Solved user infrected after visiting video link on facebook

[Resolved] user infrected after visiting video link on facebook

Thanks for any assistance

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.09.01.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
L.Mike Belliveau :: DFLND5G1 [administrator]
Protection: Disabled
9/1/2012 7:39:18 AM
mbam-log-2012-09-01 (07-39-18).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 259693
Time elapsed: 12 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bad: (C:\RECYCLER\S-1-5-18\$32bb2376dd493bd17970d4ed3435f50d\n.) Good: (fastprox.dll) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

 

mbam error on opening - see attached screen shot

 

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-09-01 08:22:22
Windows 5.1.2600 Service Pack 3
Running: lp429sxs.exe


---- Services - GMER 1.0.15 ----

Service C:\WINDOWS\System32\Drivers\8d7f29c6e7e00045.sys (*** hidden *** ) [BOOT] 8d7f29c6e7e00045 <-- ROOTKIT !!!

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\8d7f29c6e7e00045@ImagePath \SystemRoot\System32\Drivers\8d7f29c6e7e00045.sys
Reg HKLM\SYSTEM\ControlSet001\Services\8d7f29c6e7e00045@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet001\Services\8d7f29c6e7e00045@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet001\Services\8d7f29c6e7e00045@Type 1
Reg HKLM\SYSTEM\ControlSet001\Services\8d7f29c6e7e00045@Start 0
Reg HKLM\SYSTEM\ControlSet001\Services\8d7f29c6e7e00045@Tag 1
Reg HKLM\SYSTEM\ControlSet001\Services\8d7f29c6e7e00045@DisplayName syshost.exe
Reg HKLM\SYSTEM\CurrentControlSet\Services\8d7f29c6e7e00045@ImagePath \SystemRoot\System32\Drivers\8d7f29c6e7e00045.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\8d7f29c6e7e00045@Group Boot Bus Extender
Reg HKLM\SYSTEM\CurrentControlSet\Services\8d7f29c6e7e00045@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\8d7f29c6e7e00045@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\8d7f29c6e7e00045@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\8d7f29c6e7e00045@Tag 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\8d7f29c6e7e00045@DisplayName syshost.exe

---- EOF - GMER 1.0.15 ----

 

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-01 09:44:23
-----------------------------
09:44:23.593 OS Version: Windows 5.1.2600 Service Pack 3
09:44:23.593 Number of processors: 2 586 0xF0D
09:44:23.593 ComputerName: DFLND5G1 UserName:
09:44:25.171 Initialze error C0000001 - driver not loaded
09:49:29.828 AVAST engine defs: 12090100
09:55:20.437 Service scanning
09:55:20.937 Service 8d7f29c6e7e00045 C:\WINDOWS\System32\Drivers\8d7f29c6e7e00045.sys **HIDDEN**
09:55:43.296 Modules scanning
09:55:43.296 Disk 0 trace - called modules:
09:55:43.296
09:55:44.359 AVAST engine scan C:\WINDOWS
09:55:52.375 AVAST engine scan C:\WINDOWS\system32
09:58:42.156 AVAST engine scan C:\WINDOWS\system32\drivers
09:58:42.468 File: C:\WINDOWS\system32\drivers\1a7178.sys **INFECTED** Win32:Crypt-NRX [Rtk]
09:58:42.531 File: C:\WINDOWS\system32\drivers\8d2c.sys **INFECTED** Win32:Crypt-NRX [Rtk]
09:58:42.578 File: C:\WINDOWS\system32\drivers\8d7f29c6e7e00045.sys **INFECTED** Win32:Crypt-NRX [Rtk]
09:58:42.625 File: C:\WINDOWS\system32\drivers\8d7f29c6e7e00045.sys.vir **INFECTED** Win32:Crypt-NRX [Rtk]
09:58:42.671 File: C:\WINDOWS\system32\drivers\91b0.sys **INFECTED** Win32:Crypt-NRX [Rtk]
09:59:01.328 AVAST engine scan C:\Documents and Settings\L.Mike Belliveau
10:08:04.250 AVAST engine scan C:\Documents and Settings\All Users
10:08:43.500 Scan finished successfully
10:19:09.281 The log file has been saved successfully to "C:\Documents and Settings\L.Mike Belliveau\Desktop\bbs\aswMBR.txt "

 

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by L.Mike Belliveau at 10:19:33 on 2012-09-01
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1387 [GMT -3:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\BingApp.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\BingBar.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\BingSurrogate.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\BingSurrogate.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\BingSurrogate.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uSearchURL,(Default) = hxxp://search.alot.com/web?q=&pr=auto&client_id=E6EE8C0001CC27030074582E&src_id=11338&camp_id=2734&tb_version=2.5.20000.3
mSearchAssistant =
uURLSearchHooks: H - No File
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: ALOT Toolbar Helper: {14ceeaff-96dd-4101-ae37-d5ecdc23c3f6} - c:\program files\alot\bin\bho\alotBHO.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.362.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: AIR MILES TOOLBAR: {a893b09e-7d3b-486c-96d9-1a4a232a1feb} - c:\program files\air miles toolbar\Toolbar.dll
TB: ALOT Toolbar: {5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} - c:\program files\alot\bin\alot.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\7.1.362.0\BingExt.dll "
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346445139031
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{70A47BC5-CDE3-4FCB-AB91-2A52C08EEC1A} : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: LMIinit - LMIinit.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-1-27 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-7-15 47640]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-8-13 3064000]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-13 135664]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-1 655944]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-24 250568]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-27 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-13 135664]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-1 22344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2012-09-01 10:35:44 -------- d-----w- c:\documents and settings\l.mike belliveau\application data\Malwarebytes
2012-09-01 10:35:40 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-09-01 10:35:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-01 10:35:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-01 10:14:06 71552 ----a-w- c:\windows\system32\drivers\8d7f29c6e7e00045.sys.vir
2012-09-01 10:09:29 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-09-01 10:09:29 605968 ----a-w- c:\windows\system32\ztv7z.dll
2012-09-01 10:09:28 77072 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-09-01 10:09:28 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-09-01 10:09:28 185616 ----a-w- c:\windows\system32\ztvunrar39.dll
2012-09-01 10:09:28 169744 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-09-01 10:09:28 153088 ----a-w- c:\windows\system32\unrar3.dll
2012-09-01 09:43:40 7022536 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0fce1901-6391-44e6-832b-d02c333cbc42}\mpengine.dll
2012-09-01 09:32:25 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-31 19:37:48 -------- d-----w- c:\program files\Raxco
2012-08-31 17:04:53 -------- d-----w- c:\program files\WhoCrashed
2012-08-29 22:52:46 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{574ac2db-362c-4b0b-aae7-6f3e855d0de4}\MpKsld5d243e3.sys
2012-08-29 22:52:43 71552 ----a-w- c:\windows\system32\drivers\8d7f29c6e7e00045.sys
2012-08-29 22:38:21 71552 ----a-w- c:\windows\system32\drivers\91b0.sys
2012-08-29 22:18:22 71552 ----a-w- c:\windows\system32\drivers\4cc511cfa725e835.sys
2012-08-29 22:17:56 71552 ----a-w- c:\windows\system32\drivers\8d2c.sys
2012-08-29 22:10:58 71552 ----a-w- c:\windows\system32\drivers\1a7178.sys
.
==================== Find3M ====================
.
2012-08-30 23:41:09 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-30 23:41:09 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 23:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
.
============= FINISH: 10:20:24.17 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/31/2010 9:43:33 AM
System Uptime: 9/1/2012 9:32:16 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0HX767
Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz | Microprocessor | 1575/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 230 GiB total, 209.84 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Advanced Audio FX Engine
Advanced Video FX Engine
AIR MILES TOOLBAR
ALOT Toolbar
Apple Software Update
Bing Bar
Broadcom Management Programs
Browser Address Error Redirector
BufferChm
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Copy
Defraggler
Dell DataSafe Online
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
Destinations
DeviceDiscovery
Digital Line Detect
DJ_AIO_05_F4400_Software_Min
F4400
Facebook Video Calling 1.2.0.159
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 13.0
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
hpPrintProjects
HPProductAssistant
hpWLPGInstaller
IntelliSonic Speech Enhancement
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 21
Java(TM) 6 Update 7
Junk Mail filter update
KeyboardTest V3.0
Laptop Integrated Webcam Driver (1.04.01.1011)
Lexmark Printer Software Uninstall
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
LogMeIn
Malwarebytes Anti-Malware version 1.62.0.1300
MarketResearch
MediaDirect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Basic 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Diagnostic Tool
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
neroxml
NetWaiting
NVIDIA Drivers
OGA Notifier 2.0.0048.0
OutlookAddinSetup
PerfectDisk 11 Professional
QuickSet
QuickTime
Revo Uninstaller 1.80
RPS CRT
Scan
SearchAssist
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Segoe UI
SigmaTel Audio
Skype Click to Call
Skype™ 5.8
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB2718704)
WebFldrs XP
WebReg
WhoCrashed 3.05
WIDCOMM Bluetooth Software
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
8/29/2012 7:53:42 PM, error: Service Control Manager [7028] - The wuauserv Registry key denied access to SYSTEM account programs so the Service Control Manager took ownership of the Registry key.
8/29/2012 7:34:54 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments " " in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
8/29/2012 7:33:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
8/29/2012 7:33:07 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2012 7:33:07 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2012 7:33:07 PM, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2012 7:33:07 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2012 7:33:07 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2012 7:33:07 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/29/2012 7:18:17 PM, error: Service Control Manager [7000] - The Security Services Driver (x86) service failed to start due to the following error: The system cannot find the file specified.
8/28/2012 5:52:34 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================

 

there are 3 tdss log files

13:44:17.0625 1976 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:44:17.0937 1976 ============================================================
13:44:17.0937 1976 Current date / time: 2012/09/01 13:44:17.0937
13:44:17.0937 1976 SystemInfo:
13:44:17.0937 1976
13:44:17.0937 1976 OS Version: 5.1.2600 ServicePack: 3.0
13:44:17.0937 1976 Product type: Workstation
13:44:17.0937 1976 ComputerName: DFLND5G1
13:44:17.0937 1976 UserName: L.Mike Belliveau
13:44:17.0937 1976 Windows directory: C:\WINDOWS
13:44:17.0937 1976 System windows directory: C:\WINDOWS
13:44:17.0937 1976 Processor architecture: Intel x86
13:44:17.0937 1976 Number of processors: 2
13:44:17.0937 1976 Page size: 0x1000
13:44:17.0937 1976 Boot type: Normal boot
13:44:17.0937 1976 ============================================================
13:44:31.0515 1976 !crdlk
13:44:31.0531 1976 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
13:44:31.0531 1976 ============================================================
13:44:31.0531 1976 \Device\Harddisk0\DR0:
13:44:31.0531 1976 MBR partitions:
13:44:31.0531 1976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0x1CC9A970
13:44:31.0578 1976 ============================================================
13:44:31.0625 1976 C: <-> \Device\Harddisk0\DR0\Partition1
13:44:31.0640 1976 ============================================================
13:44:31.0640 1976 Initialize success
13:44:31.0640 1976 ============================================================
13:44:41.0515 3600 Deinitialize success

 

13:45:12.0546 3112 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:45:14.0250 3112 ============================================================
13:45:14.0250 3112 Current date / time: 2012/09/01 13:45:14.0250
13:45:14.0250 3112 SystemInfo:
13:45:14.0250 3112
13:45:14.0250 3112 OS Version: 5.1.2600 ServicePack: 3.0
13:45:14.0250 3112 Product type: Workstation
13:45:14.0250 3112 ComputerName: DFLND5G1
13:45:14.0265 3112 UserName: L.Mike Belliveau
13:45:14.0265 3112 Windows directory: C:\WINDOWS
13:45:14.0265 3112 System windows directory: C:\WINDOWS
13:45:14.0265 3112 Processor architecture: Intel x86
13:45:14.0265 3112 Number of processors: 2
13:45:14.0265 3112 Page size: 0x1000
13:45:14.0265 3112 Boot type: Normal boot
13:45:14.0265 3112 ============================================================
13:45:21.0796 3112 !crdlk
13:45:21.0812 3112 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
13:45:21.0812 3112 ============================================================
13:45:21.0812 3112 \Device\Harddisk0\DR0:
13:45:21.0812 3112 MBR partitions:
13:45:21.0812 3112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0x1CC9A970
13:45:21.0843 3112 ============================================================
13:45:21.0906 3112 C: <-> \Device\Harddisk0\DR0\Partition1
13:45:21.0906 3112 ============================================================
13:45:21.0906 3112 Initialize success
13:45:21.0906 3112 ============================================================
13:45:24.0046 0372 ============================================================
13:45:24.0046 0372 Scan started
13:45:24.0046 0372 Mode: Manual;
13:45:24.0046 0372 ============================================================
13:45:24.0359 0372 ================ Scan system memory ========================
13:45:24.0359 0372 System memory - ok
13:45:24.0359 0372 ================ Scan services =============================
13:45:24.0406 0372 Suspicious service (NoAccess): 8d7f29c6e7e00045
13:45:24.0562 0372 [ AF3865849F8B4D2D7142939BB7A63BE1 ] 8d7f29c6e7e00045 C:\WINDOWS\System32\Drivers\8d7f29c6e7e00045.sys
13:45:24.0562 0372 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\8d7f29c6e7e00045.sys. md5: AF3865849F8B4D2D7142939BB7A63BE1
13:45:24.0625 0372 8d7f29c6e7e00045 ( Rootkit.Win32.Necurs.gen ) - infected
13:45:24.0625 0372 8d7f29c6e7e00045 - detected Rootkit.Win32.Necurs.gen (0)
13:45:24.0640 0372 Abiosdsk - ok
13:45:24.0703 0372 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
13:45:24.0703 0372 abp480n5 - ok
13:45:24.0750 0372 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:45:24.0750 0372 ACPI - ok
13:45:24.0812 0372 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:45:24.0812 0372 ACPIEC - ok
13:45:24.0921 0372 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:24.0921 0372 AdobeFlashPlayerUpdateSvc - ok
13:45:24.0984 0372 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:45:24.0984 0372 adpu160m - ok
13:45:25.0015 0372 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:45:25.0031 0372 aec - ok
13:45:25.0093 0372 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:45:25.0093 0372 AFD - ok
13:45:25.0171 0372 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
13:45:25.0171 0372 agp440 - ok
13:45:25.0187 0372 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
13:45:25.0203 0372 agpCPQ - ok
13:45:25.0234 0372 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
13:45:25.0234 0372 Aha154x - ok
13:45:25.0281 0372 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:45:25.0281 0372 aic78u2 - ok
13:45:25.0296 0372 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:45:25.0296 0372 aic78xx - ok
13:45:25.0359 0372 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:45:25.0359 0372 Alerter - ok
13:45:25.0406 0372 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
13:45:25.0406 0372 ALG - ok
13:45:25.0421 0372 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
13:45:25.0421 0372 AliIde - ok
13:45:25.0453 0372 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
13:45:25.0453 0372 alim1541 - ok
13:45:25.0468 0372 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
13:45:25.0468 0372 amdagp - ok
13:45:25.0484 0372 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
13:45:25.0484 0372 amsint - ok
13:45:25.0500 0372 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
13:45:25.0515 0372 ApfiltrService - ok
13:45:25.0546 0372 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
13:45:25.0546 0372 APPDRV - ok
13:45:25.0593 0372 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:45:25.0593 0372 AppMgmt - ok
13:45:25.0640 0372 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:45:25.0640 0372 Arp1394 - ok
13:45:25.0671 0372 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
13:45:25.0671 0372 asc - ok
13:45:25.0703 0372 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
13:45:25.0703 0372 asc3350p - ok
13:45:25.0718 0372 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
13:45:25.0718 0372 asc3550 - ok
13:45:25.0875 0372 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:45:25.0875 0372 aspnet_state - ok
13:45:25.0906 0372 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:45:25.0906 0372 AsyncMac - ok
13:45:25.0953 0372 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:45:25.0953 0372 atapi - ok
13:45:25.0968 0372 Atdisk - ok
13:45:26.0000 0372 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:45:26.0000 0372 Atmarpc - ok
13:45:26.0062 0372 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:45:26.0062 0372 AudioSrv - ok
13:45:26.0125 0372 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:45:26.0125 0372 audstub - ok
13:45:26.0250 0372 [ 47480F4260DAE9AA589BCAF924B3767A ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
13:45:26.0250 0372 BBSvc - ok
13:45:26.0312 0372 [ 6BF743CBF3BCD09DAB79245E60E1AE62 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
13:45:26.0328 0372 BBUpdate - ok
13:45:26.0390 0372 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
13:45:26.0406 0372 BCM43XX - ok
13:45:26.0421 0372 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
13:45:26.0421 0372 bcm4sbxp - ok
13:45:26.0484 0372 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:45:26.0484 0372 Beep - ok
13:45:26.0562 0372 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
13:45:26.0578 0372 BITS - ok
13:45:26.0640 0372 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
13:45:26.0640 0372 Browser - ok
13:45:26.0734 0372 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:45:26.0781 0372 BTKRNL - ok
13:45:26.0953 0372 [ 467BC618DEBA4F8DB5A1A5E87510C335 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:45:27.0000 0372 btwdins - ok
13:45:27.0187 0372 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:45:27.0187 0372 BTWUSB - ok
13:45:27.0250 0372 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
13:45:27.0250 0372 BVRPMPR5 - ok
13:45:27.0312 0372 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
13:45:27.0312 0372 cbidf - ok
13:45:27.0328 0372 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:45:27.0328 0372 cbidf2k - ok
13:45:27.0437 0372 [ 5753532C476B83119D85AA43B1B10AB3 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
13:45:27.0437 0372 CCALib8 - ok
13:45:27.0484 0372 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:45:27.0484 0372 CCDECODE - ok
13:45:27.0562 0372 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
13:45:27.0562 0372 cd20xrnt - ok
13:45:27.0625 0372 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:45:27.0625 0372 Cdaudio - ok
13:45:27.0671 0372 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:45:27.0671 0372 Cdfs - ok
13:45:27.0750 0372 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:45:27.0750 0372 Cdrom - ok
13:45:27.0781 0372 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
13:45:27.0781 0372 cercsr6 - ok
13:45:27.0796 0372 Changer - ok
13:45:27.0859 0372 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:45:27.0859 0372 CiSvc - ok
13:45:27.0921 0372 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:45:27.0921 0372 ClipSrv - ok
13:45:28.0031 0372 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:45:28.0031 0372 clr_optimization_v2.0.50727_32 - ok
13:45:28.0109 0372 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:45:28.0125 0372 clr_optimization_v4.0.30319_32 - ok
13:45:28.0140 0372 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:45:28.0140 0372 CmBatt - ok
13:45:28.0203 0372 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
13:45:28.0203 0372 CmdIde - ok
13:45:28.0250 0372 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:45:28.0250 0372 Compbatt - ok
13:45:28.0281 0372 COMSysApp - ok
13:45:28.0328 0372 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
13:45:28.0328 0372 Cpqarray - ok
13:45:28.0421 0372 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:45:28.0421 0372 CryptSvc - ok
13:45:28.0484 0372 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
13:45:28.0500 0372 dac2w2k - ok
13:45:28.0546 0372 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
13:45:28.0546 0372 dac960nt - ok
13:45:28.0609 0372 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:45:28.0625 0372 DcomLaunch - ok
13:45:28.0718 0372 [ 4BB22F61E7257ED353A39130B3ED2461 ] DefragFS C:\WINDOWS\system32\drivers\DefragFS.sys
13:45:28.0734 0372 DefragFS - ok
13:45:28.0796 0372 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:45:28.0812 0372 Dhcp - ok
13:45:28.0859 0372 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:45:28.0859 0372 Disk - ok
13:45:28.0890 0372 dmadmin - ok
13:45:28.0968 0372 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:45:28.0984 0372 dmboot - ok
13:45:29.0031 0372 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\DRIVERS\dmio.sys
13:45:29.0031 0372 dmio - ok
13:45:29.0093 0372 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:45:29.0093 0372 dmload - ok
13:45:29.0140 0372 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:45:29.0140 0372 dmserver - ok
13:45:29.0171 0372 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:45:29.0171 0372 DMusic - ok
13:45:29.0218 0372 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:45:29.0218 0372 Dnscache - ok
13:45:29.0281 0372 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:45:29.0296 0372 Dot3svc - ok
13:45:29.0343 0372 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:45:29.0359 0372 dpti2o - ok
13:45:29.0421 0372 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:45:29.0421 0372 drmkaud - ok
13:45:29.0468 0372 [ 0C8762B91B967A91373E0E022B62ACFC ] DXEC02 C:\WINDOWS\system32\drivers\dxec02.sys
13:45:29.0468 0372 DXEC02 - ok
13:45:29.0515 0372 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
13:45:29.0515 0372 E100B - ok
13:45:29.0578 0372 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:45:29.0578 0372 EapHost - ok
13:45:29.0671 0372 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:45:29.0671 0372 ERSvc - ok
13:45:29.0765 0372 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
13:45:29.0765 0372 Eventlog - ok
13:45:29.0843 0372 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
13:45:29.0843 0372 EventSystem - ok
13:45:29.0921 0372 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:45:29.0921 0372 Fastfat - ok
13:45:30.0000 0372 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:45:30.0015 0372 FastUserSwitchingCompatibility - ok
13:45:30.0062 0372 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
13:45:30.0078 0372 Fax - ok
13:45:30.0125 0372 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:45:30.0125 0372 Fdc - ok
13:45:30.0171 0372 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:45:30.0171 0372 Fips - ok
13:45:30.0218 0372 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:45:30.0234 0372 Flpydisk - ok
13:45:30.0281 0372 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:45:30.0281 0372 FltMgr - ok
13:45:30.0375 0372 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:45:30.0375 0372 FontCache3.0.0.0 - ok
13:45:30.0453 0372 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:45:30.0453 0372 fssfltr - ok
13:45:30.0609 0372 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:45:30.0625 0372 fsssvc - ok
13:45:30.0687 0372 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:45:30.0687 0372 Fs_Rec - ok
13:45:30.0718 0372 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:45:30.0718 0372 Ftdisk - ok
13:45:30.0890 0372 [ F0187E45268E86AAAA932CBD9087BEA8 ] GoogleDesktopManager-110309-193829 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:45:30.0890 0372 GoogleDesktopManager-110309-193829 - ok
13:45:30.0953 0372 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:45:30.0984 0372 Gpc - ok
13:45:31.0046 0372 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:45:31.0046 0372 gupdate - ok
13:45:31.0062 0372 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:45:31.0078 0372 gupdatem - ok
13:45:31.0140 0372 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:45:31.0140 0372 gusvc - ok
13:45:31.0218 0372 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:45:31.0218 0372 HDAudBus - ok
13:45:31.0328 0372 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:45:31.0343 0372 helpsvc - ok
13:45:31.0390 0372 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
13:45:31.0390 0372 HidServ - ok
13:45:31.0437 0372 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:45:31.0453 0372 HidUsb - ok
13:45:31.0515 0372 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:45:31.0515 0372 hkmsvc - ok
13:45:31.0578 0372 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
13:45:31.0578 0372 hpn - ok
13:45:31.0750 0372 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:45:31.0750 0372 hpqcxs08 - ok
13:45:31.0828 0372 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:45:31.0828 0372 hpqddsvc - ok
13:45:31.0890 0372 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
13:45:31.0890 0372 HPZid412 - ok
13:45:31.0937 0372 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
13:45:32.0031 0372 HPZipr12 - ok
13:45:32.0281 0372 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
13:45:32.0281 0372 HPZius12 - ok
13:45:32.0343 0372 [ 290CDBB05903742EA06B7203C5A662F5 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:45:32.0343 0372 HSFHWAZL - ok
13:45:32.0406 0372 [ 7AB812355F98858B9ECDD46E6FCC221F ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:45:32.0437 0372 HSF_DPV - ok
13:45:32.0515 0372 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:45:32.0515 0372 HTTP - ok
13:45:32.0609 0372 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:45:32.0609 0372 HTTPFilter - ok
13:45:32.0656 0372 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:45:32.0656 0372 i2omgmt - ok
13:45:32.0718 0372 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
13:45:32.0718 0372 i2omp - ok
13:45:32.0765 0372 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:45:32.0781 0372 i8042prt - ok
13:45:32.0859 0372 [ 88B1943ECFF661F765228099138CF6AB ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
13:45:32.0859 0372 iaStor - ok
13:45:32.0984 0372 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:45:33.0015 0372 idsvc - ok
13:45:33.0062 0372 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:45:33.0062 0372 Imapi - ok
13:45:33.0140 0372 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:45:33.0140 0372 ImapiService - ok
13:45:33.0218 0372 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
13:45:33.0218 0372 ini910u - ok
13:45:33.0265 0372 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:45:33.0265 0372 IntelIde - ok
13:45:33.0312 0372 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:45:33.0312 0372 intelppm - ok
13:45:33.0359 0372 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:45:33.0359 0372 Ip6Fw - ok
13:45:33.0406 0372 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:45:33.0406 0372 IpFilterDriver - ok
13:45:33.0453 0372 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:45:33.0453 0372 IpInIp - ok
13:45:33.0500 0372 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:45:33.0515 0372 IpNat - ok
13:45:33.0531 0372 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:45:33.0546 0372 IPSec - ok
13:45:33.0593 0372 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:45:33.0593 0372 IRENUM - ok
13:45:33.0671 0372 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:45:33.0671 0372 isapnp - ok
13:45:33.0796 0372 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
13:45:33.0796 0372 JavaQuickStarterService - ok
13:45:33.0828 0372 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:45:33.0828 0372 Kbdclass - ok
13:45:33.0875 0372 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:45:33.0875 0372 kbdhid - ok
13:45:33.0906 0372 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:45:33.0906 0372 kmixer - ok
13:45:33.0953 0372 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:45:33.0953 0372 KSecDD - ok
13:45:34.0015 0372 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:45:34.0015 0372 lanmanserver - ok
13:45:34.0093 0372 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:45:34.0093 0372 lanmanworkstation - ok
13:45:34.0125 0372 lbrtfdc - ok
13:45:34.0171 0372 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:45:34.0171 0372 LmHosts - ok
13:45:34.0296 0372 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
13:45:34.0312 0372 LMIInfo - ok
13:45:34.0359 0372 [ CCBA7C24A9377669E52B8BE811D1BA39 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
13:45:34.0359 0372 LMIMaint - ok
13:45:34.0437 0372 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
13:45:34.0437 0372 lmimirr - ok
13:45:34.0468 0372 LMIRfsClientNP - ok
13:45:34.0484 0372 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
13:45:34.0500 0372 LMIRfsDriver - ok
13:45:34.0546 0372 [ 9015122D04C195BDAB88FEBCBAE229DB ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
13:45:34.0546 0372 LogMeIn - ok
13:45:34.0625 0372 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:45:34.0625 0372 MBAMProtector - ok
13:45:34.0734 0372 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:45:34.0750 0372 MBAMService - ok
13:45:34.0796 0372 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:45:34.0796 0372 mdmxsdk - ok
13:45:34.0859 0372 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:45:34.0859 0372 Messenger - ok
13:45:34.0937 0372 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:45:34.0937 0372 mnmdd - ok
13:45:35.0015 0372 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:45:35.0015 0372 mnmsrvc - ok
13:45:35.0046 0372 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:45:35.0046 0372 Modem - ok
13:45:35.0093 0372 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:45:35.0093 0372 Mouclass - ok
13:45:35.0156 0372 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:45:35.0156 0372 mouhid - ok
13:45:35.0203 0372 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:45:35.0203 0372 MountMgr - ok
13:45:35.0265 0372 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:45:35.0265 0372 MpFilter - ok
13:45:35.0328 0372 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
13:45:35.0328 0372 mraid35x - ok
13:45:35.0375 0372 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:45:35.0375 0372 MRxDAV - ok
13:45:35.0453 0372 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:45:35.0468 0372 MRxSmb - ok
13:45:35.0546 0372 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:45:35.0546 0372 MSDTC - ok
13:45:35.0578 0372 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:45:35.0578 0372 Msfs - ok
13:45:35.0609 0372 MSIServer - ok
13:45:35.0625 0372 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:45:35.0640 0372 MSKSSRV - ok
13:45:35.0734 0372 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:45:35.0734 0372 MsMpSvc - ok
13:45:35.0750 0372 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:45:35.0765 0372 MSPCLOCK - ok
13:45:35.0781 0372 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:45:35.0781 0372 MSPQM - ok
13:45:35.0828 0372 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:45:35.0828 0372 mssmbios - ok
13:45:35.0843 0372 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:45:35.0843 0372 MSTEE - ok
13:45:35.0906 0372 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:45:35.0906 0372 Mup - ok
13:45:35.0968 0372 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:45:35.0968 0372 NABTSFEC - ok
13:45:36.0046 0372 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:45:36.0046 0372 napagent - ok
13:45:36.0109 0372 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:45:36.0109 0372 NDIS - ok
13:45:36.0140 0372 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:45:36.0140 0372 NdisIP - ok
13:45:36.0203 0372 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:45:36.0203 0372 NdisTapi - ok
13:45:36.0234 0372 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:45:36.0234 0372 Ndisuio - ok
13:45:36.0265 0372 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:45:36.0265 0372 NdisWan - ok
13:45:36.0343 0372 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:45:36.0343 0372 NDProxy - ok
13:45:36.0421 0372 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
13:45:36.0421 0372 Net Driver HPZ12 - ok
13:45:36.0453 0372 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:45:36.0453 0372 NetBIOS - ok
13:45:36.0484 0372 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:45:36.0484 0372 NetBT - ok
13:45:36.0562 0372 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
13:45:36.0562 0372 NetDDE - ok
13:45:36.0593 0372 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:45:36.0609 0372 NetDDEdsdm - ok
13:45:36.0656 0372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:45:36.0656 0372 Netlogon - ok
13:45:36.0750 0372 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
13:45:36.0750 0372 Netman - ok
13:45:36.0828 0372 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:45:36.0828 0372 NetTcpPortSharing - ok
13:45:36.0890 0372 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:45:36.0890 0372 NIC1394 - ok
13:45:36.0968 0372 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
13:45:36.0968 0372 Nla - ok
13:45:37.0046 0372 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:45:37.0046 0372 Npfs - ok
13:45:37.0093 0372 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:45:37.0109 0372 Ntfs - ok
13:45:37.0140 0372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:45:37.0140 0372 NtLmSsp - ok
13:45:37.0203 0372 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:45:37.0218 0372 NtmsSvc - ok
13:45:37.0250 0372 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:45:37.0250 0372 Null - ok
13:45:37.0546 0372 [ 218CA6E9470581777E4E186FB05ACE3D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:45:37.0781 0372 nv - ok
13:45:37.0875 0372 [ 7903B93C862745287D64FBC07A2B95B1 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
13:45:37.0890 0372 NVSvc - ok
13:45:37.0937 0372 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:45:37.0937 0372 NwlnkFlt - ok
13:45:37.0984 0372 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:45:37.0984 0372 NwlnkFwd - ok
13:45:38.0156 0372 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:45:38.0171 0372 odserv - ok
13:45:38.0234 0372 [ 58F478FD0115012CEEC75FB73628901C ] OEM02Afx C:\WINDOWS\system32\Drivers\OEM02Afx.sys
13:45:38.0234 0372 OEM02Afx - ok
13:45:38.0296 0372 [ 19CAC780B858822055F46C58A111723C ] OEM02Dev C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys
13:45:38.0296 0372 OEM02Dev - ok
13:45:38.0328 0372 [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys
13:45:38.0328 0372 OEM02Vfx - ok
13:45:38.0359 0372 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:45:38.0359 0372 ohci1394 - ok
13:45:38.0406 0372 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:45:38.0406 0372 ose - ok
13:45:38.0468 0372 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:45:38.0484 0372 Parport - ok
13:45:38.0500 0372 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:45:38.0500 0372 PartMgr - ok
13:45:38.0546 0372 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:45:38.0562 0372 ParVdm - ok
13:45:38.0593 0372 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:45:38.0593 0372 PCI - ok
13:45:38.0609 0372 PCIDump - ok
13:45:38.0640 0372 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:45:38.0640 0372 PCIIde - ok
13:45:38.0687 0372 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:45:38.0687 0372 Pcmcia - ok
13:45:38.0875 0372 [ 3FF5226C6DD90FE5F83D56C8A2C43E27 ] PDAgent C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
13:45:38.0921 0372 PDAgent - ok
13:45:38.0984 0372 PDCOMP - ok
13:45:39.0187 0372 [ F10B9417F2FB8FC9BAD241EF390CA609 ] PDEngine C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
13:45:39.0234 0372 PDEngine - ok
13:45:39.0250 0372 PDFRAME - ok
13:45:39.0281 0372 PDRELI - ok
13:45:39.0296 0372 PDRFRAME - ok
13:45:39.0359 0372 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
13:45:39.0359 0372 perc2 - ok
13:45:39.0390 0372 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
13:45:39.0390 0372 perc2hib - ok
13:45:39.0484 0372 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
13:45:39.0484 0372 PlugPlay - ok
13:45:39.0562 0372 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
13:45:39.0562 0372 Pml Driver HPZ12 - ok
13:45:39.0593 0372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:45:39.0593 0372 PolicyAgent - ok
13:45:39.0656 0372 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:45:39.0671 0372 PptpMiniport - ok
13:45:39.0703 0372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:45:39.0703 0372 ProtectedStorage - ok
13:45:39.0718 0372 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:45:39.0734 0372 PSched - ok
13:45:39.0750 0372 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:45:39.0750 0372 Ptilink - ok
13:45:39.0812 0372 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
13:45:39.0812 0372 ql1080 - ok
13:45:39.0875 0372 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
13:45:39.0875 0372 Ql10wnt - ok
13:45:39.0921 0372 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
13:45:39.0921 0372 ql12160 - ok
13:45:39.0953 0372 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
13:45:39.0953 0372 ql1240 - ok
13:45:40.0000 0372 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
13:45:40.0000 0372 ql1280 - ok
13:45:40.0046 0372 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:45:40.0046 0372 RasAcd - ok
13:45:40.0109 0372 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:45:40.0125 0372 RasAuto - ok
13:45:40.0140 0372 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:45:40.0140 0372 Rasl2tp - ok
13:45:40.0218 0372 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:45:40.0218 0372 RasMan - ok
13:45:40.0234 0372 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:45:40.0250 0372 RasPppoe - ok
13:45:40.0265 0372 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:45:40.0265 0372 Raspti - ok
13:45:40.0343 0372 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:45:40.0343 0372 Rdbss - ok
13:45:40.0375 0372 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:45:40.0375 0372 RDPCDD - ok
13:45:40.0406 0372 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:45:40.0406 0372 rdpdr - ok
13:45:40.0468 0372 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:45:40.0468 0372 RDPWD - ok
13:45:40.0531 0372 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:45:40.0531 0372 RDSessMgr - ok
13:45:40.0578 0372 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:45:40.0578 0372 redbook - ok
13:45:40.0625 0372 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:45:40.0625 0372 RemoteAccess - ok
13:45:40.0718 0372 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:45:40.0718 0372 RemoteRegistry - ok
13:45:40.0750 0372 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
13:45:40.0750 0372 rimmptsk - ok
13:45:40.0781 0372 [ 03D6740E41E86476EF7D1E52CA0B947D ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
13:45:40.0781 0372 rimsptsk - ok
13:45:40.0796 0372 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
13:45:40.0796 0372 rismxdp - ok
13:45:40.0828 0372 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
13:45:40.0828 0372 RpcLocator - ok
13:45:40.0875 0372 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:45:40.0890 0372 RpcSs - ok
13:45:40.0906 0372 RPSKT - ok
13:45:40.0953 0372 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:45:40.0968 0372 RSVP - ok
13:45:40.0984 0372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
13:45:40.0984 0372 SamSs - ok
13:45:41.0015 0372 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:45:41.0015 0372 SCardSvr - ok
13:45:41.0093 0372 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:45:41.0093 0372 Schedule - ok
13:45:41.0125 0372 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:45:41.0125 0372 sdbus - ok
13:45:41.0187 0372 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:45:41.0187 0372 Secdrv - ok
13:45:41.0250 0372 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:45:41.0250 0372 seclogon - ok
13:45:41.0312 0372 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
13:45:41.0328 0372 SENS - ok
13:45:41.0359 0372 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:45:41.0359 0372 serenum - ok
13:45:41.0421 0372 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:45:41.0421 0372 Serial - ok
13:45:41.0515 0372 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
13:45:41.0515 0372 sffdisk - ok
13:45:41.0546 0372 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
13:45:41.0546 0372 sffp_sd - ok
13:45:41.0609 0372 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:45:41.0609 0372 Sfloppy - ok
13:45:41.0687 0372 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:45:41.0703 0372 SharedAccess - ok
13:45:41.0750 0372 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:45:41.0750 0372 ShellHWDetection - ok
13:45:41.0781 0372 Simbad - ok
13:45:41.0828 0372 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
13:45:41.0828 0372 sisagp - ok
13:45:42.0078 0372 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:45:42.0156 0372 Skype C2C Service - ok
13:45:42.0203 0372 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:45:42.0203 0372 SkypeUpdate - ok
13:45:42.0234 0372 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:45:42.0234 0372 SLIP - ok
13:45:42.0296 0372 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
13:45:42.0296 0372 Sparrow - ok
13:45:42.0359 0372 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:45:42.0359 0372 splitter - ok
13:45:42.0453 0372 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:45:42.0453 0372 Spooler - ok
13:45:42.0515 0372 sprtsvc_dellsupportcenter - ok
13:45:42.0578 0372 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:45:42.0578 0372 sr - ok
13:45:42.0671 0372 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
13:45:42.0687 0372 srservice - ok
13:45:42.0781 0372 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:45:42.0890 0372 Srv - ok
13:45:43.0203 0372 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:45:43.0218 0372 SSDPSRV - ok
13:45:43.0328 0372 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
13:45:43.0359 0372 STHDA - ok
13:45:43.0437 0372 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:45:43.0453 0372 stisvc - ok
13:45:43.0515 0372 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:45:43.0515 0372 streamip - ok
13:45:43.0546 0372 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:45:43.0562 0372 swenum - ok
13:45:43.0593 0372 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:45:43.0593 0372 swmidi - ok
13:45:43.0609 0372 SwPrv - ok
13:45:43.0671 0372 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
13:45:43.0671 0372 symc810 - ok
13:45:43.0734 0372 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:45:43.0734 0372 symc8xx - ok
13:45:43.0781 0372 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:45:43.0796 0372 sym_hi - ok
13:45:43.0828 0372 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:45:43.0828 0372 sym_u3 - ok
13:45:43.0875 0372 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:45:43.0875 0372 sysaudio - ok
13:45:43.0937 0372 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:45:43.0953 0372 SysmonLog - ok
13:45:44.0031 0372 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:45:44.0046 0372 TapiSrv - ok
13:45:44.0125 0372 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:45:44.0140 0372 Tcpip - ok
13:45:44.0203 0372 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:45:44.0203 0372 TDPIPE - ok
13:45:44.0218 0372 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:45:44.0218 0372 TDTCP - ok
13:45:44.0265 0372 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:45:44.0265 0372 TermDD - ok
13:45:44.0359 0372 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
13:45:44.0375 0372 TermService - ok
13:45:44.0437 0372 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
13:45:44.0437 0372 Themes - ok
13:45:44.0484 0372 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:45:44.0484 0372 TlntSvr - ok
13:45:44.0531 0372 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
13:45:44.0531 0372 TosIde - ok
13:45:44.0609 0372 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:45:44.0609 0372 TrkWks - ok
13:45:44.0671 0372 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:45:44.0671 0372 Udfs - ok
13:45:44.0718 0372 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
13:45:44.0718 0372 ultra - ok
13:45:44.0796 0372 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:45:44.0796 0372 Update - ok
13:45:44.0875 0372 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:45:44.0890 0372 upnphost - ok
13:45:44.0937 0372 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
13:45:44.0937 0372 UPS - ok
13:45:45.0015 0372 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:45:45.0031 0372 usbccgp - ok
13:45:45.0046 0372 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:45:45.0046 0372 usbehci - ok
13:45:45.0078 0372 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:45:45.0078 0372 usbhub - ok
13:45:45.0109 0372 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:45:45.0125 0372 usbprint - ok
13:45:45.0156 0372 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:45:45.0156 0372 usbscan - ok
13:45:45.0187 0372 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:45:45.0187 0372 USBSTOR - ok
13:45:45.0234 0372 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:45:45.0234 0372 usbuhci - ok
13:45:45.0281 0372 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:45:45.0281 0372 usbvideo - ok
13:45:45.0343 0372 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:45:45.0343 0372 VgaSave - ok
13:45:45.0390 0372 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
13:45:45.0390 0372 viaagp - ok
13:45:45.0406 0372 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
13:45:45.0406 0372 ViaIde - ok
13:45:45.0437 0372 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:45:45.0437 0372 VolSnap - ok
13:45:45.0515 0372 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
13:45:45.0531 0372 VSS - ok
13:45:45.0593 0372 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
13:45:45.0593 0372 w32time - ok
13:45:45.0640 0372 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:45:45.0640 0372 Wanarp - ok
13:45:45.0718 0372 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
13:45:45.0734 0372 Wdf01000 - ok
13:45:45.0750 0372 WDICA - ok
13:45:45.0812 0372 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:45:45.0812 0372 wdmaud - ok
13:45:45.0875 0372 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:45:45.0875 0372 WebClient - ok
13:45:45.0921 0372 [ A8596CF86D445269A42ECC08B7066A4C ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:45:45.0937 0372 winachsf - ok
13:45:46.0062 0372 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:45:46.0078 0372 winmgmt - ok
13:45:46.0125 0372 wltrysvc - ok
13:45:46.0187 0372 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:45:46.0187 0372 WmdmPmSN - ok
13:45:46.0281 0372 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:45:46.0296 0372 Wmi - ok
13:45:46.0328 0372 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:45:46.0328 0372 WmiAcpi - ok
13:45:46.0375 0372 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:45:46.0375 0372 WmiApSrv - ok
13:45:46.0500 0372 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:45:46.0515 0372 WMPNetworkSvc - ok
13:45:46.0718 0372 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:45:46.0750 0372 WPFFontCache_v0400 - ok
13:45:46.0828 0372 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:45:46.0828 0372 wscsvc - ok
13:45:46.0875 0372 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:45:46.0875 0372 WSTCODEC - ok
13:45:46.0937 0372 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:45:46.0937 0372 wuauserv - ok
13:45:47.0000 0372 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:45:47.0000 0372 WudfPf - ok
13:45:47.0046 0372 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:45:47.0046 0372 WudfRd - ok
13:45:47.0093 0372 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:45:47.0109 0372 WudfSvc - ok
13:45:47.0187 0372 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:45:47.0203 0372 WZCSVC - ok
13:45:47.0281 0372 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:45:47.0281 0372 xmlprov - ok
13:45:47.0406 0372 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:45:47.0421 0372 YahooAUService - ok
13:45:47.0453 0372 ================ Scan global ===============================
13:45:47.0562 0372 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:45:47.0609 0372 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:45:47.0625 0372 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:45:47.0687 0372 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:45:47.0687 0372 [Global] - ok
13:45:47.0687 0372 ================ Scan MBR ==================================
13:45:47.0718 0372 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:45:48.0078 0372 \Device\Harddisk0\DR0 - ok
13:45:48.0078 0372 ================ Scan VBR ==================================
13:45:48.0093 0372 [ 1DA78BEEDC4F2C46BBC00E519180CB80 ] \Device\Harddisk0\DR0\Partition1
13:45:48.0093 0372 \Device\Harddisk0\DR0\Partition1 - ok
13:45:48.0093 0372 ============================================================
13:45:48.0093 0372 Scan finished
13:45:48.0093 0372 ============================================================
13:45:48.0109 1348 Detected object count: 1
13:45:48.0109 1348 Actual detected object count: 1
13:46:08.0984 1348 C:\WINDOWS\System32\Drivers\8d7f29c6e7e00045.sys - copied to quarantine
13:46:09.0031 1348 HKLM\SYSTEM\ControlSet001\services\8d7f29c6e7e00045 - will be deleted on reboot
13:46:09.0093 1348 HKLM\SYSTEM\ControlSet004\services\8d7f29c6e7e00045 - will be deleted on reboot
13:46:09.0312 1348 C:\WINDOWS\System32\Drivers\8d7f29c6e7e00045.sys - will be deleted on reboot
13:46:09.0312 1348 8d7f29c6e7e00045 ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
13:46:40.0312 0908 Deinitialize success

 

13:48:14.0328 0680 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:48:14.0421 0680 ============================================================
13:48:14.0421 0680 Current date / time: 2012/09/01 13:48:14.0421
13:48:14.0421 0680 SystemInfo:
13:48:14.0421 0680
13:48:14.0421 0680 OS Version: 5.1.2600 ServicePack: 3.0
13:48:14.0421 0680 Product type: Workstation
13:48:14.0421 0680 ComputerName: DFLND5G1
13:48:14.0421 0680 UserName: L.Mike Belliveau
13:48:14.0421 0680 Windows directory: C:\WINDOWS
13:48:14.0421 0680 System windows directory: C:\WINDOWS
13:48:14.0421 0680 Processor architecture: Intel x86
13:48:14.0421 0680 Number of processors: 2
13:48:14.0421 0680 Page size: 0x1000
13:48:14.0421 0680 Boot type: Normal boot
13:48:14.0421 0680 ============================================================
13:48:16.0140 0680 BG loaded
13:48:16.0656 0680 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:48:17.0765 0680 ============================================================
13:48:17.0765 0680 \Device\Harddisk0\DR0:
13:48:17.0812 0680 MBR partitions:
13:48:17.0812 0680 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0x1CC9A970
13:48:17.0906 0680 ============================================================
13:48:18.0046 0680 C: <-> \Device\Harddisk0\DR0\Partition1
13:48:18.0062 0680 ============================================================
13:48:18.0062 0680 Initialize success
13:48:18.0062 0680 ============================================================

 

tdss asked to scan again on restart - no threats found

 

RK is suggesting that I delete the different items found. I have not done anything other than run the scan

RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : L.Mike Belliveau [Admin rights]
Mode : Scan -- Date : 09/01/2012 15:38:09

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-19[...]\Run : upd_debug.exe ( "C:\Documents and Settings\L.Mike Belliveau\Application Data\68124C6256CD9817752081020CE428DA\upd_debug.exe ") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-20[...]\Run : upd_debug.exe ( "C:\Documents and Settings\L.Mike Belliveau\Application Data\68124C6256CD9817752081020CE428DA\upd_debug.exe ") -> FOUND
[TASK][SUSP PATH] FacebookUpdateTaskUserS-1-5-21-1278116446-1608358080-2534276080-1005UA.job : C:\Documents and Settings\L.Mike Belliveau\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe -> FOUND
[TASK][SUSP PATH] FacebookUpdateTaskUserS-1-5-21-1278116446-1608358080-2534276080-1005Core.job : C:\Documents and Settings\L.Mike Belliveau\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-18\$32bb2376dd493bd17970d4ed3435f50d\@ --> FOUND
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-21-1278116446-1608358080-2534276080-1005\$32bb2376dd493bd17970d4ed3435f50d\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\RECYCLER\S-1-5-18\$32bb2376dd493bd17970d4ed3435f50d\U --> FOUND
[ZeroAccess][FOLDER] U : C:\RECYCLER\S-1-5-21-1278116446-1608358080-2534276080-1005\$32bb2376dd493bd17970d4ed3435f50d\U --> FOUND
[ZeroAccess][FOLDER] L : C:\RECYCLER\S-1-5-18\$32bb2376dd493bd17970d4ed3435f50d\L --> FOUND
[ZeroAccess][FOLDER] L : C:\RECYCLER\S-1-5-21-1278116446-1608358080-2534276080-1005\$32bb2376dd493bd17970d4ed3435f50d\L --> FOUND
[Faked.Drv][FILE] 4cc511cfa725e835.sys : C:\WINDOWS\system32\drivers\4cc511cfa725e835.sys --> CANNOT FIX

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM250JI +++++
--- User ---
[MBR] bc0acb4e98c3e388c4d6604965454b25
[BSP] 11d467b9f31927f29d49c85858b51038 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 86 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 176715 | Size: 235829 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 483154875 | Size: 2557 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

 

ComboFix 12-08-31.08 - L.Mike Belliveau 09/02/2012 6:23.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1508 [GMT -3:00]
Running from: c:\documents and settings\L.Mike Belliveau\Desktop\bbs\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\L.Mike Belliveau\Application Data\alot
c:\documents and settings\L.Mike Belliveau\Application Data\alot\BrowserSearch\BrowserSearch.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\BrowserSearch\BrowserSearch.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Button_0\Button_0.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Button_0\Button_0.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Button_1\Button_1.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Button_1\Button_1.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Button_2\Button_2.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Button_2\Button_2.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\configurator\configurator.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\configurator\configurator.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\contextMenu\contextMenu.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\contextMenu\contextMenu.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\ErrorSearch\ErrorSearch.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\ErrorSearch\ErrorSearch.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\hideToolbarLayout\hideToolbarLayout.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\hideToolbarLayout\hideToolbarLayout.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\postInstallLayout\postInstallLayout.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\postInstallLayout\postInstallLayout.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\products\products.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\products\products.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\BrowserSearch\alot_search_defend.html
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\BrowserSearch\images\favicon.ico
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_0\images\alot_logo_button.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_0\images\alot_logo_button.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_image_search.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_image_search.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_news_search.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_news_search.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_search_button.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_search_button.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_shop_search.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_shop_search.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_videos_search.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_videos_search.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_web_search.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_1\images\alot_web_search.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_2\images\alot_configure.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_2\images\alot_configure.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_3\images\4673_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_3\images\4673_icon.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_4\images\7014_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_4\images\7014_icon.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_5\images\4158_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_5\images\4158_icon.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_6\images\4773_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_6\images\4773_icon.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_7\images\5809_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_7\images\5809_icon.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_8\images\default_1029_music_news.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_8\images\default_1029_music_news.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_9\images\6301_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Button_9\images\6301_icon.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\contextMenu\images\alot_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\contextMenu\images\alot_icon.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\contextMenu\images\alot_logo_button.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\contextMenu\images\alot_logo_button.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\domains.dat
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\alot_brand.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\alot_splitter.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\discover.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\intro_popup.png
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\spinner.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_bottom.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_btnconfig0.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_btnconfig1.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_btnrefresh0.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_btnrefresh1.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_caption.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_error_close.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp
c:\documents and settings\L.Mike Belliveau\Application Data\alot\TimerManager\TimerManager.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\TimerManager\TimerManager.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\toolbar.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\toolbar.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\ToolbarSearch\ToolbarSearch.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Updater\Updater.xml
c:\documents and settings\L.Mike Belliveau\Application Data\alot\Updater\Updater.xml.backup
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\{6426357C-FEC7-465F-B956-62EB45234DF8}
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\{6426357C-FEC7-465F-B956-62EB45234DF8}\chrome.manifest
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\{6426357C-FEC7-465F-B956-62EB45234DF8}\chrome\content\overlay.xul
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\{6426357C-FEC7-465F-B956-62EB45234DF8}\install.rdf
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\Windows Server
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\Windows Server\flags.ini
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\Windows Server\server.dat
c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\Windows Server\uses32.dat
c:\documents and settings\LocalService\Application Data\alot
c:\program files\Shared
c:\recycler\S-1-5-18\$32bb2376dd493bd17970d4ed3435f50d\@
c:\recycler\S-1-5-18\$32bb2376dd493bd17970d4ed3435f50d\U\00000001.@
c:\recycler\S-1-5-18\$32bb2376dd493bd17970d4ed3435f50d\U\80000000.@
c:\windows\EventSystem.log
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\drivers\1028_DELL_XPS_Vostro 1700 .MRK
c:\windows\system32\drivers\DELL_XPS_Vostro 1700 .MRK
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SET237.tmp
c:\windows\system32\SET238.tmp
c:\windows\system32\SET239.tmp
c:\windows\system32\SETE9.tmp
c:\windows\system32\SETEB.tmp
c:\windows\system32\SETEF.tmp
c:\windows\system32\SETF7.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-02 to 2012-09-02 )))))))))))))))))))))))))))))))
.
.
2012-09-01 16:46 . 2012-09-01 16:46 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-01 10:35 . 2012-09-01 10:35 -------- d-----w- c:\documents and settings\L.Mike Belliveau\Application Data\Malwarebytes
2012-09-01 10:35 . 2012-09-01 10:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-09-01 10:35 . 2012-09-01 10:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-01 10:35 . 2012-07-03 16:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-01 10:14 . 2012-09-01 10:27 71552 ----a-w- c:\windows\system32\drivers\8d7f29c6e7e00045.sys.vir
2012-09-01 10:09 . 2012-06-15 19:33 605968 ----a-w- c:\windows\system32\ztv7z.dll
2012-09-01 10:09 . 2005-08-26 04:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-09-01 10:09 . 2012-06-15 19:39 169744 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-09-01 10:09 . 2012-06-15 19:35 185616 ----a-w- c:\windows\system32\ztvunrar39.dll
2012-09-01 10:09 . 2012-06-15 19:33 77072 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-09-01 10:09 . 2003-02-02 23:06 153088 ----a-w- c:\windows\system32\unrar3.dll
2012-09-01 10:09 . 2002-03-06 04:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-09-01 09:43 . 2012-08-28 04:50 7022536 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0FCE1901-6391-44E6-832B-D02C333CBC42}\mpengine.dll
2012-09-01 09:32 . 2012-09-01 09:32 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-31 19:38 . 2012-08-31 19:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Raxco
2012-08-31 19:37 . 2012-08-31 19:38 -------- d-----w- c:\program files\Raxco
2012-08-31 17:04 . 2012-08-31 19:15 -------- d-----w- c:\program files\WhoCrashed
2012-08-29 22:38 . 2012-08-29 22:38 71552 ----a-w- c:\windows\system32\drivers\91b0.sys
2012-08-29 22:18 . 2012-08-29 22:18 71552 ----a-w- c:\windows\system32\drivers\4cc511cfa725e835.sys
2012-08-29 22:17 . 2012-08-29 22:17 71552 ----a-w- c:\windows\system32\drivers\8d2c.sys
2012-08-29 22:10 . 2012-08-29 22:10 71552 ----a-w- c:\windows\system32\drivers\1a7178.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-30 23:41 . 2012-04-24 21:47 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-30 23:41 . 2011-06-08 09:01 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-04 10:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2004-08-11 22:11 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40 . 2004-08-04 10:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 23:59 . 2012-06-06 23:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50 . 2009-08-19 20:07 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 20:35 . 2004-08-11 22:12 210968 ----a-w- c:\windows\system32\wuweb.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A893B09E-7D3B-486C-96D9-1A4A232A1FEB} "= "c:\program files\AIR MILES TOOLBAR\Toolbar.dll" [2010-07-18 1497600]
.
[HKEY_CLASSES_ROOT\clsid\{a893b09e-7d3b-486c-96d9-1a4a232a1feb}]
[HKEY_CLASSES_ROOT\FCTB000060399.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{7BB4454E-EB68-4D9B-8E14-0EBBE671F764}]
[HKEY_CLASSES_ROOT\FCTB000060399.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A893B09E-7D3B-486C-96D9-1A4A232A1FEB} "= "c:\program files\AIR MILES TOOLBAR\Toolbar.dll" [2010-07-18 1497600]
.
[HKEY_CLASSES_ROOT\clsid\{a893b09e-7d3b-486c-96d9-1a4a232a1feb}]
[HKEY_CLASSES_ROOT\FCTB000060399.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{7BB4454E-EB68-4D9B-8E14-0EBBE671F764}]
[HKEY_CLASSES_ROOT\FCTB000060399.IEToolbar]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2008-01-29 8491008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting "= "c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-06-02 19:06 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@= "Service "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@= "Driver "
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^L.Mike Belliveau^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\L.Mike Belliveau\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2007-11-09 00:00 159744 -c--a-w- c:\program files\DellTPad\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
2007-03-16 08:10 1392640 ----a-w- c:\windows\system32\WLTRAY.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DELL Webcam Manager]
2007-07-27 21:43 118784 -c--a-w- c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 15:13 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2008-03-11 17:44 16384 -c--a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2008-02-28 17:59 17920 -c--a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-11 21:39 138096 ----atw- c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-12-07 17:04 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-06-09 23:55 49208 -c--a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2010-01-27 15:22 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2012-07-03 16:46 973488 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2010-02-17 06:30 5244216 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2012-03-26 20:08 931200 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-17 01:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-01-29 20:14 8491008 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2008-01-29 20:14 86016 ----a-w- c:\windows\system32\nvhotkey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-01-29 20:14 81920 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-01-29 20:14 1626112 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM02Mon.exe]
2007-05-09 20:01 36864 -c--a-w- c:\windows\OEM02Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2007-12-21 15:58 184320 ----a-w- c:\program files\Dell\MediaDirect\PCMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-04-29 19:55 413696 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2007-05-10 13:22 405504 ----a-w- c:\program files\Sigmatel\C-Major Audio\WDM\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 14:44 248552 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-04-27 17:36 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride "=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE "=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe "=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe "=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe "=
"c:\\Program Files\\AIR MILES TOOLBAR\\TroubleShooter.exe "=
"c:\\Program Files\\AIR MILES TOOLBAR\\ToolbarUpdate.exe "=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe "=
"c:\\Program Files\\Skype\\Phone\\Skype.exe "=
"c:\\Documents and Settings\\L.Mike Belliveau\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe "=
.
R2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2/13/2012 9:19 PM 193816]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [1/27/2010 12:22 PM 12856]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/1/2012 7:35 AM 655944]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [8/13/2012 1:33 PM 3064000]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/1/2012 7:35 AM 22344]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/13/2009 6:39 PM 135664]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/29/2012 8:50 AM 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/24/2012 6:47 PM 250568]
S3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2/13/2012 9:19 PM 240408]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [4/27/2008 2:36 PM 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/13/2009 6:39 PM 135664]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 23:41]
.
2012-06-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34]
.
2012-08-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1278116446-1608358080-2534276080-1005Core.job
- c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-05-13 21:39]
.
2012-09-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1278116446-1608358080-2534276080-1005UA.job
- c:\documents and settings\L.Mike Belliveau\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-05-13 21:39]
.
2012-09-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-27 08:45]
.
2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-13 21:39]
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-13 21:39]
.
2012-09-02 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 20:03]
.
2012-09-02 c:\windows\Tasks\User_Feed_Synchronization-{D44EF46C-9EAF-4056-B559-E30E4F94CF16}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 07:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uSearchURL,(Default) = hxxp://search.alot.com/web?q=&pr=auto&client_id=E6EE8C0001CC27030074582E&src_id=11338&camp_id=2734&tb_version=2.5.20000.3
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-11312916.sys
MSConfigStartUp-Oxolixezibeceri - c:\windows\ewecoqafar.dll
MSConfigStartUp-TrojanScanner - c:\program files\Trojan Remover\Trjscan.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-02 06:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@= "c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker5 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\LMIinit.dll
c:\windows\System32\BCMLogon.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2616)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Raxco\PerfectDisk\PDAgent.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\System32\bcmwltry.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Raxco\PerfectDisk\PDEngine.exe
.
**************************************************************************
.
Completion time: 2012-09-02 06:37:34 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-02 09:37
.
Pre-Run: 225,310,191,616 bytes free
Post-Run: 226,055,745,536 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug= "do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 67F253CA99B28652E48C81922E3D364D

 

combofix.txt attached

 

Sorry, my mistake


ComboFix 12-09-01.01 - L.Mike Belliveau 09/02/2012 16:39:30.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1521 [GMT -3:00]
Running from: c:\documents and settings\L.Mike Belliveau\Desktop\bbs\ComboFix.exe
Command switches used :: c:\documents and settings\L.Mike Belliveau\Desktop\bbs\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"c:\windows\system32\drivers\1a7178.sys "
"c:\windows\system32\drivers\4cc511cfa725e835.sys "
"c:\windows\system32\drivers\8d2c.sys "
"c:\windows\system32\drivers\8d7f29c6e7e00045.sys.vir "
"c:\windows\system32\drivers\91b0.sys "
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\1a7178.sys
c:\windows\system32\drivers\4cc511cfa725e835.sys
c:\windows\system32\drivers\8d2c.sys
c:\windows\system32\drivers\8d7f29c6e7e00045.sys.vir
c:\windows\system32\drivers\91b0.sys
.
.
((((((((((((((((((((((((( Files Created from 2012-08-02 to 2012-09-02 )))))))))))))))))))))))))))))))
.
.
2012-09-02 12:37 . 2012-08-28 04:50 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{484BB8A9-7189-4C7E-B56E-C9EB8A9CB34B}\mpengine.dll
2012-09-01 16:46 . 2012-09-01 16:46 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-01 10:35 . 2012-09-01 10:35 -------- d-----w- c:\documents and settings\L.Mike Belliveau\Application Data\Malwarebytes
2012-09-01 10:35 . 2012-09-01 10:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-09-01 10:35 . 2012-09-01 10:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-01 10:35 . 2012-07-03 16:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-01 10:09 . 2012-06-15 19:33 605968 ----a-w- c:\windows\system32\ztv7z.dll
2012-09-01 10:09 . 2005-08-26 04:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-09-01 10:09 . 2012-06-15 19:39 169744 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-09-01 10:09 . 2012-06-15 19:35 185616 ----a-w- c:\windows\system32\ztvunrar39.dll
2012-09-01 10:09 . 2012-06-15 19:33 77072 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-09-01 10:09 . 2003-02-02 23:06 153088 ----a-w- c:\windows\system32\unrar3.dll
2012-09-01 10:09 . 2002-03-06 04:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-09-01 09:43 . 2012-08-28 04:50 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-01 09:32 . 2012-09-01 09:32 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-31 19:38 . 2012-08-31 19:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Raxco
2012-08-31 19:37 . 2012-08-31 19:38 -------- d-----w- c:\program files\Raxco
2012-08-31 17:04 . 2012-08-31 19:15 -------- d-----w- c:\program files\WhoCrashed
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-30 23:41 . 2012-04-24 21:47 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-30 23:41 . 2011-06-08 09:01 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-04 10:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2004-08-11 22:11 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40 . 2004-08-04 10:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 23:59 . 2012-06-06 23:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50 . 2009-08-19 20:07 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 20:35 . 2004-08-11 22:12 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-04 20:35 . 2008-05-08 18:56 222448 ----a-w- c:\windows\system32\muweb.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-02_09.32.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-09-02 12:02 . 2012-09-02 12:02 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
- 2012-01-13 07:04 . 2012-01-13 07:04 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2012-09-02 19:27 . 2012-09-02 19:27 16384 c:\windows\Temp\Perflib_Perfdata_508.dat
+ 2004-08-11 22:00 . 2012-09-02 12:03 91386 c:\windows\system32\perfc009.dat
- 2004-08-11 22:00 . 2012-06-14 01:38 91386 c:\windows\system32\perfc009.dat
+ 2011-04-06 19:48 . 2011-04-06 19:48 11120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
+ 2011-05-17 11:44 . 2011-05-17 11:44 98152 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Caching.dll
+ 2011-04-06 19:16 . 2011-04-06 19:16 39808 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Data.Entity.Build.Tasks.dll
+ 2011-05-17 12:27 . 2011-05-17 12:27 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
- 2010-03-18 16:16 . 2010-03-18 16:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
+ 2011-04-06 19:16 . 2011-04-06 19:16 30048 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
- 2010-03-18 19:47 . 2010-03-18 19:47 30048 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
+ 2012-09-02 12:02 . 2012-09-02 12:02 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 98152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
- 2012-01-13 07:04 . 2012-01-13 07:04 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
+ 2012-09-02 12:01 . 2012-09-02 12:01 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-06-14 01:35 . 2012-06-14 01:35 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-01-13 07:03 . 2012-01-13 07:03 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-09-02 12:00 . 2010-06-18 11:39 16896 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
- 2012-05-10 06:24 . 2012-05-10 06:24 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 55808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\4185d95173b2ad3cd57c5a8140a29784\System.Xaml.Hosting.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\f3a9c6e87bfa4bab3689ec1cdb56964f\System.Windows.Presentation.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\d8f7bf8ce78d0785e68c589c1e64a6dd\System.Web.Routing.ni.dll
- 2012-05-10 06:26 . 2012-05-10 06:26 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\d8f7bf8ce78d0785e68c589c1e64a6dd\System.Web.Routing.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\be0023b0814db0cd39b177e21632f8e9\System.Web.DynamicData.Design.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9b418f37f4594806e1f4b0ed6d083a95\System.Web.ApplicationServices.ni.dll
- 2012-05-10 06:26 . 2012-05-10 06:26 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\31ec874a9482ad1a99ba24ca4a6ec914\System.Web.Abstractions.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\31ec874a9482ad1a99ba24ca4a6ec914\System.Web.Abstractions.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\703ffb7a271059d40edeff9eb0e2b7e3\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-09-02 12:16 . 2012-09-02 12:16 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
- 2012-05-10 06:24 . 2012-05-10 06:24 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 37888 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\f519738a47ffedaa4c04ec6e16a6b7b1\Microsoft.Workflow.Compiler.ni.exe
+ 2012-09-02 12:15 . 2012-09-02 12:15 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
- 2012-05-10 06:23 . 2012-05-10 06:23 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
- 2012-05-10 06:22 . 2012-05-10 06:22 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
- 2012-06-14 12:20 . 2012-06-14 12:20 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\60cd565e09b19c954ac969d98cf07fca\WindowsLiveWriter.ni.exe
+ 2012-09-02 12:12 . 2012-09-02 12:12 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\60cd565e09b19c954ac969d98cf07fca\WindowsLiveWriter.ni.exe
+ 2012-09-02 12:12 . 2012-09-02 12:12 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\530ede2bd1071f8a0f4ac5920f450fa1\WindowsLive.Writer.Api.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\530ede2bd1071f8a0f4ac5920f450fa1\WindowsLive.Writer.Api.ni.dll
- 2012-05-10 06:17 . 2012-05-10 06:17 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
+ 2012-09-02 11:58 . 2012-09-02 11:58 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
- 2012-05-10 06:22 . 2012-05-10 06:22 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3b34fc2c8c94ffe21f75168980b69dfe\System.Web.DynamicData.Design.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3b34fc2c8c94ffe21f75168980b69dfe\System.Web.DynamicData.Design.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-09-02 12:13 . 2012-09-02 12:13 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
+ 2012-09-02 12:13 . 2012-09-02 12:13 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
- 2012-05-10 06:15 . 2012-05-10 06:15 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
+ 2012-09-02 11:57 . 2012-09-02 11:57 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
+ 2012-09-02 11:57 . 2012-09-02 11:57 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
- 2012-05-10 06:15 . 2012-05-10 06:15 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
- 2012-05-10 06:22 . 2012-05-10 06:22 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f00a18225430e7531135589688d650a1\Microsoft.VisualC.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f00a18225430e7531135589688d650a1\Microsoft.VisualC.ni.dll
+ 2012-09-02 12:13 . 2012-09-02 12:13 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
+ 2012-09-02 12:13 . 2012-09-02 12:13 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
- 2012-05-10 06:21 . 2012-05-10 06:21 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
- 2012-05-10 06:20 . 2012-05-10 06:20 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
+ 2012-09-02 12:04 . 2012-09-02 12:04 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
+ 2010-08-31 17:13 . 2011-08-16 10:45 6144 c:\windows\system32\dllcache\iecompat.dll
+ 2012-09-02 12:25 . 2012-09-02 12:25 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
- 2012-05-10 06:23 . 2012-05-10 06:23 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
+ 2012-09-02 12:14 . 2012-09-02 12:14 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
- 2012-06-14 01:35 . 2012-06-14 01:35 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2004-08-11 22:00 . 2012-06-14 01:38 509336 c:\windows\system32\perfh009.dat
+ 2004-08-11 22:00 . 2012-09-02 12:03 509336 c:\windows\system32\perfh009.dat
- 2004-08-04 10:00 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
+ 2004-08-04 10:00 . 2011-10-28 16:07 726528 c:\windows\system32\jscript.dll

 

+ 2004-08-04 10:00 . 2011-10-28 16:07 726528 c:\windows\system32\dllcache\jscript.dll
- 2004-08-04 10:00 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
- 2010-08-31 14:38 . 2009-11-21 15:51 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2010-08-31 14:38 . 2011-03-11 14:10 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2011-04-06 19:16 . 2011-04-06 19:16 326000 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Web.dll
+ 2011-04-06 19:16 . 2011-04-06 19:16 175992 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activation.dll
+ 2011-04-06 19:48 . 2011-04-06 19:48 236880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
+ 2011-04-06 19:16 . 2011-04-06 19:16 810352 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.Design.dll
+ 2011-05-17 11:44 . 2011-05-17 11:44 181584 c:\windows\Microsoft.NET\Framework\v4.0.30319\peverify.dll
- 2010-03-18 19:47 . 2010-03-18 19:47 181584 c:\windows\Microsoft.NET\Framework\v4.0.30319\peverify.dll
+ 2011-05-17 12:27 . 2011-05-17 12:27 413520 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 326000 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 175992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 810352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-01-13 07:04 . 2012-01-13 07:04 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-01-13 07:03 . 2012-01-13 07:03 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-09-02 12:02 . 2012-09-02 12:02 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-09-02 12:01 . 2012-09-02 12:01 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-06-14 01:35 . 2012-06-14 01:35 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-09-02 12:03 . 2012-09-02 12:03 552448 c:\windows\Installer\7b9fc2.msi
- 2012-04-27 22:06 . 2012-04-27 22:06 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
+ 2012-09-02 12:03 . 2012-09-02 12:03 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
+ 2012-09-02 12:00 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2632503-IE8\spuninst\updspapi.dll
+ 2012-09-02 12:00 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2632503-IE8\spuninst\spuninst.exe
+ 2012-09-02 12:00 . 2011-03-04 06:37 726528 c:\windows\ie8updates\KB2632503-IE8\jscript.dll
+ 2012-09-02 12:00 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll
+ 2012-09-02 12:00 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe
+ 2012-09-02 12:25 . 2012-09-02 12:25 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\09f78ad9517d5d19de8498bac32fc9f8\XamlBuildTask.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\a61f64155e6b58da21013a5e4d6805c2\WsatConfig.ni.exe
+ 2012-09-02 12:25 . 2012-09-02 12:25 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll
- 2012-05-10 06:24 . 2012-05-10 06:24 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-09-02 12:25 . 2012-09-02 12:25 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\7a9f70fa774076a7ec19bc03e7064d0d\UIAutomationClient.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\c477bbff1e4662263255a1bf17bd9c2a\System.Windows.Input.Manipulations.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\122b5ef2b93132bd770c2c5d753d73ee\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\ea0b825a2dd1a056f6171170eb072d4a\System.Web.RegularExpressions.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\c85b43405ac9aa403a714af716ef3c5e\System.Web.Extensions.Design.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\a0abe24dff94a2fb2c27c631a45aa95f\System.Web.Entity.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\951b0d1b999b49a47fb06f4011565ffa\System.Web.Entity.Design.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\ae2121b64d021313d3c1ddd621e4d472\System.Web.DynamicData.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\15e5acbd2196d1d4bde8466ff690aa76\System.Web.DataVisualization.Design.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 432640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f8fa8f3947b4f9b6819d121537e39050\System.ServiceModel.Activation.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll
+ 2012-09-02 11:56 . 2012-09-02 11:56 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 771584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 244736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\d8b4dcd719a3805ab0bce3c8cdfe8288\System.Runtime.Caching.ni.dll
+ 2012-09-02 11:56 . 2012-09-02 11:56 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
- 2012-05-10 06:05 . 2012-05-10 06:05 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd25ddcfa0417d40e3f1385e30abcd6f\System.Net.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\08397796343d5730a29f42e61c7f6ee7\System.Management.Instrumentation.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\ff1250d2409bd16283c423650d6fd3f6\System.IO.Log.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e60675d3ba7fa94924489dc8466ebff5\System.IdentityModel.Selectors.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
+ 2012-09-02 11:56 . 2012-09-02 11:56 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a9b1e597aaa263dea2cf8754440bd271\System.Dynamic.ni.dll
+ 2012-09-02 11:57 . 2012-09-02 11:57 226304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\0640b7fe359ea63a1799465631aa691a\System.Drawing.Design.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e41e86da56bb60523251e0e08210a77b\System.DirectoryServices.Protocols.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94d45f7f28d81304d7fa83bcea849141\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4c50d8a951546d6dffdc8bcb23f47a7b\System.Device.ni.dll
+ 2012-09-02 12:24 . 2012-09-02 12:24 508928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\9242a5a839c4ae4f203c32b409dc7c42\System.Data.Services.Design.ni.dll
+ 2012-09-02 12:22 . 2012-09-02 12:22 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
+ 2012-09-02 11:56 . 2012-09-02 11:56 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
+ 2012-09-02 11:57 . 2012-09-02 11:57 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\877ef74350e6d374ca8f80b489a8cc8e\System.ComponentModel.Composition.ni.dll
+ 2012-09-02 12:16 . 2012-09-02 12:16 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4330e93f9d0ef85f1a972e11c2ac5156\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-09-02 12:16 . 2012-09-02 12:16 624128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0c67d9fc14856eb7d8b4e405aef79960\System.AddIn.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b046f2d5f056b906d7b25b75ca23575\System.Activities.DurableInstancing.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\4847f66153121ec4ed532909f7c152be\SMSvcHost.ni.exe
+ 2012-09-02 12:15 . 2012-09-02 12:15 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
+ 2012-09-02 11:56 . 2012-09-02 11:56 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ef6e3eb351fe12a5766be7c956c35d95\PresentationFramework.Classic.ni.dll
+ 2012-09-02 11:57 . 2012-09-02 11:57 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e49a124fdad0f1db135f03a49f18fb48\PresentationFramework.Royale.ni.dll
+ 2012-09-02 11:56 . 2012-09-02 11:56 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
+ 2012-09-02 11:56 . 2012-09-02 11:56 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\141f0a8fbfb83604fa3dd43dbe8fa0f4\PresentationFramework.Luna.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\d47740fc85ad70c686adc9fc9dc6e7f5\MSBuild.ni.exe
+ 2012-09-02 12:15 . 2012-09-02 12:15 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8cc4dd9babffe370cf375925fba15f84\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\01c5ff7a1ea0463414736df5d449e0a9\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-09-02 12:15 . 2012-09-02 12:15 631296 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\3ad065635e1e0cd413081be61993cd38\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\71a3a98ff5fb128d3abf6ecc3224ba6b\Microsoft.Build.Framework.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 136192 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\f18a2a149b3e7f9cf74de1263c2ee337\Microsoft.Build.Conversion.v4.0.ni.dll
- 2012-05-10 06:23 . 2012-05-10 06:23 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 475136 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\7186c9237e315a433d3c6a31fea48310\ComSvcConfig.ni.exe
+ 2012-09-02 12:14 . 2012-09-02 12:14 852480 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\b02ad189fc3de84d6361f0bf0cfafbf5\AspNetMMCExt.ni.dll
+ 2012-09-02 12:13 . 2012-09-02 12:13 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
- 2012-05-10 06:19 . 2012-05-10 06:19 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
+ 2012-09-02 12:12 . 2012-09-02 12:12 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\2cf0401644b4738cdd1f2ff0de3f10a7\WindowsLiveLocal.WriterPlugin.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\2cf0401644b4738cdd1f2ff0de3f10a7\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f7a22abe9a9e923dab1180eaefdf3d0a\WindowsLive.Writer.BlogClient.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f7a22abe9a9e923dab1180eaefdf3d0a\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e57f9b833a2891fced2b48e11bdd76a2\WindowsLive.Writer.HtmlEditor.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e57f9b833a2891fced2b48e11bdd76a2\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\baacfa565b2f46f4501cd89b067a8a47\WindowsLive.Writer.HtmlParser.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\baacfa565b2f46f4501cd89b067a8a47\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b7f8621791ab1b15516d84cce65eaa05\WindowsLive.Writer.BrowserControl.ni.dll
- 2012-06-14 12:20 . 2012-06-14 12:20 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b7f8621791ab1b15516d84cce65eaa05\WindowsLive.Writer.BrowserControl.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ab181ae110294c0c572059dea0a4332c\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ab181ae110294c0c572059dea0a4332c\WindowsLive.Writer.Interop.Mshtml.ni.dll
- 2012-06-14 12:20 . 2012-06-14 12:20 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a2f1ff8ea083f22dab87068e5ca8e583\WindowsLive.Writer.Interop.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a2f1ff8ea083f22dab87068e5ca8e583\WindowsLive.Writer.Interop.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\89dbf905d6596871858953265bd5aaa3\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\89dbf905d6596871858953265bd5aaa3\WindowsLive.Writer.SpellChecker.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6e3304489b3499ff61ef3407f85af208\WindowsLive.Writer.Passport.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6e3304489b3499ff61ef3407f85af208\WindowsLive.Writer.Passport.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\678f35b523dbb63a4f247c1ffdf359cd\WindowsLive.Writer.Instrumentation.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\678f35b523dbb63a4f247c1ffdf359cd\WindowsLive.Writer.Instrumentation.ni.dll
- 2012-06-14 12:20 . 2012-06-14 12:20 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\615c9877e0c1a400ff38cdd5bb8cd557\WindowsLive.Writer.Localization.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\615c9877e0c1a400ff38cdd5bb8cd557\WindowsLive.Writer.Localization.ni.dll
- 2012-06-14 12:20 . 2012-06-14 12:20 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\389e8327f683404389d9cab33a2266a8\WindowsLive.Writer.Controls.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\389e8327f683404389d9cab33a2266a8\WindowsLive.Writer.Controls.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\29e8f27943707613416f76a0357c8f41\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\29e8f27943707613416f76a0357c8f41\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\25ca97ab7299f0575ff5582de576af63\WindowsLive.Writer.Extensibility.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\25ca97ab7299f0575ff5582de576af63\WindowsLive.Writer.Extensibility.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0db70688c2811763dd6725365acba04c\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0db70688c2811763dd6725365acba04c\WindowsLive.Writer.FileDestinations.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\007ad638af9e15669246f12a8c538e1a\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\007ad638af9e15669246f12a8c538e1a\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\b0e2cd508ae8b393f5d8c5d4ccfd69d9\WindowsLive.Client.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\b0e2cd508ae8b393f5d8c5d4ccfd69d9\WindowsLive.Client.ni.dll
+ 2012-09-02 11:58 . 2012-09-02 11:58 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\86e11a59f02b2dda27ec2e7cba351744\WindowsFormsIntegration.ni.dll
- 2012-06-14 11:44 . 2012-06-14 11:44 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\86e11a59f02b2dda27ec2e7cba351744\WindowsFormsIntegration.ni.dll
+ 2012-09-02 11:58 . 2012-09-02 11:58 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
- 2012-05-10 06:17 . 2012-05-10 06:17 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
+ 2012-09-02 11:58 . 2012-09-02 11:58 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
- 2012-05-10 06:17 . 2012-05-10 06:17 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
- 2012-05-10 06:22 . 2012-05-10 06:22 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\698c2093d7ac57af935b399d1c0b1790\System.Web.Routing.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\698c2093d7ac57af935b399d1c0b1790\System.Web.Routing.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\75248baf640115daeb0e580f1c5ff98b\System.Web.Extensions.Design.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\75248baf640115daeb0e580f1c5ff98b\System.Web.Extensions.Design.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\40c3b61ac38613e2b4b0f196e86185eb\System.Web.Entity.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\40c3b61ac38613e2b4b0f196e86185eb\System.Web.Entity.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\39cc9a830f7f08fd9f397be452fd78b0\System.Web.Entity.Design.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\39cc9a830f7f08fd9f397be452fd78b0\System.Web.Entity.Design.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\88b1fd4792e7b698b788594d8e5e3c09\System.Web.DynamicData.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\88b1fd4792e7b698b788594d8e5e3c09\System.Web.DynamicData.ni.dll
- 2012-06-14 12:21 . 2012-06-14 12:21 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6333d22a2ea347432d46c40d93194c68\System.Web.Abstractions.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6333d22a2ea347432d46c40d93194c68\System.Web.Abstractions.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
- 2012-06-14 12:20 . 2012-06-14 12:20 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
- 2012-05-10 06:20 . 2012-05-10 06:20 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
- 2012-05-10 06:20 . 2012-05-10 06:20 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-09-02 12:12 . 2012-09-02 12:12 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
- 2012-05-10 06:21 . 2012-05-10 06:21 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
+ 2012-09-02 12:14 . 2012-09-02 12:14 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
- 2012-05-10 06:22 . 2012-05-10 06:22 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
- 2012-05-10 06:22 . 2012-05-10 06:22 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
+ 2012-09-02 12:13 . 2012-09-02 12:13 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
- 2012-05-10 06:22 . 2012-05-10 06:22 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
+ 2012-09-02 12:13 . 2012-09-02 12:13 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
+ 2012-09-02 12:04 . 2012-09-02 12:04 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll
- 2012-05-10 06:18 . 2012-05-10 06:18 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll