Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

virtumonde removal - need help


  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is spybot stil reporting ?
  • 0

Advertisements


#17
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
yes it's still reporting. and i also have a bunch of weird files on my desktop and in a bunch of folders. files that end with .ini

Edited by xdionne87, 15 August 2011 - 12:57 PM.

  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
They are system files we will hide them again on completion

OK lets see if Combofix can find it - allow it to update if requested

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\Windows\System32\esentprfw.dll

Save this as CFScript.txt, in the same location as ComboFix.exe
Posted Image

Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • 0

#19
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ComboFix 11-08-15.07 - Xavier 15/08/2011 15:18:39.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.6135.4338 [GMT -4:00]
Running from: c:\users\Xavier\Desktop\ComboFix.exe
Command switches used :: c:\users\Xavier\Desktop\cfscript.txt
AV: Norton AntiVirus *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Norton AntiVirus *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\System32\esentprfw.dll"
.
.
((((((((((((((((((((((((( Files Created from 2011-07-15 to 2011-08-15 )))))))))))))))))))))))))))))))
.
.
2011-08-15 19:23 . 2011-08-15 19:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-06 23:39 . 2011-08-06 23:39 -------- d-----w- C:\_OTL
2011-08-06 19:54 . 2011-08-06 19:54 -------- d-----w- C:\VundoFix Backups
2011-08-03 22:15 . 2011-08-03 22:15 -------- d-----w- c:\users\Xavier\AppData\Local\Mozilla
2011-07-31 20:25 . 2011-08-14 23:30 -------- d-----w- c:\users\Xavier\riotsGamesLogs
2011-07-30 15:52 . 2011-07-30 15:52 -------- d-----w- c:\windows\Sun
2011-07-30 15:51 . 2011-07-30 15:51 231424 ----a-w- c:\windows\Pvahaa.exe
2011-07-30 15:51 . 2011-07-30 15:51 63488 --sha-r- c:\windows\SysWow64\esentprfw.dll
2011-07-29 15:25 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE350E56-B5A7-435E-A6CF-810F453A206B}\mpengine.dll
2011-07-17 14:30 . 2011-07-17 14:30 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-17 14:25 . 2011-07-17 14:25 -------- d-----w- c:\program files (x86)\Common Files\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 04:26 . 2011-08-10 19:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-15 17:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-15 17:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-29 19:21 . 2011-06-29 19:21 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-11 03:07 . 2011-07-13 21:31 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-05-24 23:14 . 2010-01-19 00:55 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-28 21:53 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-28 21:53 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-28 21:53 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-28 21:53 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-28 21:53 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2010-05-17 23:58 . 2010-05-17 23:58 299864 ----a-w- c:\program files\dxwebsetup.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-11_20.33.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-10 03:19 . 2011-08-15 18:49 53730 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-08-11 20:08 32598 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-15 18:49 32598 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-19 01:10 . 2011-08-15 18:49 19334 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-422954752-2381727462-1605255963-1000_UserData.bin
- 2010-01-18 16:22 . 2011-08-11 20:24 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-18 16:22 . 2011-08-15 18:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-11 20:10 . 2011-08-11 20:24 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-08-12 22:13 . 2011-08-15 18:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-15 18:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-08-11 20:24 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-18 16:40 . 2011-08-11 20:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-18 16:40 . 2011-08-15 19:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-18 16:40 . 2011-08-11 20:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-18 16:40 . 2011-08-15 19:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-11 21:34 . 2011-08-11 21:34 42496 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\357c754688a5756ac7fc4fc831ffbf03\System.Windows.Presentation.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\f7738bf2ff3dc492be82f64880dcfc4c\System.Web.ApplicationServices.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\32d3441efb46d802cdc65de502f28e3b\System.AddIn.Contract.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\512c12c2af578c00e8655b0ec2a92102\Microsoft.VisualC.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\4a82ab8680409c1dc5a55e26742e8900\dfsvc.ni.exe
+ 2011-08-11 21:30 . 2011-08-11 21:30 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\b1136d0eb9ce963a7675b0d6cd7c4c4e\Accessibility.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a2ef92260effc4f8cef9339a24ba230b\UIAutomationProvider.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\fd3809e0cf174aaadc13e0b409123fd3\System.Windows.Presentation.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\6b87fc6f1e65b1bf6df19a9bd5b02f80\System.Web.ApplicationServices.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\49989f9c9f180a49b0953cb47078df77\System.ServiceModel.Channels.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\6c15a9f7fb56275fb9ad22ae306d9d42\System.AddIn.Contract.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\9cce7d40f80e50a7e43d8e99f039359f\Microsoft.VisualC.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\ec6caf1c86ddb8ce9d7a89adb10264e8\Accessibility.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\f4b0a65a0cad6d091bb903fb5f7f490d\System.Windows.Presentation.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\055b996b602a243bd4fcbdde8accc09c\System.Web.DynamicData.Design.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\b33d58d0716cc4abc0183d5167bcdc2e\stdole.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\fe5b12605f26ab36c26f0a3b3c475dd5\PresentationFontCache.ni.exe
+ 2011-08-11 21:29 . 2011-08-11 21:29 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\66019b987c020943413851e959ca80c2\Microsoft.WSMan.Runtime.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\f2ee738d8439bf9025e1234c6afbd7e8\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\e29ed5ad26446d196b4a5ea7e69c74e9\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\b1c9507f23021701932fca6306d0df0f\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\a4d48547af11390249b96fd1526ea514\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\636902d124bb3ee04ded9773d46f1d5d\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\6096a2f20727ede39049c5f3628b9a60\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b1a1a072eba978666cefe4f99fc6401c\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\cdbee55e7f6c60f5cb56d6ec9f083951\LoadMxf.ni.exe
+ 2011-08-11 21:28 . 2011-08-11 21:28 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\16951451968fea951a2294c0ff4bd49e\ehiUPnP.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\867a57af137c4a524067cdbbf09766e0\ehiTVMSMusic.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\0c6cb1fd7a82938112cbea2c22e433df\dfsvc.ni.exe
+ 2011-08-11 21:22 . 2011-08-11 21:22 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\641960d3bb40a22bb5f4db7f9052eff4\WindowsLiveWriter.ni.exe
+ 2011-08-11 21:22 . 2011-08-11 21:22 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\52f65738c7530cb0221a1a6d9877da84\WindowsLive.Writer.Api.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3ef94ae15e7d80bb818934265bb90c10\System.Windows.Presentation.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\dd2bb107a0bbac08a0ccaf93c8bb7490\System.Web.DynamicData.Design.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\54d33aa6cf3af2d6e28c7d46c0ce363f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e88e6ace53ab318210c1657483321e40\System.AddIn.Contract.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\cd32e850b908317981c109dd20a0d5b2\stdole.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\fe7afc935e0c66172577a1ded815993b\PresentationFontCache.ni.exe
+ 2011-08-11 21:23 . 2011-08-11 21:23 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\69b036f1479a9aa93430f2d1676032b2\napcrypt.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\ab2d4de59dee683a2f77123f671839ba\Microsoft.WSMan.Runtime.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8a102c44ccfe60d131d7e350d149bf85\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\7ce6ebef5427853ecb5bd68da29f1fdd\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\405aa271df15b8ce1b0b970f37687152\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\3442a002e4e5d93ca3895a29ba7adb74\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\20c20811d44ba8c9513f2f2ba96d7047\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\09a9791efe9f32a50bd01346f0b05666\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\034ab6a3d60fdfba641443f16efdf309\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\2ac41c859d5e5e84993a555e3eeaea90\Microsoft.Vsa.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9152d7f0adafac97d853647ca783b8e4\Microsoft.Build.Framework.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c219cc49d452997a91d916309511e68\Microsoft.Build.Framework.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\ac010bace23545b3a5b1825e5c7b046e\ehiUserXp.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\027211443c6da8187fe92e682c048cd5\dfsvc.ni.exe
+ 2011-08-15 19:24 . 2011-08-15 19:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-11 20:32 . 2011-08-11 20:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-11 20:32 . 2011-08-11 20:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-15 19:24 . 2011-08-15 19:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-11 21:24 . 2011-08-11 21:24 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\2d01a98c567028c2aa3f58b71581c708\dfsvc.ni.exe
+ 2010-01-21 20:56 . 2011-08-13 19:19 483288 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-07-14 02:36 . 2011-08-14 01:35 637182 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-08-14 01:35 114624 c:\windows\system32\perfc009.dat
- 2009-07-14 05:12 . 2011-08-10 23:50 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-08-12 23:05 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2011-08-11 20:31 429096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-08-15 19:23 429096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-11 21:34 . 2011-08-11 21:34 322048 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\6c332f5c8c795f7e5415d94bf1d68b0b\WindowsFormsIntegration.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\21b0a1645439e2c615a317dc4cca191d\UIAutomationTypes.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\792559a31b651ec7c2d5da9847961736\UIAutomationProvider.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\0b326be8df8a20d09e9eb8e827c7258c\UIAutomationClient.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 525824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\c767821a3004226d67edf155d5737083\System.Xml.Linq.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 254976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\a7fe785edf8113c49b5fa6adcb537408\System.Windows.Input.Manipulations.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\0cad532e2fb59585cc790c3fe656e64f\System.Transactions.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 280576 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ee501cc4420ce53f2ded79b3ad798c90\System.ServiceProcess.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 107520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e3cbf844da8dbc1190d37abc30570e29\System.ServiceModel.Channels.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 507904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4b2c5b2baad543993991af8e6e347964\System.ServiceModel.Routing.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 939520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\bd4e7dba4c1d18de2bb92f050691f714\System.Security.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 376320 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\93ee99e5061f73f7e0d64e28e72acdd8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\3ae7f226fe2de56b8a1417d52ed51029\System.Runtime.Remoting.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\97a9eaf09596eebab9ed3e17546ae804\System.Numerics.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 930304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\41d449b0be8ff6b6dc9174313db88459\System.Net.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\f8aa02fc7b4467081e19e35a5601f518\System.Messaging.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\4fc188ed573c4a57a0287938986f6a1c\System.Management.Instrumentation.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\0cca1aa68edcb1f5ee92fc8aaa2c7d51\System.IO.Log.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\80d06aff25a9994a00f2976a1cb06733\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\df0ac9043e9b88bcafa5b378994d8365\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 511488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\ce5254e2408f77d6a09d30508f8dd52a\System.Dynamic.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 628736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6048f7c3071c23536b976d262c34fae1\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\80d5d1a7442173fc59c419b8d1c647ff\System.Device.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\33038b29c486ff870f23a6b37e5b9d11\System.Data.DataSetExtensions.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 181248 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c509822f920d2613ab999e6148ab8099\System.Configuration.Install.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\e0dc7e5bc5e66268387e19c10727a030\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\55d507e7cc2017d6eed82527df1e910a\System.AddIn.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 553472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\0a65293a0732eaeb538fb5d9accafe92\System.Activities.DurableInstancing.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 430080 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\7597686f1c999b6491518ff47508acdf\SMSvcHost.ni.exe
+ 2011-08-11 21:32 . 2011-08-11 21:32 184832 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\53d186939a3367ce3b37c84464370ca6\SMDiagnostics.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 387584 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\eb1dae468677366538f99b623e7a7018\PresentationFramework.Royale.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 745984 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1e80fa78c14d8cac7feaa1d70ffb0a38\PresentationFramework.Luna.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 331264 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\196d1a63ee35811bd9ce868bc70273a7\PresentationFramework.Classic.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 555520 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\039366972f5ad8f34025c5aed57c1929\PresentationFramework.Aero.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\2282b71e9ea6da3366b3b81984109382\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\85e60ede22b298d7e5fcc17757f74ef1\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\4f99fd1b2d217c9950b0e7c053b9e906\CustomMarshalers.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\11f340731d6cd696ae7b8b6351702cbe\WindowsFormsIntegration.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\8d3a679adab2761b52ffbb45c9c3a424\UIAutomationTypes.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\0335e0194e209f69c3bd7104f3072818\UIAutomationClient.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c829c221dcccf40edbd75a0db8677d8a\System.Xml.Linq.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\004e12aad2006c3e9b30c08d52f8785b\System.Windows.Input.Manipulations.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\801e4d0a25c5afb1288c890f9e71257a\System.Transactions.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0af5485ccb0e43dd200f9e21f5eb60bd\System.ServiceProcess.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\cfb228e35c0876d643008f616a8e132f\System.ServiceModel.Routing.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\dd02eb52dead028e9ca47004a0ef6811\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 762368 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\1aad834c96402d8cb42631dcbcb14848\System.Runtime.Remoting.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\772b52e4ac8936b913fe017d909c75e4\System.Net.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\800c19289623b452a4681765004a6593\System.Messaging.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\0d9d8caf2b678f6163062213fbebba79\System.Management.Instrumentation.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\f3dae22180575540ae1cce1dc3310ec8\System.IO.Log.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\29722312a1eb3d003a4b1d13a99ce7a2\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\cf4c1eab5c582c8b3240df27a1571014\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\2bb5db827de2910b7ab3b83b402edbd1\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\eb2b27bc25184cd6878192ce2af5d37a\System.Device.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\0861be947a9873ce65c95ad6306dc4b8\System.Data.DataSetExtensions.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\bfcf802a51a71bdb239e504eac1b2343\System.Configuration.Install.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\75be7916fe8bb0db3fa194b8d6ef9d9b\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0f1bafb387e3571c1b75bf5f3dbc7d41\System.AddIn.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\742dd858317919b757db0d2222c57e7b\System.Activities.DurableInstancing.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\7a5c39f61b17e969dfc6c6a7068c49c4\SMSvcHost.ni.exe
+ 2011-08-11 21:25 . 2011-08-11 21:25 142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\7b4d732795beab50abf3458fa6a267c9\SMDiagnostics.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a41ff633fc02c4f82a653e98263f9684\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\1751b025496942925f09bc6409e3a175\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\05cdbb716020bb07505b04593ee0f2b0\CustomMarshalers.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\bfb29034e69046d05e1ff758c0fcda27\WsatConfig.ni.exe
+ 2011-08-11 21:30 . 2011-08-11 21:30 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\1c573262c14ba755ac6ccab0945711cb\WindowsFormsIntegration.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 472576 c:\windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\7e380506c8681805bf7341f757fca1cf\VistaBridgeLibrary.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 736768 c:\windows\assembly\NativeImages_v2.0.50727_64\VDialog\d588f927370ae718e5b8f246a0bb93d1\VDialog.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\ad5c1e837ea97e2e6401fd4fac9d99d4\UIAutomationClient.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\50621c88a5345fd8fcb959a9fc25f084\TaskScheduler.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\ebd55d35d25cf10e6e24453238d3c5eb\System.Xml.Linq.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\0bf594db7ec4fd4754f7535f24b254aa\System.Web.Routing.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\09199f147cafe8a357cbcf68f6098a77\System.Web.Entity.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\b21a0f26bff3d30480050c41f4f786f6\System.Web.Entity.Design.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\adfea0205de0aeb42c9bd80be40d7c47\System.Web.DynamicData.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\b6cc0ab04339d7cf16e83487e921fb71\System.Web.Abstractions.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\0646a91d680e840b201eb7a96876f053\System.Net.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\f53e6c7d027431c87b5839036a2f977d\System.Messaging.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\b9e961f0a21c8afe6213218fdbc8f8a2\System.Management.Instrumentation.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\49a6af02ac362d95ccf98068492053e5\System.IO.Log.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\4b21a062e82d08cf0ce61e7f1c8d1f2a\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\5e0b2a3713da55d99450c9cad93c4d2f\System.Data.Services.Design.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\486d44582be2000df84c46e187a88e70\System.Data.DataSetExtensions.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\1bcd63abfac2072c18ab799a37dd89cf\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\268f6f10ba5e94d24677a1a68f97ac15\System.AddIn.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\fc738e6c257a4851a220b9660688c25f\System.AddIn.Contract.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\7706a4ac4bf3f09a2d0b655e363fa401\sysglobl.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\8103d9a6fe544e521f89b92d24ac298a\SMSvcHost.ni.exe
+ 2011-08-11 21:27 . 2011-08-11 21:27 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\c268879bbddc814fadfe497300c03752\SMDiagnostics.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\a04a8437f757b8da7a707e31702169d6\napsnap.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\711d1c8357619b22e5caffd9cab59736\napinit.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\644fd981e996dd2ba072cc6265a0b74b\naphlpr.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\fe39885123be43ee8b6f4c1ca669d49b\napcrypt.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 407552 c:\windows\assembly\NativeImages_v2.0.50727_64\MyDock.Util\22df50fcbba0284804674500f8d69545\MyDock.Util.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\b75df85509061d9729506b8af64513f7\MSBuild.ni.exe
+ 2011-08-11 21:28 . 2011-08-11 21:28 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\c42d34f67692030a55a9bc64004e9041\MMCFxCommon.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\5db5412b8b9fdbe83b43a79b76cb39c6\Microsoft.WSMan.Management.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\de2193a90cfc32eed4ad1c78a99b8363\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\0836bcb90046e51c8bd055c0755bd57d\Microsoft.Vsa.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\b3361f5be5cde787e5e6c67b1bf55684\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d99d7734ec2e39696ac5ce7e7b2d76bd\Microsoft.PowerShell.Security.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\77160cddd8417526c586e13b529f68bf\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6a1869785554446d202d6f718d036a3e\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\5c7ffe4abea4b5a400f768cad060835d\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f0cb734b7acfb102c57ed39f8918ce3d\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e4313e989939114d32f9254a74eee676\Microsoft.MediaCenter.Interop.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\87d3f8fed35fa164d0e5dabbcee46df8\Microsoft.MediaCenter.Playback.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5ec49bda571c34526ad7db5ec7a201c4\Microsoft.MediaCenter.iTv.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\3ea7a7a15d59a1185b74f340f05c0b33\Microsoft.MediaCenter.Sports.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1cbb6b9711bed2da17ae866cf2f58c31\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\04b81e74cc96402e59800be2c13358f9\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\503235feed6b59fff53b29c9def81a5d\Microsoft.ManagementConsole.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\6c999c27e6724dd1d0a10202f3e52e57\Microsoft.Build.Utilities.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\137428fc7e8ae3a1b733ffc45a3f3076\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\748b8b1f294666450436cc174c0b0684\Microsoft.Build.Framework.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\4196ba1264bd52f324e01016716cbbe9\Microsoft.Build.Framework.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\8be3ef8d90c0f3e97437887dac5a8d78\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\736323a581cc019ae2027f71dc496668\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\39e1e694a468028f2ca73994f76322d4\Mcx2Dvcs.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\d820c1a490dfb31933fd53f96514bbce\mcupdate.ni.exe
+ 2011-08-11 21:28 . 2011-08-11 21:28 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\428aa9c2151b0f385227c513c9497673\mcstoredb.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\614f7b9e9c362ac6d4175638ea2237d9\mcplayerinterop.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\7f8a262f2b6807a47517c1ea6e6b2a7b\mcGlidHostObj.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\0801a977b58776ed017238d4aaa7995e\MCESidebarCtrl.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\136009b4f22e65e77a916747429e599b\EventViewer.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\d313ec20c40b0fd3125b8e710f74556d\ehRecObj.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\fb85aad5c54840d8c5a17ac30a2fdfd7\ehiWUapi.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\af6c550e9382dba858ca65bb220799ea\ehiwmp.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\244edb2f64f825975b8c70f34162e6a6\ehiUserXp.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\b37be197d70d359e864bfffcca28fdb9\ehiiTv.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\b538d9ee6bfc71d120550427ccbe9e9e\ehiExtens.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\ce8305e1973d5a65569d9757f5b59c29\ehiBmlDataCarousel.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\440bebddd70e03b2548635373ad2b666\ehiActivScp.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\a267870c9fce983dca1c454fbde4cc7e\ehExtHost.ni.exe
+ 2011-08-11 21:27 . 2011-08-11 21:27 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\3a7ccf1084f8a546e8f7e7eecf33045c\ehCIR.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\436b0b38f271b905950f054c548a5722\CustomMarshalers.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\1af89517b158d3a94c051dfbc4ae9769\ComSvcConfig.ni.exe
+ 2011-08-11 21:26 . 2011-08-11 21:26 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\61dd29a580f09716118ef51868ad9edd\BDATunePIA.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\41ccc24e8cc5f2474ce1105f0b8ebb78\WsatConfig.ni.exe
+ 2011-08-11 21:22 . 2011-08-11 21:22 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\37a3bc68532d8558311ccfe6e5290f9e\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f4664fc319683614862bfc2e9af285cc\WindowsLive.Writer.Controls.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\df8edcd18ebc84a73e95ade53cdb3251\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c16d4a7940b512c75845c9dccfd2f5fa\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b75f79c27907de7e7f75624e8ade0877\WindowsLive.Writer.Passport.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b5ac830a688324c6a5298ac219bfe089\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b487c1894726a433eee298c0f3feb344\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ac853830dcaa26f1530e49530833ea42\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a5f215f95158544448dad94b8c828365\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a1c12453e3b2a679dd4917367070c7cc\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9461d16c415bef24d73aa628181765ea\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\84c079442ff54fd25633f9f7a29a81c4\WindowsLive.Writer.Interop.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\849aeffc1289e2272f276b5f3b720171\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\19bd3a18d6b6328029988be9af2663f4\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0ee5e3379ea8b09e470f5d572c324716\WindowsLive.Writer.Localization.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 258560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\023212c083bc032f4e13895f47d099cc\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\80a7931462cfec6799c87cc475031ccb\WindowsLive.Client.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bb04320c07e3c71ac2d18cb382d97f41\WindowsFormsIntegration.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d63e6fb41aa502bf6724043e6ac1367f\UIAutomationClient.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\1c1f731e8684204f56f37cc66b5bc60d\TaskScheduler.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\b096bd83a66a8d1dcd761747730cc64c\System.Xml.Linq.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\efca1fd7e9df8e24c007cd003346e0e5\System.Web.Routing.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6c551bf6f7716b0f527f4274fb04cc2e\System.Web.Extensions.Design.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\03eda303152940cb2e78a0030cf572b5\System.Web.Entity.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\7b93fe55a51f2a6010365a17546170bc\System.Web.Entity.Design.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\979bf2cab91b5d50aef1525ca96ff690\System.Web.DynamicData.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\067516a8300bb5fdbddb38cb9f6c934e\System.Web.Abstractions.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\e16f381a978103ac92bf64b99716c857\System.Net.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\ac9fe083b4cf11aab834d6654cdeb429\System.Messaging.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b95b509ac74958a1d8568293c3dc43ba\System.Management.Instrumentation.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e083fdbcc88f5850290f2cf65ae1efae\System.IO.Log.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\736226563a7f564e4629e34d52b3d6c6\System.IdentityModel.Selectors.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1f6d55f401cfe7041f9fd3b4aebffa9b\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0896f955eb175a4e0bfff73b94f57619\System.Data.Services.Design.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\8f130b77f8f47e23cd748679173bdf33\System.Data.Entity.Design.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ad3f6eae36ce486187311de6836b4904\System.Data.DataSetExtensions.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fc5edc97ac59d0d0d45bb9b623b9927b\System.AddIn.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\88f0efe11487b846342fdee227f3da52\sysglobl.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4a33aa8911167af5fcba60f1b02ad45b\SMSvcHost.ni.exe
+ 2011-08-11 21:23 . 2011-08-11 21:23 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\b907dd027bbe99c5035b1d6355f83998\SMDiagnostics.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\96f4e4b87e625a1c36e4de2efb6f7dcc\napsnap.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\a4e2648f8b4962f4c9660b2085290b06\napinit.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\8fcb3f856afb930c5add8498cadb4d13\naphlpr.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\46d3794a4a440f22cff17197648f6887\MSBuild.ni.exe
+ 2011-08-11 21:23 . 2011-08-11 21:23 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\71b549afed40761f8be9075ca9ad8dd7\MMCFxCommon.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\fd457e872296300765fa1a6d96a6683c\Microsoft.WSMan.Management.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\b96b80f166196dc0e148c73dc8452d25\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f5b347719df9fa791416713aa0fd342f\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\bebf12cadd8b4fbd9c8135405c64794b\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b3b22c86860de1de178e294bc4bd534d\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\512a72ebad1bd44687d8134cd46e1a5c\Microsoft.PowerShell.Security.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1e510aa4de5a90cd44ee2443ae45e097\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\9658825555dc2c9af1a8ce12e6da2cd7\Microsoft.ManagementConsole.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c52f2b0958be337e88f37a141e18be78\Microsoft.Build.Utilities.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\3f194ebe9a0c1e0903b32f663cb53556\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e62aa0d898b65d0d831c11b4f56c0785\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\78fb000aaaba73f34dfa9028b7caef8c\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\fe969316614223634cba1c5544f4e3dd\mcstoredb.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\31231127c783eddf25c3d21761e1a15c\EventViewer.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\aceba77dc2230519296726c4a1ce9518\ehRecObj.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\85464949c28a523e3b6cf24679a9776c\ehiVidCtl.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\2ddabd185f08f72237aaa70edaffa6cc\ehiProxy.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\536082f3ff1f0f6fcd7bd58878098071\ehiExtens.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\42621a148e3691a5a992816cb49bee0a\ehExtHost32.ni.exe
+ 2011-08-11 21:23 . 2011-08-11 21:23 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d17a5e7b3e9c6ea0f5c66093771b35eb\CustomMarshalers.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a28cd0923e6ff03f952950eb713f03b3\ComSvcConfig.ni.exe
+ 2011-08-11 21:22 . 2011-08-11 21:22 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\482f9bd79c20ab87b6fa0fa2737d6aa3\BDATunePIA.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 5176320 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\5202133e255ce05947b8afe895e3f76f\WindowsBase.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\a9bf6deb79fd9d2b2541a950ab75a70f\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 7038976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\1ac4e05bc3b2813ddadb59ba9f0fd961\System.Xml.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 2447360 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\37ecfcc3de7bdc36ba1c3dfb7ee6a6d5\System.Xaml.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 5627392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\66beb5e0938298c2812c188925644c94\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 2222592 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\3b31367a53da33699ed7f053f1157593\System.Web.Services.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 2733568 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\23e8fddabb602c3efb1e0a66f37fab2f\System.Speech.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 1561600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\713b393e8d7075bd1a3683f9e6f6b268\System.ServiceModel.Discovery.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 1904640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\49d303c42b9b694447a3ba6e2a1548cf\System.ServiceModel.Activities.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 3404288 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\6c1acbeb3e61475007b5d20745cad8e8\System.Runtime.Serialization.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 1346560 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\12d17462d5e3ba196e299bb0f1f0b20d\System.Runtime.DurableInstancing.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 1422336 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\ed79f8685b97f5520a3169860c8df9f8\System.Printing.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\58696f56812c7ea9dc5fde8baa3a4b2a\System.Management.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\ad8f2f562edccb394180c80e54ddfb21\System.IdentityModel.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 1096704 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\df0ac9043e9b88bcafa5b378994d8365\System.EnterpriseServices.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 2290688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\058e1143c689861be149cf7c1fcf597a\System.Drawing.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\eb5e94ddc12db438063a90394e46f070\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 1622016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\0cf67c3a77fd159d0af43d16663b1a65\System.DirectoryServices.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 2400256 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\39ccef129f4a96c17b6406678d53c87b\System.Deployment.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 8580608 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\fc45ad58e3a025051ededa0efbae404f\System.Data.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 3386880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\ed5027c747ed64957ac313befd47e345\System.Data.SqlXml.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 1791488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\c6f24f3171576104e80b12c4f4254ed2\System.Data.Services.Client.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 3380736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\5f31190f3c1a0ec0518782618b804517\System.Data.Linq.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 1255424 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\fcf22c02eb60f8d045daa4386bb604f3\System.Configuration.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 1002496 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\6f848e806caa9545c09866dd0950d853\System.ComponentModel.Composition.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 5680640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\c073f492e366b50d599e8f1447579946\System.Activities.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 4887040 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\6f2faf3f19358776373922b510603a8f\System.Activities.Presentation.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 2005504 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\9a2609f428f731670b3a730cb3f88dd4\System.Activities.Core.Presentation.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 4127232 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\dbe098606014df542c37b96962fd8717\ReachFramework.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 2032128 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\00416e9efbc68509f113692996b45e75\PresentationUI.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 2314752 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\d83a6fc3a6bd96beaa9845201290f292\Microsoft.VisualBasic.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\c386ff5a7c5bfa6b1dfdc6f53119b3a6\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 1843200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\36347f2a750bf1af184da9b6783a376c\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 1510400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\e174701b531de21d8a96ea8ea5975000\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 3312128 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\9f986e23b6ecb48281324d51fdb6e799\Microsoft.JScript.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 2009088 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\5046c55b7feb9c9156d18fe1d4735480\Microsoft.CSharp.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 1057792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\0ee6dd0ea68bd0023fb12d34d546b7f0\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 1781760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\75d40b8702403e19cf947062557b1926\System.Xaml.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\f15a4db46f1a2e2b99a6b2519612b358\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 1859584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\9d179c77332e8fd8baf44237c976e137\System.Web.Services.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 2011136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\26d93f247c686ef1197e59b7dc9aeed6\System.Speech.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 1128960 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c45d1f357899d55a35a01e11c5e5884d\System.ServiceModel.Discovery.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 1387520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8b1292c50fb6f1f67a10f133f64964ec\System.ServiceModel.Activities.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 2637312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\697592d7a5139fd0179ae172dd4f3a61\System.Runtime.Serialization.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 1020928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\fd3b1de061baa139b6f863ddd951e06b\System.Runtime.DurableInstancing.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 1050112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\282371fbeea0c16b8d75577441fc7136\System.Printing.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\91f218d93a5679fae72c784290bdfe78\System.Management.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 1072128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\3679b662f2daf3bb39cef3521473c93e\System.IdentityModel.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\5e49964d0ae8f1d04a4a960bd4744ae1\System.DirectoryServices.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 1878016 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\567d29bc3199874f4e5195ddfdff9cdc\System.Deployment.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 1338880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\bb4d9c8d8243562c8a6c5c089f10c787\System.Data.Services.Client.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 4121088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\2b771107fbaeebff1d4a0c1d47b40315\System.Activities.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 3713024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\d95c4d0024643b5700b5ab5317fcc162\System.Activities.Presentation.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 1518080 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\4c62d936587f507d63211abc0cb7e897\System.Activities.Core.Presentation.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 2859008 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\a08b36fee10fd35b8428aba33ce4ee5b\ReachFramework.ni.dll
+ 2011-08-11 21:25 . 2011-08-11 21:25 1630208 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\409eefb3a1406ea2bc3f603758e985c1\PresentationUI.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\60684c3c50a42aa363793812de5fc62f\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\42ac4445fab5ce709d395af714d93ef3\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1836544 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\12a104a71f1269dd86e388abc981ad39\Microsoft.VisualBasic.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1082368 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9bbc95193a8dc77903fdbbb756f8dfb3\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\1eeab4edcdfa06150049465854aa6355\Microsoft.JScript.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\b8bf364f0522a662055f670bf4e86c8f\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\394711b95ef17f6a7314eca2aba756e7\System.WorkflowServices.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\fe69339f03e5b94b558c688512246a5e\System.Web.Mobile.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\b513632337cadf6b2a8f8b6975c7d96f\System.Web.Extensions.Design.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 3042304 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\9c1f2e29f7b5f1d398405640ef4b1c7c\System.Web.Extensions.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\31bbf607c61e3b9aeced14cb984ea9f6\System.Speech.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\667a561422e2ccf10daef0a5dc6c8043\System.ServiceModel.Web.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\50faf7f472bfc6d562696341df45b3c9\System.Runtime.Serialization.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\36723de72c78b2791de226253580f107\System.Management.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\df0cb96e6d087500c9210b33be2c91c9\System.IdentityModel.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\11a932eb07432edfc6f9de22753337ba\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\f7483e84119e0be9074377e731ffbe0c\System.Data.Services.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\16932309d9a552f362c85ac0adfe1607\System.Data.Services.Client.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\82b491f0b4a55a29d4de0e7648a43707\System.Data.Linq.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\22600cdf0f670e44b03b243af68cd76d\System.Data.Entity.Design.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\5f7c48b31971fee1af48dd20c7dd7033\System.Core.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\ff71ee8681938634786fac49359c8b15\PresentationBuildTasks.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\2f9ac667c184e068523d6047153f2d91\Narrator.ni.exe
+ 2011-08-11 21:29 . 2011-08-11 21:29 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\92414dfe464e98f09057245b6dd04d05\MMCEx.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\c66470a9076fc188a35ec7643aa1ee2e\MIGUIControls.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\4b85c3384fdda12490074283615d4723\Microsoft.VisualBasic.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\deae3fdab784ca275290c02a3288a33d\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f1cc6b5a2520e6b946198cd51498dff9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b1d791e971f5c23b5ab0bf61bcfe60a0\Microsoft.PowerShell.Editor.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\42c4e6bd35af9d592663de61cb8c8108\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\332067cce1149bb2008d5af79ef8024d\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\fc417f7e196b7d7d5e717cb892f16144\Microsoft.MediaCenter.UI.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ce834b9729a66c3ef9ec5c4350e6ab59\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cc0f76a8214ddc88b56c6c14146c2555\Microsoft.MediaCenter.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8f1d674c4309a0c29fb708ba7a5e54c4\Microsoft.MediaCenter.Shell.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\52e7f067d8a3358baeb77ac8cd988c0e\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\95184c861c38e940aeadc4276a8596e6\Microsoft.JScript.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\0e8c24abc2dbbafc9519f64571a39433\Microsoft.Ink.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\638f3afd3c310ed7d048e60cc1daf57e\Microsoft.Build.Tasks.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\58e96fd5359c0f3d6ed8f350ff721f87\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\f2ae54183322e3710c0344c44fd512d8\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\37c906e0ea6325e55c1f222aa4a5462b\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\c0018e4aaaa7eebb4fadaf5220854fe8\mcstore.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\0d18e8a503ef9e5bc676d89c7d508d7f\mcepg.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\864ef3de707640f5a889efc4425e5c40\ehiVidCtl.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\60b7bccb6de4c8d42f2eaf1d0e7a9216\ehiProxy.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 3419648 c:\windows\assembly\NativeImages_v2.0.50727_64\DellDock\eb520e15e0f295fc0a98b912455063a6\DellDock.ni.exe
+ 2011-08-11 21:22 . 2011-08-11 21:22 1105408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ea51abf5e3f980962409e7889672bf24\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 2018304 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\133341b7f21cee98711024a2e58f026f\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-11 21:22 . 2011-08-11 21:22 6394368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\07646cb4dd5b6c57179bba539808b02f\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\92104881c09380b6b86ec656e8c502f6\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a6409b4be5018e5cbad7ef197d4237e1\System.WorkflowServices.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4de6ad3bad2dc4fbbbd33b16b1a7b219\System.Web.Mobile.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\871d3f0cc83d73a106151257ee74a4aa\System.Web.Extensions.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2c7c32228442440e4c23f772fd64b24b\System.Speech.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0139ae05cabaf2ac25cc85279e187e0a\System.ServiceModel.Web.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e285e2af5e0e8ac7d91936b2cb18542f\System.Runtime.Serialization.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f2b1857a7db371f0417a84e8ca25f450\System.Management.Automation.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\5ab23d203c8bfade7160ea915719c730\System.IdentityModel.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\702efea190a39de2bacb81cbaf32de99\System.Data.Services.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3da17a7980d13fae329f2c3a77797b08\System.Data.Services.Client.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1992ecfb8eb3318820e3d28df55bee6a\System.Data.Linq.ni.dll
+ 2011-08-11 21:24 . 2011-08-11 21:24 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\301160f0d81368efb2f79e9b714ec505\System.Data.Entity.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c16377318357fb4fcda87c1015815a76\PresentationBuildTasks.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\ca760a3cb6cabbdf11c1aa42e5b79ee9\Narrator.ni.exe
+ 2011-08-11 21:23 . 2011-08-11 21:23 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\97051ca60f5e2ea7927adebcb2af9097\MMCEx.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\40f947b2a4ecb8ba656104c3f77bb79b\MIGUIControls.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\47a4b624c147aae197214d4ee5f0661b\Microsoft.VisualBasic.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\0d7a48003dd32151b3518b3ee7f13350\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\79af41ccc6bdc25ede7b249ae32f0101\Microsoft.PowerShell.Editor.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\348ff55789cc23b72b19036f01903b63\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\21f675cbc3d058e68f7f6371644da25f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ffec5408d56ba9fb311518d6ec521691\Microsoft.MediaCenter.UI.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\81359c52225ae557ddf7dbdf3c0bf048\Microsoft.MediaCenter.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\35138a36b7d07f4d37adf96745ef80cb\Microsoft.JScript.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\9c17eb4bfbca7719a4f10bbd3473d07d\Microsoft.Ink.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4b45a3a1f24d0d773f9f8fb2d8ce8164\Microsoft.Build.Tasks.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\01de5c2808a0c30578614dae24c5d591\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\db9750e8aae34d7bd25b76564f2cebd5\Microsoft.Build.Engine.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\9004890e93911c7612aa5f218c474618\mcstore.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\e0683c0b9e68c44011a1f4b70b85239f\mcepg.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 17288192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e0091eb98fa841649b6fad17bb0e7262\System.Windows.Forms.ni.dll
+ 2011-08-11 21:34 . 2011-08-11 21:34 24483840 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\a73197785f07721fd89b02713b6f0b86\System.ServiceModel.ni.dll
+ 2011-08-11 21:33 . 2011-08-11 21:33 18434048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\fe4d47d9ba672ae77c737bb7ad518324\System.Data.Entity.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 10422272 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\4ef06cf2c3950f4d4b9037b841c05914\System.Core.ni.dll
+ 2011-08-11 21:32 . 2011-08-11 21:32 23242240 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\9b38883339d48793df2b27d247e73971\PresentationFramework.ni.dll
+ 2011-08-11 21:31 . 2011-08-11 21:31 15102976 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\7b4a4ec0cae68a2c165b0a73be99105d\PresentationCore.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 17996800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\18d8c49bf080b7e4f0614e01ad090954\System.ServiceModel.ni.dll
+ 2011-08-11 21:26 . 2011-08-11 21:26 13325312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\dd205d6f7dd50a72002b928202ca3818\System.Data.Entity.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\962330ba0685ac1176b611bc052d0ca7\System.ServiceModel.ni.dll
+ 2011-08-11 21:29 . 2011-08-11 21:29 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\34d1eab899a35bb7a0075c0b0b3d5938\System.Management.Automation.ni.dll
+ 2011-08-11 21:30 . 2011-08-11 21:30 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\7bf5c7476d8c8255a30a4cda0c9f43be\System.Data.Entity.ni.dll
+ 2011-08-11 21:27 . 2011-08-11 21:27 22171136 c:\windows\assembly\NativeImages_v2.0.50727_64\MenuSkinning\283d7c1c96c55091c1f205e1be8a89bb\MenuSkinning.ni.dll
+ 2011-08-11 21:28 . 2011-08-11 21:28 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\857d393b4e25062d5ba400f3422b74e6\ehshell.ni.dll
+ 2011-08-11 21:23 . 2011-08-11 21:23 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\052fc9c848a7f4630980ae0fd7a282e0\System.ServiceModel.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{85C1DD6E-1181-41F2-9AB2-79D5F46F491B}"= "c:\program files (x86)\La barre d'outils AIR MILES\Helper.dll" [2010-02-04 242688]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{85c1dd6e-1181-41f2-9ab2-79d5f46f491b}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{CAFC26B8-CDE3-4BD8-A1B8-C3FD28BD3A57}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 17:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
2010-02-04 22:40 1445888 ----a-w- c:\program files (x86)\La barre d'outils AIR MILES\Toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-10-18 17:26 3908192 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{DC7A75BF-581D-4675-BDCB-D1B35116EB49}"= "c:\program files (x86)\La barre d'outils AIR MILES\Toolbar.dll" [2010-02-04 1445888]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{dc7a75bf-581d-4675-bdcb-d1b35116eb49}]
[HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{2BA36896-D5E2-425B-85E8-F664D1EA6896}]
[HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTProAgent.exe" [2009-12-18 427328]
"WindowsLivePhone"="c:\program files (x86)\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2010-09-16 2969496]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-19 98304]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-09-15 140520]
"WMP110"="c:\program files (x86)\Linksys\WMP110\WMP110.exe" [2008-08-14 995328]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"WindowsLivePhone"="c:\program files (x86)\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-09-28 560128]
.
c:\users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100429.001\BHDrvx64.sys [2010-04-29 678448]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1106000.020\Ironx64.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 135664]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 135664]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1106000.020\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1106000.020\SYMEFA64.SYS [x]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAVx64\1106000.020\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100505.001\IDSvia64.sys [2009-10-28 466992]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NAVx64\1106000.020\SYMTDIV.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe [2010-02-25 126392]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 20:51]
.
2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 20:51]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-23 7833120]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [BU]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ca/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
Trusted Zone: fileplanet.com\www
TCP: DhcpNameServer = 24.201.245.77 24.200.241.37 24.200.243.189
FF - ProfilePath - c:\users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\ar7souvy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: network.proxy.type - 1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{DC7A75BF-581D-4675-BDCB-D1B35116EB49} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\17.6.0.32\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2011-08-15 15:29:47 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-15 19:29
ComboFix2.txt 2011-08-11 20:37
ComboFix3.txt 2011-08-06 23:12
.
Pre-Run: 1,005,504,851,968 bytes free
Post-Run: 1,005,297,594,368 bytes free
.
- - End Of File - - 0F634A4E20F78E9BDA4E82E886F867F1
  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Well not even combofix can find this file.. Could you fully uninstall Spybot, reinstall and see if it still finds it
  • 0

#21
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
It still finds it.
  • 0

#22
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
this is what the spytbot results say :
(SBI $2F4068FC) Library
c:\Windows\System32\esentprfw.dll

Kind : TrojansC-02
  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
This does not make sense as none of my other tools can find it, and if it was there they would

OK lets use the real big hammer :)

1. Please download The Avenger by Swandog46 to your Desktop.

  • Right click on the Avenger.zip folder and select "Extract All..."
  • Follow the prompts and extract the avenger folder to your desktop

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Begin copying here:
Files to delete:
c:\windows\System32\esentprfw.dll

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, open the avenger folder and start The Avenger program by clicking on its icon.
  • Right click on the window under Input script here:, and select Paste.
  • You can also click on this window and press (Ctrl+V) to paste the contents of the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please copy/paste the content of c:\avenger.txt into your reply
  • 0

#24
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I downloaded avenger on my desktop as you said. it was a zip file. i opened it, pasted the text you told me to, followed the steps to the reboot. after the single reboot it did, there is no avenger in my C and no log avenger anywhere. To make sure, i searched with keyword "avenger" throughout my computer.

Edited by xdionne87, 15 August 2011 - 03:42 PM.

  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you re-run the fix please but this time extract and right click the Avenger programme and select run as administrator
  • 0

Advertisements


#26
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
It still doesn't produce a log when rebooting.
  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets do one further run with combofix to see if it can find it - by the way Spybot is reporting the wrong location

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\windows\Pvahaa.exe
c:\windows\SysWow64\esentprfw.dll


Save this as CFScript.txt, in the same location as ComboFix.exe
Posted Image

Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • 0

#28
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ComboFix 11-08-16.04 - Xavier 16/08/2011 15:34:49.4.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.6135.4435 [GMT -4:00]
Running from: c:\users\Xavier\patentes\ComboFix.exe
Command switches used :: c:\users\Xavier\patentes\CFScript.txt
AV: Norton AntiVirus *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Norton AntiVirus *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Pvahaa.exe"
"c:\windows\SysWow64\esentprfw.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Pvahaa.exe
c:\windows\SysWow64\esentprfw.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-07-16 to 2011-08-16 )))))))))))))))))))))))))))))))
.
.
2011-08-16 19:39 . 2011-08-16 19:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-16 18:54 . 2011-08-16 18:54 61440 ----a-w- c:\windows\SysWow64\drivers\xfzt.sys
2011-08-16 18:50 . 2011-08-16 18:50 61440 ----a-w- c:\windows\SysWow64\drivers\rdenmqg.sys
2011-08-15 21:31 . 2011-08-15 21:31 61440 ----a-w- c:\windows\SysWow64\drivers\xcbwk.sys
2011-08-06 23:39 . 2011-08-06 23:39 -------- d-----w- C:\_OTL
2011-08-06 19:54 . 2011-08-06 19:54 -------- d-----w- C:\VundoFix Backups
2011-08-03 22:15 . 2011-08-03 22:15 -------- d-----w- c:\users\Xavier\AppData\Local\Mozilla
2011-07-31 20:25 . 2011-08-15 23:47 -------- d-----w- c:\users\Xavier\riotsGamesLogs
2011-07-30 15:52 . 2011-07-30 15:52 -------- d-----w- c:\windows\Sun
2011-07-29 15:25 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE350E56-B5A7-435E-A6CF-810F453A206B}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 04:26 . 2011-08-10 19:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-15 17:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-15 17:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-29 19:21 . 2011-06-29 19:21 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-11 03:07 . 2011-07-13 21:31 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-05-24 23:14 . 2010-01-19 00:55 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-28 21:53 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-28 21:53 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-28 21:53 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-28 21:53 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-28 21:53 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2010-05-17 23:58 . 2010-05-17 23:58 299864 ----a-w- c:\program files\dxwebsetup.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-15_19.25.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-10 03:19 . 2011-08-16 18:57 54198 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-16 18:57 32614 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-19 01:10 . 2011-08-16 18:57 19426 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-422954752-2381727462-1605255963-1000_UserData.bin
- 2010-01-18 16:22 . 2011-08-15 18:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-18 16:22 . 2011-08-16 19:27 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-12 22:13 . 2011-08-15 18:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-08-12 22:13 . 2011-08-16 19:27 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-16 19:27 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-08-15 18:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-08-16 18:46 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-01-18 16:40 . 2011-08-15 19:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-18 16:40 . 2011-08-16 19:34 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-18 16:40 . 2011-08-16 19:34 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-18 16:40 . 2011-08-15 19:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-15 19:24 . 2011-08-15 19:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-08-16 19:40 . 2011-08-16 19:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-15 19:24 . 2011-08-15 19:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-16 19:40 . 2011-08-16 19:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:12 . 2011-08-12 23:05 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-08-16 19:01 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-08-16 19:39 429096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-08-15 19:23 429096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{85C1DD6E-1181-41F2-9AB2-79D5F46F491B}"= "c:\program files (x86)\La barre d'outils AIR MILES\Helper.dll" [2010-02-04 242688]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{85c1dd6e-1181-41f2-9ab2-79d5f46f491b}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{CAFC26B8-CDE3-4BD8-A1B8-C3FD28BD3A57}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 17:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
2010-02-04 22:40 1445888 ----a-w- c:\program files (x86)\La barre d'outils AIR MILES\Toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-10-18 17:26 3908192 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{DC7A75BF-581D-4675-BDCB-D1B35116EB49}"= "c:\program files (x86)\La barre d'outils AIR MILES\Toolbar.dll" [2010-02-04 1445888]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{dc7a75bf-581d-4675-bdcb-d1b35116eb49}]
[HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{2BA36896-D5E2-425B-85E8-F664D1EA6896}]
[HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTProAgent.exe" [2009-12-18 427328]
"WindowsLivePhone"="c:\program files (x86)\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2010-09-16 2969496]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-19 98304]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-09-15 140520]
"WMP110"="c:\program files (x86)\Linksys\WMP110\WMP110.exe" [2008-08-14 995328]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"WindowsLivePhone"="c:\program files (x86)\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-09-28 560128]
.
c:\users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100429.001\BHDrvx64.sys [2010-04-29 678448]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1106000.020\Ironx64.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 135664]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 135664]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1106000.020\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1106000.020\SYMEFA64.SYS [x]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAVx64\1106000.020\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100505.001\IDSvia64.sys [2009-10-28 466992]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NAVx64\1106000.020\SYMTDIV.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe [2010-02-25 126392]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 20:51]
.
2011-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-26 20:51]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-23 7833120]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [BU]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ca/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
Trusted Zone: fileplanet.com\www
TCP: DhcpNameServer = 24.201.245.77 24.200.241.37 24.200.243.189
FF - ProfilePath - c:\users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\ar7souvy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: network.proxy.type - 1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{DC7A75BF-581D-4675-BDCB-D1B35116EB49} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\17.6.0.32\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe
.
**************************************************************************
.
Completion time: 2011-08-16 15:45:25 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-16 19:45
ComboFix2.txt 2011-08-15 19:29
ComboFix3.txt 2011-08-11 20:37
ComboFix4.txt 2011-08-06 23:12
.
Pre-Run: 1,004,418,531,328 bytes free
Post-Run: 1,004,416,118,784 bytes free
.
- - End Of File - - 6B79315D3FB9740D8F7BE829E7AD87CC
  • 0

#29
xdionne87

xdionne87

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
virtumonde now doesn't appear in the spybot "log" at the end, but i did it see at the bottom of the screen while it was scanning through the computer.
  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
There is something a tad iffy occuring here, I will run Comobfix one more time and if it does not clear it I will use something bigger

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\windows\SysWow64\drivers\xfzt.sys
c:\windows\SysWow64\drivers\rdenmqg.sys
c:\windows\SysWow64\drivers\xcbwk.sys
c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe

Driver::
SessionLauncher

Save this as CFScript.txt, in the same location as ComboFix.exe
Posted Image

Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP