Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Likely Rootkit Infection? Redirects and Popups.


  • This topic is locked This topic is locked
20 replies to this topic

#1 gt7001

gt7001

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 16 November 2011 - 11:33 AM

Finally back to being able to load windows after days of staring at a BSOD. Recovery console works.
What I'm assuming is a rootkit infection has me battling pop-ups, redirects, and random shut downs.
Attempts to run TDSSkiller have stalled, even after defogger.
Previous runs of SAS and MBAM have turned up items, but never cleared.
So, rather than potentially muck it up any further, I humbly request any direction you guys might have for me. Thanks.

Also, at the launch of GMER, it kicked up an error: Loaddriver ("c:\location)error:# cannot create a stable subkey under a volatile parent key.

Here are the logs.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Gabe and Sara at 8:59:25 on 2011-11-16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.208 [GMT -7:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\ehome\ehtray.exe
svchost.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Documents and Settings\Gabe and Sara\Desktop\Security\SUPERAntiSpyware.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\HPZipm12.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.cnn.com/
uInternet Connection Wizard,ShellNext = hxxp://support.dell.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [SUPERAntiSpyware] c:\documents and settings\gabe and sara\desktop\security\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [qkjUlyDxtx.exe] c:\documents and settings\all users\application data\qkjUlyDxtx.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1153067480890
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{664A8644-5C00-4479-9665-9EBB2410A318} : DhcpNameServer = 192.168.0.1
Notify: !SASWinLogon - c:\documents and settings\gabe and sara\desktop\security\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\documents and settings\gabe and sara\desktop\security\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\gabe and sara\application data\mozilla\firefox\profiles\1kzd4whu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPAdbESD.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2006-11-30 31944]
R1 SASDIFSV;SASDIFSV;c:\documents and settings\gabe and sara\desktop\security\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\documents and settings\gabe and sara\desktop\security\SASKUTIL.SYS [2010-5-10 67656]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-9-27 54752]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2007-9-27 104000]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2007-2-22 144960]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2007-2-22 54872]
R3 Angel;Angel MPEG Device;c:\windows\system32\drivers\Angel.sys [2006-7-13 375936]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2007-9-27 72264]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2007-9-27 34152]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2007-9-27 170408]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S4 XAMPP;XAMPP Service;c:\xampp\service.exe --> c:\xampp\service.exe [?]
.
=============== Created Last 30 ================
.
2011-11-16 15:32:29 -------- d-----w- c:\windows\system32\NtmsData
2011-11-03 13:23:19 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-03 05:52:13 -------- d-----w- c:\program files\ESET
2011-10-24 21:38:27 -------- d-----w- C:\TDSSKiller_Quarantine
2011-10-20 01:26:29 -------- d-----w- c:\program files\iPod
2011-10-20 01:26:23 -------- d-----w- c:\program files\iTunes
2011-10-20 01:21:55 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 12:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 09:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 00:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 06:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 06:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 06:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 9:07:25.59 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:13 AM

Posted 19 November 2011 - 01:43 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gt7001

gt7001
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 20 November 2011 - 11:22 AM

Gringo,

Thanks for the help.

- Log below:
- Computer is still sluggish, but no redirects yet. Seems improved.

ComboFix 11-11-20.01 - Gabe and Sara 11/20/2011 8:06.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.538 [GMT -7:00]
Running from: c:\documents and settings\Gabe and Sara\My Documents\Downloads\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CSC\d6
c:\windows\dasetup.log
c:\windows\kb913800.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_COMSYSAPP
-------\Service_COMSysApp
.
.
((((((((((((((((((((((((( Files Created from 2011-10-20 to 2011-11-20 )))))))))))))))))))))))))))))))
.
.
2011-11-16 15:32 . 2011-11-16 15:36 -------- d-----w- c:\windows\system32\NtmsData
2011-11-03 13:23 . 2011-11-03 13:24 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-03 13:21 . 2011-11-03 13:21 -------- d-----w- c:\program files\Common Files\Java
2011-11-03 05:52 . 2011-11-03 05:52 -------- d-----w- c:\program files\ESET
2011-11-03 04:28 . 2011-11-03 04:28 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2011-10-24 22:20 . 2011-10-24 22:20 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2011-10-24 21:38 . 2011-10-24 21:38 -------- d-----w- C:\TDSSKiller_Quarantine
2011-10-24 21:02 . 2011-10-24 21:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:22 . 2006-07-14 02:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 12:06 . 2010-07-23 03:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 09:37 . 2010-08-29 22:43 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2004-08-10 11:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41 . 2008-07-30 02:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2004-08-10 11:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2004-08-10 11:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20 . 2004-08-10 11:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 00:00 . 2011-05-24 00:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 06:05 . 2011-08-31 06:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 06:05 . 2011-08-31 06:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 06:05 . 2011-08-31 06:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48 . 2004-08-10 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-10 11:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-10 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2008-12-11 14:45 . 2008-06-06 20:20 27976 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll
2008-12-11 14:45 . 2008-06-06 20:20 126360 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-01_05.36.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-14 03:17 . 2011-05-14 03:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-14 02:45 . 2011-05-14 02:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2011-05-14 08:06 . 2011-05-14 08:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 08:23 . 2011-05-14 08:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2011-05-14 01:37 . 2011-05-14 01:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-11-20 15:45 . 2011-11-20 15:45 16384 c:\windows\temp\Perflib_Perfdata_65c.dat
+ 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2011-10-20 01:22 . 2011-02-18 23:36 41984 c:\windows\system32\ReinstallBackups\0022\DriverFiles\usbaapl.sys
+ 2004-08-10 11:00 . 2011-10-13 10:08 72674 c:\windows\system32\perfc009.dat
+ 2004-08-10 11:00 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
- 2004-08-10 11:00 . 2011-02-22 23:06 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 11:31 . 2011-02-22 23:06 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 11:31 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-06-23 03:27 . 2011-06-23 03:27 67464 c:\windows\system32\mlfcache.dat
- 2004-08-10 11:00 . 2011-02-22 23:06 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
+ 2011-05-01 20:49 . 2006-09-05 19:28 38480 c:\windows\system32\IJRMF.exe
+ 2011-10-20 01:22 . 2011-08-03 00:38 42496 c:\windows\system32\DRVSTORE\usbaapl_091115F4EDEB41DBA0EC91574CE905B4E0482482\usbaapl.sys
+ 2011-10-20 01:22 . 2011-08-03 00:38 18432 c:\windows\system32\DRVSTORE\netaapl_63AA05C4700EB9CAF2D048DAC1D06D764A0D4C41\netaapl.sys
- 2004-08-10 11:00 . 2008-04-13 18:41 52352 c:\windows\system32\drivers\volsnap.sys
+ 2004-08-10 11:00 . 2011-05-01 06:14 52352 c:\windows\system32\drivers\volsnap.sys
+ 2008-02-03 22:22 . 2011-08-03 00:38 42496 c:\windows\system32\drivers\usbaapl.sys
+ 2004-08-10 11:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
- 2010-07-18 23:15 . 2011-02-22 23:06 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-07-18 23:15 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-10 11:00 . 2011-09-26 18:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2004-08-10 11:00 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
- 2009-03-08 11:31 . 2011-02-22 23:06 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 11:31 . 2011-08-22 23:48 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2010-07-18 23:15 . 2011-02-22 23:06 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-07-18 23:15 . 2011-08-22 23:48 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-03-08 11:34 . 2011-02-22 23:06 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 11:34 . 2011-08-22 23:48 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 11:33 . 2011-08-22 23:48 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-03-08 11:33 . 2011-02-22 23:06 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-10 11:00 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2004-08-10 11:00 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-10 11:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
- 2004-08-10 11:00 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
+ 2011-08-28 14:44 . 2011-08-28 14:44 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-09-23 22:55 . 2010-09-23 22:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-07-08 21:00 . 2011-07-08 21:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-07-07 19:03 . 2011-07-07 19:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-07-07 20:09 . 2011-07-07 20:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-09-23 10:17 . 2010-09-23 10:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-07-07 20:09 . 2011-07-07 20:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2004-09-30 01:11 . 2009-06-24 19:56 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\ToGac.exe
+ 2004-10-08 00:36 . 2009-06-24 19:56 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\SetRegNI.exe
- 2006-07-14 01:59 . 2009-06-24 05:01 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorld.dll
+ 2006-07-14 01:59 . 2011-07-05 22:46 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorld.dll
+ 2006-07-14 01:59 . 2011-07-05 22:46 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorie.dll
- 2006-07-14 01:59 . 2009-06-24 05:01 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorie.dll
- 2006-07-14 01:59 . 2009-06-24 05:12 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
+ 2006-07-14 01:59 . 2011-07-06 16:57 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
- 2006-07-14 01:59 . 2009-06-24 05:12 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
+ 2006-07-14 01:59 . 2011-07-06 16:57 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
+ 2011-07-06 03:49 . 2011-07-06 03:49 19968 c:\windows\Installer\1d7d7814.msi
- 2008-05-23 04:01 . 2011-04-14 10:11 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-04 10:01 . 2011-04-25 10:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 10:01 . 2011-10-13 10:10 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-10-20 01:06 . 2011-10-20 01:06 27136 c:\windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
+ 2011-10-13 10:02 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fa3fd4cf\System.Drawing.Design.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_35c5a77f\CustomMarshalers.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 90112 c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a_d458a0bd\System.Drawing.Design.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 61440 c:\windows\assembly\NativeImages1_v1.0.3705\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a_d6200def\CustomMarshalers.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\ebe9e217e830d2fe734f4a6753c6c021\WindowsLiveWriter.ni.exe
+ 2011-08-11 10:12 . 2011-08-11 10:12 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\47e0dd4fe04c9e5ac5191967d85d6931\WindowsLiveWriter.ni.exe
+ 2011-08-11 10:13 . 2011-08-11 10:13 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8379dc38b3fd1cbcb00b46e92b086848\WindowsLive.Writer.Api.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7389eba462bed37a69130380bde8abc1\WindowsLive.Writer.Api.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll
+ 2011-06-30 10:10 . 2011-06-30 10:10 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 26112 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\d21da0c5dbb27c22a9aea2646cedb6e1\TVM.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 26112 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\753e5215ea2baffc211727f41590f5bb\TVM.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-10-13 10:10 . 2011-10-13 10:10 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\66873b557d5c7013e4c630361473b0c2\PresentationFontCache.ni.exe
+ 2011-08-11 10:08 . 2011-08-11 10:08 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
+ 2011-10-13 10:09 . 2011-10-13 10:09 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5b30652a7b802199984f93b5e414260f\PresentationCFFRasterizer.ni.dll
+ 2011-08-11 10:07 . 2011-08-11 10:07 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll
+ 2011-06-30 10:12 . 2011-06-30 10:12 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a96b02abbfcaae424cfb91a198a9e0e9\Microsoft.VisualC.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a140509b1342934fc5e58ae22ac9696c\Microsoft.VisualC.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a8844048139471f4c7914a41f36a7e81\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9855d3fb15e6c63a811b1f0b66d78428\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9804c5ec5e7a8945d4da1c7e3caf40c7\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7618f444d33b1311e952ba9285e4a4b2\Microsoft.PowerShell.Security.resources.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1b23e2c0707d81e7eb14f78552562635\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0fe4eb7e116bacc97d476713af23f42e\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\05bbffbe100ede49139819641a41dfda\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\01eba2bdd4d6baa3102dc8610e8cec92\Microsoft.PowerShell.Security.resources.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-06-30 10:13 . 2011-06-30 10:13 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-10-13 10:16 . 2011-10-13 10:16 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
+ 2011-06-30 10:11 . 2011-06-30 10:11 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
+ 2011-10-13 10:13 . 2011-10-13 10:13 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-04-14 10:07 . 2011-04-14 10:07 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-04-14 10:07 . 2011-04-14 10:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-08 10:00 . 2010-10-08 10:00 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-10-13 10:02 . 2007-12-17 12:00 66592 c:\windows\$NtUninstallKB2572066$\togac.exe
+ 2011-10-13 10:02 . 2007-12-17 11:59 66592 c:\windows\$NtUninstallKB2572066$\setregni.exe
+ 2011-10-13 10:02 . 2009-06-24 05:01 86016 c:\windows\$NtUninstallKB2572066$\mscorld.dll
+ 2011-10-13 10:02 . 2009-06-24 05:01 73728 c:\windows\$NtUninstallKB2572066$\mscorie.dll
+ 2011-10-13 10:02 . 2009-06-24 05:12 32768 c:\windows\$NtUninstallKB2572066$\aspnet_wp.exe
+ 2011-10-13 10:02 . 2009-06-24 05:12 32768 c:\windows\$NtUninstallKB2572066$\aspnet_state.exe
+ 2011-08-24 10:00 . 2010-11-03 13:12 46080 c:\windows\$NtUninstallKB2570791$\tzchange.exe
+ 2011-08-24 10:00 . 2011-07-09 00:32 16896 c:\windows\$NtUninstallKB2570791$\spuninst\tzchange.dll
+ 2011-08-11 10:00 . 2008-04-13 18:57 10112 c:\windows\$NtUninstallKB2566454$\ndistapi.sys
+ 2011-10-13 10:09 . 2004-08-10 11:00 16896 c:\windows\$NtUninstallKB2564958$\oleaccrc.dll
+ 2011-07-13 10:03 . 2010-12-09 14:30 33280 c:\windows\$NtUninstallKB2507938$\csrsrv.dll
+ 2011-09-15 10:09 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2616676\update\spcustom.dll
+ 2011-09-15 10:09 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2616676\spmsg.dll
+ 2011-09-07 10:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2607712\update\spcustom.dll
+ 2011-09-07 10:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2607712\spmsg.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2592799\update\spcustom.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2592799\spmsg.dll
+ 2011-10-13 10:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2586448-IE8\update\spcustom.dll
+ 2011-10-13 10:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2586448-IE8\spmsg.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 12800 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\xpshims.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 66560 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtmled.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 55296 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeedsbs.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 43520 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\licmgr10.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 25600 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\jsproxy.dll
+ 2011-09-15 10:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570947\update\spcustom.dll
+ 2011-09-15 10:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570947\spmsg.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570222\update\spcustom.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570222\spmsg.dll
+ 2011-08-11 10:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567680\update\spcustom.dll
+ 2011-08-11 10:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567680\spmsg.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567053\update\spcustom.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567053\spmsg.dll
+ 2011-08-11 10:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2566454\update\spcustom.dll
+ 2011-08-11 10:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2566454\spmsg.dll
+ 2011-08-11 01:32 . 2011-07-08 13:51 10496 c:\windows\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys
+ 2011-08-11 10:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2562937\update\spcustom.dll
+ 2011-08-11 10:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2562937\spmsg.dll
+ 2011-08-11 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2559049-IE8\update\spcustom.dll
+ 2011-08-11 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2559049-IE8\spmsg.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 12800 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\xpshims.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 66560 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtmled.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 55296 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeedsbs.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 43520 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\licmgr10.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 25600 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\jsproxy.dll
+ 2011-07-13 10:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
+ 2011-07-13 10:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
+ 2011-06-17 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll
+ 2011-06-17 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll
+ 2011-06-29 10:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
+ 2011-06-29 10:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276\spmsg.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276-v2\update\spcustom.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276-v2\spmsg.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll
+ 2011-07-13 10:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2011-07-13 10:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2006-07-14 01:59 . 2009-06-29 18:57 8192 c:\windows\Microsoft.NET\Framework\v1.0.3705\IEExec.exe
+ 2006-07-14 01:59 . 2011-07-13 01:05 8192 c:\windows\Microsoft.NET\Framework\v1.0.3705\IEExec.exe
+ 2011-10-13 10:08 . 2011-10-13 10:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-10-13 10:02 . 2009-06-29 18:57 8192 c:\windows\$NtUninstallKB2572066$\ieexec.exe
- 2010-10-08 10:03 . 2011-04-14 10:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-05-14 08:17 . 2011-05-14 08:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 08:12 . 2011-05-14 08:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 08:11 . 2011-05-14 08:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
- 2004-08-10 11:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
+ 2004-08-10 11:00 . 2011-06-20 17:44 293376 c:\windows\system32\winsrv.dll
- 2004-08-10 11:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 105984 c:\windows\system32\url.dll
+ 2004-08-10 11:00 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
+ 2004-08-10 11:00 . 2011-10-13 10:08 444782 c:\windows\system32\perfh009.dat
- 2004-08-10 11:00 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2004-08-10 11:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2004-08-10 11:00 . 2011-02-22 23:06 206848 c:\windows\system32\occache.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 206848 c:\windows\system32\occache.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 611840 c:\windows\system32\mstime.dll
- 2004-08-10 11:00 . 2011-02-22 23:06 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 11:32 . 2011-08-22 23:48 602112 c:\windows\system32\msfeeds.dll
- 2009-03-08 11:32 . 2011-02-22 23:06 602112 c:\windows\system32\msfeeds.dll
+ 2011-11-03 13:21 . 2011-10-03 12:06 157472 c:\windows\system32\javaws.exe
- 2011-04-30 01:08 . 2011-02-03 04:40 157472 c:\windows\system32\javaws.exe
+ 2011-11-03 13:21 . 2011-10-03 12:06 145184 c:\windows\system32\javaw.exe
- 2011-04-30 01:08 . 2011-02-03 04:40 145184 c:\windows\system32\javaw.exe
- 2011-04-30 01:08 . 2011-02-03 04:40 145184 c:\windows\system32\java.exe
+ 2011-11-03 13:21 . 2011-10-03 12:06 145184 c:\windows\system32\java.exe
+ 2004-08-10 11:00 . 2011-08-22 23:48 184320 c:\windows\system32\iepeers.dll
- 2004-08-10 11:00 . 2011-02-22 23:06 184320 c:\windows\system32\iepeers.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-10 11:00 . 2011-02-22 23:06 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-10 11:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
+ 2006-07-13 18:52 . 2011-10-13 10:26 320336 c:\windows\system32\FNTCACHE.DAT
- 2006-07-13 18:52 . 2011-04-14 10:27 320336 c:\windows\system32\FNTCACHE.DAT
+ 2006-07-14 01:57 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys
- 2006-07-14 01:57 . 2008-04-14 00:13 139656 c:\windows\system32\drivers\rdpwd.sys
+ 2004-08-10 11:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2004-08-10 11:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
+ 2004-08-10 11:00 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
- 2004-08-10 11:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-10 11:00 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
- 2004-08-10 11:00 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-08-10 11:00 . 2011-02-22 23:06 916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 11:33 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
+ 2009-03-08 11:34 . 2011-08-22 23:48 105984 c:\windows\system32\dllcache\url.dll
- 2009-03-08 11:34 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-10 11:00 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
- 2006-07-14 01:57 . 2008-04-14 00:13 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2006-07-14 01:57 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2004-08-10 11:00 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
- 2004-08-10 11:00 . 2008-04-14 00:12 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2004-08-10 11:00 . 2011-09-26 18:41 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2009-03-08 11:34 . 2011-08-22 23:48 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 11:34 . 2011-02-22 23:06 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-10 11:00 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
- 2009-03-08 11:32 . 2011-02-22 23:06 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 11:32 . 2011-08-22 23:48 611840 c:\windows\system32\dllcache\mstime.dll
- 2010-07-18 23:15 . 2011-02-22 23:06 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-07-18 23:15 . 2011-08-22 23:48 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-10 11:00 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-07-14 02:00 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2006-07-14 02:00 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2010-07-18 23:15 . 2011-08-22 23:48 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-07-18 23:15 . 2011-02-22 23:06 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 184320 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-10 11:00 . 2011-02-22 23:06 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-07-18 23:15 . 2011-02-22 23:06 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-07-18 23:15 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2009-03-08 21:09 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-03-08 21:09 . 2011-02-22 23:06 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 11:32 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-10 11:00 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
- 2004-08-10 11:00 . 2008-04-14 00:11 599040 c:\windows\system32\dllcache\crypt32.dll
- 2004-08-10 11:00 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-08-10 11:00 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
+ 2006-07-16 05:31 . 2011-05-01 05:56 262144 c:\windows\system32\config\systemprofile\ntuser.dat
- 2006-07-16 05:31 . 2006-07-16 05:31 262144 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2006-07-14 02:07 . 2011-08-28 14:44 212992 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-07-14 02:07 . 2011-04-29 06:12 212992 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-07-18 23:56 . 2010-08-30 04:26 245760 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2010-07-18 23:56 . 2011-08-28 14:44 245760 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-07-07 12:18 . 2011-07-07 12:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-03-25 13:15 . 2011-03-25 13:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-07-07 19:04 . 2011-07-07 19:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-07-07 19:01 . 2011-07-07 19:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-09-23 09:25 . 2010-09-23 09:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-07-07 20:09 . 2011-07-07 20:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2010-09-23 10:17 . 2010-09-23 10:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2006-07-14 01:59 . 2009-06-24 04:59 303104 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll
+ 2006-07-14 01:59 . 2011-07-05 22:44 303104 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll
+ 2006-07-14 01:59 . 2011-07-06 16:57 200704 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
- 2006-07-14 01:59 . 2009-06-24 05:12 200704 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
+ 2011-03-18 03:03 . 2011-03-18 03:03 308736 c:\windows\Installer\77b1289d.msp
+ 2011-06-17 10:05 . 2011-06-17 10:05 467456 c:\windows\Installer\77b12846.msi
+ 2011-11-03 13:21 . 2011-11-03 13:21 203776 c:\windows\Installer\1ac56bf.msi
+ 2008-05-23 04:01 . 2011-10-13 10:03 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-10-20 01:27 . 2011-10-20 01:27 380928 c:\windows\Installer\{29ED20C9-5E15-4969-9279-25BF3727A3DA}\iTunesIco.exe
+ 2011-01-14 14:10 . 2011-01-14 14:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL
+ 2011-01-14 14:10 . 2011-01-14 14:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL
+ 2011-10-13 10:02 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll
+ 2011-10-13 10:02 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
+ 2011-10-13 10:02 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
+ 2011-10-13 10:02 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll
+ 2011-10-13 10:02 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe
+ 2011-08-11 10:01 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-08-11 10:01 . 2009-03-08 11:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-11 10:01 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-11 10:01 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-11 10:01 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-11 10:01 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-06-17 10:01 . 2009-03-08 11:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-06-17 10:01 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-06-17 10:01 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-06-17 10:05 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll
+ 2011-06-17 10:05 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
+ 2011-06-17 10:05 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
+ 2011-06-17 10:05 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
+ 2008-11-12 21:32 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-06-30 10:06 . 2011-08-11 10:06 425984 c:\windows\assembly\temp\UVN0P8F18C\System.configuration.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 261632 c:\windows\assembly\temp\SN3YWFSW9M\System.Transactions.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 114688 c:\windows\assembly\temp\JKU729DT6D\System.ServiceProcess.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 303104 c:\windows\assembly\temp\GKUDBOMZIG\System.Runtime.Remoting.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 626688 c:\windows\assembly\temp\1QOGERP8FY\System.Drawing.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 113664 c:\windows\assembly\temp\1H3VH01TLJ\System.EnterpriseServices.Wrapper.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 258048 c:\windows\assembly\temp\1H3VH01TLJ\System.EnterpriseServices.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_911f86b5\System.Drawing.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_2ee0f177\System.Drawing.Design.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_ae87b370\CustomMarshalers.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 847872 c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a_85532f57\System.Drawing.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-10-13 10:16 . 2011-10-13 10:16 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-08-11 10:13 . 2011-08-11 10:13 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\be230222afc4ac16af2745c66a9b5014\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\a87b02a8c9bc70d4a0520c6f39b41609\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fc0df76553f27dbe81b44e1feff6241a\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-06-30 10:13 . 2011-06-30 10:13 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fa2482d4152af4d1792570932da229d6\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f56e04e5688b837d1da24f16c7bd23c1\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ed2c16c41895f3ca9a221c54ef0afb95\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dee18548442e1e395bd214ecbc8143b3\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-06-30 10:13 . 2011-06-30 10:13 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d78f83ddd58e30d6b7beb63b7534f092\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cb0924120aa5063618a25a8470767c59\WindowsLive.Writer.Interop.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b732fc4a98715dc49365641879c7cde0\WindowsLive.Writer.Localization.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b6a4d3bddbbafbcc633e7d09a3b3b7c0\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b2fa3d80779829ca0d29b039eba7b6c8\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b1408a406bf6cedf6dabd8bb91b10933\WindowsLive.Writer.Controls.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ae411f232f47e92e15717368e6c788a2\WindowsLive.Writer.Passport.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a46a0c3a6f9cdd29bc9e1518ddfff1cf\WindowsLive.Writer.Passport.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\98299d2757ae2591fd1e59b24d3e57e4\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8d221f10c1301131d0a4babe89337b68\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8c5e2af7f9432f5937528be8eca7e74f\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\87fd61f5ff1c726a2762fc72e531a180\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\78386b4c506784bc4e7f7e995a5343ae\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6900ed313c926e6487e316d87beeacbb\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\67aef418f97e1d7daf8f8b32888592dd\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6303299e64ab859f46036cfbf2426d11\WindowsLive.Writer.Interop.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5b6fbe21066f9263a0a7f1d66f367cc0\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\51cf4e293cd48162a780437877102c77\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\41cc89c999e766d62a6506e134a63de5\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3ae7eae306c355e1efb728fac33b3965\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\39d4886a9c3753f78ed21025b3c7894f\WindowsLive.Writer.Controls.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\28dba3533d342fe31ebf669da2a2dd6b\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\17a0bb4a638ab04b49710aa1976adfbd\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\03b22b0e79cac36b7d600f7759fcea32\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\01debb0846be43ad1caca0f6db2f4faa\WindowsLive.Writer.Localization.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\6ccef8f8ef1459d95a24a40f6ca4e138\WindowsLive.Client.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\2b3e72958e5d5f0d595da09b3362310b\WindowsLive.Client.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a2c1bb3c5b1447b398e72c56091ca571\WindowsFormsIntegration.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll
+ 2011-06-30 10:10 . 2011-06-30 10:10 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ba55240b7753047f8d1b03ef473bf74e\UIAutomationClient.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 116736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Inte#\490f9b7d4d608169d57eb20737f8ff8c\System.Windows.Interactivity.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 116736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Inte#\01da3a9ba14a15491efa087b5dac4692\System.Windows.Interactivity.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\5d6a0e02b8e1cff94d07d2507667edc7\System.Management.Automation.resources.ni.dll
+ 2011-06-30 10:15 . 2011-06-30 10:15 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\35b34a452180a868171e1364bcc02208\System.Management.Automation.resources.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-10-13 10:13 . 2011-10-13 10:13 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-10-13 10:13 . 2011-10-13 10:13 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-10-13 10:16 . 2011-10-13 10:16 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
+ 2011-08-11 10:13 . 2011-08-11 10:13 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
+ 2011-08-11 10:13 . 2011-08-11 10:13 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-11 10:08 . 2011-08-11 10:08 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94cfc00ad448575bfb0e67c53b514cd5\PresentationFramework.Aero.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\478d57d96f3d8d5fc15c7ac635a4a6a1\PresentationFramework.Classic.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-10-13 10:16 . 2011-10-13 10:16 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
+ 2011-10-13 10:16 . 2011-10-13 10:16 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fb17fceaa5465d6eeb15034a4bea2687\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eae2ab662e4b44aacd4cebd3f9b6c34f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9bcb002ea577b825f7c7872ec21b78a3\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9963fdc4d47bf168d55ffca06288c0b6\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\97869a9a27244319a1bcb5c2d446a1cc\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4d166154a2d5a4497acccfcd08355267\Microsoft.PowerShell.Security.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\43b77700ad8d984224b12472318e02ec\Microsoft.PowerShell.Security.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1e71552b14add6b28ac6ad7897f3969d\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 955392 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Serv#\fa0f1b1345c5d9a4128d4454fc79c23f\Intuit.Ctg.Wte.Service.Interface.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 955392 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Serv#\8fee5754e9e17d42a1f19b6af5abf3e1\Intuit.Ctg.Wte.Service.Interface.ni.dll
+ 2011-06-30 10:14 . 2011-06-30 10:14 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-10-13 10:16 . 2011-10-13 10:16 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
+ 2011-08-11 10:11 . 2011-08-11 10:11 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
+ 2011-10-13 10:13 . 2011-10-13 10:13 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-04-14 10:07 . 2011-04-14 10:07 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-04-14 10:07 . 2011-04-14 10:07 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-04-14 10:08 . 2011-04-14 10:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-09-15 10:09 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2616676$\spuninst\updspapi.dll
+ 2011-09-15 10:09 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2616676$\spuninst\spuninst.exe
+ 2011-09-15 10:09 . 2011-09-03 10:17 599040 c:\windows\$NtUninstallKB2616676$\crypt32.dll
+ 2011-09-07 10:00 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2607712$\spuninst\updspapi.dll
+ 2011-09-07 10:00 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2607712$\spuninst\spuninst.exe
+ 2011-09-07 10:00 . 2008-04-14 00:11 599040 c:\windows\$NtUninstallKB2607712$\crypt32.dll
+ 2011-10-13 10:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2592799$\spuninst\updspapi.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2592799$\spuninst\spuninst.exe
+ 2011-10-13 10:04 . 2011-02-16 13:22 138496 c:\windows\$NtUninstallKB2592799$\afd.sys
+ 2011-10-13 10:02 . 2009-04-13 20:42 371424 c:\windows\$NtUninstallKB2572066$\spuninst\updspapi.dll
+ 2011-10-13 10:02 . 2009-04-13 20:42 213216 c:\windows\$NtUninstallKB2572066$\spuninst\spuninst.exe
+ 2011-10-13 10:02 . 2009-06-24 04:59 303104 c:\windows\$NtUninstallKB2572066$\mscorjit.dll
+ 2011-10-13 10:02 . 2009-06-24 05:12 200704 c:\windows\$NtUninstallKB2572066$\aspnet_isapi.dll
+ 2011-09-15 10:05 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570947$\spuninst\updspapi.dll
+ 2011-09-15 10:05 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570947$\spuninst\spuninst.exe
+ 2011-08-24 10:00 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570791$\spuninst\updspapi.dll
+ 2011-08-24 10:00 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570791$\spuninst\spuninst.exe
+ 2011-08-11 10:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570222$\spuninst\updspapi.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570222$\spuninst\spuninst.exe
+ 2011-08-11 10:03 . 2008-04-14 00:13 139656 c:\windows\$NtUninstallKB2570222$\rdpwd.sys
+ 2011-08-11 10:04 . 2011-04-26 11:07 293376 c:\windows\$NtUninstallKB2567680$\winsrv.dll
+ 2011-08-11 10:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567680$\spuninst\updspapi.dll
+ 2011-08-11 10:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567680$\spuninst\spuninst.exe
+ 2011-10-13 10:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567053$\spuninst\updspapi.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567053$\spuninst\spuninst.exe
+ 2011-08-11 10:00 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2566454$\spuninst\updspapi.dll
+ 2011-08-11 10:00 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2566454$\spuninst\spuninst.exe
+ 2011-10-13 10:09 . 2008-07-30 02:59 161296 c:\windows\$NtUninstallKB2564958$\uiautomationcore.dll
+ 2011-10-13 10:09 . 2011-08-12 20:51 382840 c:\windows\$NtUninstallKB2564958$\spuninst\updspapi.dll
+ 2011-10-13 10:09 . 2011-08-12 20:51 231288 c:\windows\$NtUninstallKB2564958$\spuninst\spuninst.exe
+ 2011-10-13 10:09 . 2004-08-10 11:00 163328 c:\windows\$NtUninstallKB2564958$\oleacc.dll
+ 2011-08-11 10:00 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2562937$\spuninst\updspapi.dll
+ 2011-08-11 10:00 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2562937$\spuninst\spuninst.exe
+ 2011-07-13 10:00 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2555917$\spuninst\updspapi.dll
+ 2011-07-13 10:00 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2555917$\spuninst\spuninst.exe
+ 2011-06-17 10:05 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893$\spuninst\updspapi.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893$\spuninst\spuninst.exe
+ 2011-06-17 10:05 . 2011-03-07 05:33 692736 c:\windows\$NtUninstallKB2544893$\inetcomm.dll
+ 2011-06-29 10:00 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2541763$\spuninst\updspapi.dll
+ 2011-06-29 10:00 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2541763$\spuninst\spuninst.exe
+ 2011-06-29 10:00 . 2010-06-30 12:31 149504 c:\windows\$NtUninstallKB2541763$\schannel.dll
+ 2011-06-17 10:05 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276$\spuninst\updspapi.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276$\spuninst\spuninst.exe
+ 2011-06-17 10:05 . 2011-02-17 13:18 455936 c:\windows\$NtUninstallKB2536276$\mrxsmb.sys
+ 2011-08-11 10:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276-v2$\spuninst\updspapi.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe
+ 2011-08-11 10:03 . 2011-04-29 16:19 456320 c:\windows\$NtUninstallKB2536276-v2$\mrxsmb.sys
+ 2011-06-17 10:06 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2535512$\spuninst\updspapi.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2535512$\spuninst\spuninst.exe
+ 2011-06-17 10:06 . 2008-04-13 19:17 105344 c:\windows\$NtUninstallKB2535512$\mup.sys
+ 2011-07-13 10:03 . 2010-06-18 17:45 293376 c:\windows\$NtUninstallKB2507938$\winsrv.dll
+ 2011-07-13 10:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2507938$\spuninst\updspapi.dll
+ 2011-07-13 10:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2507938$\spuninst\spuninst.exe
+ 2011-06-17 10:06 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2503665$\spuninst\updspapi.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2503665$\spuninst\spuninst.exe
+ 2011-06-17 10:06 . 2008-10-16 14:43 138496 c:\windows\$NtUninstallKB2503665$\afd.sys
+ 2011-06-17 10:06 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476490$\spuninst\updspapi.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476490$\spuninst\spuninst.exe
+ 2011-06-17 10:06 . 2008-04-14 00:12 551936 c:\windows\$NtUninstallKB2476490$\oleaut32.dll
+ 2011-09-15 10:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2616676\update\updspapi.dll
+ 2011-09-15 10:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2616676\update\update.exe
+ 2011-09-15 10:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2616676\spuninst.exe
+ 2011-09-09 09:11 . 2011-09-09 09:11 599552 c:\windows\$hf_mig$\KB2616676\SP3QFE\crypt32.dll
+ 2011-09-07 10:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2607712\update\updspapi.dll
+ 2011-09-07 10:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2607712\update\update.exe
+ 2011-09-07 10:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2607712\spuninst.exe
+ 2011-09-03 10:16 . 2011-09-03 10:16 599552 c:\windows\$hf_mig$\KB2607712\SP3QFE\crypt32.dll
+ 2011-10-13 10:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2592799\update\updspapi.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2592799\update\update.exe
+ 2011-10-13 10:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2592799\spuninst.exe
+ 2011-10-12 22:18 . 2011-08-17 13:41 138496 c:\windows\$hf_mig$\KB2592799\SP3QFE\afd.sys
+ 2011-10-13 10:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2586448-IE8\update\updspapi.dll
+ 2011-10-13 10:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2586448-IE8\update\update.exe
+ 2011-10-13 10:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2586448-IE8\spuninst.exe
+ 2011-10-12 22:18 . 2011-08-22 23:47 919552 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 105984 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\url.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 206848 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\occache.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 611840 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mstime.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 602112 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeeds.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 247808 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieproxy.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 184320 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iepeers.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 743424 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedvtool.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 387584 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedkcs32.dll
+ 2011-10-12 22:18 . 2011-08-22 11:52 174080 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ie4uinit.exe
+ 2011-09-15 10:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll
+ 2011-09-15 10:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570947\update\update.exe
+ 2011-09-15 10:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570947\spuninst.exe
+ 2011-08-11 10:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570222\update\updspapi.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570222\update\update.exe
+ 2011-08-11 10:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570222\spuninst.exe
+ 2011-08-11 01:32 . 2011-06-24 14:09 139656 c:\windows\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys
+ 2011-08-11 10:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567680\update\updspapi.dll
+ 2011-08-11 10:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567680\update\update.exe
+ 2011-08-11 10:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567680\spuninst.exe
+ 2011-06-20 17:43 . 2011-06-20 17:43 293376 c:\windows\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
+ 2011-10-13 10:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567053\update\updspapi.dll
+ 2011-10-13 10:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567053\update\update.exe
+ 2011-10-13 10:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567053\spuninst.exe
+ 2011-08-11 10:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2566454\update\updspapi.dll
+ 2011-08-11 10:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2566454\update\update.exe
+ 2011-08-11 10:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2566454\spuninst.exe
+ 2011-08-11 10:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2562937\update\updspapi.dll
+ 2011-08-11 10:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2562937\update\update.exe
+ 2011-08-11 10:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2562937\spuninst.exe
+ 2011-08-11 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2559049-IE8\update\updspapi.dll
+ 2011-08-11 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2559049-IE8\update\update.exe
+ 2011-08-11 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2559049-IE8\spuninst.exe
+ 2011-08-11 01:32 . 2011-06-23 18:33 919552 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 105984 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\url.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 206848 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\occache.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 611840 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mstime.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 602112 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeeds.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 247808 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieproxy.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 184320 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iepeers.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 743424 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedvtool.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 387584 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedkcs32.dll
+ 2011-08-11 01:32 . 2011-06-23 12:19 173568 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ie4uinit.exe
+ 2011-07-13 10:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-07-13 10:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-07-13 10:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-06-17 10:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-06-17 10:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-06-16 18:21 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-06-17 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
+ 2011-06-17 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
+ 2011-06-17 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
+ 2011-06-16 18:21 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
+ 2011-06-29 10:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-06-29 10:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-06-29 10:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-06-17 10:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
+ 2011-06-17 10:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
+ 2011-06-16 18:21 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
+ 2011-08-11 10:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276-v2\update\updspapi.dll
+ 2011-08-11 10:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276-v2\update\update.exe
+ 2011-08-11 10:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276-v2\spuninst.exe
+ 2011-08-11 01:32 . 2011-07-15 13:29 457856 c:\windows\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys
+ 2011-06-17 10:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-06-17 10:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-06-16 18:21 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-06-17 10:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
+ 2011-06-17 10:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
+ 2011-06-17 10:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
+ 2011-06-16 18:21 . 2011-04-25 16:09 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-16 18:21 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
+ 2011-07-13 10:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-07-13 10:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-07-13 10:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-06-17 10:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-06-17 10:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-06-16 18:21 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-06-17 10:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-06-17 10:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-06-17 10:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2011-05-14 03:04 . 2011-05-14 03:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-14 03:04 . 2011-05-14 03:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2009-11-17 22:11 . 2011-08-03 00:38 4517664 c:\windows\system32\usbaaplrc.dll
+ 2004-08-10 11:00 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2011-10-20 01:22 . 2011-02-18 23:36 4184352 c:\windows\system32\ReinstallBackups\0022\DriverFiles\usbaaplrc.dll
+ 2004-08-10 11:00 . 2011-10-03 08:35 5971456 c:\windows\system32\mshtml.dll
+ 2009-03-08 11:32 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2011-10-20 01:22 . 2011-08-03 00:38 4517664 c:\windows\system32\DRVSTORE\usbaapl_091115F4EDEB41DBA0EC91574CE905B4E0482482\usbaaplrc.dll
+ 2011-10-20 01:22 . 2010-04-20 02:29 1461992 c:\windows\system32\DRVSTORE\netaapl_63AA05C4700EB9CAF2D048DAC1D06D764A0D4C41\wdfcoinstaller01009.dll
+ 2004-08-10 11:00 . 2011-09-06 13:20 1858944 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-10 11:00 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-10 11:00 . 2011-10-03 08:35 5971456 c:\windows\system32\dllcache\mshtml.dll
+ 2010-07-18 23:15 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-03-25 13:15 . 2011-03-25 13:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-04-29 04:50 . 2011-04-29 04:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2010-03-23 12:32 . 2010-03-23 12:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-07-07 12:18 . 2011-07-07 12:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-01-18 11:39 . 2011-01-18 11:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-09-23 09:26 . 2010-09-23 09:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 19:02 . 2011-07-07 19:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-07-07 19:02 . 2011-07-07 19:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2011-07-08 20:59 . 2011-07-08 20:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2010-09-23 22:55 . 2010-09-23 22:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2006-07-14 01:59 . 2011-07-13 01:04 1200128 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Web.dll
- 2006-07-14 01:59 . 2009-06-29 18:58 1200128 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Web.dll
- 2006-07-14 01:59 . 2009-06-24 05:00 2281472 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
+ 2006-07-14 01:59 . 2011-07-05 22:45 2281472 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
+ 2006-07-14 01:59 . 2011-07-05 22:46 2408448 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
+ 2006-07-14 01:59 . 2011-07-13 01:05 1998848 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll
- 2006-07-14 01:59 . 2009-06-29 18:58 1998848 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll
+ 2011-05-02 07:06 . 2011-05-02 07:06 2705920 c:\windows\Installer\9549a8ad.msp
+ 2011-07-27 14:42 . 2011-07-27 14:42 4985856 c:\windows\Installer\9549a8a6.msp
+ 2011-09-21 23:18 . 2011-09-21 23:18 4985856 c:\windows\Installer\901a4778.msp
+ 2011-04-29 19:31 . 2011-04-29 19:31 9006080 c:\windows\Installer\77b1288a.msp
+ 2011-04-29 19:28 . 2011-04-29 19:28 1995264 c:\windows\Installer\77b12876.msp
+ 2011-04-29 19:33 . 2011-04-29 19:33 8173568 c:\windows\Installer\77b12859.msp
+ 2011-01-19 06:36 . 2011-01-19 06:36 2687488 c:\windows\Installer\517137b.msp
+ 2011-04-29 19:27 . 2011-04-29 19:27 4158464 c:\windows\Installer\36319a9a.msp
+ 2011-04-28 12:42 . 2011-04-28 12:42 4990976 c:\windows\Installer\36319a86.msp
+ 2011-08-11 00:43 . 2011-08-11 00:43 3795968 c:\windows\Installer\292596df.msp
+ 2011-09-07 04:46 . 2011-09-07 04:46 9006080 c:\windows\Installer\292596cb.msp
+ 2011-08-24 13:37 . 2011-08-24 13:37 4985856 c:\windows\Installer\292596b7.msp
+ 2011-08-11 00:42 . 2011-08-11 00:42 7070208 c:\windows\Installer\292596a3.msp
+ 2011-07-21 19:34 . 2011-07-21 19:34 3456000 c:\windows\Installer\29259690.msp
+ 2011-09-07 04:48 . 2011-09-07 04:48 8181248 c:\windows\Installer\29259685.msp
+ 2011-07-27 14:39 . 2011-07-27 14:39 9892352 c:\windows\Installer\29259656.msp
+ 2011-06-21 19:01 . 2011-06-21 19:01 4991488 c:\windows\Installer\255d85a1.msp
+ 2011-10-20 01:27 . 2011-10-20 01:27 5235200 c:\windows\Installer\2216ebd9.msi
+ 2011-10-20 01:22 . 2011-10-20 01:22 1717248 c:\windows\Installer\2216e1f3.msi
+ 2011-10-20 01:21 . 2011-10-20 01:21 2002432 c:\windows\Installer\2216e196.msi
+ 2011-10-20 01:19 . 2011-10-20 01:19 1532928 c:\windows\Installer\2216e14a.msi
+ 2011-10-20 01:06 . 2011-10-20 01:06 1769984 c:\windows\Installer\220a5c75.msi
+ 2008-05-23 04:01 . 2011-10-13 10:03 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-05-23 04:01 . 2011-04-14 10:11 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-05-23 04:01 . 2011-10-13 10:03 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-01-14 14:10 . 2011-01-14 14:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL
+ 2011-01-14 14:10 . 2011-01-14 14:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL
+ 2011-01-14 14:10 . 2011-01-14 14:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL
+ 2009-04-04 01:21 . 2009-04-04 01:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6425\OARTCONV.DLL
+ 2011-10-13 10:02 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-10-13 10:02 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-10-13 10:02 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-11 10:01 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-11 10:01 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 2048000 c:\windows\assembly\temp\XV5USBOS5I\System.XML.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 2933248 c:\windows\assembly\temp\RY8XGEXVER\System.Data.dll
+ 2011-06-30 10:05 . 2011-08-11 10:06 5025792 c:\windows\assembly\temp\OY83VB9GZX\System.Windows.Forms.dll
+ 2011-06-30 10:06 . 2011-08-11 10:06 3182592 c:\windows\assembly\temp\IY8XAERA80\System.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_42b30a2a\System.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_1e17b73b\System.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_a5718709\System.Xml.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_5f3c4272\System.Xml.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_938a9344\System.Windows.Forms.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_2e9aaee6\System.Windows.Forms.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_77269149\System.Drawing.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_daed9db7\System.Design.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_407b43fd\System.Design.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_beadd7d3\mscorlib.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_31fbfbd0\mscorlib.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 1855488 c:\windows\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_e25d5cfd\System.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 2027520 c:\windows\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_5a7495ac\System.Xml.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 2953216 c:\windows\assembly\NativeImages1_v1.0.3705\System.Windows.Forms\1.0.3300.0__b77a5c561934e089_daa7bdeb\System.Windows.Forms.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 1454080 c:\windows\assembly\NativeImages1_v1.0.3705\System.Design\1.0.3300.0__b03f5f7f11d50a3a_d8f2447f\System.Design.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 3301376 c:\windows\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_a0fd99d6\mscorlib.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d18551efa60108ebed0c8483c43f4e51\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cc51b3dd4d9c89a2c0c1280de68948ce\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c368fff367b6477744ddf3d15cbaccaa\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\95c198599047f7c9253cd76b5abd8d10\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7d8a845118aca7d541ce818b367540f8\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\249b0530e2ad8f34f0ad62a2b8a12368\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-08-11 10:07 . 2011-08-11 10:07 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-10-13 10:10 . 2011-10-13 10:10 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\55d4813580b1e5d268ff0564942cee9c\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 3445248 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\3815544bf407853a8068d21644f83bb2\ttax.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 3445248 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\186ff239f368dcbe3d744d667b464b47\ttax.ni.dll
+ 2011-08-11 10:07 . 2011-08-11 10:07 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-10-13 10:09 . 2011-10-13 10:09 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-11 10:16 . 2011-08-11 10:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll
+ 2011-08-11 10:16 . 2011-08-11 10:16 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-10-13 10:13 . 2011-10-13 10:13 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0f8e14bfdb27645fb1a92ce26f9bf521\System.Printing.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 4949504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\8a9589fd87302a1333af22962bb5f1f1\System.Management.Automation.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 4949504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\1a32e7ce68fa086773b235fc8b525476\System.Management.Automation.ni.dll
+ 2011-10-13 10:13 . 2011-10-13 10:13 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\c729750d54f6e7427230622bcccd4709\System.Data.OracleClient.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\5d5aa4b926ae422607ea833d934665c2\System.Data.OracleClient.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-10-13 10:17 . 2011-10-13 10:17 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\a3ce22c2a84fdcb008d72d230ee0b2c0\System.Data.Entity.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\System.Data.Entity.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\714e9504255565bd9076fe13628e104a\ReachFramework.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7dc6ee14234b0686182ced75f7dae990\PresentationUI.ni.dll
+ 2011-10-13 10:09 . 2011-10-13 10:09 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b42ad515bb20ec1f1250c040371c6730\PresentationBuildTasks.ni.dll
+ 2011-08-11 10:07 . 2011-08-11 10:07 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1\PresentationBuildTasks.ni.dll
+ 2011-08-11 10:14 . 2011-08-11 10:14 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-13 10:18 . 2011-10-13 10:18 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll
+ 2011-08-11 10:15 . 2011-08-11 10:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-13 10:16 . 2011-10-13 10:16 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 10:13 . 2011-08-11 10:13 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 1554944 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\b67367e01dfdda7dbb0abadff1584d42\Intuit.Ctg.Map.ni.dll
+ 2011-10-13 10:15 . 2011-10-13 10:15 1554944 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\5cfd7db73bbc13b5830e99f4fb503539\Intuit.Ctg.Map.ni.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-08 10:02 . 2011-04-14 10:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-06-30 10:05 . 2011-10-13 10:08 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-04-14 10:07 . 2011-04-14 10:07 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-13 10:08 . 2011-10-13 10:08 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-08 10:02 . 2011-04-14 10:07 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-08 10:03 . 2011-04-14 10:08 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-06-30 10:06 . 2011-10-13 10:08 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-10-08 10:00 . 2010-10-08 10:00 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2010-10-08 10:00 . 2010-10-08 10:00 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-13 10:01 . 2011-10-13 10:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-07-18 22:40 . 2010-07-18 22:40 1200128 c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-13 10:02 . 2011-10-13 10:02 1200128 c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-13 10:02 . 2009-06-29 18:58 1200128 c:\windows\$NtUninstallKB2572066$\system.web.dll
+ 2011-10-13 10:02 . 2009-06-24 05:00 2281472 c:\windows\$NtUninstallKB2572066$\mscorwks.dll
+ 2011-10-13 10:02 . 2009-06-24 05:00 2273280 c:\windows\$NtUninstallKB2572066$\mscorsvr.dll
+ 2011-10-13 10:02 . 2009-06-29 18:58 1998848 c:\windows\$NtUninstallKB2572066$\mscorlib.dll
+ 2011-10-13 10:04 . 2011-06-02 14:02 1858944 c:\windows\$NtUninstallKB2567053$\win32k.sys
+ 2011-07-13 10:00 . 2011-03-03 13:21 1857920 c:\windows\$NtUninstallKB2555917$\win32k.sys
+ 2011-10-12 22:18 . 2011-08-22 23:47 1214464 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\urlmon.dll
+ 2011-10-12 22:18 . 2011-10-03 08:34 5972992 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 2001408 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iertutil.dll
+ 2011-09-06 13:25 . 2011-09-06 13:25 1867904 c:\windows\$hf_mig$\KB2567053\SP3QFE\win32k.sys
+ 2011-08-11 01:32 . 2011-06-23 18:33 1214464 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\urlmon.dll
+ 2011-08-11 01:32 . 2011-07-25 15:15 5971456 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
+ 2011-08-11 01:32 . 2011-06-23 18:33 1992192 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iertutil.dll
+ 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-06-16 18:21 . 2011-04-25 16:09 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-16 18:21 . 2011-05-30 22:17 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2006-07-16 05:31 . 2011-11-09 10:00 50295240 c:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2011-08-24 00:48 11081728 c:\windows\system32\ieframe.dll
+ 2010-07-18 23:15 . 2011-08-24 00:48 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-07-13 05:49 . 2011-07-13 05:49 11459584 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp
+ 2011-10-13 10:09 . 2011-10-13 10:09 20333568 c:\windows\Installer\901a478d.msp
+ 2011-07-12 03:43 . 2011-07-12 03:43 11641344 c:\windows\Installer\901a4782.msp
+ 2011-07-12 22:50 . 2011-07-12 22:50 17555968 c:\windows\Installer\901a4766.msp
+ 2011-06-17 10:06 . 2011-06-17 10:06 20333056 c:\windows\Installer\77b12863.msp
+ 2011-03-28 10:27 . 2011-03-28 10:27 15456256 c:\windows\Installer\5171387.msp
+ 2011-04-23 02:41 . 2011-04-23 02:41 11507712 c:\windows\Installer\36319ab2.msp
+ 2011-07-27 14:37 . 2011-07-27 14:37 11592192 c:\windows\Installer\29259671.msp
+ 2009-04-04 01:21 . 2009-04-04 01:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6425\OART.DLL
+ 2011-10-13 10:02 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-08-11 10:01 . 2011-04-26 17:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-17 10:05 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-10-13 10:12 . 2011-10-13 10:12 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
+ 2011-08-11 10:12 . 2011-08-11 10:12 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
+ 2011-08-11 10:11 . 2011-08-11 10:11 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-10-13 10:14 . 2011-10-13 10:14 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll
+ 2011-08-11 10:09 . 2011-08-11 10:09 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-10-13 10:11 . 2011-10-13 10:11 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
+ 2011-10-13 10:10 . 2011-10-13 10:10 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
+ 2011-08-11 10:08 . 2011-08-11 10:08 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
+ 2011-10-13 10:09 . 2011-10-13 10:09 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
+ 2011-06-30 10:07 . 2011-06-30 10:07 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
+ 2011-10-12 22:18 . 2011-08-22 23:47 11084288 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll
+ 2011-06-25 08:03 . 2011-06-25 08:03 11083776 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll
+ 2011-06-16 18:21 . 2011-04-25 16:09 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\documents and settings\Gabe and Sara\Desktop\Security\SUPERAntiSpyware.exe" [2011-06-22 2424192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-12 290816]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-11-07 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2007-02-23 112216]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 136768]
"VX3000"="c:\windows\vVX3000.exe" [2006-10-14 707376]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-14 277296]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-15 344064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-10 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\documents and settings\Gabe and Sara\Desktop\Security\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\documents and settings\Gabe and Sara\Desktop\Security\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 22:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 00:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XAMPP"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Live Meeting 8\\Console\\PWConsole.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3306:TCP"= 3306:TCP:MySQL
.
R1 SASDIFSV;SASDIFSV;c:\documents and settings\Gabe and Sara\Desktop\Security\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\documents and settings\Gabe and Sara\Desktop\Security\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]
R3 Angel;Angel MPEG Device;c:\windows\system32\drivers\Angel.sys [7/13/2006 7:25 PM 375936]
S4 XAMPP;XAMPP Service;c:\xampp\service.exe --> c:\xampp\service.exe [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 00:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.cnn.com/
uInternet Connection Wizard,ShellNext = hxxp://support.dell.com/
uInternet Settings,ProxyOverride = *.local
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.0.1
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Gabe and Sara\Application Data\Mozilla\Firefox\Profiles\1kzd4whu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com
FF - prefs.js: network.proxy.type - 2
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-qkjUlyDxtx.exe - c:\documents and settings\All Users\Application Data\qkjUlyDxtx.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-20 08:46
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,29,1a,87,81,3d,c4,41,94,e9,2b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,29,1a,87,81,3d,c4,41,94,e9,2b,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(796)
c:\documents and settings\Gabe and Sara\Desktop\Security\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(2268)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Intel\Intel Matrix Storage Manager\iaantmon.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\stsystra.exe
c:\program files\McAfee\Common Framework\McTray.exe
c:\windows\eHome\ehmsas.exe
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
c:\program files\Windows Live\Toolbar\wltuser.exe
.
**************************************************************************
.
Completion time: 2011-11-20 09:04:24 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-20 16:03
ComboFix2.txt 2011-05-01 05:39
.
Pre-Run: 114,783,293,440 bytes free
Post-Run: 115,608,113,152 bytes free
.
- - End Of File - - 8C8BE97E25FCDAD2FBA47AAE76CD6FF8

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:13 AM

Posted 20 November 2011 - 12:55 PM

Hello

please run this tool and see if it helps any



I want you to run this custom script for me.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gt7001

gt7001
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 20 November 2011 - 08:13 PM

Gringo,

I'm sorry, but confused over part of the previous post.
> "please run this tool and see if it helps any" > clicked and it just opened a browser window of text. Unsure on what I was supposed to do with this step.

Put the contents of the box "ClearJavaCache::" into a txt file renamed as you specified,drag/dropped into ComboFix and re-ran. Upon initiating, said it needed to update ComboFix, accepted, and let run. Unsure if it applied the drag/drop script.

Same situation, pop-up free, but very slow processing, for all windows functions (opening folders, starting programs, browsing...).

Thanks,
Gabe

Log below:

>>
ComboFix 11-11-20.02 - Gabe and Sara 11/20/2011 14:57:42.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.442 [GMT -7:00]
Running from: c:\documents and settings\Gabe and Sara\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Gabe and Sara\Desktop\CFScript.txt
AV: McAfee VirusScan Enterprise *Disabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-20 to 2011-11-20 )))))))))))))))))))))))))))))))
.
.
2011-11-16 15:32 . 2011-11-16 15:36 -------- d-----w- c:\windows\system32\NtmsData
2011-11-03 13:23 . 2011-11-03 13:24 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-03 13:21 . 2011-11-03 13:21 -------- d-----w- c:\program files\Common Files\Java
2011-11-03 05:52 . 2011-11-03 05:52 -------- d-----w- c:\program files\ESET
2011-11-03 04:28 . 2011-11-03 04:28 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2011-10-24 22:20 . 2011-10-24 22:20 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2011-10-24 21:38 . 2011-10-24 21:38 -------- d-----w- C:\TDSSKiller_Quarantine
2011-10-24 21:02 . 2011-10-24 21:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:22 . 2006-07-14 02:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 12:06 . 2010-07-23 03:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 09:37 . 2010-08-29 22:43 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2004-08-10 11:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41 . 2008-07-30 02:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2004-08-10 11:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2004-08-10 11:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20 . 2004-08-10 11:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 00:00 . 2011-05-24 00:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 06:05 . 2011-08-31 06:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 06:05 . 2011-08-31 06:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 06:05 . 2011-08-31 06:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:48 . 2004-08-10 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-10 11:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-10 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2008-12-11 14:45 . 2008-06-06 20:20 27976 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll
2008-12-11 14:45 . 2008-06-06 20:20 126360 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-11-20_15.47.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-20 20:58 . 2011-11-20 20:58 16384 c:\windows\temp\Perflib_Perfdata_704.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\documents and settings\Gabe and Sara\Desktop\Security\SUPERAntiSpyware.exe" [2011-06-22 2424192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-12 290816]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-11-07 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2007-02-23 112216]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 136768]
"VX3000"="c:\windows\vVX3000.exe" [2006-10-14 707376]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-14 277296]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-15 344064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-10 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\documents and settings\Gabe and Sara\Desktop\Security\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\documents and settings\Gabe and Sara\Desktop\Security\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 22:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 00:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XAMPP"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Live Meeting 8\\Console\\PWConsole.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3306:TCP"= 3306:TCP:MySQL
.
R1 SASDIFSV;SASDIFSV;c:\documents and settings\Gabe and Sara\Desktop\Security\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\documents and settings\Gabe and Sara\Desktop\Security\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]
R3 Angel;Angel MPEG Device;c:\windows\system32\drivers\Angel.sys [7/13/2006 7:25 PM 375936]
S4 XAMPP;XAMPP Service;c:\xampp\service.exe --> c:\xampp\service.exe [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 00:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.cnn.com/
uInternet Connection Wizard,ShellNext = hxxp://support.dell.com/
uInternet Settings,ProxyOverride = *.local
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.0.1
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Gabe and Sara\Application Data\Mozilla\Firefox\Profiles\1kzd4whu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com
FF - prefs.js: network.proxy.type - 2
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-20 15:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,29,1a,87,81,3d,c4,41,94,e9,2b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,29,1a,87,81,3d,c4,41,94,e9,2b,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(796)
c:\documents and settings\Gabe and Sara\Desktop\Security\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(232)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
.
Completion time: 2011-11-20 15:44:59
ComboFix-quarantined-files.txt 2011-11-20 22:44
ComboFix2.txt 2011-11-20 21:16
ComboFix3.txt 2011-11-20 16:04
ComboFix4.txt 2011-05-01 05:39
.
Pre-Run: 115,860,078,592 bytes free
Post-Run: 115,875,577,856 bytes free
.
- - End Of File - - 2B2B49AECACDDA8BD8B88DC0E1E59337

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:13 AM

Posted 20 November 2011 - 09:06 PM

click on the words this tool


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gt7001

gt7001
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 20 November 2011 - 09:38 PM

I did. It brought up a browser window of text (below), nothing that executed, as far as I could tell.
What am i missing?
Gabe

**
"' Visual Basic Script program to reset the DMA status of all ATA drives

' Copyright 2006 Hans-Georg Michna

' Version 2007-04-04

' Works in Windows XP, probably also in Windows 2000 and NT.
' Does no harm if Windows version is incompatible.

If MsgBox("This program will now reset the DMA status of all ATA drives with Windows drivers." _
& vbNewline & "Windows will redetect the status after the next reboot, therefore this procedure" _
& vbNewline & "should be harmless.", _
vbOkCancel, "Program start message") _
= vbOk Then

RegPath = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\"
ValueName1Master = "MasterIdDataChecksum"
ValueName1Slave = "SlaveIdDataChecksum"
ValueName2Master = "UserMasterDeviceTimingModeAllowed"
ValueName2Slave = "UserSlaveDeviceTimingModeAllowed"
ValueName3 = "ResetErrorCountersOnSuccess"
MessageText = "The following ATA channels have been reset:"
MessageTextLen0 = Len(MessageText)
ConsecutiveMisses = 0
Set WshShell = WScript.CreateObject("WScript.Shell")

For i = 0 to 999
RegSubPath = Right("000" & i, 4) & "\"

' Master

Err.Clear
On Error Resume Next
WshShell.RegRead RegPath & RegSubPath & ValueName1Master
errMaster = Err.Number
On Error Goto 0
If errMaster = 0 Then
On Error Resume Next
WshShell.RegDelete RegPath & RegSubPath & ValueName1Master
WshShell.RegDelete RegPath & RegSubPath & ValueName2Master
On Error Goto 0
MessageText = MessageText & vbNewLine & "Master"
End If

' Slave

Err.Clear
On Error Resume Next
WshShell.RegRead RegPath & RegSubPath & ValueName1Slave
errSlave = Err.Number
On Error Goto 0
If errSlave = 0 Then
On Error Resume Next
WshShell.RegDelete RegPath & RegSubPath & ValueName1Slave
WshShell.RegDelete RegPath & RegSubPath & ValueName2Slave
On Error Goto 0
If errMaster = 0 Then
MessageText = MessageText & " and "
Else
MessageText = MessageText & vbNewLine
End If
MessageText = MessageText & "Slave"
End If

If errMaster = 0 Or errSlave = 0 Then
On Error Resume Next
WshShell.RegWrite RegPath & RegSubPath & ValueName3, 1, "REG_DWORD"
On Error Goto 0
ChannelName = "unnamed channel " & Left(RegSubPath, 4)
On Error Resume Next
ChannelName = WshShell.RegRead(RegPath & RegSubPath & "DriverDesc")
On Error Goto 0
MessageText = MessageText & " of " & ChannelName & ";"
ConsecutiveMisses = 0
Else
ConsecutiveMisses = ConsecutiveMisses + 1
If ConsecutiveMisses >= 32 Then Exit For ' Don't search unnecessarily long.
End If
Next ' i

If Len(MessageText) <= MessageTextLen0 Then
MessageText = "No resettable ATA channels with Windows drivers found. Nothing changed."
Else
MessageText = MessageText & vbNewline _
& "Please reboot now to reset and redetect the DMA status."
End If

MsgBox MessageText, vbOkOnly, "Program finished normally"

End If ' MsgBox(...) = vbOk

' End of Visual Basic Script program
"

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:13 AM

Posted 20 November 2011 - 09:56 PM

OK right click on the link and choose save as and then save it to desktop and once it is on the desktop right click again and select run


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gt7001

gt7001
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 20 November 2011 - 10:14 PM

10-4. Saved, deleted the .txt file extension and ran.

Computer is a bit more responsive now, but still noticing:
- Random infrequent IE popups, odd considering I chiefly use Firefox.
- Programs Folders are empty (hidden) in Start > All Programs

Gabe

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:13 AM

Posted 20 November 2011 - 10:58 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gt7001

gt7001
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 20 November 2011 - 11:09 PM

Can't get that to run. No errors, no nothing, no initiation.
Tried renaming it and still nothing.
Gabe

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:13 AM

Posted 20 November 2011 - 11:15 PM

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun TDSSKiller for me and send me the report

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gt7001

gt7001
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 20 November 2011 - 11:28 PM

That's the ticket.

fixtdss.exe ran, accepted, restarted, and upon restart detected "***Infected MBR Detected" > hit repair, successful.

TDSSKiller immediately ran. Log below.

No problems yet, no popups or redirects. Only noticeable problem is start menu folders are still hidden.


21:22:50.0265 3404 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
21:22:50.0812 3404 ============================================================
21:22:50.0812 3404 Current date / time: 2011/11/20 21:22:50.0812
21:22:50.0812 3404 SystemInfo:
21:22:50.0812 3404
21:22:50.0812 3404 OS Version: 5.1.2600 ServicePack: 3.0
21:22:50.0812 3404 Product type: Workstation
21:22:50.0812 3404 ComputerName: IVANHOE
21:22:50.0812 3404 UserName: Gabe and Sara
21:22:50.0812 3404 Windows directory: C:\WINDOWS
21:22:50.0812 3404 System windows directory: C:\WINDOWS
21:22:50.0812 3404 Processor architecture: Intel x86
21:22:50.0812 3404 Number of processors: 2
21:22:50.0812 3404 Page size: 0x1000
21:22:50.0812 3404 Boot type: Normal boot
21:22:50.0812 3404 ============================================================
21:22:51.0640 3404 Initialize success
21:23:00.0453 3572 ============================================================
21:23:00.0453 3572 Scan started
21:23:00.0453 3572 Mode: Manual;
21:23:00.0453 3572 ============================================================
21:23:00.0906 3572 16116DC - ok
21:23:00.0937 3572 Abiosdsk - ok
21:23:00.0953 3572 abp480n5 - ok
21:23:00.0984 3572 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:23:00.0984 3572 ACPI - ok
21:23:01.0031 3572 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:23:01.0031 3572 ACPIEC - ok
21:23:01.0031 3572 adpu160m - ok
21:23:01.0093 3572 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:23:01.0093 3572 aec - ok
21:23:01.0187 3572 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:23:01.0187 3572 AFD - ok
21:23:01.0187 3572 Aha154x - ok
21:23:01.0203 3572 aic78u2 - ok
21:23:01.0218 3572 aic78xx - ok
21:23:01.0234 3572 AliIde - ok
21:23:01.0234 3572 amsint - ok
21:23:01.0296 3572 Angel (d9b99ec3c1ce74d1a451b349255c69ef) C:\WINDOWS\system32\DRIVERS\Angel.sys
21:23:01.0328 3572 Angel - ok
21:23:01.0343 3572 asc - ok
21:23:01.0359 3572 asc3350p - ok
21:23:01.0375 3572 asc3550 - ok
21:23:01.0390 3572 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:23:01.0390 3572 AsyncMac - ok
21:23:01.0437 3572 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:23:01.0437 3572 atapi - ok
21:23:01.0453 3572 Atdisk - ok
21:23:01.0546 3572 ati2mtag (b8142104502f794689c1c0bcbfb53b98) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:23:01.0656 3572 ati2mtag - ok
21:23:01.0703 3572 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:23:01.0703 3572 Atmarpc - ok
21:23:01.0734 3572 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:23:01.0734 3572 audstub - ok
21:23:01.0812 3572 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:23:01.0812 3572 Beep - ok
21:23:01.0890 3572 catchme - ok
21:23:01.0953 3572 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:23:01.0953 3572 cbidf2k - ok
21:23:01.0984 3572 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:23:01.0984 3572 CCDECODE - ok
21:23:02.0000 3572 cd20xrnt - ok
21:23:02.0015 3572 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:23:02.0015 3572 Cdaudio - ok
21:23:02.0031 3572 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:23:02.0031 3572 Cdfs - ok
21:23:02.0046 3572 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:23:02.0046 3572 Cdrom - ok
21:23:02.0078 3572 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
21:23:02.0078 3572 cercsr6 - ok
21:23:02.0093 3572 Changer - ok
21:23:02.0109 3572 CmdIde - ok
21:23:02.0140 3572 Cpqarray - ok
21:23:02.0156 3572 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
21:23:02.0156 3572 CVirtA - ok
21:23:02.0171 3572 dac2w2k - ok
21:23:02.0171 3572 dac960nt - ok
21:23:02.0187 3572 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:23:02.0187 3572 Disk - ok
21:23:02.0218 3572 DLABOIOM (d8d58a84f3ece3359df95fd2e459b330) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:23:02.0218 3572 DLABOIOM - ok
21:23:02.0234 3572 DLACDBHM (ec6ae8bc9f773382d2eed49e4dfdae2a) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:23:02.0234 3572 DLACDBHM - ok
21:23:02.0250 3572 DLADResN (27c78078bd9c4f2de2ad3eb04bfe101b) C:\WINDOWS\system32\DLA\DLADResN.SYS
21:23:02.0250 3572 DLADResN - ok
21:23:02.0250 3572 DLAIFS_M (7f2d93e560b763ef5d11422d78da8ed0) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:23:02.0250 3572 DLAIFS_M - ok
21:23:02.0265 3572 DLAOPIOM (f643637de6aac57e38d197aa63d9ea74) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:23:02.0265 3572 DLAOPIOM - ok
21:23:02.0281 3572 DLAPoolM (340705474807f57a46d59d18fc2959f1) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:23:02.0281 3572 DLAPoolM - ok
21:23:02.0281 3572 DLARTL_N (0605b66052f82b6f07204dbdb61c13ff) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
21:23:02.0281 3572 DLARTL_N - ok
21:23:02.0296 3572 DLAUDFAM (6984ea763907c045ce813468882bc587) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:23:02.0296 3572 DLAUDFAM - ok
21:23:02.0312 3572 DLAUDF_M (12b30c449cfd36adbed53eb6560933c6) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:23:02.0312 3572 DLAUDF_M - ok
21:23:02.0343 3572 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:23:02.0375 3572 dmboot - ok
21:23:02.0390 3572 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:23:02.0390 3572 dmio - ok
21:23:02.0406 3572 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:23:02.0406 3572 dmload - ok
21:23:02.0421 3572 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:23:02.0421 3572 DMusic - ok
21:23:02.0437 3572 dpti2o - ok
21:23:02.0453 3572 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:23:02.0453 3572 drmkaud - ok
21:23:02.0468 3572 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:23:02.0484 3572 DRVMCDB - ok
21:23:02.0484 3572 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:23:02.0484 3572 DRVNDDM - ok
21:23:02.0515 3572 e1express (0849eacdc01487573add86f5e470806c) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
21:23:02.0531 3572 e1express - ok
21:23:02.0593 3572 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:23:02.0593 3572 Fastfat - ok
21:23:02.0687 3572 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:23:02.0687 3572 Fdc - ok
21:23:02.0750 3572 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:23:02.0750 3572 Fips - ok
21:23:02.0765 3572 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:23:02.0765 3572 Flpydisk - ok
21:23:02.0843 3572 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:23:02.0859 3572 FltMgr - ok
21:23:02.0906 3572 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
21:23:02.0906 3572 fssfltr - ok
21:23:02.0921 3572 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:23:02.0921 3572 Fs_Rec - ok
21:23:02.0937 3572 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:23:02.0937 3572 Ftdisk - ok
21:23:02.0968 3572 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
21:23:02.0968 3572 GEARAspiWDM - ok
21:23:02.0984 3572 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:23:02.0984 3572 Gpc - ok
21:23:03.0000 3572 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:23:03.0000 3572 HDAudBus - ok
21:23:03.0015 3572 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:23:03.0015 3572 hidusb - ok
21:23:03.0031 3572 hpn - ok
21:23:03.0062 3572 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:23:03.0062 3572 HPZid412 - ok
21:23:03.0093 3572 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:23:03.0093 3572 HPZipr12 - ok
21:23:03.0125 3572 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:23:03.0125 3572 HPZius12 - ok
21:23:03.0171 3572 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:23:03.0171 3572 HTTP - ok
21:23:03.0187 3572 i2omgmt - ok
21:23:03.0203 3572 i2omp - ok
21:23:03.0203 3572 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
21:23:03.0203 3572 i8042prt - ok
21:23:03.0250 3572 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\DRIVERS\iaStor.sys
21:23:03.0265 3572 iastor - ok
21:23:03.0281 3572 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:23:03.0281 3572 Imapi - ok
21:23:03.0296 3572 ini910u - ok
21:23:03.0343 3572 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
21:23:03.0390 3572 IntelC51 - ok
21:23:03.0421 3572 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
21:23:03.0437 3572 IntelC52 - ok
21:23:03.0453 3572 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
21:23:03.0453 3572 IntelC53 - ok
21:23:03.0453 3572 IntelIde - ok
21:23:03.0468 3572 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:23:03.0484 3572 intelppm - ok
21:23:03.0515 3572 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:23:03.0515 3572 Ip6Fw - ok
21:23:03.0531 3572 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:23:03.0531 3572 IpInIp - ok
21:23:03.0546 3572 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:23:03.0546 3572 IpNat - ok
21:23:03.0562 3572 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:23:03.0609 3572 IPSec - ok
21:23:03.0718 3572 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:23:03.0718 3572 IRENUM - ok
21:23:03.0750 3572 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:23:03.0750 3572 isapnp - ok
21:23:03.0765 3572 JL2005C - ok
21:23:03.0796 3572 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:23:03.0796 3572 Kbdclass - ok
21:23:03.0812 3572 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:23:03.0812 3572 kbdhid - ok
21:23:03.0875 3572 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:23:03.0875 3572 kmixer - ok
21:23:03.0906 3572 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:23:03.0906 3572 KSecDD - ok
21:23:03.0968 3572 lbrtfdc - ok
21:23:04.0015 3572 mfeapfk (b5c306c5b5e7417b9d2b410894678069) C:\WINDOWS\system32\drivers\mfeapfk.sys
21:23:04.0015 3572 mfeapfk - ok
21:23:04.0031 3572 mfeavfk (87b28198b308af3469d6e0b81d86c1fa) C:\WINDOWS\system32\drivers\mfeavfk.sys
21:23:04.0031 3572 mfeavfk - ok
21:23:04.0046 3572 mfebopk (cf37784dd24c83f62626bc0ea3f5e386) C:\WINDOWS\system32\drivers\mfebopk.sys
21:23:04.0062 3572 mfebopk - ok
21:23:04.0078 3572 mfehidk (241c09c7d8c589ea1d72a36e6578e42c) C:\WINDOWS\system32\drivers\mfehidk.sys
21:23:04.0078 3572 mfehidk - ok
21:23:04.0125 3572 mferkdk (37b5228bea6b4429ffb90dfa77af4431) C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys
21:23:04.0125 3572 mferkdk - ok
21:23:04.0140 3572 mfetdik (19c2d8af421e96d12e4004ca2162dbe9) C:\WINDOWS\system32\drivers\mfetdik.sys
21:23:04.0140 3572 mfetdik - ok
21:23:04.0171 3572 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
21:23:04.0171 3572 MHNDRV - ok
21:23:04.0187 3572 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:23:04.0187 3572 mnmdd - ok
21:23:04.0203 3572 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:23:04.0203 3572 Modem - ok
21:23:04.0234 3572 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:23:04.0234 3572 MODEMCSA - ok
21:23:04.0250 3572 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
21:23:04.0250 3572 mohfilt - ok
21:23:04.0250 3572 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:23:04.0250 3572 Mouclass - ok
21:23:04.0281 3572 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:23:04.0281 3572 mouhid - ok
21:23:04.0296 3572 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:23:04.0296 3572 MountMgr - ok
21:23:04.0312 3572 mraid35x - ok
21:23:04.0328 3572 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:23:04.0328 3572 MRxDAV - ok
21:23:04.0359 3572 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:23:04.0359 3572 MRxSmb - ok
21:23:04.0375 3572 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:23:04.0375 3572 Msfs - ok
21:23:04.0406 3572 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:23:04.0406 3572 MSKSSRV - ok
21:23:04.0421 3572 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:23:04.0421 3572 MSPCLOCK - ok
21:23:04.0437 3572 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:23:04.0437 3572 MSPQM - ok
21:23:04.0453 3572 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:23:04.0453 3572 mssmbios - ok
21:23:04.0468 3572 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:23:04.0468 3572 MSTEE - ok
21:23:04.0500 3572 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:23:04.0500 3572 Mup - ok
21:23:04.0515 3572 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:23:04.0515 3572 NABTSFEC - ok
21:23:04.0531 3572 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:23:04.0531 3572 NDIS - ok
21:23:04.0546 3572 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:23:04.0546 3572 NdisIP - ok
21:23:04.0625 3572 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:23:04.0671 3572 NdisTapi - ok
21:23:04.0703 3572 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:23:04.0703 3572 Ndisuio - ok
21:23:04.0718 3572 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:23:04.0718 3572 NdisWan - ok
21:23:04.0734 3572 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:23:04.0734 3572 NDProxy - ok
21:23:04.0750 3572 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:23:04.0750 3572 NetBIOS - ok
21:23:04.0765 3572 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:23:04.0765 3572 NetBT - ok
21:23:04.0796 3572 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:23:04.0796 3572 Npfs - ok
21:23:04.0812 3572 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:23:04.0828 3572 Ntfs - ok
21:23:04.0921 3572 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:23:04.0921 3572 Null - ok
21:23:04.0953 3572 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:23:04.0953 3572 NwlnkFlt - ok
21:23:04.0968 3572 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:23:04.0968 3572 NwlnkFwd - ok
21:23:04.0984 3572 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
21:23:04.0984 3572 OMCI - ok
21:23:05.0031 3572 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:23:05.0031 3572 Parport - ok
21:23:05.0046 3572 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:23:05.0046 3572 PartMgr - ok
21:23:05.0062 3572 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:23:05.0062 3572 ParVdm - ok
21:23:05.0078 3572 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:23:05.0078 3572 PCI - ok
21:23:05.0078 3572 PCIDump - ok
21:23:05.0109 3572 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:23:05.0109 3572 PCIIde - ok
21:23:05.0125 3572 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:23:05.0125 3572 Pcmcia - ok
21:23:05.0140 3572 PDCOMP - ok
21:23:05.0140 3572 PDFRAME - ok
21:23:05.0156 3572 PDRELI - ok
21:23:05.0171 3572 PDRFRAME - ok
21:23:05.0171 3572 perc2 - ok
21:23:05.0187 3572 perc2hib - ok
21:23:05.0218 3572 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:23:05.0218 3572 PptpMiniport - ok
21:23:05.0234 3572 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:23:05.0234 3572 PSched - ok
21:23:05.0250 3572 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:23:05.0250 3572 Ptilink - ok
21:23:05.0265 3572 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:23:05.0265 3572 PxHelp20 - ok
21:23:05.0281 3572 ql1080 - ok
21:23:05.0281 3572 Ql10wnt - ok
21:23:05.0296 3572 ql12160 - ok
21:23:05.0312 3572 ql1240 - ok
21:23:05.0312 3572 ql1280 - ok
21:23:05.0328 3572 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:23:05.0328 3572 RasAcd - ok
21:23:05.0343 3572 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:23:05.0343 3572 Rasl2tp - ok
21:23:05.0359 3572 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:23:05.0359 3572 RasPppoe - ok
21:23:05.0375 3572 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:23:05.0375 3572 Raspti - ok
21:23:05.0390 3572 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:23:05.0390 3572 Rdbss - ok
21:23:05.0390 3572 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:23:05.0390 3572 RDPCDD - ok
21:23:05.0406 3572 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:23:05.0421 3572 rdpdr - ok
21:23:05.0437 3572 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:23:05.0437 3572 RDPWD - ok
21:23:05.0453 3572 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:23:05.0453 3572 redbook - ok
21:23:05.0515 3572 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Documents and Settings\Gabe and Sara\Desktop\Security\SASDIFSV.SYS
21:23:05.0515 3572 SASDIFSV - ok
21:23:05.0531 3572 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Documents and Settings\Gabe and Sara\Desktop\Security\SASKUTIL.SYS
21:23:05.0531 3572 SASKUTIL - ok
21:23:05.0609 3572 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:23:05.0625 3572 Secdrv - ok
21:23:05.0656 3572 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:23:05.0656 3572 Serial - ok
21:23:05.0687 3572 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:23:05.0687 3572 Sfloppy - ok
21:23:05.0703 3572 Simbad - ok
21:23:05.0734 3572 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:23:05.0734 3572 SLIP - ok
21:23:05.0750 3572 Sparrow - ok
21:23:05.0765 3572 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:23:05.0765 3572 splitter - ok
21:23:05.0781 3572 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:23:05.0781 3572 sr - ok
21:23:05.0812 3572 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:23:05.0828 3572 Srv - ok
21:23:05.0906 3572 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
21:23:05.0968 3572 STHDA - ok
21:23:06.0031 3572 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:23:06.0031 3572 streamip - ok
21:23:06.0078 3572 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:23:06.0078 3572 swenum - ok
21:23:06.0093 3572 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:23:06.0093 3572 swmidi - ok
21:23:06.0156 3572 symc810 - ok
21:23:06.0187 3572 symc8xx - ok
21:23:06.0203 3572 sym_hi - ok
21:23:06.0203 3572 sym_u3 - ok
21:23:06.0250 3572 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:23:06.0250 3572 sysaudio - ok
21:23:06.0328 3572 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:23:06.0328 3572 Tcpip - ok
21:23:06.0375 3572 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:23:06.0375 3572 TDPIPE - ok
21:23:06.0406 3572 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:23:06.0406 3572 TDTCP - ok
21:23:06.0437 3572 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:23:06.0453 3572 TermDD - ok
21:23:06.0515 3572 tmcomm (df8444a8fa8fd38d8848bdd40a8403b3) C:\WINDOWS\system32\drivers\tmcomm.sys
21:23:06.0515 3572 tmcomm - ok
21:23:06.0515 3572 TosIde - ok
21:23:06.0578 3572 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:23:06.0578 3572 Udfs - ok
21:23:06.0593 3572 ultra - ok
21:23:06.0671 3572 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:23:06.0687 3572 Update - ok
21:23:06.0750 3572 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
21:23:06.0750 3572 USBAAPL - ok
21:23:06.0890 3572 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:23:06.0890 3572 usbaudio - ok
21:23:07.0015 3572 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:23:07.0015 3572 usbccgp - ok
21:23:07.0140 3572 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:23:07.0140 3572 usbehci - ok
21:23:07.0296 3572 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:23:07.0296 3572 usbhub - ok
21:23:07.0421 3572 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:23:07.0421 3572 usbprint - ok
21:23:07.0468 3572 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:23:07.0468 3572 usbscan - ok
21:23:07.0578 3572 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:23:07.0578 3572 USBSTOR - ok
21:23:07.0671 3572 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:23:07.0703 3572 usbuhci - ok
21:23:07.0765 3572 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:23:07.0765 3572 VgaSave - ok
21:23:07.0828 3572 ViaIde - ok
21:23:07.0875 3572 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:23:07.0875 3572 VolSnap - ok
21:23:08.0031 3572 VX3000 (45798ec03c6aeb45aa2f2084f7842f6c) C:\WINDOWS\system32\DRIVERS\VX3000.sys
21:23:08.0156 3572 VX3000 - ok
21:23:08.0328 3572 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:23:08.0328 3572 Wanarp - ok
21:23:08.0359 3572 WDICA - ok
21:23:08.0421 3572 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:23:08.0421 3572 wdmaud - ok
21:23:08.0578 3572 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:23:08.0609 3572 WSTCODEC - ok
21:23:08.0687 3572 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:23:08.0718 3572 WudfPf - ok
21:23:08.0734 3572 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:23:08.0734 3572 WudfRd - ok
21:23:08.0796 3572 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:23:08.0984 3572 \Device\Harddisk0\DR0 - ok
21:23:08.0984 3572 Boot (0x1200) (e8b4d164745e0ccbe811f995b0e9e7c1) \Device\Harddisk0\DR0\Partition0
21:23:08.0984 3572 \Device\Harddisk0\DR0\Partition0 - ok
21:23:08.0984 3572 ============================================================
21:23:08.0984 3572 Scan finished
21:23:08.0984 3572 ============================================================
21:23:09.0000 1428 Detected object count: 0
21:23:09.0000 1428 Actual detected object count: 0
21:23:29.0218 1692 ============================================================
21:23:29.0218 1692 Scan started
21:23:29.0218 1692 Mode: Manual;
21:23:29.0218 1692 ============================================================
21:23:29.0390 1692 16116DC - ok
21:23:29.0421 1692 Abiosdsk - ok
21:23:29.0421 1692 abp480n5 - ok
21:23:29.0484 1692 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:23:29.0484 1692 ACPI - ok
21:23:29.0609 1692 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:23:29.0625 1692 ACPIEC - ok
21:23:29.0718 1692 adpu160m - ok
21:23:29.0781 1692 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:23:29.0781 1692 aec - ok
21:23:29.0859 1692 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:23:29.0859 1692 AFD - ok
21:23:29.0875 1692 Aha154x - ok
21:23:29.0875 1692 aic78u2 - ok
21:23:29.0890 1692 aic78xx - ok
21:23:29.0906 1692 AliIde - ok
21:23:29.0906 1692 amsint - ok
21:23:29.0953 1692 Angel (d9b99ec3c1ce74d1a451b349255c69ef) C:\WINDOWS\system32\DRIVERS\Angel.sys
21:23:29.0953 1692 Angel - ok
21:23:29.0953 1692 asc - ok
21:23:29.0968 1692 asc3350p - ok
21:23:29.0984 1692 asc3550 - ok
21:23:30.0015 1692 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:23:30.0015 1692 AsyncMac - ok
21:23:30.0046 1692 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:23:30.0046 1692 atapi - ok
21:23:30.0046 1692 Atdisk - ok
21:23:30.0109 1692 ati2mtag (b8142104502f794689c1c0bcbfb53b98) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:23:30.0109 1692 ati2mtag - ok
21:23:30.0125 1692 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:23:30.0125 1692 Atmarpc - ok
21:23:30.0156 1692 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:23:30.0156 1692 audstub - ok
21:23:30.0171 1692 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:23:30.0171 1692 Beep - ok
21:23:30.0187 1692 catchme - ok
21:23:30.0203 1692 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:23:30.0203 1692 cbidf2k - ok
21:23:30.0218 1692 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:23:30.0218 1692 CCDECODE - ok
21:23:30.0234 1692 cd20xrnt - ok
21:23:30.0265 1692 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:23:30.0265 1692 Cdaudio - ok
21:23:30.0265 1692 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:23:30.0265 1692 Cdfs - ok
21:23:30.0281 1692 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:23:30.0281 1692 Cdrom - ok
21:23:30.0296 1692 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
21:23:30.0312 1692 cercsr6 - ok
21:23:30.0312 1692 Changer - ok
21:23:30.0328 1692 CmdIde - ok
21:23:30.0343 1692 Cpqarray - ok
21:23:30.0375 1692 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
21:23:30.0375 1692 CVirtA - ok
21:23:30.0390 1692 dac2w2k - ok
21:23:30.0390 1692 dac960nt - ok
21:23:30.0406 1692 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:23:30.0406 1692 Disk - ok
21:23:30.0437 1692 DLABOIOM (d8d58a84f3ece3359df95fd2e459b330) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:23:30.0437 1692 DLABOIOM - ok
21:23:30.0437 1692 DLACDBHM (ec6ae8bc9f773382d2eed49e4dfdae2a) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:23:30.0437 1692 DLACDBHM - ok
21:23:30.0453 1692 DLADResN (27c78078bd9c4f2de2ad3eb04bfe101b) C:\WINDOWS\system32\DLA\DLADResN.SYS
21:23:30.0453 1692 DLADResN - ok
21:23:30.0468 1692 DLAIFS_M (7f2d93e560b763ef5d11422d78da8ed0) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:23:30.0468 1692 DLAIFS_M - ok
21:23:30.0468 1692 DLAOPIOM (f643637de6aac57e38d197aa63d9ea74) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:23:30.0468 1692 DLAOPIOM - ok
21:23:30.0484 1692 DLAPoolM (340705474807f57a46d59d18fc2959f1) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:23:30.0484 1692 DLAPoolM - ok
21:23:30.0484 1692 DLARTL_N (0605b66052f82b6f07204dbdb61c13ff) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
21:23:30.0484 1692 DLARTL_N - ok
21:23:30.0500 1692 DLAUDFAM (6984ea763907c045ce813468882bc587) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:23:30.0500 1692 DLAUDFAM - ok
21:23:30.0578 1692 DLAUDF_M (12b30c449cfd36adbed53eb6560933c6) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:23:30.0578 1692 DLAUDF_M - ok
21:23:30.0625 1692 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:23:30.0625 1692 dmboot - ok
21:23:30.0671 1692 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:23:30.0671 1692 dmio - ok
21:23:30.0671 1692 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:23:30.0671 1692 dmload - ok
21:23:30.0687 1692 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:23:30.0687 1692 DMusic - ok
21:23:30.0703 1692 dpti2o - ok
21:23:30.0718 1692 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:23:30.0718 1692 drmkaud - ok
21:23:30.0734 1692 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:23:30.0734 1692 DRVMCDB - ok
21:23:30.0734 1692 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:23:30.0750 1692 DRVNDDM - ok
21:23:30.0750 1692 e1express (0849eacdc01487573add86f5e470806c) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
21:23:30.0750 1692 e1express - ok
21:23:30.0781 1692 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:23:30.0796 1692 Fastfat - ok
21:23:30.0796 1692 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:23:30.0796 1692 Fdc - ok
21:23:30.0812 1692 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:23:30.0812 1692 Fips - ok
21:23:30.0828 1692 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:23:30.0828 1692 Flpydisk - ok
21:23:30.0828 1692 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:23:30.0828 1692 FltMgr - ok
21:23:30.0875 1692 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
21:23:30.0875 1692 fssfltr - ok
21:23:30.0890 1692 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:23:30.0890 1692 Fs_Rec - ok
21:23:30.0906 1692 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:23:30.0906 1692 Ftdisk - ok
21:23:30.0921 1692 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
21:23:30.0921 1692 GEARAspiWDM - ok
21:23:30.0937 1692 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:23:30.0937 1692 Gpc - ok
21:23:30.0953 1692 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:23:30.0953 1692 HDAudBus - ok
21:23:30.0968 1692 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:23:30.0968 1692 hidusb - ok
21:23:31.0000 1692 hpn - ok
21:23:31.0031 1692 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:23:31.0031 1692 HPZid412 - ok
21:23:31.0078 1692 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:23:31.0078 1692 HPZipr12 - ok
21:23:31.0109 1692 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:23:31.0109 1692 HPZius12 - ok
21:23:31.0140 1692 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:23:31.0140 1692 HTTP - ok
21:23:31.0156 1692 i2omgmt - ok
21:23:31.0171 1692 i2omp - ok
21:23:31.0171 1692 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
21:23:31.0171 1692 i8042prt - ok
21:23:31.0218 1692 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\DRIVERS\iaStor.sys
21:23:31.0218 1692 iastor - ok
21:23:31.0234 1692 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:23:31.0234 1692 Imapi - ok
21:23:31.0250 1692 ini910u - ok
21:23:31.0312 1692 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
21:23:31.0312 1692 IntelC51 - ok
21:23:31.0343 1692 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
21:23:31.0343 1692 IntelC52 - ok
21:23:31.0359 1692 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
21:23:31.0359 1692 IntelC53 - ok
21:23:31.0375 1692 IntelIde - ok
21:23:31.0390 1692 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:23:31.0390 1692 intelppm - ok
21:23:31.0421 1692 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:23:31.0421 1692 Ip6Fw - ok
21:23:31.0437 1692 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:23:31.0437 1692 IpInIp - ok
21:23:31.0453 1692 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:23:31.0453 1692 IpNat - ok
21:23:31.0468 1692 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:23:31.0468 1692 IPSec - ok
21:23:31.0484 1692 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:23:31.0484 1692 IRENUM - ok
21:23:31.0500 1692 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:23:31.0500 1692 isapnp - ok
21:23:31.0593 1692 JL2005C - ok
21:23:31.0687 1692 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:23:31.0687 1692 Kbdclass - ok
21:23:31.0718 1692 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:23:31.0718 1692 kbdhid - ok
21:23:31.0796 1692 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:23:31.0796 1692 kmixer - ok
21:23:31.0859 1692 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:23:31.0859 1692 KSecDD - ok
21:23:31.0875 1692 lbrtfdc - ok
21:23:31.0937 1692 mfeapfk (b5c306c5b5e7417b9d2b410894678069) C:\WINDOWS\system32\drivers\mfeapfk.sys
21:23:31.0937 1692 mfeapfk - ok
21:23:31.0968 1692 mfeavfk (87b28198b308af3469d6e0b81d86c1fa) C:\WINDOWS\system32\drivers\mfeavfk.sys
21:23:31.0968 1692 mfeavfk - ok
21:23:31.0984 1692 mfebopk (cf37784dd24c83f62626bc0ea3f5e386) C:\WINDOWS\system32\drivers\mfebopk.sys
21:23:31.0984 1692 mfebopk - ok
21:23:32.0000 1692 mfehidk (241c09c7d8c589ea1d72a36e6578e42c) C:\WINDOWS\system32\drivers\mfehidk.sys
21:23:32.0000 1692 mfehidk - ok
21:23:32.0046 1692 mferkdk (37b5228bea6b4429ffb90dfa77af4431) C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys
21:23:32.0046 1692 mferkdk - ok
21:23:32.0062 1692 mfetdik (19c2d8af421e96d12e4004ca2162dbe9) C:\WINDOWS\system32\drivers\mfetdik.sys
21:23:32.0062 1692 mfetdik - ok
21:23:32.0093 1692 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
21:23:32.0093 1692 MHNDRV - ok
21:23:32.0109 1692 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:23:32.0109 1692 mnmdd - ok
21:23:32.0140 1692 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:23:32.0140 1692 Modem - ok
21:23:32.0156 1692 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:23:32.0156 1692 MODEMCSA - ok
21:23:32.0171 1692 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
21:23:32.0171 1692 mohfilt - ok
21:23:32.0171 1692 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:23:32.0171 1692 Mouclass - ok
21:23:32.0203 1692 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:23:32.0203 1692 mouhid - ok
21:23:32.0203 1692 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:23:32.0203 1692 MountMgr - ok
21:23:32.0218 1692 mraid35x - ok
21:23:32.0234 1692 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:23:32.0234 1692 MRxDAV - ok
21:23:32.0265 1692 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:23:32.0265 1692 MRxSmb - ok
21:23:32.0281 1692 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:23:32.0281 1692 Msfs - ok
21:23:32.0312 1692 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:23:32.0312 1692 MSKSSRV - ok
21:23:32.0328 1692 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:23:32.0328 1692 MSPCLOCK - ok
21:23:32.0343 1692 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:23:32.0343 1692 MSPQM - ok
21:23:32.0359 1692 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:23:32.0359 1692 mssmbios - ok
21:23:32.0375 1692 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:23:32.0375 1692 MSTEE - ok
21:23:32.0390 1692 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:23:32.0390 1692 Mup - ok
21:23:32.0421 1692 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:23:32.0421 1692 NABTSFEC - ok
21:23:32.0437 1692 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:23:32.0437 1692 NDIS - ok
21:23:32.0453 1692 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:23:32.0453 1692 NdisIP - ok
21:23:32.0468 1692 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:23:32.0468 1692 NdisTapi - ok
21:23:32.0484 1692 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:23:32.0484 1692 Ndisuio - ok
21:23:32.0531 1692 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:23:32.0531 1692 NdisWan - ok
21:23:32.0531 1692 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:23:32.0531 1692 NDProxy - ok
21:23:32.0546 1692 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:23:32.0546 1692 NetBIOS - ok
21:23:32.0578 1692 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:23:32.0578 1692 NetBT - ok
21:23:32.0703 1692 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:23:32.0703 1692 Npfs - ok
21:23:32.0750 1692 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:23:32.0750 1692 Ntfs - ok
21:23:32.0781 1692 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:23:32.0781 1692 Null - ok
21:23:32.0812 1692 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:23:32.0812 1692 NwlnkFlt - ok
21:23:32.0828 1692 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:23:32.0828 1692 NwlnkFwd - ok
21:23:32.0859 1692 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
21:23:32.0859 1692 OMCI - ok
21:23:32.0890 1692 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:23:32.0890 1692 Parport - ok
21:23:32.0890 1692 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:23:32.0890 1692 PartMgr - ok
21:23:32.0921 1692 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:23:32.0921 1692 ParVdm - ok
21:23:32.0921 1692 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:23:32.0921 1692 PCI - ok
21:23:32.0937 1692 PCIDump - ok
21:23:32.0953 1692 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:23:32.0953 1692 PCIIde - ok
21:23:33.0000 1692 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:23:33.0000 1692 Pcmcia - ok
21:23:33.0000 1692 PDCOMP - ok
21:23:33.0015 1692 PDFRAME - ok
21:23:33.0015 1692 PDRELI - ok
21:23:33.0031 1692 PDRFRAME - ok
21:23:33.0046 1692 perc2 - ok
21:23:33.0046 1692 perc2hib - ok
21:23:33.0078 1692 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:23:33.0078 1692 PptpMiniport - ok
21:23:33.0093 1692 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:23:33.0093 1692 PSched - ok
21:23:33.0109 1692 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:23:33.0109 1692 Ptilink - ok
21:23:33.0125 1692 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:23:33.0125 1692 PxHelp20 - ok
21:23:33.0140 1692 ql1080 - ok
21:23:33.0140 1692 Ql10wnt - ok
21:23:33.0156 1692 ql12160 - ok
21:23:33.0171 1692 ql1240 - ok
21:23:33.0171 1692 ql1280 - ok
21:23:33.0187 1692 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:23:33.0187 1692 RasAcd - ok
21:23:33.0203 1692 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:23:33.0203 1692 Rasl2tp - ok
21:23:33.0218 1692 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:23:33.0218 1692 RasPppoe - ok
21:23:33.0234 1692 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:23:33.0234 1692 Raspti - ok
21:23:33.0250 1692 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:23:33.0250 1692 Rdbss - ok
21:23:33.0265 1692 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:23:33.0265 1692 RDPCDD - ok
21:23:33.0281 1692 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:23:33.0281 1692 rdpdr - ok
21:23:33.0312 1692 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:23:33.0312 1692 RDPWD - ok
21:23:33.0328 1692 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:23:33.0328 1692 redbook - ok
21:23:33.0375 1692 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Documents and Settings\Gabe and Sara\Desktop\Security\SASDIFSV.SYS
21:23:33.0375 1692 SASDIFSV - ok
21:23:33.0390 1692 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Documents and Settings\Gabe and Sara\Desktop\Security\SASKUTIL.SYS
21:23:33.0390 1692 SASKUTIL - ok
21:23:33.0421 1692 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:23:33.0421 1692 Secdrv - ok
21:23:33.0437 1692 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:23:33.0437 1692 Serial - ok
21:23:33.0453 1692 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:23:33.0453 1692 Sfloppy - ok
21:23:33.0468 1692 Simbad - ok
21:23:33.0484 1692 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:23:33.0500 1692 SLIP - ok
21:23:33.0500 1692 Sparrow - ok
21:23:33.0562 1692 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:23:33.0562 1692 splitter - ok
21:23:33.0578 1692 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:23:33.0578 1692 sr - ok
21:23:33.0671 1692 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:23:33.0671 1692 Srv - ok
21:23:33.0718 1692 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
21:23:33.0734 1692 STHDA - ok
21:23:33.0750 1692 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:23:33.0750 1692 streamip - ok
21:23:33.0750 1692 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:23:33.0750 1692 swenum - ok
21:23:33.0765 1692 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:23:33.0765 1692 swmidi - ok
21:23:33.0781 1692 symc810 - ok
21:23:33.0796 1692 symc8xx - ok
21:23:33.0796 1692 sym_hi - ok
21:23:33.0812 1692 sym_u3 - ok
21:23:33.0828 1692 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:23:33.0828 1692 sysaudio - ok
21:23:33.0875 1692 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:23:33.0875 1692 Tcpip - ok
21:23:33.0890 1692 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:23:33.0890 1692 TDPIPE - ok
21:23:33.0906 1692 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:23:33.0921 1692 TDTCP - ok
21:23:33.0921 1692 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:23:33.0921 1692 TermDD - ok
21:23:33.0968 1692 tmcomm (df8444a8fa8fd38d8848bdd40a8403b3) C:\WINDOWS\system32\drivers\tmcomm.sys
21:23:33.0968 1692 tmcomm - ok
21:23:33.0968 1692 TosIde - ok
21:23:34.0000 1692 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:23:34.0000 1692 Udfs - ok
21:23:34.0000 1692 ultra - ok
21:23:34.0031 1692 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:23:34.0031 1692 Update - ok
21:23:34.0062 1692 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
21:23:34.0062 1692 USBAAPL - ok
21:23:34.0093 1692 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:23:34.0109 1692 usbaudio - ok
21:23:34.0125 1692 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:23:34.0125 1692 usbccgp - ok
21:23:34.0156 1692 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:23:34.0156 1692 usbehci - ok
21:23:34.0156 1692 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:23:34.0156 1692 usbhub - ok
21:23:34.0171 1692 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:23:34.0171 1692 usbprint - ok
21:23:34.0203 1692 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:23:34.0203 1692 usbscan - ok
21:23:34.0218 1692 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:23:34.0218 1692 USBSTOR - ok
21:23:34.0234 1692 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:23:34.0234 1692 usbuhci - ok
21:23:34.0250 1692 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:23:34.0250 1692 VgaSave - ok
21:23:34.0265 1692 ViaIde - ok
21:23:34.0265 1692 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:23:34.0265 1692 VolSnap - ok
21:23:34.0343 1692 VX3000 (45798ec03c6aeb45aa2f2084f7842f6c) C:\WINDOWS\system32\DRIVERS\VX3000.sys
21:23:34.0359 1692 VX3000 - ok
21:23:34.0390 1692 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:23:34.0390 1692 Wanarp - ok
21:23:34.0390 1692 WDICA - ok
21:23:34.0421 1692 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:23:34.0421 1692 wdmaud - ok
21:23:34.0468 1692 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:23:34.0468 1692 WSTCODEC - ok
21:23:34.0484 1692 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:23:34.0484 1692 WudfPf - ok
21:23:34.0500 1692 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:23:34.0515 1692 WudfRd - ok
21:23:34.0531 1692 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:23:34.0625 1692 \Device\Harddisk0\DR0 - ok
21:23:34.0640 1692 Boot (0x1200) (e8b4d164745e0ccbe811f995b0e9e7c1) \Device\Harddisk0\DR0\Partition0
21:23:34.0656 1692 \Device\Harddisk0\DR0\Partition0 - ok
21:23:34.0656 1692 ============================================================
21:23:34.0656 1692 Scan finished
21:23:34.0656 1692 ============================================================
21:23:34.0656 1664 Detected object count: 0
21:23:34.0656 1664 Actual detected object count: 0

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:13 AM

Posted 20 November 2011 - 11:39 PM

Hello

using avast as an example

In case, program's link shows as (empty):

Posted Image

  • Open Windows Explorer, navigate to Avast folder in Program Files
  • Right click on Avast ".exe" file, click "Create shortcut":

Posted Image

  • Copy that shortcut, go back to Start menu.
  • Right click on avast!Free Antivirus, click "Paste".
  • You'll see Avast shortcut recreated replacing (empty) entry.

Alternatively....
...you paste that shortcut in:
(XP) - C:\Documents and Settings\All Users\Start Menu\Programs\Avast
(Vista/7) - C:\Program Data\Start Menu\Programs\Avast




These logs are looking alot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

1. click on start
2. then go to settings
3. after that you need control panel
4. look for the icon add/remove programs
click on the following programs

Adobe Reader 8.1.5

and click on remove

Update Adobe Reader

Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be carefull not to install anything to do with AskBar.
[/list]
Your Java is out of date.

It can be updated by the Java control panel
  • click on Start-> Control Panel (Classic View)-> Java (looks like a coffee cup) -> Update Tab -> Update Now.
  • An update should begin;
  • follow the prompts


TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidently close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

If you have problems running Hijackthis.

sometimes we have to run it like this To run HijackThis as an administrator,
rightclick HijackThis.exe (located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

Edited by gringo_pr, 20 November 2011 - 11:39 PM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gt7001

gt7001
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 21 November 2011 - 12:26 AM

Ok,


Start Menu Folders Shortcut - Working thru it, thanks for the direction.

1. Adobe - check. Trying FoxIt
2. Java said it was up to date
3. TFC - check. 550mb gone.
4. MBAM - check. Below.
5. HJT - check. Below.

No problems, except the Java stating it was up to date.
Computer is working very well. Fast, not congested, no browser snafus.

>>

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8205

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/20/2011 10:11:49 PM
mbam-log-2011-11-20 (22-11-49).txt

Scan type: Quick scan
Objects scanned: 182021
Time elapsed: 4 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\gabe and sara\Desktop\uSeRiNiT.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

>>>

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:20:37 PM, on 11/20/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Documents and Settings\Gabe and Sara\Desktop\Security\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.dell.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Documents and Settings\Gabe and Sara\Desktop\Security\SUPERAntiSpyware.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1153067480890
O16 - DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} (Photo Upload Plugin Class) - http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) -
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Documents and Settings\Gabe and Sara\Desktop\Security\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 10470 bytes




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users