-06 04:15:26 156672 -c--a-w- c:\windows\system32\rmc_fixasf.exe
2011-08-06 04:15:25 237568 -c--a-w- c:\windows\system32\rmc_rtspdl.dll
.
============= FINISH: 1:07:35.26 ===============


AND the attach.txt log....

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 1/11/2010 9:31:54 PM
System Uptime: 10/30/2011 12:47:16 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | Goldfish3
Processor: Intel® Pentium® 4 CPU 3.00GHz | CPU 1 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 127 GiB total, 57.628 GiB free.
D: is FIXED (FAT32) - 60 GiB total, 53.996 GiB free.
E: is CDROM ()
F: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is CDROM (CDFS)
N: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP473: 8/29/2011 5:18:32 AM - Software Distribution Service 3.0
RP474: 8/29/2011 5:18:32 AM - Software Distribution Service 3.0
RP475: 8/29/2011 5:18:32 AM - Software Distribution Service 3.0
RP476: 8/29/2011 5:18:31 AM - Software Distribution Service 3.0
RP477: 8/29/2011 5:18:31 AM - Software Distribution Service 3.0
RP478: 8/29/2011 5:18:30 AM - Software Distribution Service 3.0
RP479: 8/29/2011 5:18:30 AM - Software Distribution Service 3.0
RP480: 8/29/2011 5:18:30 AM - Software Distribution Service 3.0
RP481: 8/29/2011 5:18:29 AM - Software Distribution Service 3.0
RP482: 8/29/2011 5:18:29 AM - IObit Uninstaller RestorePoint
RP483: 8/29/2011 5:18:28 AM - Software Distribution Service 3.0
RP484: 8/29/2011 5:18:28 AM - Software Distribution Service 3.0
RP485: 8/29/2011 5:18:28 AM - Installed Stick
RP486: 8/29/2011 5:18:28 AM - IObit Uninstaller RestorePoint
RP487: 8/29/2011 5:18:27 AM - Software Distribution Service 3.0
RP488: 8/29/2011 5:18:27 AM - Software Distribution Service 3.0
RP489: 8/29/2011 5:18:27 AM - Software Distribution Service 3.0
RP490: 8/29/2011 5:18:26 AM - Software Distribution Service 3.0
RP491: 8/29/2011 5:18:26 AM - Software Distribution Service 3.0
RP492: 8/29/2011 5:18:26 AM - Software Distribution Service 3.0
RP493: 8/29/2011 5:18:25 AM - Software Distribution Service 3.0
RP494: 8/29/2011 5:18:25 AM - Software Distribution Service 3.0
RP495: 8/29/2011 5:18:24 AM - Software Distribution Service 3.0
RP496: 8/29/2011 5:18:24 AM - Software Distribution Service 3.0
RP497: 8/29/2011 5:18:24 AM - Software Distribution Service 3.0
RP498: 8/29/2011 5:18:23 AM - IObit Uninstaller RestorePoint
RP499: 8/29/2011 5:18:22 AM - IObit Uninstaller RestorePoint
RP500: 8/29/2011 5:18:22 AM - Software Distribution Service 3.0
RP501: 8/29/2011 5:18:22 AM - Software Distribution Service 3.0
RP502: 8/29/2011 5:18:21 AM - IObit Uninstaller RestorePoint
RP503: 8/29/2011 5:18:21 AM - IObit Uninstaller RestorePoint
RP504: 8/29/2011 5:18:20 AM - Removed HP Product Detection.
RP505: 8/29/2011 5:18:20 AM - Software Distribution Service 3.0
RP506: 8/29/2011 5:18:20 AM - Removed Apple Application Support
RP507: 8/29/2011 5:18:19 AM - Removed Apple Software Update
RP508: 8/29/2011 5:18:19 AM - Software Distribution Service 3.0
RP509: 8/29/2011 5:18:19 AM - Software Distribution Service 3.0
RP510: 8/29/2011 5:18:19 AM - Software Distribution Service 3.0
RP511: 8/29/2011 5:18:18 AM - Software Distribution Service 3.0
RP512: 8/29/2011 5:18:18 AM - IObit Uninstaller RestorePoint
RP513: 8/29/2011 5:18:17 AM - Installed Windows XP -- Software Updates KB952011.
RP514: 8/29/2011 5:18:17 AM - Software Distribution Service 3.0
RP515: 8/29/2011 5:18:16 AM - Software Distribution Service 3.0
RP516: 8/29/2011 5:18:15 AM - Software Distribution Service 3.0
RP517: 8/29/2011 5:18:15 AM - Software Distribution Service 3.0
RP518: 8/29/2011 5:18:15 AM - Software Distribution Service 3.0
RP519: 8/29/2011 5:18:14 AM - Installed SpyHunter
RP520: 8/29/2011 5:18:14 AM - Software Distribution Service 3.0
RP521: 8/29/2011 5:18:14 AM - IObit Uninstaller RestorePoint
RP522: 8/29/2011 5:18:13 AM - Removed SpyHunter
RP523: 8/29/2011 5:18:13 AM - Installed HP Product Detection.
RP524: 8/29/2011 5:18:12 AM - Software Distribution Service 3.0
RP525: 8/29/2011 5:18:12 AM - Software Distribution Service 3.0
RP526: 8/29/2011 5:18:12 AM - Software Distribution Service 3.0
RP527: 8/29/2011 5:18:11 AM - Software Distribution Service 3.0
RP528: 8/29/2011 5:18:11 AM - Software Distribution Service 3.0
RP529: 8/29/2011 5:18:11 AM - Software Distribution Service 3.0
RP530: 8/29/2011 5:18:10 AM - Software Distribution Service 3.0
RP531: 8/29/2011 5:18:10 AM - Software Distribution Service 3.0
RP532: 8/29/2011 5:18:10 AM - Removed Nuance PDF Reader.
RP533: 8/29/2011 5:18:09 AM - Software Distribution Service 3.0
RP534: 8/29/2011 5:18:09 AM - Installed Windows Internet Explorer 8.
RP535: 8/29/2011 5:18:09 AM - Software Distribution Service 3.0
RP536: 8/29/2011 5:18:08 AM - Software Distribution Service 3.0
RP537: 8/29/2011 5:18:08 AM - IObit Uninstaller RestorePoint
RP538: 8/29/2011 5:18:07 AM - Removed Nuance PDF Reader.
RP539: 8/29/2011 5:18:07 AM - Restore Operation
RP540: 8/29/2011 5:18:07 AM - Software Distribution Service 3.0
RP541: 8/29/2011 5:18:07 AM - Software Distribution Service 3.0
RP542: 8/29/2011 5:18:06 AM - Software Distribution Service 3.0
RP543: 8/29/2011 5:18:06 AM - Software Distribution Service 3.0
RP544: 8/29/2011 5:18:06 AM - Installed ESET Smart Security
RP545: 8/29/2011 5:18:05 AM - IObit Uninstaller RestorePoint
RP546: 8/29/2011 5:18:05 AM - Installed Audials
RP547: 8/29/2011 5:18:05 AM - Removed Audials
RP548: 8/29/2011 5:18:05 AM - Removed Audials TV
RP549: 8/30/2011 6:07:15 PM - Installed Windows Media Player Firefox Plugin
RP550: 8/30/2011 6:07:14 PM - Installed QuickTime
RP551: 8/30/2011 6:07:14 PM - IObit Uninstaller RestorePoint
RP552: 8/30/2011 6:07:13 PM - IObit Uninstaller RestorePoint
RP553: 8/30/2011 6:07:13 PM - Removed ESET Smart Security
RP554: 9/2/2011 2:40:31 PM - IObit Uninstaller RestorePoint
RP555: 8/30/2011 9:59:39 AM - Installed ESET NOD32 Antivirus
RP556: 9/2/2011 2:40:31 PM - Installed ESET NOD32 Antivirus
RP557: 9/2/2011 2:40:31 PM - Removed Apple Application Support
RP558: 9/2/2011 2:40:32 PM - Removed Apple Software Update
RP559: 9/2/2011 2:40:32 PM - Removed QuickTime
RP560: 9/2/2011 2:40:32 PM - Installed Realtek High Definition Audio Driver
RP561: 9/2/2011 2:40:32 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP562: 9/2/2011 2:40:33 PM - Installed QuickTime
RP563: 9/2/2011 2:40:33 PM - Software Distribution Service 3.0
RP564: 9/2/2011 2:40:33 PM - IObit Uninstaller RestorePoint
RP565: 9/5/2011 2:09:52 AM - System Checkpoint
RP566: 9/6/2011 5:08:41 AM - System Checkpoint
RP567: 9/7/2011 5:28:40 AM - System Checkpoint
RP568: 9/7/2011 6:41:07 AM - Software Distribution Service 3.0
RP569: 9/10/2011 7:32:49 PM - System Checkpoint
RP570: 9/12/2011 10:00:46 AM - System Checkpoint
RP571: 9/16/2011 10:36:06 PM - Software Distribution Service 3.0
RP572: 9/17/2011 1:47:54 AM - Installed MP3 Player Utilities 4.10
RP573: 9/17/2011 12:17:53 PM - Removed MP3 Player Utilities 4.10
RP574: 9/17/2011 12:25:04 PM - Removed ESET NOD32 Antivirus
RP575: 9/17/2011 9:26:22 PM - Installed iTunes
RP576: 9/17/2011 10:58:11 PM - IObit Uninstaller restore point
RP577: 9/17/2011 11:57:59 PM - Installed iTunes
RP578: 9/18/2011 6:07:07 AM - IObit Uninstaller restore point
RP579: 9/18/2011 6:10:08 AM - Removed Apple Application Support
RP580: 9/18/2011 6:14:44 AM - Removed Apple Mobile Device Support
RP581: 9/18/2011 6:22:04 AM - Removed Apple Software Update
RP582: 9/18/2011 6:23:05 AM - Removed Bonjour
RP583: 9/18/2011 6:24:26 AM - Removed LightScribe Applications.
RP584: 9/18/2011 6:26:52 AM - Removed LightScribe System Software.
RP585: 9/18/2011 6:33:37 AM - Removed LightScribe Template Labeler.
RP586: 9/18/2011 7:57:49 AM - Software Distribution Service 3.0
RP587: 9/18/2011 10:57:25 AM - IObit Uninstaller restore point
RP588: 9/18/2011 11:05:26 AM - Removed QuickTime
RP589: 9/22/2011 12:51:09 AM - Software Distribution Service 3.0
RP590: 9/22/2011 3:34:41 PM - Software Distribution Service 3.0
RP591: 9/22/2011 6:41:12 PM - Software Distribution Service 3.0
RP592: 9/22/2011 7:01:20 PM - IObit Uninstaller restore point
RP593: 9/22/2011 8:48:13 PM - Installed Adobe Reader 9.4.0.
RP594: 9/22/2011 9:47:51 PM - IObit Uninstaller restore point
RP595: 9/22/2011 9:59:51 PM - IObit Uninstaller restore point
RP596: 9/23/2011 9:43:53 AM - IObit Uninstaller restore point
RP597: 9/23/2011 9:57:53 AM - IObit Uninstaller restore point
RP598: 9/23/2011 10:45:44 AM - Installed Microsoft Security Client EN-US Language Pack
RP599: 9/23/2011 11:31:29 AM - Software Distribution Service 3.0
RP600: 9/23/2011 1:49:25 PM - IObit Uninstaller restore point
RP601: 9/25/2011 2:31:24 AM - Software Distribution Service 3.0
RP602: 9/25/2011 4:19:46 PM - Software Distribution Service 3.0
RP603: 9/26/2011 9:02:03 PM - System Checkpoint
RP604: 9/27/2011 1:50:25 PM - Software Distribution Service 3.0
RP605: 9/27/2011 11:02:44 PM - Software Distribution Service 3.0
RP606: 9/27/2011 11:45:09 PM - Installed User Profile Hive Cleanup Service
RP607: 9/28/2011 10:41:07 PM - Removed Toolbox
RP608: 9/28/2011 10:42:25 PM - Removed Unload
RP609: 9/29/2011 2:18:09 PM - Software Distribution Service 3.0
RP610: 9/29/2011 5:55:30 PM - IObit Uninstaller restore point
RP611: 9/30/2011 5:26:20 PM - Software Distribution Service 3.0
RP612: 10/4/2011 10:09:20 AM - Software Distribution Service 3.0
RP613: 10/4/2011 11:14:24 AM - IObit Uninstaller restore point
RP614: 10/4/2011 4:06:15 PM - Restore Operation
RP615: 10/4/2011 5:31:12 PM - Software Distribution Service 3.0
RP616: 10/5/2011 3:23:02 AM - IObit Uninstaller restore point
RP617: 10/5/2011 4:13:51 PM - Software Distribution Service 3.0
RP618: 10/5/2011 4:45:49 PM - Removed Stick
RP619: 10/5/2011 4:46:43 PM - Removed Unload
RP620: 10/5/2011 9:28:47 PM - Registry First Aid backup
RP621: 10/6/2011 2:43:44 AM - Restore Operation
RP622: 10/9/2011 8:02:19 AM - System Checkpoint
RP623: 10/18/2011 8:48:42 AM - Software Distribution Service 3.0
RP624: 10/20/2011 8:14:46 PM - Software Distribution Service 3.0
RP625: 10/28/2011 6:53:50 PM - Software Distribution Service 3.0
RP626: 10/28/2011 10:08:08 PM - Paint.NET v3.5.10
RP627: 10/30/2011 1:01:34 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 2 (SP2)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6
Adobe Shockwave Player 11.5
Agere Systems PCI Soft Modem
AiO_Scan_CDA
AiOSoftwareNPI
Ares 2.1.7
BufferChm
C3100
c3100_Help
CCleaner
ConvertXtoDVD 4.1.10.348
CP_AtenaShokunin1Config
cp_dwSharkTaleAlbums1
cp_dwSharkTaleCards1
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CP_PLSBusinessFlyers
CreativeProjects
CreativeProjectsTemplates
CueTour
CustomerResearchQFolder
Defraggler
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
DVDFab 8.0.7.3 (29/01/2011)
Electronics Assistant V4.2
Escape The Emerald StarJust For Fun Games
eSupportQFolder
Fax_CDA
ffdshow [rev 2844] [2009-03-30]
GOM Player
Help and Support Additions
HP Image Zone 4.8.6
HP Image Zone Plus 4.8.6
HP Imaging Device Functions 7.0
HP Photosmart Essential 3.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Product Detection
HP Software Update
HP Solution Center 7.0
HP Update
HPIZplus450
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
ImgBurn
InstantShare
InstantShareDevicesMFC
Intel® Graphics Media Accelerator Driver
Java Auto Updater
Java™ 6 Update 26
JDownloader
LSI PCI Soft Modem
Media Player Codec Pack 3.9.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server Native Client
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XML Parser
Microsoft_VC90_CRT_x86
Mozilla Firefox 7.0.1 (x86 en-US)
mpg123 and MAD DirectShow Filter (remove only)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
NewCopy_CDA
OCR Software by I.R.I.S 7.0
Orbit Downloader
Paint.NET v3.5.10
PanoStandAlone
PC-Doctor for Windows
PhotoGallery
ProductContextNPI
QFolder
Readme
Realtek High Definition Audio Driver
Replay Media Catcher 4 (4.3.0)
Scan
ScannerCopy
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2592799)
SkinsHP1
SolutionCenter
Status
TrayApp
Tweak UI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
User Profile Hive Cleanup Service
VC 9.0 Runtime
WebFldrs XP
WebReg
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinRAR 4.00 beta 6 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
10/30/2011 12:48:32 AM, error: Service Control Manager [7024] - The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).
10/30/2011 12:28:46 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.822.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/29/2011 8:56:43 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.822.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/29/2011 7:16:35 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.822.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/24/2011 7:55:56 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
10/24/2011 4:43:28 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
10/24/2011 4:41:09 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
10/24/2011 4:41:03 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.201.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/24/2011 4:30:33 AM, error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
10/24/2011 4:30:33 AM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/24/2011 4:30:33 AM, error: Service Control Manager [7001] - The Alerter service depends on the Workstation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/24/2011 4:30:33 AM, error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
10/24/2011 3:22:40 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.201.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/24/2011 2:50:54 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.201.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/24/2011 2:26:50 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.201.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/24/2011 2:17:02 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Net.Tcp Port Sharing Service service to connect.
10/24/2011 2:17:02 AM, error: Service Control Manager [7000] - The Net.Tcp Port Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================



GMER log will be on next post....

#6 orion311976

orion311976
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 31 October 2011 - 06:02 PM

Not sure if this was what ya was want'n but its all I got out of three days of scanning and 2 BSOD....


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-30 22:20:22
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17 ST3200822AS rev.3.02
Running: gmer.exe; Driver: C:\DOCUME~1\ORION3~1\LOCALS~1\Temp\kxldypow.sys


---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb 65536 bytes

---- EOF - GMER 1.0.15 ----

#7 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:37 PM

Posted 01 November 2011 - 01:47 AM

Please delete ComboFix.exe from your computer, you'll be downloading and running the latest version of ComboFix.


Step # 1: Download and Run ComboFix

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

*Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

When finished, it shall produce a log for you. Please post C:\ComboFix.txt in your next reply.

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#8 orion311976

orion311976
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 05 November 2011 - 05:59 PM

ComboFix 11-11-05.03 - orion311976 11/05/2011 15:37:42.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.542 [GMT -7:00]
Running from: c:\documents and settings\orion311976\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\HP_Owner\Desktop\Internet Explorer.lnk
c:\documents and settings\orion311976\Application Datafile1.exe
c:\windows\system32\
.
.
((((((((((((((((((((((((( Files Created from 2011-10-05 to 2011-11-05 )))))))))))))))))))))))))))))))
.
.
2011-11-05 09:58 . 2011-11-05 09:58 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B477B2BB-ACA9-4B5A-ABFA-BCFB0DF5F740}\MpKsl8e561b79.sys
2011-11-05 09:57 . 2011-11-05 09:57 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B477B2BB-ACA9-4B5A-ABFA-BCFB0DF5F740}\offreg.dll
2011-11-04 22:46 . 2011-10-07 03:48 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B477B2BB-ACA9-4B5A-ABFA-BCFB0DF5F740}\mpengine.dll
2011-10-31 07:50 . 2008-04-13 23:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2011-10-31 07:50 . 2008-04-13 23:12 53760 ----a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2011-10-31 07:50 . 2008-04-13 23:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2011-10-31 07:50 . 2008-04-13 23:12 43008 ----a-w- c:\windows\system32\ksxbar.ax
2011-10-31 07:50 . 2008-04-13 23:12 61952 ----a-w- c:\windows\system32\kstvtune.ax
2011-10-31 07:48 . 2011-10-31 07:48 -------- d-----w- c:\program files\MARS
2011-10-31 07:48 . 2001-12-21 01:20 205824 ----a-w- c:\windows\system32\VIC32.DLL
2011-10-31 07:48 . 2001-05-30 07:00 352256 ----a-w- c:\windows\system32\ijl15.dll
2011-10-31 07:48 . 2003-05-22 01:10 28672 ----a-w- c:\windows\system32\mr310exd.dll
2011-10-31 07:48 . 2003-05-21 23:07 36864 ----a-w- c:\windows\system32\mr310exv.dll
2011-10-31 07:48 . 2002-07-10 17:42 61440 ----a-w- c:\windows\system32\mr310ifc.dll
2011-10-31 07:48 . 2002-07-02 22:54 129438 ----a-w- c:\windows\system32\drivers\MR97310c.sys
2011-10-31 07:48 . 2002-05-07 19:36 147456 ----a-w- c:\windows\system32\mr310ipc.dll
2011-10-30 07:49 . 2011-10-30 07:49 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-22 14:18 . 2011-10-24 09:30 -------- d-----w- c:\documents and settings\Admin
2011-10-18 15:30 . 2011-11-05 22:46 -------- d-----w- c:\documents and settings\orion311976
2011-10-09 14:21 . 2010-04-11 16:06 89136 ----a-w- c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
2011-10-09 14:05 . 2008-04-13 19:21 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-09 13:18 . 2004-08-04 11:00 62976 -c--a-w- c:\windows\system32\drivers\cdrom.sys
2011-10-07 03:48 . 2011-09-25 09:35 6668624 -c--a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-06 12:14 . 2011-10-06 12:14 339600 -c--a-w- c:\windows\system32\drivers\TrufosAlt.sys
2011-09-29 05:23 . 2011-05-14 16:47 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 18:41 . 2009-10-08 22:57 611328 -c--a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2004-08-04 11:00 220160 -c--a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2004-08-04 11:00 20480 -c--a-w- c:\windows\system32\oleaccrc.dll
2011-09-23 04:48 . 2011-09-23 03:52 94208 -c--a-w- c:\documents and settings\HP_Owner\Application Data\ezplay.sys
2011-09-23 04:48 . 2009-05-16 22:21 87608 -c--a-w- c:\documents and settings\HP_Owner\Application Data\inst.exe
2011-09-23 03:52 . 2011-09-23 03:52 94208 -c--a-w- c:\windows\system32\drivers\ezplay.sys
2011-09-09 09:12 . 2004-08-04 11:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-04 11:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 09:28 . 2011-09-02 09:28 81920 -c--a-w- c:\windows\ALCFDRTM.EXE
2011-09-02 09:28 . 2005-08-04 04:10 81920 -c--a-w- c:\windows\ALCFDRTM.VER
2011-09-01 00:09 . 2003-03-19 11:14 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2011-09-01 00:09 . 2003-02-21 19:42 348160 -c--a-w- c:\windows\system32\msvcr71.dll
2011-08-22 23:48 . 2004-08-04 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-04 11:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-04 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-04 11:00 385024 ------w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-04 11:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-13 02:37 . 2009-05-16 22:21 47360 -c--a-w- c:\documents and settings\HP_Owner\Application Data\pcouffin.sys
2011-09-29 06:53 . 2011-10-05 10:36 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-17_08.26.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-08 00:05 . 2011-10-08 00:05 56656 c:\windows\WinSxS\amd64_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_7fe65c7f\vcomp90.dll
+ 2011-06-06 10:29 . 2008-04-14 00:12 23552 c:\windows\system32\wdmaud.drv
- 2004-08-04 18:00 . 2008-04-14 00:12 23552 c:\windows\system32\wdmaud.drv
+ 2011-09-07 13:43 . 2011-08-12 20:51 17272 c:\windows\system32\spmsg.dll
- 2011-09-07 13:43 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 46592 c:\windows\system32\pngfilt.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 46592 c:\windows\system32\pngfilt.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 48128 c:\windows\system32\mshtmler.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 45568 c:\windows\system32\mshta.exe
+ 2011-08-08 09:10 . 2009-03-08 12:31 45568 c:\windows\system32\mshta.exe
+ 2007-08-14 01:54 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-14 01:54 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 94720 c:\windows\system32\inseng.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 94720 c:\windows\system32\inseng.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 34816 c:\windows\system32\imgutil.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 34816 c:\windows\system32\imgutil.dll
+ 2011-09-28 05:28 . 2004-11-02 16:03 36864 c:\windows\system32\igfxexps.dll
+ 2011-09-28 05:28 . 2004-11-02 15:58 86016 c:\windows\system32\igfxdo.dll
- 2002-01-11 18:37 . 2005-11-03 22:22 86016 c:\windows\system32\igfxdo.dll
+ 2011-09-28 05:28 . 2004-11-02 16:02 45056 c:\windows\system32\igfxdgps.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 71680 c:\windows\system32\iesetup.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 71680 c:\windows\system32\iesetup.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 55808 c:\windows\system32\iernonce.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 55808 c:\windows\system32\iernonce.dll
+ 2011-09-28 05:28 . 2004-11-02 16:19 37951 c:\windows\system32\ialmrnt5.dll
+ 2011-09-28 05:28 . 2004-11-02 16:19 49152 c:\windows\system32\ialmrem.dll
- 2002-01-11 18:37 . 2005-11-03 22:42 49152 c:\windows\system32\ialmrem.dll
+ 2011-10-31 07:52 . 2008-04-13 17:46 19200 c:\windows\system32\drivers\WSTCODEC.SYS
+ 2011-10-31 07:52 . 2008-04-13 17:46 15232 c:\windows\system32\drivers\StreamIP.sys
+ 2011-06-06 10:29 . 2008-04-13 17:45 49408 c:\windows\system32\drivers\stream.sys
- 2004-08-04 18:00 . 2008-04-13 17:45 49408 c:\windows\system32\drivers\stream.sys
+ 2011-08-24 10:14 . 2009-11-06 19:00 23152 c:\windows\system32\drivers\sshrmd.sys
+ 2011-08-24 10:14 . 2009-11-06 19:00 29808 c:\windows\system32\drivers\ssfs0bbc.sys
+ 2011-10-31 07:52 . 2008-04-13 17:46 11136 c:\windows\system32\drivers\SLIP.sys
+ 2011-08-13 02:38 . 2010-04-11 11:36 47360 c:\windows\system32\drivers\pcouffin.sys
- 2009-05-16 22:21 . 2011-08-13 02:37 47360 c:\windows\system32\drivers\pcouffin.sys
+ 2011-10-31 07:52 . 2008-04-13 17:46 10880 c:\windows\system32\drivers\NdisIP.sys
+ 2011-10-31 07:52 . 2008-04-13 17:46 85248 c:\windows\system32\drivers\NABTSFEC.sys
+ 2011-08-18 10:53 . 2007-03-08 04:20 21568 c:\windows\system32\drivers\HPZius12.sys
- 2010-01-12 06:56 . 2009-08-27 05:40 21568 c:\windows\system32\drivers\HPZius12.sys
- 2010-01-12 06:57 . 2009-08-27 05:41 16496 c:\windows\system32\drivers\HPZipr12.sys
+ 2011-08-18 10:53 . 2007-03-08 04:20 16496 c:\windows\system32\drivers\HPZipr12.sys
+ 2011-08-18 10:54 . 2007-03-08 04:20 49920 c:\windows\system32\drivers\HPZid412.sys
- 2010-01-12 06:57 . 2009-08-27 05:41 49920 c:\windows\system32\drivers\HPZid412.sys
- 2004-09-15 05:38 . 2009-05-18 20:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2011-09-18 04:29 . 2009-05-18 22:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2011-05-06 10:18 . 2009-09-17 14:57 23120 c:\windows\system32\drivers\fortknoxfw_ndisim.sys
+ 2011-09-17 19:25 . 2010-12-21 20:47 94872 c:\windows\system32\drivers\epfwtdir.sys
+ 2011-08-30 15:33 . 2010-08-03 19:28 55256 c:\windows\system32\drivers\epfwtdi.sys
+ 2011-08-24 10:27 . 2010-12-21 20:47 33120 c:\windows\system32\drivers\epfwndis.sys
+ 2011-06-06 10:29 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
- 2002-01-11 18:36 . 2008-04-13 17:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2011-10-31 07:52 . 2008-04-13 17:46 17024 c:\windows\system32\drivers\CCDECODE.sys
+ 2011-05-09 19:12 . 2011-01-19 11:32 32464 c:\windows\system32\drivers\avgrkx86.sys
+ 2011-05-09 19:12 . 2011-03-01 21:25 34896 c:\windows\system32\drivers\avgmfx86.sys
+ 2011-05-09 19:12 . 2011-02-10 14:53 27216 c:\windows\system32\drivers\AVGIDSShim.sys
+ 2011-05-09 19:12 . 2011-02-10 14:53 24144 c:\windows\system32\drivers\AVGIDSFilter.sys
+ 2011-05-09 19:12 . 2011-02-22 15:13 22992 c:\windows\system32\drivers\AVGIDSEH.sys
+ 2010-01-12 07:13 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
- 2010-01-12 07:13 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-10-31 07:52 . 2008-04-13 17:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2004-08-04 11:00 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\uniplat.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 74240 c:\windows\system32\dllcache\unimdmat.dll
+ 2011-10-31 07:52 . 2008-04-13 17:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2011-06-06 10:29 . 2008-04-13 17:45 49408 c:\windows\system32\dllcache\stream.sys
- 2004-08-04 18:00 . 2008-04-13 17:45 49408 c:\windows\system32\dllcache\stream.sys
- 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2004-08-04 11:00 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2011-10-31 07:52 . 2008-04-13 17:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2004-08-04 11:00 . 2008-04-14 00:12 58368 c:\windows\system32\dllcache\rastapi.dll
+ 2010-01-12 05:57 . 2008-04-14 00:12 61952 c:\windows\system32\dllcache\rasqec.dll
- 2010-01-12 06:54 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-04 11:00 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 34304 c:\windows\system32\dllcache\pstorsvc.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 96768 c:\windows\system32\dllcache\psbase.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 46592 c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-04 11:00 . 2009-10-08 22:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2004-08-04 11:00 . 2011-09-26 18:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2011-10-31 07:52 . 2008-04-13 17:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2011-10-31 07:52 . 2008-04-13 17:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2011-08-08 09:10 . 2009-03-08 12:31 48128 c:\windows\system32\dllcache\mshtmler.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 45568 c:\windows\system32\dllcache\mshta.exe
- 2004-08-04 11:00 . 2009-03-08 11:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2010-01-12 07:13 . 2011-08-22 23:48 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-01-12 07:13 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 94720 c:\windows\system32\dllcache\inseng.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 34816 c:\windows\system32\dllcache\imgutil.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 55808 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-04 11:00 . 2008-04-14 00:11 11264 c:\windows\system32\dllcache\icaapi.dll
+ 2004-08-04 18:00 . 2008-04-14 00:11 20992 c:\windows\system32\dllcache\hid.dll
+ 2011-08-08 09:10 . 2009-03-08 12:33 18944 c:\windows\system32\dllcache\corpol.dll
- 2004-08-04 11:00 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-04 11:00 . 2011-10-09 13:18 62976 c:\windows\system32\dllcache\cdrom.sys
- 2004-08-04 11:00 . 2008-04-13 18:40 62976 c:\windows\system32\dllcache\cdrom.sys
+ 2011-10-31 07:52 . 2008-04-13 17:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2004-08-04 11:00 . 2008-04-14 00:11 77824 c:\windows\system32\dllcache\browser.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 72704 c:\windows\system32\dllcache\admparse.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-04 11:00 . 2008-04-14 00:11 98304 c:\windows\system32\dllcache\actxprxy.dll
- 2004-08-04 11:00 . 2009-03-08 11:33 18944 c:\windows\system32\corpol.dll
+ 2011-08-08 09:10 . 2009-03-08 12:33 18944 c:\windows\system32\corpol.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 72704 c:\windows\system32\admparse.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 72704 c:\windows\system32\admparse.dll
+ 2011-06-06 10:30 . 2005-04-07 02:57 90112 c:\windows\SOUNDMAN.EXE
- 2011-05-17 16:27 . 2011-05-17 16:27 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-07-09 16:30 . 2011-07-09 16:30 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-07-08 21:00 . 2011-07-08 21:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-07-07 19:03 . 2011-07-07 19:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-07-07 20:09 . 2011-07-07 20:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-07-07 20:09 . 2011-07-07 20:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2011-08-13 22:06 . 2011-08-13 22:06 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-10-18 15:59 . 2011-10-18 15:59 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-10-18 15:59 . 2011-10-18 15:59 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-10-18 15:59 . 2011-10-18 15:59 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-10-18 15:59 . 2011-10-18 15:59 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2011-08-13 22:06 . 2011-08-13 22:06 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2011-08-13 22:06 . 2011-08-13 22:06 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2011-10-18 15:59 . 2011-10-18 15:59 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2011-10-18 15:59 . 2011-10-18 15:59 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-31 06:54 . 2011-10-31 06:54 28160 c:\windows\Installer\3ac2b44.msi
- 2011-03-24 04:11 . 2011-09-17 05:54 35088 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 35088 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 18704 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\mspicons.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 18704 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\mspicons.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 20240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 20240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-06-04 06:16 . 2011-10-18 16:34 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-04 06:16 . 2011-06-16 00:08 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-10-29 05:10 . 2011-10-29 05:10 77610 c:\windows\Installer\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}\_853F67D554F05449430E7E.exe
+ 2011-10-18 16:13 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll
+ 2011-10-18 15:53 . 2011-10-18 15:53 10240 c:\windows\assembly\NativeImages1_v1.1.4322\VJSWfcBrowserStubLib\1.0.5000.0__b03f5f7f11d50a3a_cdc924b4\VJSWfcBrowserStubLib.dll
+ 2011-10-18 15:55 . 2011-10-18 15:55 16896 c:\windows\assembly\NativeImages1_v1.1.4322\VJSWfcBrowserStubLib\1.0.5000.0__b03f5f7f11d50a3a_85bf7d11\VJSWfcBrowserStubLib.dll
+ 2011-10-18 15:53 . 2011-10-18 15:53 32768 c:\windows\assembly\NativeImages1_v1.1.4322\vjslibcw\1.0.5000.0__b03f5f7f11d50a3a_dd9330e7\vjslibcw.dll
+ 2011-10-18 15:53 . 2011-10-18 15:53 69632 c:\windows\assembly\NativeImages1_v1.1.4322\VJSharpCodeProvider\7.0.5000.0__b03f5f7f11d50a3a_780c35bc\VJSharpCodeProvider.dll
+ 2011-10-18 15:55 . 2011-10-18 15:55 18432 c:\windows\assembly\NativeImages1_v1.1.4322\vjscor\1.0.5000.0__b03f5f7f11d50a3a_b43e18ad\vjscor.dll
+ 2011-10-18 15:53 . 2011-10-18 15:53 20480 c:\windows\assembly\NativeImages1_v1.1.4322\vjscor\1.0.5000.0__b03f5f7f11d50a3a_41977d32\vjscor.dll
+ 2011-10-18 15:51 . 2011-10-18 15:51 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4d6d42cb\System.Drawing.Design.dll
+ 2011-10-18 15:51 . 2011-10-18 15:51 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_10563809\CustomMarshalers.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\1c177e9aa7a1661ddec16c2f9f30947c\UIAutomationProvider.ni.dll
+ 2011-10-18 16:48 . 2011-10-18 16:48 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\e4f0e0d45a1739bad6cc96377c9dd7f2\System.Windows.Presentation.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\385b56be2d617548e4b731dd050a1f32\System.Web.ApplicationServices.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e08ecf530f270cd45c72318b67826cb1\System.ServiceModel.Channels.ni.dll
+ 2011-10-18 16:26 . 2011-10-18 16:26 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\117b65133fc00228bc249d1c61c387ea\System.AddIn.Contract.ni.dll
+ 2011-10-18 16:23 . 2011-10-18 16:23 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\432eb09604ab71ee1aa4622bfbc4afee\Microsoft.VisualC.ni.dll
+ 2011-10-18 16:22 . 2011-10-18 16:22 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\06ac8d640d2dfa7d4bb23c03584304ef\Accessibility.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 24064 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\c1b36cb63a89758f52948c5fdfda3d59\WiaProxy32.ni.exe
+ 2011-10-18 16:39 . 2011-10-18 16:39 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\bddb5ad6169153a099378ddae874e15d\WiaProxy32.ni.exe
+ 2011-10-18 16:36 . 2011-10-18 16:36 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll
+ 2011-10-18 16:44 . 2011-10-18 16:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
+ 2011-10-18 16:33 . 2011-10-18 16:33 81920 c:\windows\assembly\NativeImages_v2.0.50727_32\RegAsm\5ad293e57617685feb0424418bfb3c44\RegAsm.ni.exe
+ 2011-10-18 16:34 . 2011-10-18 16:34 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\66873b557d5c7013e4c630361473b0c2\PresentationFontCache.ni.exe
+ 2011-10-18 16:33 . 2011-10-18 16:33 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5b30652a7b802199984f93b5e414260f\PresentationCFFRasterizer.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\a615508098c5f4f5a34e89d22527c9de\Microsoft.WSMan.Runtime.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a140509b1342934fc5e58ae22ac9696c\Microsoft.VisualC.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 91648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Backgroun#\17fc30ccabf04ef1cf60a571067bc6dc\Microsoft.BackgroundIntelligentTransfer.Management.ni.dll
+ 2011-10-18 16:33 . 2011-10-18 16:33 75264 c:\windows\assembly\NativeImages_v2.0.50727_32\jsc\de2645182bba6f7723caa1c80e0123ef\jsc.ni.exe
+ 2011-10-18 16:38 . 2011-10-18 16:38 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\b4f63a52bdf34cffb08838afd3b153ba\Interop.WIA.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
+ 2011-10-18 16:38 . 2011-10-18 16:38 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-18 15:50 . 2011-10-18 15:50 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-11-21 17:03 . 2010-11-21 17:03 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-06-06 10:30 . 2005-04-12 09:10 65536 c:\windows\ALCMTR.EXE
+ 2011-06-06 10:30 . 2004-04-05 18:49 64512 c:\windows\agrsmdel.exe
+ 2011-10-18 16:29 . 2011-10-18 16:29 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2002-01-11 18:36 . 2008-04-13 23:11 4096 c:\windows\system32\ksuser.dll
+ 2011-06-06 10:29 . 2008-04-13 23:11 4096 c:\windows\system32\ksuser.dll
+ 2011-10-31 07:52 . 2008-04-13 17:39 5504 c:\windows\system32\drivers\MSTEE.sys
+ 2004-08-04 11:00 . 2008-04-14 00:12 8192 c:\windows\system32\dllcache\ntlsapi.dll
+ 2011-10-31 07:52 . 2008-04-13 17:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2004-08-04 11:00 . 2008-04-14 00:11 6656 c:\windows\system32\dllcache\msidle.dll
+ 2011-06-06 10:29 . 2008-04-13 23:11 4096 c:\windows\system32\dllcache\ksuser.dll
- 2002-01-11 18:36 . 2008-04-13 23:11 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2011-10-18 16:48 . 2011-10-18 16:48 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
+ 2011-10-18 16:22 . 2011-10-18 16:22 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\5cc246adea1b07b9c2a76bbe86fbfe2e\dfsvc.ni.exe
+ 2011-10-18 16:29 . 2011-10-18 16:29 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-08-12 02:59 . 2011-08-12 02:59 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-10-08 00:05 . 2011-10-08 00:05 641360 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_63af3423\msvcr90.dll
+ 2011-10-08 00:05 . 2011-10-08 00:05 853328 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_63af3423\msvcp90.dll
+ 2011-10-08 00:05 . 2011-10-08 00:05 245760 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_63af3423\msvcm90.dll
+ 2011-10-08 00:05 . 2011-10-08 00:05 176456 c:\windows\WinSxS\amd64_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_c44f2197\atl90.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 105984 c:\windows\system32\url.dll
+ 2011-06-06 10:29 . 2004-10-08 02:44 156672 c:\windows\system32\RTLCPAPI.dll
+ 2011-06-06 10:30 . 2005-09-16 22:14 157184 c:\windows\system32\RTCOM\RTLCPAPI.dll
- 2005-09-16 22:14 . 2005-09-16 21:14 157184 c:\windows\system32\RTCOM\RTLCPAPI.dll
+ 2011-06-06 10:30 . 2005-04-07 22:37 196608 c:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2004-10-15 10:43 . 2011-10-18 16:31 559838 c:\windows\system32\perfh009.dat
+ 2004-10-15 10:43 . 2011-10-18 16:31 104438 c:\windows\system32\perfc009.dat
+ 2004-08-04 11:00 . 2011-08-22 23:48 206848 c:\windows\system32\occache.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 611840 c:\windows\system32\mstime.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
- 2004-08-04 11:00 . 2009-03-08 11:34 193536 c:\windows\system32\msrating.dll
+ 2011-08-08 09:10 . 2009-03-08 12:34 193536 c:\windows\system32\msrating.dll
- 2004-08-04 11:00 . 2009-03-08 11:22 156160 c:\windows\system32\msls31.dll
+ 2011-08-08 09:10 . 2009-03-08 12:22 156160 c:\windows\system32\msls31.dll
+ 2004-08-04 18:00 . 2008-04-13 23:12 294912 c:\windows\system32\msh263.drv
- 2004-08-04 18:00 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
- 2007-08-14 01:54 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
+ 2007-08-14 01:54 . 2011-08-22 23:48 602112 c:\windows\system32\msfeeds.dll
- 2002-01-11 18:37 . 2005-11-03 22:26 114688 c:\windows\system32\igfxzoom.exe
+ 2011-09-28 05:28 . 2004-11-02 16:04 114688 c:\windows\system32\igfxzoom.exe
+ 2011-09-28 05:28 . 2004-11-02 16:03 155648 c:\windows\system32\igfxtray.exe
+ 2011-09-28 05:28 . 2004-11-02 15:59 348160 c:\windows\system32\igfxsrvc.dll
+ 2011-09-28 05:28 . 2004-11-02 15:58 163840 c:\windows\system32\igfxres.dll
+ 2011-09-28 05:28 . 2004-11-02 16:03 225280 c:\windows\system32\igfxpph.dll
+ 2011-09-28 05:28 . 2004-11-02 15:59 131072 c:\windows\system32\igfxhk.dll
+ 2011-09-28 05:28 . 2004-11-02 16:03 106496 c:\windows\system32\igfxext.exe
+ 2011-09-28 05:28 . 2004-11-02 16:02 225280 c:\windows\system32\igfxeud.dll
+ 2011-09-28 05:28 . 2004-11-02 16:02 151552 c:\windows\system32\igfxdiag.exe
+ 2011-09-28 05:28 . 2004-11-02 15:58 139264 c:\windows\system32\igfxdev.dll
+ 2011-09-28 05:28 . 2004-11-02 16:01 503808 c:\windows\system32\igfxcfg.exe
+ 2004-08-04 11:00 . 2011-08-22 23:48 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 163840 c:\windows\system32\ieakui.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 163840 c:\windows\system32\ieakui.dll
- 2004-08-04 11:00 . 2009-03-08 11:33 229376 c:\windows\system32\ieaksie.dll
+ 2011-08-08 09:10 . 2009-03-08 12:33 229376 c:\windows\system32\ieaksie.dll
- 2004-08-04 11:00 . 2009-03-08 11:33 125952 c:\windows\system32\ieakeng.dll
+ 2011-08-08 09:10 . 2009-03-08 12:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 11:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
+ 2011-09-28 05:28 . 2004-11-02 16:19 100924 c:\windows\system32\ialmdnt5.dll
+ 2011-09-28 05:28 . 2004-11-02 16:19 164475 c:\windows\system32\ialmdev5.dll
+ 2011-09-28 05:28 . 2004-11-02 16:26 819259 c:\windows\system32\ialmdd5.dll
+ 2011-08-18 10:53 . 2007-03-08 04:20 282624 c:\windows\system32\HPZc3212.dll
+ 2011-09-28 05:28 . 2004-11-02 15:59 126976 c:\windows\system32\hkcmd.exe
+ 2011-09-28 05:28 . 2004-11-02 15:58 118784 c:\windows\system32\hccutils.dll
+ 2011-09-18 04:29 . 2008-04-17 21:12 107368 c:\windows\system32\GEARAspi.dll
- 2004-09-15 05:38 . 2008-04-17 19:12 107368 c:\windows\system32\GEARAspi.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 216064 c:\windows\system32\dxtrans.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 216064 c:\windows\system32\dxtrans.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 348160 c:\windows\system32\dxtmsft.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 348160 c:\windows\system32\dxtmsft.dll
+ 2011-08-24 10:14 . 2009-11-06 19:00 176752 c:\windows\system32\drivers\ssidrv.sys
- 2004-03-16 09:41 . 2008-04-13 18:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2011-06-06 10:29 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2011-06-06 10:29 . 2008-04-13 18:16 141056 c:\windows\system32\drivers\ks.sys
- 2004-08-04 18:00 . 2008-04-13 18:16 141056 c:\windows\system32\drivers\ks.sys
+ 2011-09-28 05:28 . 2004-11-02 16:27 773565 c:\windows\system32\drivers\ialmnt5.sys
+ 2011-08-30 15:33 . 2010-12-21 20:47 134000 c:\windows\system32\drivers\epfw.sys
+ 2011-08-30 15:33 . 2010-12-21 22:04 115008 c:\windows\system32\drivers\ehdrv.sys
+ 2011-08-30 15:33 . 2010-12-21 22:04 141264 c:\windows\system32\drivers\eamon.sys
+ 2011-05-09 19:12 . 2011-02-10 14:54 296400 c:\windows\system32\drivers\avgtdix.sys
+ 2011-05-09 19:12 . 2011-01-07 13:41 248656 c:\windows\system32\drivers\avgldx86.sys
+ 2011-05-09 19:12 . 2011-03-31 00:17 134480 c:\windows\system32\drivers\AVGIDSDriver.sys
- 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2004-08-04 11:00 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2011-04-25 14:47 . 2011-06-23 18:36 916480 c:\windows\system32\dllcache\wininet.dll
+ 2011-04-25 14:47 . 2011-08-22 23:48 916480 c:\windows\system32\dllcache\wininet.dll
+ 2011-06-21 18:18 . 2011-08-22 23:48 105984 c:\windows\system32\dllcache\url.dll
- 2011-06-21 18:18 . 2011-06-23 18:36 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\termsrv.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 249856 c:\windows\system32\dllcache\tapisrv.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 192512 c:\windows\system32\dllcache\schedsvc.dll
- 2010-01-12 06:54 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-04 11:00 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 210944 c:\windows\system32\dllcache\rasppp.dll
+ 2004-08-04 11:00 . 2011-09-26 18:41 220160 c:\windows\system32\dllcache\oleacc.dll
- 2004-08-04 11:00 . 2009-10-08 22:57 220160 c:\windows\system32\dllcache\oleacc.dll
- 2007-08-14 01:44 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-14 01:44 . 2011-08-22 23:48 206848 c:\windows\system32\dllcache\occache.dll
- 2010-01-12 06:54 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-04 11:00 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-04 11:00 . 2008-04-14 00:12 116224 c:\windows\system32\dllcache\mstlsapi.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 611840 c:\windows\system32\dllcache\mstime.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
+ 2011-08-08 09:10 . 2009-03-08 12:34 193536 c:\windows\system32\dllcache\msrating.dll
- 2004-08-04 11:00 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2011-08-08 09:10 . 2009-03-08 12:22 156160 c:\windows\system32\dllcache\msls31.dll
- 2004-08-04 11:00 . 2009-03-08 11:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2010-01-12 07:13 . 2011-08-22 23:48 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-01-12 07:13 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-04 11:00 . 2008-04-14 00:11 153600 c:\windows\system32\dllcache\modemui.dll
- 2004-08-04 18:00 . 2008-04-13 18:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2011-06-06 10:29 . 2008-04-13 18:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2004-08-04 11:00 . 2008-04-14 00:11 183808 c:\windows\system32\dllcache\ipsecsvc.dll
+ 2010-01-12 07:13 . 2011-08-22 23:48 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-01-12 07:13 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-08-30 09:55 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-08-30 09:55 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2011-08-08 09:10 . 2009-03-08 12:32 163840 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-04 11:00 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-04 11:00 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2011-08-08 09:10 . 2009-03-08 12:33 229376 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-04 11:00 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2011-08-08 09:10 . 2009-03-08 12:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-04 11:00 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-08-08 09:10 . 2009-03-08 12:31 216064 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 216064 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-04 11:00 . 2009-03-08 11:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2011-08-08 09:10 . 2009-03-08 12:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
- 2004-08-04 11:00 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-08-04 11:00 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
- 2005-09-22 00:29 . 2005-09-21 23:29 356352 c:\windows\RtlUpd.exe
+ 2011-06-06 10:30 . 2005-09-22 00:29 356352 c:\windows\RtlUpd.exe
- 2011-05-17 16:27 . 2011-05-17 16:27 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-07-09 16:30 . 2011-07-09 16:30 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2011-05-17 16:27 . 2011-05-17 16:27 956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-07-09 16:30 . 2011-07-09 16:30 956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-09-23 09:25 . 2010-09-23 09:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 19:01 . 2011-07-07 19:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 20:09 . 2011-07-07 20:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-10-18 15:59 . 2011-10-18 15:59 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-10-29 05:10 . 2011-10-29 05:10 498688 c:\windows\Installer\be3ae8.msi
+ 2011-03-24 04:11 . 2011-10-18 16:16 888080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 888080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 272648 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 272648 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 922384 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pptico.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 922384 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 845584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\outicon.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 845584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 217864 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\misc.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 217864 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\misc.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 184080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 184080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\joticon.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 159504 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 159504 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-10-18 16:13 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll
+ 2011-10-18 16:13 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
+ 2011-10-18 16:13 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
+ 2011-10-18 16:13 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll
+ 2011-10-18 16:13 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe
+ 2011-10-18 15:54 . 2011-10-18 15:54 155648 c:\windows\assembly\NativeImages1_v1.1.4322\VJSharpCodeProvider\7.0.5000.0__b03f5f7f11d50a3a_42caee4c\VJSharpCodeProvider.dll
+ 2011-10-18 15:52 . 2011-10-18 15:52 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d94fde7d\System.Drawing.dll
+ 2011-10-18 15:54 . 2011-10-18 15:54 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_efbda978\System.Drawing.Design.dll
+ 2011-10-18 15:54 . 2011-10-18 15:54 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_07810daf\CustomMarshalers.dll
+ 2011-10-18 16:48 . 2011-10-18 16:48 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\962b04386ebf18f5871d5ceefa83ba4b\WindowsFormsIntegration.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5b96ee4992d9559ba5483c769bc5c889\UIAutomationTypes.ni.dll
+ 2011-10-18 16:48 . 2011-10-18 16:48 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\1c29539a07226b411e0a1a47aed57183\UIAutomationClient.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\bd729791a7504ef9ecb4ad6ebfd94935\System.Xml.Linq.ni.dll
+ 2011-10-18 16:25 . 2011-10-18 16:25 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\dcad72e49476386b76a81d2df187c32c\System.Windows.Input.Manipulations.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\caf1d94cb89859c72d6c8cd8774068d3\System.Transactions.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\aab1c287bc73a03c51b55fb3f102c27e\System.ServiceProcess.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\bd104bb2f798661c5a972249582b5441\System.ServiceModel.Routing.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\aecd169d75edbcbe626d2a222a02e9f3\System.Security.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\44d18693baaee5ee0e6f6fd4910e8f81\System.Runtime.Remoting.ni.dll
+ 2011-10-18 16:05 . 2011-10-18 16:05 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\97126244f88693adb36f94116d8d0dda\System.Numerics.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\56fe9070b1d56613fd5cf7c73ec3b26f\System.Net.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\420c9d9b271bc26d1b6f437f1f4913a9\System.Messaging.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\b71ea67c5bfa5b660efc12eb1c6ea4af\System.Management.Instrumentation.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\267d7dbdbe126590fba4a11c1ab12926\System.IO.Log.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\4ca1f130cbacf72beedf13da42b93e75\System.IdentityModel.Selectors.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\fd4f85af43b2c177c8d085a8ba3f4993\System.EnterpriseServices.Wrapper.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\fd4f85af43b2c177c8d085a8ba3f4993\System.EnterpriseServices.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\b806ef4a19c8157e7858e0a15f9cf48d\System.Dynamic.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\4178d8536c67896ab77af36a48ee7ec4\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\324617c0a492d6acc64325c836553f2c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\ca25f888c067fa170d8bba824efa2ca8\System.Device.ni.dll
+ 2011-10-18 16:26 . 2011-10-18 16:26 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\282487a15f595c199b6cc640ea8995e8\System.Data.DataSetExtensions.ni.dll
+ 2011-10-18 16:06 . 2011-10-18 16:06 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\4844dd28e0611d1ebd1e449fe822c2a5\System.Configuration.ni.dll
+ 2011-10-18 16:26 . 2011-10-18 16:26 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\06f71e66b9913a24c22f85a0caef3ae4\System.Configuration.Install.ni.dll
+ 2011-10-18 16:26 . 2011-10-18 16:26 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\fa608e0882b98981cb6fd6e0754bdff8\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\a91d48ec926171da7de01cf2a10b1dfc\System.ComponentModel.Composition.ni.dll
+ 2011-10-18 16:26 . 2011-10-18 16:26 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\f407937d4694c46537c470007a1df957\System.AddIn.ni.dll
+ 2011-10-18 16:25 . 2011-10-18 16:25 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\80347a66af30b5c14c0114baee4c64f8\System.Activities.DurableInstancing.ni.dll
+ 2011-10-18 16:22 . 2011-10-18 16:22 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\fcbb4a33ebdc8562603bc7f725a088ce\SMSvcHost.ni.exe
+ 2011-10-18 16:24 . 2011-10-18 16:24 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\398a52caf1e9fd1a6ea9dd589b0f6e68\SMDiagnostics.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d2d4bdbd9e2196e04dcdd68994a1f952\PresentationFramework.Royale.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9211f2faac02f0082b201a95731736c4\PresentationFramework.Aero.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\6e48fb2ce01b4758a68f61651d6461d8\PresentationFramework.Luna.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\351819dc653a07a310cf1387b3266936\PresentationFramework.Classic.ni.dll
+ 2011-10-18 16:23 . 2011-10-18 16:23 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\99cd15931eb2db4711057dce2af7d93a\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-10-18 16:23 . 2011-10-18 16:23 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\f4ab32c177d931f26072a14c27efc3b5\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-18 16:22 . 2011-10-18 16:22 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\48ad8351ab66166c853d410d3282a408\CustomMarshalers.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-10-18 16:36 . 2011-10-18 16:36 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a2c1bb3c5b1447b398e72c56091ca571\WindowsFormsIntegration.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ba55240b7753047f8d1b03ef473bf74e\UIAutomationClient.ni.dll
+ 2011-10-18 16:44 . 2011-10-18 16:44 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\8acd508fd65801747e89bb5ab7e981e4\System.Messaging.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll
+ 2011-10-18 16:39 . 2011-10-18 16:39 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
+ 2011-10-18 16:39 . 2011-10-18 16:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
+ 2011-10-18 16:40 . 2011-10-18 16:40 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
+ 2011-10-18 16:35 . 2011-10-18 16:35 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94cfc00ad448575bfb0e67c53b514cd5\PresentationFramework.Aero.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\478d57d96f3d8d5fc15c7ac635a4a6a1\PresentationFramework.Classic.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 900096 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\9814574970e60dec9a994458c3972ed8\PaintDotNet.SystemLayer.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\417c8e308498be0acd28c1ab473e1678\PaintDotNet.SystemLayer.Native.x86.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 902144 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\31d244dca66028c636429b5cef257b71\PaintDotNet.SystemLayer.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\0aa43d83b6920e23a432f634905ca948\PaintDotNet.SystemLayer.Native.x86.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 389632 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\71cdc351cc1db0117caf09b742598594\PaintDotNet.Resources.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 388608 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\10d295c82b527347ec6f991fee837849\PaintDotNet.Resources.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 813568 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\c693fdbecf1cd67d6cdf63cd4fbe01ae\PaintDotNet.Effects.ni.dll
+ 2011-10-18 16:39 . 2011-10-18 16:39 813056 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\00286c024dbaf81f1f2e8c90c101a1ee\PaintDotNet.Effects.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 582144 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\89bdbf9ba5f3519339d2b0d49c204e45\PaintDotNet.Data.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 568832 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\0928ee257bffcee252a9ff31184e7eed\PaintDotNet.Data.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 862720 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\e3d2180e970f959938ac7e7d999c3ac7\PaintDotNet.Base.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\08fd9731bf38ce0838d361b8a2e6497e\PaintDotNet.Base.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
+ 2011-10-18 16:41 . 2011-10-18 16:41 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\a976a4b51c81150402b0abee38f41ab1\Microsoft.WSMan.Management.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4a7b6bc850621fa2d38fb08f910ef7\Microsoft.PowerShell.Security.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b3d3d76cfc8350587616860fb0f64ccc\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6f6b54b6cebab6867dafeb6db1b98ab1\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\592e4b99037ec91cd4201d1ee28895b7\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3a03ec48148fa16aa65fd9ba5df49cb8\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 547840 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\401c4fcc00228d884082edbb3bbf92fd\ICSharpCode.SharpZipLib.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
+ 2011-10-18 16:38 . 2011-10-18 16:38 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-12 03:01 . 2011-08-12 03:01 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-12 03:01 . 2011-08-12 03:01 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2004-08-04 11:00 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
- 2004-08-04 11:00 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 11:00 . 2011-10-03 08:35 5971456 c:\windows\system32\mshtml.dll
+ 2011-09-28 05:28 . 2004-11-02 15:58 1245184 c:\windows\system32\igfxress.dll
+ 2007-08-14 01:34 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2011-06-06 10:29 . 2005-04-16 02:05 2564032 c:\windows\system32\drivers\RtkHDAud.sys
+ 2011-06-06 10:30 . 2004-06-29 17:07 1268204 c:\windows\system32\drivers\AGRSM.sys
- 2004-08-04 11:00 . 2011-06-02 14:02 1858944 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 11:00 . 2011-09-06 13:20 1858944 c:\windows\system32\dllcache\win32k.sys
- 2011-04-25 14:47 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2011-04-25 14:47 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 11:00 . 2011-10-03 08:35 5971456 c:\windows\system32\dllcache\mshtml.dll
+ 2010-01-12 07:13 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-06-06 10:30 . 2005-04-07 02:55 9692160 c:\windows\RTLCPL.EXE
+ 2011-07-09 16:30 . 2011-07-09 16:30 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-05-17 16:27 . 2011-05-17 16:27 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-07-09 16:30 . 2011-07-09 16:30 1142616 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
- 2011-05-17 16:27 . 2011-05-17 16:27 1142616 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-07-09 16:30 . 2011-07-09 16:30 6724424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 19:02 . 2011-07-07 19:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 19:02 . 2011-07-07 19:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-10-18 15:57 . 2011-10-18 15:57 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-10-18 15:56 . 2011-10-18 15:56 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-08-13 22:04 . 2011-08-13 22:04 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-18 15:58 . 2011-10-18 15:58 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-08-13 22:05 . 2011-08-13 22:05 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-06-06 10:30 . 2005-09-07 18:40 2142208 c:\windows\MicCal.exe
- 2005-09-07 18:40 . 2005-09-07 17:40 2142208 c:\windows\MicCal.exe
+ 2011-09-21 23:18 . 2011-09-21 23:18 4985856 c:\windows\Installer\12b894.msp
+ 2011-03-24 04:11 . 2011-10-18 16:16 1172240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 1172240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-03-24 04:11 . 2011-09-17 05:54 1165584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-03-24 04:11 . 2011-10-18 16:16 1165584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-10-18 16:13 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-10-18 16:13 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-10-18 16:13 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2011-10-18 15:53 . 2011-10-18 15:53 4468736 c:\windows\assembly\NativeImages1_v1.1.4322\vjslib\1.0.5000.0__b03f5f7f11d50a3a_4b156999\vjslib.dll
+ 2011-10-18 15:51 . 2011-10-18 15:51 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7ab709e1\System.dll
+ 2011-10-18 15:53 . 2011-10-18 15:53 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_444ed03a\System.dll
+ 2011-10-18 15:52 . 2011-10-18 15:52 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_6a45ed8e\System.Xml.dll
+ 2011-10-18 15:54 . 2011-10-18 15:54 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3aed49f4\System.Xml.dll
+ 2011-10-18 15:52 . 2011-10-18 15:52 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f67bdc38\System.Windows.Forms.dll
+ 2011-10-18 15:54 . 2011-10-18 15:54 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_e3f1324e\System.Windows.Forms.dll
+ 2011-10-18 15:54 . 2011-10-18 15:54 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_4299779a\System.Drawing.dll
+ 2011-10-18 15:54 . 2011-10-18 15:54 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7f49d7cb\System.Design.dll
+ 2011-10-18 15:52 . 2011-10-18 15:52 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_78efdc57\System.Design.dll
+ 2011-10-18 15:52 . 2011-10-18 15:52 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_34941e5c\mscorlib.dll
+ 2011-10-18 15:54 . 2011-10-18 15:54 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2d48b5ed\mscorlib.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 3857920 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9dacf8a5033dfbcb435be166d2f42cdf\WindowsBase.ni.dll
+ 2011-10-18 16:48 . 2011-10-18 16:48 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\ac9379a0db1d8da11fbc46f09da411db\UIAutomationClientsideProviders.ni.dll
+ 2011-10-18 16:06 . 2011-10-18 16:06 9086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System\5286fe2d0167eb835a9f11025f1cb756\System.ni.dll
+ 2011-10-18 16:06 . 2011-10-18 16:06 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\419103071a5a5d17738afbe9dd03d58a\System.Xml.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a3ffdc1316821b5ceb32c9a788334329\System.Xaml.ni.dll
+ 2011-10-18 16:48 . 2011-10-18 16:48 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\e3a0483820fafd51c8cd4576de6eb45f\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\4cbc10b8a84a7ef0fcf9d2885bfe9832\System.Web.Services.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\6663f8ba0327399c1a5b313707cff36f\System.Speech.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a19563d781ccd0807a41d27701d485c6\System.ServiceModel.Activities.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9be7f7f68d488eb02161d3f0663a61a4\System.ServiceModel.Discovery.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\41a4f6cc5d596e952fd880ae1a47308f\System.Runtime.DurableInstancing.ni.dll
+ 2011-10-18 16:25 . 2011-10-18 16:25 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\0a30a201408744c5315446aef7fb3d5a\System.Printing.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\7c4eea005578d9990f604fda345fb2b4\System.Management.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\16c385f23b5e493899f0d206dfb60094\System.IdentityModel.ni.dll
+ 2011-10-18 16:08 . 2011-10-18 16:08 1652736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\17bfc7131aca3a393f430121f79307bd\System.Drawing.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\83a815291644645a3ab1ce55452e1e61\System.DirectoryServices.ni.dll
+ 2011-10-18 16:25 . 2011-10-18 16:25 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\1c2d038775f2c9d42468261118019e6b\System.Deployment.ni.dll
+ 2011-10-18 16:08 . 2011-10-18 16:08 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\14d8a7579839b11151cd901b846d0afb\System.Data.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\05f8ccf31515e720b1663e710e992211\System.Data.SqlXml.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\c05998cb3411b039bdfb5d852e1413be\System.Data.Services.Client.ni.dll
+ 2011-10-18 16:08 . 2011-10-18 16:08 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\d622a2c40d37cfdb88e4eea7315a323e\System.Data.Linq.ni.dll
+ 2011-10-18 16:06 . 2011-10-18 16:06 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\44a7d2597981a82da8b9e3e2298602de\System.Core.ni.dll
+ 2011-10-18 16:25 . 2011-10-18 16:25 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\e69e487d338ceb3883b7d175885f0794\System.Activities.ni.dll
+ 2011-10-18 16:26 . 2011-10-18 16:26 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\cc25c620acedf02fd6b5c46238643cab\System.Activities.Presentation.ni.dll
+ 2011-10-18 16:25 . 2011-10-18 16:25 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\49577d8acbf16b6091f5466feae43403\System.Activities.Core.Presentation.ni.dll
+ 2011-10-18 16:25 . 2011-10-18 16:25 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\2d23bb6dd81b41002c8f927b95b7b226\ReachFramework.ni.dll
+ 2011-10-18 16:24 . 2011-10-18 16:24 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\ec64d7c99f7e030d39c355ce7a968600\PresentationUI.ni.dll
+ 2011-10-18 16:23 . 2011-10-18 16:23 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e173e7c959c2e6743087d628810806f1\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-10-18 16:23 . 2011-10-18 16:23 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\c7dd3d91f33a79c70db8bd805a483f4b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-10-18 16:23 . 2011-10-18 16:23 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\51df2ad80d91a7669dd1856a9c1061f9\Microsoft.VisualBasic.ni.dll
+ 2011-10-18 16:23 . 2011-10-18 16:23 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\477c9b916a9aee0a8beb041ee00a5fcb\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\614f6f698d269e2c56bf23feba58551c\Microsoft.JScript.ni.dll
+ 2011-10-18 16:07 . 2011-10-18 16:07 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\f03a7f8f2393a04fac7fecc1c55bd02e\Microsoft.CSharp.ni.dll
+ 2011-10-18 16:33 . 2011-10-18 16:33 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\55d4813580b1e5d268ff0564942cee9c\UIAutomationClientsideProviders.ni.dll
+ 2011-10-18 16:32 . 2011-10-18 16:32 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
+ 2011-10-18 16:44 . 2011-10-18 16:44 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll
+ 2011-10-18 16:44 . 2011-10-18 16:44 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll
+ 2011-10-18 16:44 . 2011-10-18 16:44 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll
+ 2011-10-18 16:44 . 2011-10-18 16:44 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll
+ 2011-10-18 16:39 . 2011-10-18 16:39 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0f8e14bfdb27645fb1a92ce26f9bf521\System.Printing.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\3959e9012ee532343861eb35c6c72b24\System.Management.Automation.ni.dll
+ 2011-10-18 16:39 . 2011-10-18 16:39 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\5d5aa4b926ae422607ea833d934665c2\System.Data.OracleClient.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\b70adfee3b5ed7e0688d13f24cbec556\System.Data.Entity.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\714e9504255565bd9076fe13628e104a\ReachFramework.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7dc6ee14234b0686182ced75f7dae990\PresentationUI.ni.dll
+ 2011-10-18 16:33 . 2011-10-18 16:33 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\37fd70ad5f3726031995041b246fe862\PresentationBuildTasks.ni.dll
+ 2011-10-29 05:11 . 2011-10-29 05:11 3212288 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet\b0a12ec7a91fdc63abddd078dac39951\PaintDotNet.ni.exe
+ 2011-10-18 16:39 . 2011-10-18 16:39 3192832 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet\794ef03ed57f6daede1b6d02550956dd\PaintDotNet.ni.exe
+ 2011-10-29 05:11 . 2011-10-29 05:11 1932800 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\630b00303d27c00918096bf6ab083784\PaintDotNet.Core.ni.dll
+ 2011-10-18 16:38 . 2011-10-18 16:38 1850880 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\1ade0b17fe165d27f1a6460e0200547f\PaintDotNet.Core.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fba2661cffd923f17dbfa6662adf5ce3\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-10-18 16:41 . 2011-10-18 16:41 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eb5b6ad2dc6e2ecbdbb1ce1bf754b32e\Microsoft.PowerShell.Editor.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7c0df343514ab15e0fe9b11e9b013b11\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-10-18 16:42 . 2011-10-18 16:42 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
- 2011-08-12 03:01 . 2011-08-12 03:01 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-12 03:01 . 2011-08-12 03:01 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-08-12 02:59 . 2011-08-12 02:59 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-18 16:30 . 2011-10-18 16:30 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-12 03:01 . 2011-08-12 03:01 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-08-12 03:00 . 2011-08-12 03:00 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-18 16:29 . 2011-10-18 16:29 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-18 15:51 . 2011-10-18 15:51 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-11-21 17:03 . 2010-11-21 17:03 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-18 15:51 . 2011-10-18 15:51 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-11-21 17:03 . 2010-11-21 17:03 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-06-06 10:30 . 2005-04-07 02:53 2805248 c:\windows\ALCWZRD.EXE
+ 2010-01-12 07:09 . 2011-10-18 16:18 48324552 c:\windows\system32\MRT.exe
+ 2007-08-14 01:54 . 2011-08-24 00:48 11081728 c:\windows\system32\ieframe.dll
- 2007-08-14 01:54 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
- 2010-01-12 07:13 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2010-01-12 07:13 . 2011-08-24 00:48 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-06-06 10:29 . 2005-04-13 07:21 14156800 c:\windows\RTHDCPL.EXE
+ 2011-07-13 05:49 . 2011-07-13 05:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2011-10-18 16:32 . 2011-10-18 16:32 20333568 c:\windows\Installer\12b8ab.msp
+ 2011-07-12 03:43 . 2011-07-12 03:43 11641344 c:\windows\Installer\12b89f.msp
+ 2011-07-12 00:19 . 2011-07-12 00:19 10619904 c:\windows\Installer\12b87f.msp
+ 2011-07-12 22:50 . 2011-07-12 22:50 17555968 c:\windows\Installer\12b872.msp
+ 2011-10-18 16:13 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-10-18 15:55 . 2011-10-18 15:55 12165120 c:\windows\assembly\NativeImages1_v1.1.4322\vjslib\1.0.5000.0__b03f5f7f11d50a3a_c4c51d69\vjslib.dll
+ 2011-10-18 16:08 . 2011-10-18 16:09 13138432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2de8b7360d6a58fa7fd1b451fa88dde6\System.Windows.Forms.ni.dll
+ 2011-10-18 16:47 . 2011-10-18 16:47 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\559ebac0a85ae55da09827b8048f77bd\System.ServiceModel.ni.dll
+ 2011-10-18 16:46 . 2011-10-18 16:46 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\78afce4e1bd3d345ef1fff004659191c\System.Data.Entity.ni.dll
+ 2011-10-18 16:09 . 2011-10-18 16:09 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\813a0913bea1269e48613509609e72b4\PresentationFramework.ni.dll
+ 2011-10-18 16:08 . 2011-10-18 16:08 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8244412387a82c0acd3d63622e22cef5\PresentationCore.ni.dll
+ 2011-10-18 16:05 . 2011-10-18 16:05 14407680 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
+ 2011-10-18 16:43 . 2011-10-18 16:43 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
+ 2011-10-18 16:40 . 2011-10-18 16:40 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-10-18 16:36 . 2011-10-18 16:36 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll
+ 2011-10-18 16:35 . 2011-10-18 16:35 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
+ 2011-10-18 16:34 . 2011-10-18 16:34 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
+ 2011-10-18 16:32 . 2011-10-18 16:32 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2009-09-26 518040]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
AutoTBar.exe [2003-9-30 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2004-11-02 15:59 126976 -c--a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-11-03 22:26 118784 -c--a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2004-11-02 16:03 155648 -c--a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"hpsysdrv"=c:\windows\system\hpsysdrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dwwin.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
.
R1 MpKsl8e561b79;MpKsl8e561b79;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B477B2BB-ACA9-4B5A-ABFA-BCFB0DF5F740}\MpKsl8e561b79.sys [11/5/2011 2:58 AM 28752]
S1 MpKsl104968b9;MpKsl104968b9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6D096B5C-9D55-4745-B2F0-61335CE438F4}\MpKsl104968b9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6D096B5C-9D55-4745-B2F0-61335CE438F4}\MpKsl104968b9.sys [?]
S1 MpKsl19a8b888;MpKsl19a8b888;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{957D3326-E54A-4AC7-AEAD-D96A576DC0DC}\MpKsl19a8b888.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{957D3326-E54A-4AC7-AEAD-D96A576DC0DC}\MpKsl19a8b888.sys [?]
S1 MpKsl4a8665a0;MpKsl4a8665a0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{41F04755-FCE7-4476-9153-DF33C890E30C}\MpKsl4a8665a0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{41F04755-FCE7-4476-9153-DF33C890E30C}\MpKsl4a8665a0.sys [?]
S1 MpKsl6ac4316a;MpKsl6ac4316a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0700A600-FAFE-4082-8CF7-B95CE6A0EEC8}\MpKsl6ac4316a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0700A600-FAFE-4082-8CF7-B95CE6A0EEC8}\MpKsl6ac4316a.sys [?]
S1 MpKsl8e3eaa02;MpKsl8e3eaa02;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{938E2A11-868C-4DB6-B25E-2213EAC7CFE2}\MpKsl8e3eaa02.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{938E2A11-868C-4DB6-B25E-2213EAC7CFE2}\MpKsl8e3eaa02.sys [?]
S3 BlackBox;BlackBox SR2; [x]
S3 icsak;icsak;\??\c:\program files\CheckPoint\ZAForceField\AK\icsak.sys --> c:\program files\CheckPoint\ZAForceField\AK\icsak.sys [?]
S3 LinksysFVNETusbl(AR)®;Linksys FVNETusbl(AR)® Service for Instant Wireless USB Network Adapter ver.2.6;c:\windows\system32\drivers\vnetusbl.sys [3/9/2004 7:48 PM 108032]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [8/12/2011 7:38 PM 47360]
S3 SirefefRemover;SirefefRemover;\??\c:\docume~1\ORION3~1\LOCALS~1\Temp\4ef412cf.tmp --> c:\docume~1\ORION3~1\LOCALS~1\Temp\4ef412cf.tmp [?]
S3 TrufosAlt;TrufosAlt;c:\windows\system32\drivers\TrufosAlt.sys [10/6/2011 5:14 AM 339600]
S3 vdrive;vdrive;c:\windows\system32\DRIVERS\vdrive.sys --> c:\windows\system32\DRIVERS\vdrive.sys [?]
S3 XBAudio;XBox Audio Module;c:\windows\system32\drivers\xbaudio.sys --> c:\windows\system32\drivers\xbaudio.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL8E561B79
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-05 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
.
------- Supplementary Scan -------
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 64.13.32.5 64.13.46.12
FF - ProfilePath - c:\documents and settings\orion311976\Application Data\Mozilla\Firefox\Profiles\xvzrdf3p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/login.php
FF - prefs.js: network.proxy.ftp - 85.25.147.237
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 85.25.147.237
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 85.25.147.237
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 85.25.147.237
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 1
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-05 15:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\SirefefRemover]
"ImagePath"="\??\c:\docume~1\ORION3~1\LOCALS~1\Temp\4ef412cf.tmp"
.
Completion time: 2011-11-05 15:50:36
ComboFix-quarantined-files.txt 2011-11-05 22:50
ComboFix2.txt 2011-10-17 08:28
.
Pre-Run: 65,010,769,920 bytes free
Post-Run: 64,987,901,952 bytes free
.
- - End Of File - - 75BB8C7DB2664C23FD8528F316F0199D

#9 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:37 PM

Posted 05 November 2011 - 11:59 PM

Do you recognize the following IP address?

85.25.147.237

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#10 orion311976

orion311976
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 06 November 2011 - 02:01 PM

I sure don't....Ofcourse I don't really look at ip addresses enough to recognize one.

#11 orion311976

orion311976
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 06 November 2011 - 02:10 PM

Looks as though that ip address belongs to a german server and I have no idea what it was doin there...

#12 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:37 PM

Posted 06 November 2011 - 04:27 PM

Step # 1: Run CFScript

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    KILLALL::
    
    
    FireFox::
    
    FF - ProfilePath - c:\documents and settings\orion311976\Application Data\Mozilla\Firefox\Profiles\xvzrdf3p.default\
    FF - prefs.js: network.proxy.ftp - 85.25.147.237
    FF - prefs.js: network.proxy.ftp_port - 3128
    FF - prefs.js: network.proxy.http - 85.25.147.237
    FF - prefs.js: network.proxy.http_port - 3128
    FF - prefs.js: network.proxy.socks - 85.25.147.237
    FF - prefs.js: network.proxy.socks_port - 3128
    FF - prefs.js: network.proxy.ssl - 85.25.147.237
    FF - prefs.js: network.proxy.ssl_port - 3128
    FF - prefs.js: network.proxy.type - 1

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.




    Posted Image


    Note: This CFScript is for use on orion311976's computer only! Do not use it on your computer.

  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.



Step # 2: Restore Proxy Settings

Open up Firefox, go to Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection. And once in "Connection Settings" box, choose Direct Connection to the Internet/No Proxy then click OK.



In your next post/reply, I need to see the following:

1. The ComboFix Log that appears after Step 1 has been completed.
2. A fresh DDS Log taken after Step 2 has been completed.

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#13 orion311976

orion311976
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 08 November 2011 - 07:53 AM

Ok, Here's the Combofix log using CFScript and then DDS log with compressed attach.txt file......


ComboFix 11-11-08.01 - orion311976 11/08/2011 1:45.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.717 [GMT -8:00]
Running from: c:\documents and settings\orion311976\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\orion311976\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Outdated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-08 to 2011-11-08 )))))))))))))))))))))))))))))))
.
.
2011-11-08 09:57 . 2011-11-08 09:57 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EB7660-CB85-41B6-B009-7CE55C442935}\offreg.dll
2011-11-07 09:59 . 2011-11-07 09:59 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EB7660-CB85-41B6-B009-7CE55C442935}\MpKslad50491e.sys
2011-11-07 09:57 . 2011-10-07 03:48 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EB7660-CB85-41B6-B009-7CE55C442935}\mpengine.dll
2011-10-31 07:50 . 2008-04-13 23:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2011-10-31 07:50 . 2008-04-13 23:12 53760 ----a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2011-10-31 07:50 . 2008-04-13 23:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2011-10-31 07:50 . 2008-04-13 23:12 43008 ----a-w- c:\windows\system32\ksxbar.ax
2011-10-31 07:50 . 2008-04-13 23:12 61952 ----a-w- c:\windows\system32\kstvtune.ax
2011-10-31 07:48 . 2011-10-31 07:48 -------- d-----w- c:\program files\MARS
2011-10-31 07:48 . 2001-12-21 01:20 205824 ----a-w- c:\windows\system32\VIC32.DLL
2011-10-31 07:48 . 2001-05-30 07:00 352256 ----a-w- c:\windows\system32\ijl15.dll
2011-10-31 07:48 . 2003-05-22 01:10 28672 ----a-w- c:\windows\system32\mr310exd.dll
2011-10-31 07:48 . 2003-05-21 23:07 36864 ----a-w- c:\windows\system32\mr310exv.dll
2011-10-31 07:48 . 2002-07-10 17:42 61440 ----a-w- c:\windows\system32\mr310ifc.dll
2011-10-31 07:48 . 2002-07-02 22:54 129438 ----a-w- c:\windows\system32\drivers\MR97310c.sys
2011-10-31 07:48 . 2002-05-07 19:36 147456 ----a-w- c:\windows\system32\mr310ipc.dll
2011-10-30 07:49 . 2011-10-30 07:49 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-22 14:18 . 2011-10-24 09:30 -------- d-----w- c:\documents and settings\Admin
2011-10-18 15:30 . 2011-11-08 09:54 -------- d-----w- c:\documents and settings\orion311976
2011-10-09 14:21 . 2010-04-11 16:06 89136 ----a-w- c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
2011-10-09 14:05 . 2008-04-13 19:21 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-09 13:18 . 2004-08-04 11:00 62976 -c--a-w- c:\windows\system32\drivers\cdrom.sys
2011-10-07 03:48 . 2011-09-25 09:35 6668624 -c--a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-06 12:14 . 2011-10-06 12:14 339600 -c--a-w- c:\windows\system32\drivers\TrufosAlt.sys
2011-09-29 05:23 . 2011-05-14 16:47 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 18:41 . 2009-10-08 22:57 611328 -c--a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2004-08-04 11:00 220160 -c--a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2004-08-04 11:00 20480 -c--a-w- c:\windows\system32\oleaccrc.dll
2011-09-23 03:52 . 2011-09-23 03:52 94208 -c--a-w- c:\windows\system32\drivers\ezplay.sys
2011-09-09 09:12 . 2004-08-04 11:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-04 11:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 09:28 . 2011-09-02 09:28 81920 -c--a-w- c:\windows\ALCFDRTM.EXE
2011-09-02 09:28 . 2005-08-04 04:10 81920 -c--a-w- c:\windows\ALCFDRTM.VER
2011-09-01 00:09 . 2003-03-19 11:14 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2011-09-01 00:09 . 2003-02-21 19:42 348160 -c--a-w- c:\windows\system32\msvcr71.dll
2011-08-22 23:48 . 2004-08-04 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-04 11:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-04 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-04 11:00 385024 ------w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-04 11:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-09-29 06:53 . 2011-10-05 10:36 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2009-09-26 518040]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
AutoTBar.exe [2003-9-30 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2004-11-02 15:59 126976 -c--a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-11-03 22:26 118784 -c--a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2004-11-02 16:03 155648 -c--a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"hpsysdrv"=c:\windows\system\hpsysdrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dwwin.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
.
R1 MpKslad50491e;MpKslad50491e;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{95EB7660-CB85-41B6-B009-7CE55C442935}\MpKslad50491e.sys [11/7/2011 1:59 AM 28752]
S1 MpKsl104968b9;MpKsl104968b9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6D096B5C-9D55-4745-B2F0-61335CE438F4}\MpKsl104968b9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6D096B5C-9D55-4745-B2F0-61335CE438F4}\MpKsl104968b9.sys [?]
S1 MpKsl19a8b888;MpKsl19a8b888;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{957D3326-E54A-4AC7-AEAD-D96A576DC0DC}\MpKsl19a8b888.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{957D3326-E54A-4AC7-AEAD-D96A576DC0DC}\MpKsl19a8b888.sys [?]
S1 MpKsl4a8665a0;MpKsl4a8665a0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{41F04755-FCE7-4476-9153-DF33C890E30C}\MpKsl4a8665a0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{41F04755-FCE7-4476-9153-DF33C890E30C}\MpKsl4a8665a0.sys [?]
S1 MpKsl6ac4316a;MpKsl6ac4316a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0700A600-FAFE-4082-8CF7-B95CE6A0EEC8}\MpKsl6ac4316a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0700A600-FAFE-4082-8CF7-B95CE6A0EEC8}\MpKsl6ac4316a.sys [?]
S1 MpKsl8e3eaa02;MpKsl8e3eaa02;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{938E2A11-868C-4DB6-B25E-2213EAC7CFE2}\MpKsl8e3eaa02.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{938E2A11-868C-4DB6-B25E-2213EAC7CFE2}\MpKsl8e3eaa02.sys [?]
S3 BlackBox;BlackBox SR2; [x]
S3 icsak;icsak;\??\c:\program files\CheckPoint\ZAForceField\AK\icsak.sys --> c:\program files\CheckPoint\ZAForceField\AK\icsak.sys [?]
S3 LinksysFVNETusbl(AR)®;Linksys FVNETusbl(AR)® Service for Instant Wireless USB Network Adapter ver.2.6;c:\windows\system32\drivers\vnetusbl.sys [3/9/2004 6:48 PM 108032]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [8/12/2011 6:38 PM 47360]
S3 SirefefRemover;SirefefRemover;\??\c:\docume~1\ORION3~1\LOCALS~1\Temp\4ef412cf.tmp --> c:\docume~1\ORION3~1\LOCALS~1\Temp\4ef412cf.tmp [?]
S3 TrufosAlt;TrufosAlt;c:\windows\system32\drivers\TrufosAlt.sys [10/6/2011 4:14 AM 339600]
S3 vdrive;vdrive;c:\windows\system32\DRIVERS\vdrive.sys --> c:\windows\system32\DRIVERS\vdrive.sys [?]
S3 XBAudio;XBox Audio Module;c:\windows\system32\drivers\xbaudio.sys --> c:\windows\system32\drivers\xbaudio.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 22:39]
.
.
------- Supplementary Scan -------
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 64.13.32.5 64.13.46.12
FF - ProfilePath - c:\documents and settings\orion311976\Application Data\Mozilla\Firefox\Profiles\xvzrdf3p.default\
FF - prefs.js: browser.search.selectedEngine - Google (Language: EN)
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/login.php
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-08 02:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\SirefefRemover]
"ImagePath"="\??\c:\docume~1\ORION3~1\LOCALS~1\Temp\4ef412cf.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(812)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2011-11-08 02:06:26 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-08 10:06
ComboFix2.txt 2011-10-17 08:28
.
Pre-Run: 64,741,421,056 bytes free
Post-Run: 64,818,388,992 bytes free
.
- - End Of File - - B55AC8A99CB2B251EA9727125B16FEF1


Now DDS and attach logs......


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by orion311976 at 2:25:13 on 2011-11-08
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.632 [GMT -8:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Outdated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} -
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
mPolicies-explorer: NoStrCmpLogical = 1 (0x1)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 64.13.32.5 64.13.46.12
TCP: Interfaces\{BEFD105B-29EA-4D27-BF91-9E890B7F7D29} : DhcpNameServer = 64.13.32.5 64.13.46.12
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\orion311976\application data\mozilla\firefox\profiles\xvzrdf3p.default\
FF - prefs.js: browser.search.selectedEngine - Google (Language: EN)
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/login.php
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKslad50491e;MpKslad50491e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95eb7660-cb85-41b6-b009-7ce55c442935}\mpkslad50491e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{95eb7660-cb85-41b6-b009-7ce55c442935}\MpKslad50491e.sys [?]
S1 MpKsl104968b9;MpKsl104968b9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6d096b5c-9d55-4745-b2f0-61335ce438f4}\mpksl104968b9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6d096b5c-9d55-4745-b2f0-61335ce438f4}\MpKsl104968b9.sys [?]
S1 MpKsl19a8b888;MpKsl19a8b888;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{957d3326-e54a-4ac7-aead-d96a576dc0dc}\mpksl19a8b888.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{957d3326-e54a-4ac7-aead-d96a576dc0dc}\MpKsl19a8b888.sys [?]
S1 MpKsl4a8665a0;MpKsl4a8665a0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41f04755-fce7-4476-9153-df33c890e30c}\mpksl4a8665a0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{41f04755-fce7-4476-9153-df33c890e30c}\MpKsl4a8665a0.sys [?]
S1 MpKsl6ac4316a;MpKsl6ac4316a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0700a600-fafe-4082-8cf7-b95ce6a0eec8}\mpksl6ac4316a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0700a600-fafe-4082-8cf7-b95ce6a0eec8}\MpKsl6ac4316a.sys [?]
S1 MpKsl8e3eaa02;MpKsl8e3eaa02;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{938e2a11-868c-4db6-b25e-2213eac7cfe2}\mpksl8e3eaa02.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{938e2a11-868c-4db6-b25e-2213eac7cfe2}\MpKsl8e3eaa02.sys [?]
S3 BlackBox;BlackBox SR2; [x]
S3 icsak;icsak;\??\c:\program files\checkpoint\zaforcefield\ak\icsak.sys --> c:\program files\checkpoint\zaforcefield\ak\icsak.sys [?]
S3 LinksysFVNETusbl(AR)®;Linksys FVNETusbl(AR)® Service for Instant Wireless USB Network Adapter ver.2.6;c:\windows\system32\drivers\vnetusbl.sys [2004-3-9 108032]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 SirefefRemover;SirefefRemover;\??\c:\docume~1\orion3~1\locals~1\temp\4ef412cf.tmp --> c:\docume~1\orion3~1\locals~1\temp\4ef412cf.tmp [?]
S3 TrufosAlt;TrufosAlt;c:\windows\system32\drivers\TrufosAlt.sys [2011-10-6 339600]
S3 vdrive;vdrive;c:\windows\system32\drivers\vdrive.sys --> c:\windows\system32\drivers\vdrive.sys [?]
S3 XBAudio;XBox Audio Module;c:\windows\system32\drivers\xbaudio.sys --> c:\windows\system32\drivers\xbaudio.sys [?]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-11-08 10:09:17 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0211df07-bf11-4fad-9cd1-b3cd9190ae7a}\offreg.dll
2011-11-08 10:08:34 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0211df07-bf11-4fad-9cd1-b3cd9190ae7a}\mpengine.dll
2011-11-05 22:10:12 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Jaksta_Technologies_Pty_L
2011-11-05 22:09:36 -------- d-----w- c:\documents and settings\orion311976\application data\Replay Media Catcher 4
2011-11-05 21:52:58 -------- d-----w- c:\documents and settings\orion311976\application data\IObit
2011-11-05 19:21:07 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Ares
2011-10-31 10:06:57 -------- d-----w- c:\documents and settings\orion311976\application data\Electronics 2000
2011-10-31 07:50:48 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2011-10-31 07:50:48 53760 ----a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2011-10-31 07:50:35 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2011-10-31 07:50:35 43008 ----a-w- c:\windows\system32\ksxbar.ax
2011-10-31 07:50:33 61952 ----a-w- c:\windows\system32\kstvtune.ax
2011-10-31 07:48:18 352256 ----a-w- c:\windows\system32\ijl15.dll
2011-10-31 07:48:18 205824 ----a-w- c:\windows\system32\VIC32.DLL
2011-10-31 07:48:18 -------- d-----w- c:\program files\MARS
2011-10-31 07:48:17 61440 ----a-w- c:\windows\system32\mr310ifc.dll
2011-10-31 07:48:17 36864 ----a-w- c:\windows\system32\mr310exv.dll
2011-10-31 07:48:17 28672 ----a-w- c:\windows\system32\mr310exd.dll
2011-10-31 07:48:17 147456 ----a-w- c:\windows\system32\mr310ipc.dll
2011-10-31 07:48:17 129438 ----a-w- c:\windows\system32\drivers\MR97310c.sys
2011-10-30 21:35:45 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Google
2011-10-29 04:24:19 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Paint.NET
2011-10-29 04:08:45 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Adobe
2011-10-29 01:49:56 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Mozilla
2011-10-24 10:15:08 -------- d-----w- c:\documents and settings\orion311976\application data\SpinTop Games
2011-10-19 00:20:02 -------- d-sh--w- c:\documents and settings\orion311976\PrivacIE
2011-10-18 15:37:41 -------- d-----w- c:\documents and settings\orion311976\local settings\application data\Downloaded Installations
2011-10-18 15:33:06 -------- d-----w- c:\documents and settings\orion311976\application data\Malwarebytes
2011-10-17 08:17:07 -------- d-sha-r- C:\cmdcons
2011-10-17 08:14:10 98816 ----a-w- c:\windows\sed.exe
2011-10-17 08:14:10 518144 ----a-w- c:\windows\SWREG.exe
2011-10-17 08:14:10 256000 ----a-w- c:\windows\PEV.exe
2011-10-17 08:14:10 208896 ----a-w- c:\windows\MBR.exe
2011-10-09 14:21:21 89136 ----a-w- c:\program files\common files\microsoft shared\vs7debug\MDM.EXE
2011-10-09 14:05:44 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
.
==================== Find3M ====================
.
2011-10-09 13:18:28 62976 -c--a-w- c:\windows\system32\drivers\cdrom.sys
2011-10-06 12:14:32 339600 -c--a-w- c:\windows\system32\drivers\TrufosAlt.sys
2011-09-29 05:23:56 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 18:41:20 611328 -c--a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 -c--a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 -c--a-w- c:\windows\system32\oleaccrc.dll
2011-09-23 03:52:58 94208 -c--a-w- c:\windows\system32\drivers\ezplay.sys
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 09:28:36 81920 -c--a-w- c:\windows\ALCFDRTM.VER
2011-09-02 09:28:36 81920 -c--a-w- c:\windows\ALCFDRTM.EXE
2011-09-01 00:09:42 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2011-09-01 00:09:42 348160 -c--a-w- c:\windows\system32\msvcr71.dll
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ------w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
.
============= FINISH: 2:25:28.26 ===============

#14 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:37 PM

Posted 08 November 2011 - 02:36 PM

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Ares 2.1.7

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Also available here.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).




Step # 1 Update Java

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6u29.
  • Click on the link to download Windows Offline Installation and save to your desktop. Do NOT use the Sun Download Manager.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Remove the following old versions of Java:

  • Java™ 6 Update 26

  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • From your desktop double-click on the download to install the newest version.




Step # 2 Run CCleaner

CCleaner will remove everything from the temp/temporary folders but please note that it will not make back ups!

  • Before first use, select Options > Advanced and UNCHECK Only delete files in Windows Temp folder older than 24 hours
  • Then select the items you wish to clean up.
  • In the Windows Tab:
  • Clean all entries in the Internet Explorer section except Cookies
  • Clean all the entries in the Windows Explorer section
  • Clean all entries in the System section
  • Clean all entries in the Advanced section
  • Clean any others that you choose
  • In the Applications Tab:
  • Clean all except cookies in the Firefox/Mozilla section if you use it
  • Clean all in the Opera section if you use it
  • Clean Sun Java in the Internet Section
  • Clean any others that you choose
  • Click the Run Cleaner button.
  • A pop up box will appear advising this process will permanently delete files from your system.
  • Click OK and it will scan and clean your system.
  • Click exit when done.
  • If it asks you to reboot at the end, click NO




Step # 3 Download and Run Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.



Post the MalwareBytes' Log in your next post/reply.

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#15 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:37 PM

Posted 14 November 2011 - 01:23 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

MalWare Removal University Master

Member of ASAP
unite_Invision.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users