Hijackthis.log --- Google search redirect scour and other sites

Gringo was assisting me and unfortunately I went on vacation therefore was unable to keep up with my previous thread. I copied the text to here and also will be running the many tools that Gringo asked me to run.

I am constantly getting a redirect from google to scour.com and then to other sites. I ran many malware bytes, avg, superantispyware, ad-avert, cc cleaner, and another tool but i forgot the name.

Can someone assist with reviewing my log?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:46 PM, on 6/3/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://blekkosearch.mystart.com/blekkotb_soc/?source=a545ea26&toolbarid=blekkotb_soc&u=9B5FD1D9EFBD709AA6EF214FCBFFB4E4&tbp=homepage&v=2_0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: CrossriderApp0003491 - {11111111-1111-1111-1111-110011341191} - C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Blekko search bar - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Blekko search bar - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
O4 - HKLM\..\Run: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Neil XXXXXX\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://webvpn-be02.jpmorganchase.com/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DDNIMSGService - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
O23 - Service: DDNIService - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
(file missing)

COMBOFIX Log


ComboFix 12-06-03.05 - Neil XXXXXX 06/03/2012 22:05:03.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4091.2642 [GMT -4:00]
Running from: c:\users\Neil XXXXXX\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Neil XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\searchplugins\bing-zugo.xml
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\devil.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-05-04 to 2012-06-04 )))))))))))))))))))))))))))))))
.
.
2012-06-04 02:11 . 2012-06-04 02:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-04 00:23 . 2012-06-04 00:23 -------- d-----w- c:\program files (x86)\Vid-Saver
2012-06-04 00:23 . 2012-06-04 00:23 -------- d-----w- c:\users\Neil XXXXXX\AppData\Local\Vid-Saver
2012-06-04 00:22 . 2012-06-04 01:39 -------- d-----w- c:\programdata\blekko toolbars
2012-06-04 00:02 . 2012-06-04 00:02 388096 ----a-r- c:\users\Neil XXXXX\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-04 00:02 . 2012-06-04 00:02 -------- d-----w- c:\program files (x86)\Trend Micro
2012-06-03 23:31 . 2012-06-03 23:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-03 23:31 . 2012-06-03 23:31 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-06-03 23:31 . 2012-06-03 23:31 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-06-03 23:31 . 2012-06-03 23:31 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-06-03 23:31 . 2012-06-03 23:31 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-06-03 22:51 . 2012-06-03 22:51 -------- d-----w- c:\programdata\GFI Software
2012-06-03 21:43 . 2012-06-03 21:43 -------- d-----w- c:\program files\CCleaner
2012-06-03 21:04 . 2012-06-03 21:09 -------- d-----w- c:\users\Neil XXXXX\AppData\Local\adaware
2012-06-03 21:04 . 2012-06-03 21:04 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-05-16 02:05 . 2012-05-16 02:05 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-16 01:11 . 2012-05-16 02:05 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-15 03:26 . 2012-05-15 03:27 -------- d-----w- c:\users\Neil XXXXX\Excel Essentials
2012-05-15 03:23 . 2012-05-15 03:23 -------- d-----w- c:\program files (x86)\WINARCHIVER
2012-05-15 03:17 . 2012-05-15 03:17 -------- d-----w- c:\program files (x86)\MagicISO
2012-05-14 01:35 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-14 01:35 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-14 01:35 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-14 01:35 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-14 01:35 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-14 01:35 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-14 01:34 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-14 01:34 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-14 01:34 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-14 01:34 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-14 01:34 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-14 01:34 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-14 01:34 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-16 02:05 . 2011-06-26 10:50 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 01:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-04-04 01:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-04-02 00:14 . 2011-03-28 22:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-03-08 22:50 . 2012-03-08 22:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 22:40 . 2012-04-02 00:14 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-03-08 22:37 . 2012-03-08 22:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-01-28 05:39 . 2012-01-28 05:39 378 ----a-w- c:\program files (x86)\temp995.bat
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil XXXXX\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil XXXXX\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil XXXXX\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-07-29 5464448]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"IdeaNotesUser"="c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe" [2009-08-24 221872]
"OnekeyDM"="c:\program files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe" [2009-03-27 468480]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2009-11-22 3122440]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Lenovo SlideNav"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe" [2009-08-19 839680]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"AmazonGSDownloaderTray"="c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
c:\users\Neil XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-3-22 1014112]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 257696]
R3 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-25 544768]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-03 129976]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 funfrm;funfrm; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 DDNIMSGService;DDNIMSGService;c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-01-21 172720]
S2 DDNIService;DDNIService;c:\program files (x86)\DDNI\DIBS\DDNIService.exe [2010-03-04 160432]
S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 78002120
*Deregistered* - 78002120
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 02:05]
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004Core.job
- c:\users\Neil XXXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004UA.job
- c:\users\Neil XXXXX\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil XXXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil XXXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil XXXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil XXXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-11-22 10:58 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-08-26 4366192]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-06-01 2342800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-07 16416360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://blekkosearch.mystart.com/blekkotb_soc/?source=a545ea26&toolbarid=blekkotb_soc&u=9B5FD1D9EFBD709AA6EF214FCBFFB4E4&tbp=homepage&v=2_0
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.live.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save Flash - c:\program files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Neil XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-03 22:15:38
ComboFix-quarantined-files.txt 2012-06-04 02:15
.
Pre-Run: 169,697,865,728 bytes free
Post-Run: 169,593,024,512 bytes free
.
- - End Of File - - DFD4B11BDA9EE207F6726184EAAD85ED

I ran Defroger and it disabled the CD emulation drivers.

I ran security check and here is the log:

Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
AVG PC Tuneup 2011
Java™ 6 Update 29
Java version out of date!
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox (12.0)
Google Chrome 19.0.1084.46
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Neil XXXXX at 18:03:08 on 2012-06-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4091.2462 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\windows\system32\conhost.exe
C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarDriverAdapter_550vista.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\BitTorrent\bittorrent.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Neil XXXXX\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Neil XXXXX\Downloads\SecurityCheck.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Program Files (x86)\AVG\AVG2012\avgui.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = hxxp://lenovo.live.com/
uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [MDS_Menu] "C:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
mRun: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
mRun: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
StartupFolder: C:\Users\NEILRA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\NEILRA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-explorer: NoFileAssociate = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save Flash - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://webvpn-be02.jpmorganchase.com/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA}\34F657274797162746 : DhcpNameServer = 10.24.32.1
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA}\5435F5E45677D27657563747 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA}\84F6D65626163756 : DhcpNameServer = 209.143.0.10 66.209.140.124 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO-X64: BitTorrentBar - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
mRun-x64: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
mRun-x64: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
mRun-x64: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun-x64: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun-x64: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
mRun-x64: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Neil XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Neil XXXXX\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Neil XXXXX\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\Neil XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Neil XXXXX\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Neil XXXXX\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\system32\C2MP\npdivx32.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx64.sys --> C:\windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx64.sys --> C:\windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\system32\DRIVERS\avgmfx64.sys --> C:\windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?]
R1 ctxusbm;Citrix USB Monitor Driver;C:\windows\system32\DRIVERS\ctxusbm.sys --> C:\windows\system32\DRIVERS\ctxusbm.sys [?]
R1 funfrm;funfrm;C:\windows\system32\drivers\funfrm.sys --> C:\windows\system32\drivers\funfrm.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-7-18 146816]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 DDNIMSGService;DDNIMSGService;C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-1-21 172720]
R2 DDNIService;DDNIService;C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe [2010-3-4 160432]
R2 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 enecir;ENE CIR Receiver;C:\windows\system32\DRIVERS\enecir.sys --> C:\windows\system32\DRIVERS\enecir.sys [?]
R3 enecirhid;ENE CIR HID Receiver;C:\windows\system32\DRIVERS\enecirhid.sys --> C:\windows\system32\DRIVERS\enecirhid.sys [?]
R3 enecirhidma;ENE CIR HIDmini Filter;C:\windows\system32\DRIVERS\enecirhidma.sys --> C:\windows\system32\DRIVERS\enecirhidma.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]
R3 wdmirror;wdmirror;C:\windows\system32\DRIVERS\WDMirror.sys --> C:\windows\system32\DRIVERS\WDMirror.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-24 136176]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-15 257696]
S3 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2010-4-6 401920]
S3 Bridge0;Bridge0;C:\windows\system32\drivers\WDBridge.sys --> C:\windows\system32\drivers\WDBridge.sys [?]
S3 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [2010-9-4 544768]
S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-24 136176]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-11-22 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-22 472328]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-3 129976]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-06-11 21:45:21 -------- d-----w- C:\Users\Neil XXXXX\AppData\Local\CRE
2012-06-11 21:45:18 -------- d-----w- C:\Program Files (x86)\Conduit
2012-06-11 21:45:16 -------- d-----w- C:\Users\Neil XXXXX\AppData\Local\Conduit
2012-06-11 21:45:15 -------- d-----w- C:\Program Files (x86)\BitTorrentBar
2012-06-05 01:12:47 -------- d-sh--w- C:\$RECYCLE.BIN
2012-06-04 02:03:06 98816 ----a-w- C:\windows\sed.exe
2012-06-04 02:03:06 518144 ----a-w- C:\windows\SWREG.exe
2012-06-04 02:03:06 256000 ----a-w- C:\windows\PEV.exe
2012-06-04 02:03:06 208896 ----a-w- C:\windows\MBR.exe
2012-06-04 00:23:01 -------- d-----w- C:\Users\Neil XXXXX\AppData\Local\Vid-Saver
2012-06-04 00:23:01 -------- d-----w- C:\Program Files (x86)\Vid-Saver
2012-06-04 00:22:37 -------- d-----w- C:\ProgramData\blekko toolbars
2012-06-04 00:02:02 388096 ----a-r- C:\Users\Neil XXXXX\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-04 00:02:01 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-06-03 23:31:13 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-03 23:31:10 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-06-03 23:31:10 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-06-03 23:31:10 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-06-03 23:31:10 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-06-03 22:51:17 -------- d-----w- C:\ProgramData\GFI Software
2012-06-03 21:43:38 -------- d-----w- C:\Program Files\CCleaner
2012-06-03 21:04:15 -------- d-----w- C:\Users\Neil XXXXX\AppData\Local\adaware
2012-06-03 21:04:12 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2012-05-16 02:05:15 8744608 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-16 01:11:50 419488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-05-15 03:26:06 -------- d-----w- C:\Users\Neil XXXXX\Excel Essentials
2012-05-15 03:23:39 -------- d-----w- C:\Program Files (x86)\WINARCHIVER
2012-05-15 03:17:51 -------- d-----w- C:\Program Files (x86)\MagicISO
2012-05-14 01:35:06 1544704 ----a-w- C:\windows\System32\DWrite.dll
2012-05-14 01:35:05 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-05-14 01:35:04 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-05-14 01:35:03 3146240 ----a-w- C:\windows\System32\win32k.sys
2012-05-14 01:35:01 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-05-14 01:35:01 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-05-14 01:34:19 75120 ----a-w- C:\windows\System32\drivers\partmgr.sys
2012-05-14 01:34:05 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-05-14 01:34:03 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-14 01:34:03 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-14 01:34:02 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-14 01:34:02 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-14 01:34:02 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
.
==================== Find3M ====================
.
2012-05-16 02:05:19 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 01:53:18 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2012-04-04 01:53:17 175616 ----a-w- C:\windows\System32\msclmd.dll
2012-01-28 05:39:28 378 ----a-w- C:\Program Files (x86)\temp995.bat
.
============= FINISH: 18:03:33.28 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/30/2009 7:00:44 PM
System Uptime: 6/11/2012 5:38:40 PM (1 hours ago)
.
Motherboard: LENOVO | | KIWB1
Processor: Intel® Core™2 Duo CPU P8700 @ 2.53GHz | U2E1 | 2534/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 253 GiB total, 156.323 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 29.226 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&2503BC79&0&1
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&2503BC79&0&1
Service:
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&35150C36&0&2
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&35150C36&0&2
Service:
.
==== System Restore Points ===================
.
RP236: 6/1/2012 7:53:31 PM - Scheduled Checkpoint
RP237: 6/3/2012 8:01:27 PM - Installed HiJackThis
RP238: 6/6/2012 9:42:27 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Ad-Aware
Ad-Aware Browsing Protection
Ad-Aware Email Scanner for Outlook
Adobe AIR
Adobe Reader X (10.1.3)
Advanced Audio FX Engine
Amazon Games & Software Downloader
Apple Application Support
Apple Software Update
Ashampoo WinOptimizer 6.60
Audacity 2.0
AVG PC Tuneup 2011
BitTorrent
BitTorrentBar Toolbar
Business Contact Manager for Outlook 2007 SP2
Cisco Connect
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
D3DX10
Dell Webcam Central
DIBS
Dropbox
EasyCapture
Energy Management
Evernote v. 4.5.4
Facebook Plug-In
FileZilla Client 3.5.3
Flash Saving Plugin
FoxTab Video Player
Free RAR Extract Frog
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
H&R Block Deluxe + Efile + State 2009
H&R Block Ohio 2009
HiJackThis
Java Auto Updater
Java™ 6 Update 29
Juniper Networks Cache Cleaner 6.5.0
Juniper Networks Host Checker
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
Juniper Terminal Services Client
Junk Mail filter update
LAME v3.99.3 (for Windows)
Lenovo First Boot
Lenovo Idea Central
Lenovo Idea Notes
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
Lenovo SlideNav
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware
MediaShow
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Reader
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server System CLR Types
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Mobipocket Reader 6.2
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Notepad++
Onekey Theater
PDFZilla V1.2.9
Power2Go
PowerISO
QuickTime
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489)
StarCraft II
SWF Opener
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
VeriFace
Vid-Saver
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VoiceOver Kit
WinArchiver
Windows 7 Codec Pack 2.2.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
6/11/2012 5:40:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
6/11/2012 5:40:12 PM, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

• Please do not run any tools unless instructed to do so.
  
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
• Please do not attach logs or use code boxes, just copy and paste the text.
  
  • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
• Please read every post completely before doing anything.
  
  • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
• Please provide feedback about your experience as we go.
  
  • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

• Download Security Check by screen317 from here.
• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
• Log from Combofix
• let me know of any problems you may have had
  
• How is the computer doing now?

Gringo

Hello

48 Hour bump

It has been more than 48 hours since my last post.

• do you still need help with this?
• do you need more time?
• are you having problems following my instructions?
  
• if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

Hello

48 Hour bump

It has been more than 48 hours since my last post.

• do you still need help with this?
• do you need more time?
• are you having problems following my instructions?
  
• if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

Hi reviewing your messages.

Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
AVG PC Tuneup 2011
Java™ 6 Update 29
Java version out of date!
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox (12.0)
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````

ComboFix 12-06-16.02 - Neil noname 06/17/2012 8:41.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4091.2787 [GMT -4:00]
Running from: c:\users\Neil noname\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-05-17 to 2012-06-17 )))))))))))))))))))))))))))))))
.
.
2012-06-17 12:48 . 2012-06-17 12:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-14 18:58 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-11 21:45 . 2012-06-11 21:45 -------- d-----w- c:\users\Neil noname\AppData\Local\CRE
2012-06-11 21:45 . 2012-06-11 21:45 -------- d-----w- c:\program files (x86)\Conduit
2012-06-11 21:45 . 2012-06-11 21:45 -------- d-----w- c:\users\Neil noname\AppData\Local\Conduit
2012-06-11 21:45 . 2012-06-11 21:45 -------- d-----w- c:\program files (x86)\BitTorrentBar
2012-06-04 00:23 . 2012-06-04 00:23 -------- d-----w- c:\program files (x86)\Vid-Saver
2012-06-04 00:23 . 2012-06-04 00:23 -------- d-----w- c:\users\Neil noname\AppData\Local\Vid-Saver
2012-06-04 00:22 . 2012-06-04 01:39 -------- d-----w- c:\programdata\blekko toolbars
2012-06-04 00:02 . 2012-06-04 00:02 388096 ----a-r- c:\users\Neil noname\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-04 00:02 . 2012-06-04 00:02 -------- d-----w- c:\program files (x86)\Trend Micro
2012-06-03 23:31 . 2012-06-03 23:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-03 23:31 . 2012-06-03 23:31 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-06-03 23:31 . 2012-06-03 23:31 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-06-03 23:31 . 2012-06-03 23:31 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-06-03 23:31 . 2012-06-03 23:31 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-06-03 22:51 . 2012-06-03 22:51 -------- d-----w- c:\programdata\GFI Software
2012-06-03 21:43 . 2012-06-03 21:43 -------- d-----w- c:\program files\CCleaner
2012-06-03 21:04 . 2012-06-03 21:09 -------- d-----w- c:\users\Neil noname\AppData\Local\adaware
2012-06-03 21:04 . 2012-06-03 21:04 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-16 02:05 . 2012-05-16 01:11 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-16 02:05 . 2011-06-26 10:50 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-16 02:05 . 2012-05-16 02:05 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 01:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-04-04 01:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-04-02 00:14 . 2011-03-28 22:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-03-30 11:35 . 2012-05-14 01:34 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-01-28 05:39 . 2012-01-28 05:39 378 ----a-w- c:\program files (x86)\temp995.bat
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-04_02.13.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-14 21:25 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll
- 2012-04-13 02:53 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-06-14 21:25 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-06-14 21:25 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll
- 2012-04-13 02:53 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll
- 2009-07-14 04:54 . 2012-06-03 20:35 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-06-17 12:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-03 20:35 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-17 12:26 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-03 20:35 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-17 12:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-23 02:25 . 2012-06-17 12:52 68444 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-17 12:52 53254 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-03 03:04 . 2012-06-17 12:52 24106 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-141985954-1552009316-2749100623-1004_UserData.bin
+ 2012-06-14 21:25 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll
- 2012-04-13 02:53 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-06-14 21:25 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-06-14 21:25 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll
- 2012-04-13 02:53 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll
+ 2009-07-14 04:46 . 2012-06-17 12:27 93696 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2012-05-14 10:41 . 2012-05-14 10:41 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-12-09 23:05 . 2012-06-14 21:36 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-06-17 12:46 . 2012-06-17 12:46 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\6f2890f46db84bc57f09b9e898dcc0e2\WindowsLiveWriter.ni.exe
+ 2012-06-17 12:46 . 2012-06-17 12:46 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\d246780b91fd9f6393e85fb13bde94a6\stdole.ni.dll
- 2012-05-15 03:37 . 2012-05-15 03:37 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\d246780b91fd9f6393e85fb13bde94a6\stdole.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 14848 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIUI\e0483bfc60abf8df22125b41a8d62bcf\SBAIUI.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 84480 c:\windows\assembly\NativeImages_v2.0.50727_32\ResGen\e16135e9b9f665f1db2214a44f6bcda5\ResGen.ni.exe
+ 2012-06-17 12:45 . 2012-06-17 12:45 69120 c:\windows\assembly\NativeImages_v2.0.50727_32\AxImp\6b414afcf2faead64a8aa4cec36d3eec\AxImp.ni.exe
- 2012-03-14 01:09 . 2012-01-25 06:33 9216 c:\windows\system32\rdrmemptylst.exe
+ 2012-06-14 18:58 . 2012-04-26 05:34 9216 c:\windows\system32\rdrmemptylst.exe
- 2012-06-04 01:26 . 2012-06-04 01:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-17 12:50 . 2012-06-17 12:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-04 01:26 . 2012-06-04 01:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-17 12:50 . 2012-06-17 12:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-13 02:53 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll
+ 2012-06-14 21:25 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll
+ 2012-06-14 21:25 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll
- 2012-04-13 02:53 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll
- 2011-05-14 01:09 . 2011-05-14 01:09 142848 c:\windows\SysWOW64\ieUnatt.exe
+ 2012-06-14 21:25 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe
+ 2012-06-14 21:25 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll
- 2012-04-13 02:53 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-06-14 18:58 . 2012-04-24 04:36 140288 c:\windows\SysWOW64\cryptsvc.dll
+ 2012-06-14 18:58 . 2012-04-24 04:36 103936 c:\windows\SysWOW64\cryptnet.dll
+ 2009-12-01 02:25 . 2012-06-14 09:53 370116 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-12-01 00:36 . 2012-06-14 21:15 301194 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2012-04-13 02:53 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll
+ 2012-06-14 21:25 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll
- 2012-04-04 02:11 . 2012-01-25 06:38 149504 c:\windows\system32\rdpcorekmts.dll
+ 2012-06-14 18:58 . 2012-04-26 05:41 149504 c:\windows\system32\rdpcorekmts.dll
- 2011-08-21 18:23 . 2010-11-20 13:27 209920 c:\windows\system32\profsvc.dll
+ 2012-06-14 18:58 . 2012-05-01 05:40 209920 c:\windows\system32\profsvc.dll
+ 2009-07-14 02:36 . 2012-06-14 21:35 710772 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-03 21:06 710772 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-03 21:06 140422 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-06-14 21:35 140422 c:\windows\system32\perfc009.dat
- 2012-04-13 02:53 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll
+ 2012-06-14 21:25 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll
+ 2012-06-14 21:25 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe
- 2011-05-14 01:09 . 2011-05-14 01:09 173056 c:\windows\system32\ieUnatt.exe
- 2012-04-13 02:53 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll
+ 2012-06-14 21:25 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll
+ 2009-07-14 04:45 . 2012-06-17 12:23 446384 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2012-05-15 01:12 446384 c:\windows\system32\FNTCACHE.DAT
+ 2012-06-14 18:58 . 2012-04-28 03:55 210944 c:\windows\system32\drivers\rdpwd.sys
- 2012-03-14 01:09 . 2012-02-17 04:58 210944 c:\windows\system32\drivers\rdpwd.sys
+ 2012-06-14 18:58 . 2012-04-24 05:37 184320 c:\windows\system32\cryptsvc.dll
+ 2012-06-14 18:58 . 2012-04-24 05:37 140288 c:\windows\system32\cryptnet.dll
+ 2009-07-14 05:01 . 2012-06-17 12:49 426908 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-04 01:23 426908 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
+ 2012-06-14 18:57 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
- 2012-04-13 01:15 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2012-06-14 18:57 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-04-13 01:15 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2009-12-09 23:05 . 2012-05-14 10:43 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2012-06-14 21:33 . 2012-06-14 21:33 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\47254192e28f6ab9c142e3054c28aa69\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-14 21:36 . 2012-06-14 21:36 226304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\0640b7fe359ea63a1799465631aa691a\System.Drawing.Design.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\fbc02e9f5a14bb93082ebc88bc577413\System.Drawing.Design.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a88ca70ab9641b8236149bc5dd8d1564\System.Configuration.Install.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 126976 c:\windows\assembly\NativeImages_v2.0.50727_32\xsd\3c1d9ddad9c0bb0f62ed1c13e6a5bb8c\xsd.ni.exe
+ 2012-06-17 12:45 . 2012-06-17 12:45 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.Zip\fcc215b14ed635f67a0e945d576307dd\Xceed.Zip.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 661504 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.Grid.UIStyle\29fa5340a43ded029032a5c9a3493ddd\Xceed.Grid.UIStyle.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\bdd46a26ce7bdf525935a8f749582f27\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fde371df4eed408b0611b5746655803e\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ebe797d14df7e907371da3a1662dab6f\WindowsLive.Writer.Controls.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e27dd50210bed6d2b453e9477146e1c9\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d52eba13edf8fcdfeec4764164319c2c\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cb1ae89f088d0e74bd461cf5d3a32cf1\WindowsLive.Writer.Interop.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\caeb427eec30805ba61d4d6a575a8a3a\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\76d1ee2da5d966f20e3ffa55b89c96f2\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5b335503bc9b547e960407aee5c86cb3\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5a361ed04d214905d7213dd3a8d8e48e\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\44b1907dd0854a35bde93fb53d1db776\WindowsLive.Writer.Api.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\3212bd156ec4eee886a0b48ec506e835\WindowsLive.Client.ni.dll
+ 2012-06-17 12:27 . 2012-06-17 12:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
+ 2012-06-17 12:27 . 2012-06-17 12:27 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll
+ 2012-06-17 12:27 . 2012-06-17 12:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 107520 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIREPORTING\9c2936c9169597daec0321e9251d64cf\SBAIREPORTING.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 636416 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIAPIV2\92d878bc2d2ab945ee54c0375495df52\SBAIAPIV2.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 532992 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIAPI\67395312b7b04ac7e3472aef8d28f4f9\SBAIAPI.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 409088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Iris.Impo#\1b6b2dc08ce826ca7478849408e059c0\Microsoft.Iris.ImportExportDataAccess.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.eCRM.AxSH#\6687731628fa599dfd5a84ef36225f13\Microsoft.eCRM.AxSHDocVw.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 866816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\46e3335a03cfc22537a2457985ce8efe\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ImportExportUI.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\1b2a08ae2231112bb077a88e5a4737f3\Microsoft.BusinessSolutions.eCRM.DataSync.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 391168 c:\windows\assembly\NativeImages_v2.0.50727_32\Iris.Mapi.MessageSt#\8d500899d71a4bd175d0e211c685cae0\Iris.Mapi.MessageStore.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 469504 c:\windows\assembly\NativeImages_v2.0.50727_32\BCMMSIDCRL.Managed\a7d943f4454f21e91c9f34a80827dea5\BCMMSIDCRL.Managed.ni.dll
- 2012-04-13 01:15 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-14 18:57 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-14 21:25 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll
+ 2012-06-14 21:25 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll
- 2012-05-14 01:35 . 2012-03-31 04:39 3913072 c:\windows\SysWOW64\ntoskrnl.exe
+ 2012-06-14 18:58 . 2012-05-04 10:03 3913072 c:\windows\SysWOW64\ntoskrnl.exe
- 2012-05-14 01:35 . 2012-03-31 04:39 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-06-14 18:58 . 2012-05-04 10:03 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-06-14 18:58 . 2012-04-07 11:26 2342400 c:\windows\SysWOW64\msi.dll
+ 2012-06-14 21:25 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll
+ 2012-06-14 21:25 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll
+ 2012-06-14 21:25 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll
+ 2012-06-14 18:58 . 2012-04-24 04:36 1158656 c:\windows\SysWOW64\crypt32.dll
+ 2012-06-14 21:25 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll
+ 2012-06-14 18:58 . 2012-05-15 01:32 3146752 c:\windows\system32\win32k.sys
+ 2012-06-14 21:25 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll
+ 2012-06-14 18:58 . 2012-05-04 11:06 5559664 c:\windows\system32\ntoskrnl.exe
- 2012-05-14 01:35 . 2012-03-31 06:05 5559664 c:\windows\system32\ntoskrnl.exe
+ 2012-06-14 18:58 . 2012-04-07 12:31 3216384 c:\windows\system32\msi.dll
+ 2012-06-14 21:25 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll
+ 2012-06-14 21:25 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll
+ 2012-06-14 18:58 . 2012-04-24 05:37 1462272 c:\windows\system32\crypt32.dll
- 2009-07-14 04:45 . 2012-05-15 01:15 7172107 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-06-17 12:26 7172107 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-05-15 05:44 . 2012-06-14 09:59 6323100 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-141985954-1552009316-2749100623-1004-8192.dat
- 2011-05-15 05:44 . 2012-06-04 01:23 6323100 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-141985954-1552009316-2749100623-1004-8192.dat
- 2010-01-17 06:27 . 2012-06-04 00:44 2812084 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-141985954-1552009316-2749100623-1004-12288.dat
+ 2010-01-17 06:27 . 2012-06-11 23:14 2812084 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-141985954-1552009316-2749100623-1004-12288.dat
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
- 2012-05-14 01:34 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 18:58 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 18:58 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
- 2011-08-21 18:24 . 2010-11-05 01:56 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
- 2012-05-14 01:34 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 18:58 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 18:58 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2011-08-21 18:28 . 2010-11-05 01:58 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-14 10:41 . 2012-05-14 10:41 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-14 21:35 . 2012-06-14 21:35 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-05-30 11:17 . 2012-05-30 11:17 5010432 c:\windows\Installer\92353d.msp
+ 2012-04-23 02:46 . 2012-04-23 02:46 1187328 c:\windows\Installer\923527.msp
+ 2012-03-15 18:26 . 2012-03-15 18:26 4212736 c:\windows\Installer\92351e.msp
+ 2012-06-07 01:42 . 2012-06-07 01:42 2871808 c:\windows\Installer\44419.msi
+ 2009-12-09 23:05 . 2012-06-14 21:36 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-12-09 23:05 . 2012-06-14 21:36 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2009-12-09 23:05 . 2012-05-14 10:43 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-06-14 21:33 . 2012-06-14 21:33 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\32bece98175466e5a63d120d96e33269\PresentationUI.ni.dll
+ 2012-06-14 21:33 . 2012-06-14 21:33 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\44f8907ea08f9c7ff390b17a925a98fd\Microsoft.VisualBasic.ni.dll
+ 2012-06-14 21:33 . 2012-06-14 21:33 1829888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\2d7aad0171b35bcc0caad662b539cd84\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-14 21:33 . 2012-06-14 21:33 1007104 c:\windows\assembly\NativeImages_v4.0.30319_64\AspNetMMCExt\b54a7adba206d3dba187a47557284d51\AspNetMMCExt.ni.dll
+ 2012-06-14 21:36 . 2012-06-14 21:36 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
+ 2012-06-14 21:36 . 2012-06-14 21:36 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\aa638ba79250284eb4af4adaa4a4117b\System.Workflow.Runtime.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\996dc2af3b9e5c111130935f298908c6\System.Workflow.ComponentModel.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\178797db84abae2eeaed835bd28ca52c\System.Workflow.Activities.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\b964519964d302b4977e1380d8d15f1a\System.Printing.ni.dll
+ 2012-06-17 12:28 . 2012-06-17 12:28 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
+ 2012-06-17 12:28 . 2012-06-17 12:28 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6e4e9b07f376d445df1718c0011fa99b\System.Deployment.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\1f88a3693c8ddd527a130aff49dc58b3\ReachFramework.ni.dll
+ 2012-06-17 12:29 . 2012-06-17 12:29 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\b91c32fab08ba62d8c7681cc596895be\PresentationUI.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 2102272 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.Grid\4a07f0412025b2a53bc72b889b0efc79\Xceed.Grid.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 7025152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f6cac6d0e82d3714667b5fe78442bb26\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\adb0e58139fd3acff774fafea2b34d5f\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a77dc72d1b8dab87fdbf73252925c3de\WindowsLive.Writer.Localization.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2a7f76b6857454c1216089b694d7d72a\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-06-17 12:27 . 2012-06-17 12:27 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll
+ 2012-06-17 12:27 . 2012-06-17 12:27 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1348ca98dad0f4c1716a505e62bf7d63\System.Workflow.ComponentModel.ni.dll
+ 2012-06-17 12:27 . 2012-06-17 12:27 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
+ 2012-06-17 12:25 . 2012-06-17 12:25 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 1040896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\fbc0feb4b206da7eb439ef53f83d2520\Microsoft.Interop.Mapi.Impl.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 4466688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\c9fa03613a174161ab22070b6a2a752a\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.CSUtils.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 2831360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\a87ad5e25f29d6dc9858ac93dbfcd794\Microsoft.BusinessSolutions.eCRM.Reports2.ni.dll
+ 2012-06-17 12:46 . 2012-06-17 12:46 2359808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\59c0e50b65d42ab246de32bcb22ccf82\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 3826688 c:\windows\assembly\NativeImages_v2.0.50727_32\BusinessLayer\6572125c4b25408cb04d23b4cf9e1caa\BusinessLayer.ni.dll
+ 2012-06-17 12:45 . 2012-06-17 12:45 1526272 c:\windows\assembly\NativeImages_v2.0.50727_32\BCMRes\119d33ac8aeebafba3912a96e1594e11\BCMRes.ni.dll
- 2012-05-14 01:34 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-14 18:58 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-14 18:58 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-08-21 18:28 . 2010-11-05 01:58 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-14 21:25 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-06-17 12:22 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-05-15 01:10 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-06-14 21:25 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll
+ 2009-12-29 05:54 . 2012-06-14 21:31 58957832 c:\windows\system32\MRT.exe
+ 2012-06-14 21:25 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll
+ 2012-06-14 21:34 . 2012-06-14 21:34 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\Temp\d60-0\System.Windows.Forms.dll
+ 2012-06-14 21:34 . 2012-06-14 21:34 15761920 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\d5f3c0fa017383435333ca037cfa19bc\System.Web.ni.dll
+ 2012-06-14 21:34 . 2012-06-14 21:34 13314048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\1fd512449d15a2373c16864d0268ae99\System.Design.ni.dll
+ 2012-06-14 21:36 . 2012-06-14 21:36 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
+ 2012-06-14 21:36 . 2012-06-14 21:36 11021824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Design\ecde3362b4d67a0025c3c9d5b9525f4a\System.Design.ni.dll
+ 2012-06-14 21:36 . 2012-06-14 21:36 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
+ 2012-06-14 21:36 . 2012-06-14 21:36 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
+ 2012-06-17 12:29 . 2012-06-17 12:29 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
+ 2012-06-17 12:30 . 2012-06-17 12:30 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\582144c0ee317038621aebc626187b56\System.Design.ni.dll
+ 2012-06-17 12:29 . 2012-06-17 12:29 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
+ 2012-06-17 12:28 . 2012-06-17 12:28 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
+ 2012-06-17 12:27 . 2012-06-17 12:27 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll
+ 2012-06-17 12:26 . 2012-06-17 12:26 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
+ 2012-06-17 12:25 . 2012-06-17 12:25 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-07-29 5464448]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"IdeaNotesUser"="c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe" [2009-08-24 221872]
"OnekeyDM"="c:\program files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe" [2009-03-27 468480]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2009-11-22 3122440]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Lenovo SlideNav"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe" [2009-08-19 839680]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"AmazonGSDownloaderTray"="c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
c:\users\Neil noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-3-22 1014112]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 257696]
R3 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-25 544768]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-03 129976]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 funfrm;funfrm; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DDNIMSGService;DDNIMSGService;c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-01-21 172720]
S2 DDNIService;DDNIService;c:\program files (x86)\DDNI\DIBS\DDNIService.exe [2010-03-04 160432]
S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 02:05]
.
2012-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004Core.job
- c:\users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004UA.job
- c:\users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-11-22 10:58 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-08-26 4366192]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-06-01 2342800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-07 16416360]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.live.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save Flash - c:\program files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Neil noname\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Juniper Networks\Common Files\dsNcService.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2012-06-17 08:56:32 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-17 12:56
ComboFix2.txt 2012-06-04 02:15
.
Pre-Run: 165,933,883,392 bytes free
Post-Run: 165,573,713,920 bytes free
.
- - End Of File - - DA317605B0D6469305C4B12743284FE3

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

• Double click the aswMBR.exe icon to run it
• it will ask to download extra definitions - ALLOW IT
• Click the Scan button to start the scan
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo

20:56:50.0030 5604 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
20:56:50.0451 5604 ============================================================
20:56:50.0451 5604 Current date / time: 2012/06/20 20:56:50.0451
20:56:50.0451 5604 SystemInfo:
20:56:50.0451 5604
20:56:50.0451 5604 OS Version: 6.1.7601 ServicePack: 1.0
20:56:50.0451 5604 Product type: Workstation
20:56:50.0451 5604 ComputerName: NEILRAFOL-PC
20:56:50.0452 5604 UserName: Neil Rafol
20:56:50.0452 5604 Windows directory: C:\windows
20:56:50.0452 5604 System windows directory: C:\windows
20:56:50.0452 5604 Running under WOW64
20:56:50.0452 5604 Processor architecture: Intel x64
20:56:50.0452 5604 Number of processors: 2
20:56:50.0452 5604 Page size: 0x1000
20:56:50.0452 5604 Boot type: Normal boot
20:56:50.0452 5604 ============================================================
20:56:50.0873 5604 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:56:50.0881 5604 ============================================================
20:56:50.0881 5604 \Device\Harddisk0\DR0:
20:56:50.0881 5604 MBR partitions:
20:56:50.0881 5604 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
20:56:50.0881 5604 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1F9C8C00
20:56:50.0910 5604 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1FA2E400, BlocksNum 0x3C7E000
20:56:50.0910 5604 ============================================================
20:56:50.0965 5604 C: <-> \Device\Harddisk0\DR0\Partition1
20:56:51.0027 5604 D: <-> \Device\Harddisk0\DR0\Partition2
20:56:51.0027 5604 ============================================================
20:56:51.0027 5604 Initialize success
20:56:51.0027 5604 ============================================================
20:56:52.0436 5668 ============================================================
20:56:52.0436 5668 Scan started
20:56:52.0437 5668 Mode: Manual;
20:56:52.0437 5668 ============================================================
20:56:52.0896 5668 !SASCORE (6b9a496ed67631da8adb802461876c36) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:56:52.0898 5668 !SASCORE - ok
20:56:53.0157 5668 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
20:56:53.0161 5668 1394ohci - ok
20:56:53.0233 5668 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
20:56:53.0238 5668 ACPI - ok
20:56:53.0292 5668 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
20:56:53.0293 5668 AcpiPmi - ok
20:56:53.0339 5668 ACPIVPC (2e68544bce94de6677f700cf1d582b6d) C:\windows\system32\DRIVERS\AcpiVpc.sys
20:56:53.0340 5668 ACPIVPC - ok
20:56:53.0493 5668 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:56:53.0494 5668 AdobeARMservice - ok
20:56:53.0689 5668 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:56:53.0693 5668 AdobeFlashPlayerUpdateSvc - ok
20:56:53.0769 5668 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
20:56:53.0776 5668 adp94xx - ok
20:56:53.0827 5668 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
20:56:53.0846 5668 adpahci - ok
20:56:53.0913 5668 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
20:56:53.0932 5668 adpu320 - ok
20:56:53.0976 5668 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
20:56:53.0977 5668 AeLookupSvc - ok
20:56:54.0080 5668 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
20:56:54.0091 5668 AFD - ok
20:56:54.0156 5668 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
20:56:54.0159 5668 agp440 - ok
20:56:54.0194 5668 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
20:56:54.0196 5668 ALG - ok
20:56:54.0255 5668 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
20:56:54.0256 5668 aliide - ok
20:56:54.0411 5668 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
20:56:54.0436 5668 Amazon Download Agent - ok
20:56:54.0487 5668 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
20:56:54.0488 5668 amdide - ok
20:56:54.0531 5668 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
20:56:54.0533 5668 AmdK8 - ok
20:56:54.0547 5668 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
20:56:54.0549 5668 AmdPPM - ok
20:56:54.0607 5668 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
20:56:54.0609 5668 amdsata - ok
20:56:54.0674 5668 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
20:56:54.0688 5668 amdsbs - ok
20:56:54.0710 5668 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
20:56:54.0711 5668 amdxata - ok
20:56:54.0772 5668 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
20:56:54.0772 5668 AppID - ok
20:56:54.0808 5668 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
20:56:54.0809 5668 AppIDSvc - ok
20:56:54.0871 5668 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
20:56:54.0873 5668 Appinfo - ok
20:56:55.0012 5668 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:56:55.0013 5668 Apple Mobile Device - ok
20:56:55.0079 5668 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
20:56:55.0094 5668 arc - ok
20:56:55.0128 5668 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
20:56:55.0141 5668 arcsas - ok
20:56:55.0263 5668 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:56:55.0264 5668 aspnet_state - ok
20:56:55.0310 5668 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
20:56:55.0312 5668 AsyncMac - ok
20:56:55.0378 5668 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
20:56:55.0379 5668 atapi - ok
20:56:55.0492 5668 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:56:55.0505 5668 AudioEndpointBuilder - ok
20:56:55.0514 5668 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:56:55.0518 5668 AudioSrv - ok
20:56:56.0065 5668 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
20:56:56.0171 5668 AVGIDSAgent - ok
20:56:56.0365 5668 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
20:56:56.0366 5668 AVGIDSDriver - ok
20:56:56.0409 5668 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
20:56:56.0410 5668 AVGIDSEH - ok
20:56:56.0416 5668 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
20:56:56.0417 5668 AVGIDSFilter - ok
20:56:56.0480 5668 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\windows\system32\DRIVERS\avgldx64.sys
20:56:56.0482 5668 Avgldx64 - ok
20:56:56.0521 5668 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\windows\system32\DRIVERS\avgmfx64.sys
20:56:56.0522 5668 Avgmfx64 - ok
20:56:56.0553 5668 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\windows\system32\DRIVERS\avgrkx64.sys
20:56:56.0553 5668 Avgrkx64 - ok
20:56:56.0589 5668 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\windows\system32\DRIVERS\avgtdia.sys
20:56:56.0591 5668 Avgtdia - ok
20:56:56.0711 5668 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
20:56:56.0717 5668 avgwd - ok
20:56:56.0773 5668 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
20:56:56.0775 5668 AxInstSV - ok
20:56:56.0871 5668 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
20:56:56.0903 5668 b06bdrv - ok
20:56:56.0958 5668 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
20:56:56.0963 5668 b57nd60a - ok
20:56:57.0066 5668 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
20:56:57.0068 5668 BcmSqlStartupSvc - ok
20:56:57.0124 5668 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
20:56:57.0136 5668 BDESVC - ok
20:56:57.0169 5668 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
20:56:57.0170 5668 Beep - ok
20:56:57.0268 5668 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
20:56:57.0276 5668 BFE - ok
20:56:57.0387 5668 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\system32\qmgr.dll
20:56:57.0435 5668 BITS - ok
20:56:57.0490 5668 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
20:56:57.0492 5668 blbdrive - ok
20:56:57.0649 5668 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:56:57.0656 5668 Bonjour Service - ok
20:56:57.0715 5668 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
20:56:57.0729 5668 bowser - ok
20:56:57.0756 5668 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:56:57.0757 5668 BrFiltLo - ok
20:56:57.0777 5668 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:56:57.0778 5668 BrFiltUp - ok
20:56:57.0820 5668 Bridge0 (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys
20:56:57.0821 5668 Bridge0 - ok
20:56:57.0864 5668 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
20:56:57.0881 5668 BridgeMP - ok
20:56:57.0938 5668 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
20:56:57.0954 5668 Browser - ok
20:56:57.0992 5668 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
20:56:57.0999 5668 Brserid - ok
20:56:58.0032 5668 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
20:56:58.0033 5668 BrSerWdm - ok
20:56:58.0068 5668 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
20:56:58.0070 5668 BrUsbMdm - ok
20:56:58.0084 5668 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
20:56:58.0086 5668 BrUsbSer - ok
20:56:58.0125 5668 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
20:56:58.0127 5668 BthEnum - ok
20:56:58.0162 5668 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
20:56:58.0164 5668 BTHMODEM - ok
20:56:58.0202 5668 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
20:56:58.0219 5668 BthPan - ok
20:56:58.0322 5668 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
20:56:58.0327 5668 BTHPORT - ok
20:56:58.0387 5668 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
20:56:58.0403 5668 bthserv - ok
20:56:58.0417 5668 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
20:56:58.0419 5668 BTHUSB - ok
20:56:58.0605 5668 Cam5607 (c9b6e9df902d86a63791191ca2445ec7) C:\windows\system32\Drivers\BisonC07.sys
20:56:58.0647 5668 Cam5607 - ok
20:56:58.0700 5668 catchme - ok
20:56:58.0753 5668 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
20:56:58.0755 5668 cdfs - ok
20:56:58.0819 5668 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
20:56:58.0821 5668 cdrom - ok
20:56:58.0894 5668 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:56:58.0898 5668 CertPropSvc - ok
20:56:58.0933 5668 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
20:56:58.0934 5668 circlass - ok
20:56:59.0014 5668 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
20:56:59.0021 5668 CLFS - ok
20:56:59.0139 5668 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:56:59.0165 5668 clr_optimization_v2.0.50727_32 - ok
20:56:59.0242 5668 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:56:59.0257 5668 clr_optimization_v2.0.50727_64 - ok
20:56:59.0385 5668 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:56:59.0389 5668 clr_optimization_v4.0.30319_32 - ok
20:56:59.0480 5668 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:56:59.0484 5668 clr_optimization_v4.0.30319_64 - ok
20:56:59.0539 5668 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
20:56:59.0540 5668 CmBatt - ok
20:56:59.0576 5668 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
20:56:59.0578 5668 cmdide - ok
20:56:59.0668 5668 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
20:56:59.0671 5668 CNG - ok
20:56:59.0718 5668 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
20:56:59.0719 5668 Compbatt - ok
20:56:59.0771 5668 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
20:56:59.0771 5668 CompositeBus - ok
20:56:59.0782 5668 COMSysApp - ok
20:56:59.0829 5668 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
20:56:59.0831 5668 crcdisk - ok
20:56:59.0893 5668 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
20:56:59.0932 5668 CryptSvc - ok
20:56:59.0972 5668 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\windows\system32\DRIVERS\ctxusbm.sys
20:56:59.0973 5668 ctxusbm - ok
20:57:00.0022 5668 dc3d (db0459afd124ce5ccb649e33f95d715f) C:\windows\system32\DRIVERS\dc3d.sys
20:57:00.0024 5668 dc3d - ok
20:57:00.0116 5668 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:57:00.0125 5668 DcomLaunch - ok
20:57:00.0266 5668 DDNIMSGService (1fa2e249364050217091ca073f5cf9eb) C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
20:57:00.0271 5668 DDNIMSGService - ok
20:57:00.0321 5668 DDNIService (2bddf5b479bdb30651f06f59645ea733) C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
20:57:00.0325 5668 DDNIService - ok
20:57:00.0416 5668 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
20:57:00.0455 5668 defragsvc - ok
20:57:00.0536 5668 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
20:57:00.0551 5668 DfsC - ok
20:57:00.0716 5668 DfSdkS (d51b32ba3897f630d99713b74b40d6a2) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
20:57:00.0735 5668 DfSdkS - ok
20:57:00.0791 5668 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
20:57:00.0801 5668 Dhcp - ok
20:57:00.0834 5668 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
20:57:00.0834 5668 discache - ok
20:57:00.0883 5668 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
20:57:00.0884 5668 Disk - ok
20:57:00.0935 5668 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
20:57:00.0941 5668 Dnscache - ok
20:57:00.0999 5668 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
20:57:01.0010 5668 dot3svc - ok
20:57:01.0065 5668 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
20:57:01.0073 5668 DPS - ok
20:57:01.0087 5668 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
20:57:01.0088 5668 drmkaud - ok
20:57:01.0141 5668 dsNcAdpt (3eef0b3489edbf725564e17c77cabafd) C:\windows\system32\DRIVERS\dsNcAdpt.sys
20:57:01.0143 5668 dsNcAdpt - ok
20:57:01.0287 5668 dsNcService (b9750c064b43c7a3bbc8a74f1127aa4e) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
20:57:01.0299 5668 dsNcService - ok
20:57:01.0464 5668 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
20:57:01.0478 5668 DXGKrnl - ok
20:57:01.0523 5668 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
20:57:01.0525 5668 EapHost - ok
20:57:01.0907 5668 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
20:57:01.0956 5668 ebdrv - ok
20:57:02.0140 5668 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
20:57:02.0143 5668 EFS - ok
20:57:02.0269 5668 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
20:57:02.0279 5668 ehRecvr - ok
20:57:02.0322 5668 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
20:57:02.0332 5668 ehSched - ok
20:57:02.0452 5668 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
20:57:02.0469 5668 elxstor - ok
20:57:02.0510 5668 enecir (524c79054636d2e5751169005006460b) C:\windows\system32\DRIVERS\enecir.sys
20:57:02.0515 5668 enecir - ok
20:57:02.0573 5668 enecirhid (e17eb95358f396e27d573a1b20f891f8) C:\windows\system32\DRIVERS\enecirhid.sys
20:57:02.0574 5668 enecirhid - ok
20:57:02.0580 5668 enecirhidma (8492d808c79bd6fe439f77be84956cdf) C:\windows\system32\DRIVERS\enecirhidma.sys
20:57:02.0580 5668 enecirhidma - ok
20:57:02.0612 5668 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
20:57:02.0613 5668 ErrDev - ok
20:57:02.0708 5668 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
20:57:02.0724 5668 EventSystem - ok
20:57:02.0772 5668 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
20:57:02.0788 5668 exfat - ok
20:57:02.0820 5668 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
20:57:02.0834 5668 fastfat - ok
20:57:02.0937 5668 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
20:57:02.0943 5668 Fax - ok
20:57:02.0970 5668 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
20:57:02.0971 5668 fdc - ok
20:57:02.0994 5668 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
20:57:02.0996 5668 fdPHost - ok
20:57:03.0015 5668 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
20:57:03.0017 5668 FDResPub - ok
20:57:03.0053 5668 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
20:57:03.0054 5668 FileInfo - ok
20:57:03.0062 5668 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
20:57:03.0063 5668 Filetrace - ok
20:57:03.0077 5668 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
20:57:03.0078 5668 flpydisk - ok
20:57:03.0111 5668 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
20:57:03.0113 5668 FltMgr - ok
20:57:03.0279 5668 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
20:57:03.0302 5668 FontCache - ok
20:57:03.0380 5668 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:57:03.0382 5668 FontCache3.0.0.0 - ok
20:57:03.0446 5668 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
20:57:03.0449 5668 FsDepends - ok
20:57:03.0493 5668 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\windows\system32\DRIVERS\fssfltr.sys
20:57:03.0496 5668 fssfltr - ok
20:57:03.0741 5668 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:57:03.0785 5668 fsssvc - ok
20:57:03.0958 5668 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
20:57:03.0959 5668 Fs_Rec - ok
20:57:04.0013 5668 funfrm (6ccf66bca3d24146cb8b0930dba1448f) C:\windows\system32\drivers\funfrm.sys
20:57:04.0014 5668 funfrm - ok
20:57:04.0090 5668 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
20:57:04.0092 5668 fvevol - ok
20:57:04.0122 5668 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
20:57:04.0124 5668 gagp30kx - ok
20:57:04.0160 5668 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:57:04.0161 5668 GEARAspiWDM - ok
20:57:04.0294 5668 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
20:57:04.0319 5668 gpsvc - ok
20:57:04.0414 5668 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:57:04.0417 5668 gupdate - ok
20:57:04.0449 5668 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:57:04.0451 5668 gupdatem - ok
20:57:04.0483 5668 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
20:57:04.0485 5668 hcw85cir - ok
20:57:04.0561 5668 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
20:57:04.0567 5668 HdAudAddService - ok
20:57:04.0614 5668 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
20:57:04.0615 5668 HDAudBus - ok
20:57:04.0641 5668 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
20:57:04.0643 5668 HidBatt - ok
20:57:04.0663 5668 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
20:57:04.0676 5668 HidBth - ok
20:57:04.0724 5668 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
20:57:04.0725 5668 HidIr - ok
20:57:04.0751 5668 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
20:57:04.0752 5668 hidserv - ok
20:57:04.0788 5668 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
20:57:04.0789 5668 HidUsb - ok
20:57:04.0821 5668 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
20:57:04.0823 5668 hkmsvc - ok
20:57:04.0881 5668 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
20:57:04.0903 5668 HomeGroupListener - ok
20:57:04.0925 5668 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
20:57:04.0940 5668 HomeGroupProvider - ok
20:57:04.0977 5668 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
20:57:04.0977 5668 HpSAMD - ok
20:57:05.0050 5668 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
20:57:05.0058 5668 HTTP - ok
20:57:05.0095 5668 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
20:57:05.0096 5668 hwpolicy - ok
20:57:05.0142 5668 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
20:57:05.0145 5668 i8042prt - ok
20:57:05.0296 5668 IAANTMON (0e899d0db39617aa0b2f992e7e95b5eb) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:57:05.0304 5668 IAANTMON - ok
20:57:05.0387 5668 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys
20:57:05.0392 5668 iaStor - ok
20:57:05.0478 5668 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
20:57:05.0481 5668 iaStorV - ok
20:57:05.0664 5668 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:57:05.0676 5668 idsvc - ok
20:57:06.0322 5668 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
20:57:06.0405 5668 igfx - ok
20:57:06.0491 5668 IGRS (d951d20153e51928f9db2227d6ff5c7a) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
20:57:06.0492 5668 IGRS - ok
20:57:06.0663 5668 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
20:57:06.0666 5668 iirsp - ok
20:57:06.0814 5668 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
20:57:06.0843 5668 IKEEXT - ok
20:57:07.0087 5668 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\windows\system32\drivers\RTKVHD64.sys
20:57:07.0100 5668 IntcAzAudAddService - ok
20:57:07.0258 5668 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
20:57:07.0259 5668 intelide - ok
20:57:07.0300 5668 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
20:57:07.0301 5668 intelppm - ok
20:57:07.0329 5668 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
20:57:07.0332 5668 IPBusEnum - ok
20:57:07.0382 5668 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:57:07.0397 5668 IpFilterDriver - ok
20:57:07.0502 5668 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
20:57:07.0510 5668 iphlpsvc - ok
20:57:07.0540 5668 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
20:57:07.0541 5668 IPMIDRV - ok
20:57:07.0569 5668 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
20:57:07.0571 5668 IPNAT - ok
20:57:07.0787 5668 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
20:57:07.0805 5668 iPod Service - ok
20:57:07.0834 5668 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
20:57:07.0835 5668 IRENUM - ok
20:57:07.0867 5668 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
20:57:07.0869 5668 isapnp - ok
20:57:07.0916 5668 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
20:57:07.0918 5668 iScsiPrt - ok
20:57:07.0997 5668 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\windows\system32\DRIVERS\k57nd60a.sys
20:57:07.0999 5668 k57nd60a - ok
20:57:08.0036 5668 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
20:57:08.0037 5668 kbdclass - ok
20:57:08.0065 5668 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
20:57:08.0067 5668 kbdhid - ok
20:57:08.0111 5668 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:57:08.0113 5668 KeyIso - ok
20:57:08.0163 5668 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
20:57:08.0164 5668 KSecDD - ok
20:57:08.0198 5668 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
20:57:08.0200 5668 KSecPkg - ok
20:57:08.0227 5668 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
20:57:08.0229 5668 ksthunk - ok
20:57:08.0279 5668 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
20:57:08.0287 5668 KtmRm - ok
20:57:08.0351 5668 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
20:57:08.0363 5668 LanmanServer - ok
20:57:08.0412 5668 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
20:57:08.0416 5668 LanmanWorkstation - ok
20:57:08.0437 5668 Lbd - ok
20:57:08.0562 5668 Lenovo ReadyComm AppSvc (4f83c51720243d6016e6ecd0f2e1b274) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
20:57:08.0572 5668 Lenovo ReadyComm AppSvc - ok
20:57:08.0611 5668 Lenovo ReadyComm ConnSvc (56688ee2c359bb14479b89a50358faa2) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
20:57:08.0620 5668 Lenovo ReadyComm ConnSvc - ok
20:57:08.0654 5668 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
20:57:08.0655 5668 lltdio - ok
20:57:08.0697 5668 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
20:57:08.0713 5668 lltdsvc - ok
20:57:08.0736 5668 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
20:57:08.0738 5668 lmhosts - ok
20:57:08.0768 5668 LPCFilter (16679269303613c4ce7c8ff03413410f) C:\windows\system32\DRIVERS\LPCFilter.sys
20:57:08.0769 5668 LPCFilter - ok
20:57:08.0821 5668 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
20:57:08.0823 5668 LSI_FC - ok
20:57:08.0857 5668 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
20:57:08.0859 5668 LSI_SAS - ok
20:57:08.0878 5668 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:57:08.0879 5668 LSI_SAS2 - ok
20:57:08.0915 5668 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:57:08.0917 5668 LSI_SCSI - ok
20:57:08.0933 5668 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
20:57:08.0938 5668 luafv - ok
20:57:08.0999 5668 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
20:57:09.0016 5668 Mcx2Svc - ok
20:57:09.0052 5668 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
20:57:09.0053 5668 megasas - ok
20:57:09.0101 5668 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
20:57:09.0108 5668 MegaSR - ok
20:57:09.0212 5668 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:57:09.0227 5668 Microsoft Office Groove Audit Service - ok
20:57:09.0283 5668 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:57:09.0285 5668 MMCSS - ok
20:57:09.0312 5668 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
20:57:09.0313 5668 Modem - ok
20:57:09.0338 5668 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
20:57:09.0339 5668 monitor - ok
20:57:09.0367 5668 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
20:57:09.0367 5668 mouclass - ok
20:57:09.0414 5668 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
20:57:09.0415 5668 mouhid - ok
20:57:09.0468 5668 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
20:57:09.0469 5668 mountmgr - ok
20:57:09.0523 5668 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:57:09.0538 5668 MozillaMaintenance - ok
20:57:09.0610 5668 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
20:57:09.0611 5668 mpio - ok
20:57:09.0656 5668 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
20:57:09.0658 5668 mpsdrv - ok
20:57:09.0771 5668 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
20:57:09.0785 5668 MpsSvc - ok
20:57:09.0825 5668 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
20:57:09.0826 5668 MRxDAV - ok
20:57:09.0866 5668 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
20:57:09.0879 5668 mrxsmb - ok
20:57:09.0950 5668 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:57:09.0960 5668 mrxsmb10 - ok
20:57:09.0984 5668 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:57:09.0995 5668 mrxsmb20 - ok
20:57:10.0047 5668 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
20:57:10.0048 5668 msahci - ok
20:57:10.0094 5668 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
20:57:10.0097 5668 msdsm - ok
20:57:10.0148 5668 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
20:57:10.0168 5668 MSDTC - ok
20:57:10.0212 5668 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
20:57:10.0214 5668 Msfs - ok
20:57:10.0235 5668 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
20:57:10.0237 5668 mshidkmdf - ok
20:57:10.0252 5668 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
20:57:10.0253 5668 msisadrv - ok
20:57:10.0304 5668 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
20:57:10.0314 5668 MSiSCSI - ok
20:57:10.0318 5668 msiserver - ok
20:57:10.0348 5668 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
20:57:10.0350 5668 MSKSSRV - ok
20:57:10.0377 5668 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
20:57:10.0378 5668 MSPCLOCK - ok
20:57:10.0384 5668 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
20:57:10.0385 5668 MSPQM - ok
20:57:10.0456 5668 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
20:57:10.0461 5668 MsRPC - ok
20:57:10.0503 5668 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
20:57:10.0503 5668 mssmbios - ok
20:57:10.0587 5668 MSSQL$MSSMLBIZ - ok
20:57:10.0646 5668 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:57:10.0648 5668 MSSQLServerADHelper - ok
20:57:10.0685 5668 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
20:57:10.0686 5668 MSTEE - ok
20:57:10.0714 5668 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
20:57:10.0715 5668 MTConfig - ok
20:57:10.0733 5668 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
20:57:10.0734 5668 Mup - ok
20:57:10.0818 5668 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
20:57:10.0829 5668 napagent - ok
20:57:10.0880 5668 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
20:57:10.0895 5668 NativeWifiP - ok
20:57:11.0022 5668 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
20:57:11.0028 5668 NDIS - ok
20:57:11.0045 5668 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
20:57:11.0046 5668 NdisCap - ok
20:57:11.0071 5668 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
20:57:11.0072 5668 NdisTapi - ok
20:57:11.0118 5668 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
20:57:11.0121 5668 Ndisuio - ok
20:57:11.0179 5668 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
20:57:11.0187 5668 NdisWan - ok
20:57:11.0203 5668 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
20:57:11.0205 5668 NDProxy - ok
20:57:11.0217 5668 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
20:57:11.0218 5668 NetBIOS - ok
20:57:11.0281 5668 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
20:57:11.0292 5668 NetBT - ok
20:57:11.0335 5668 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:57:11.0337 5668 Netlogon - ok
20:57:11.0402 5668 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
20:57:11.0424 5668 Netman - ok
20:57:11.0562 5668 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:57:11.0572 5668 NetMsmqActivator - ok
20:57:11.0596 5668 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:57:11.0599 5668 NetPipeActivator - ok
20:57:11.0664 5668 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
20:57:11.0676 5668 netprofm - ok
20:57:11.0687 5668 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:57:11.0688 5668 NetTcpActivator - ok
20:57:11.0691 5668 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:57:11.0692 5668 NetTcpPortSharing - ok
20:57:12.0219 5668 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\windows\system32\DRIVERS\netw5v64.sys
20:57:12.0315 5668 netw5v64 - ok
20:57:12.0461 5668 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
20:57:12.0464 5668 nfrd960 - ok
20:57:12.0533 5668 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
20:57:12.0541 5668 NlaSvc - ok
20:57:12.0574 5668 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
20:57:12.0576 5668 Npfs - ok
20:57:12.0605 5668 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
20:57:12.0608 5668 nsi - ok
20:57:12.0617 5668 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
20:57:12.0618 5668 nsiproxy - ok
20:57:12.0844 5668 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
20:57:12.0867 5668 Ntfs - ok
20:57:13.0001 5668 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\windows\system32\DRIVERS\NuidFltr.sys
20:57:13.0002 5668 NuidFltr - ok
20:57:13.0027 5668 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
20:57:13.0028 5668 Null - ok
20:57:13.0076 5668 NVHDA (cddd4478757288df4bb1494bfd084259) C:\windows\system32\drivers\nvhda64v.sys
20:57:13.0077 5668 NVHDA - ok
20:57:13.0845 5668 nvlddmkm (b8a1174bfd21af0379b4807bfc85fa66) C:\windows\system32\DRIVERS\nvlddmkm.sys
20:57:13.0910 5668 nvlddmkm - ok
20:57:14.0069 5668 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
20:57:14.0070 5668 nvraid - ok
20:57:14.0124 5668 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
20:57:14.0127 5668 nvstor - ok
20:57:14.0218 5668 nvsvc (8c639660b1cb88a966674fc13b8f43a2) C:\windows\system32\nvvsvc.exe
20:57:14.0224 5668 nvsvc - ok
20:57:14.0261 5668 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
20:57:14.0263 5668 nv_agp - ok
20:57:14.0379 5668 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:57:14.0381 5668 odserv - ok
20:57:14.0414 5668 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
20:57:14.0416 5668 ohci1394 - ok
20:57:14.0475 5668 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:57:14.0480 5668 ose - ok
20:57:14.0590 5668 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:57:14.0601 5668 p2pimsvc - ok
20:57:14.0654 5668 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
20:57:14.0669 5668 p2psvc - ok
20:57:14.0702 5668 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
20:57:14.0704 5668 Parport - ok
20:57:14.0741 5668 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
20:57:14.0742 5668 partmgr - ok
20:57:14.0762 5668 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
20:57:14.0775 5668 PcaSvc - ok
20:57:14.0817 5668 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
20:57:14.0818 5668 pci - ok
20:57:14.0834 5668 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
20:57:14.0835 5668 pciide - ok
20:57:14.0870 5668 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
20:57:14.0881 5668 pcmcia - ok
20:57:14.0895 5668 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
20:57:14.0895 5668 pcw - ok
20:57:14.0941 5668 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
20:57:14.0952 5668 PEAUTH - ok
20:57:15.0022 5668 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
20:57:15.0026 5668 PerfHost - ok
20:57:15.0223 5668 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
20:57:15.0260 5668 pla - ok
20:57:15.0346 5668 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
20:57:15.0362 5668 PlugPlay - ok
20:57:15.0398 5668 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
20:57:15.0400 5668 PNRPAutoReg - ok
20:57:15.0449 5668 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:57:15.0453 5668 PNRPsvc - ok
20:57:15.0536 5668 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
20:57:15.0557 5668 PolicyAgent - ok
20:57:15.0638 5668 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
20:57:15.0642 5668 Power - ok
20:57:15.0724 5668 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
20:57:15.0738 5668 PptpMiniport - ok
20:57:15.0784 5668 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
20:57:15.0788 5668 Processor - ok
20:57:15.0844 5668 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
20:57:15.0859 5668 ProfSvc - ok
20:57:15.0905 5668 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:57:15.0907 5668 ProtectedStorage - ok
20:57:15.0970 5668 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
20:57:15.0972 5668 Psched - ok
20:57:15.0976 5668 PS_MDP - ok
20:57:16.0141 5668 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
20:57:16.0172 5668 ql2300 - ok
20:57:16.0317 5668 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
20:57:16.0319 5668 ql40xx - ok
20:57:16.0361 5668 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
20:57:16.0370 5668 QWAVE - ok
20:57:16.0398 5668 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
20:57:16.0398 5668 QWAVEdrv - ok
20:57:16.0407 5668 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
20:57:16.0409 5668 RasAcd - ok
20:57:16.0447 5668 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
20:57:16.0448 5668 RasAgileVpn - ok
20:57:16.0475 5668 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
20:57:16.0477 5668 RasAuto - ok
20:57:16.0521 5668 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
20:57:16.0535 5668 Rasl2tp - ok
20:57:16.0631 5668 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
20:57:16.0652 5668 RasMan - ok
20:57:16.0680 5668 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
20:57:16.0683 5668 RasPppoe - ok
20:57:16.0714 5668 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
20:57:16.0715 5668 RasSstp - ok
20:57:16.0777 5668 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
20:57:16.0785 5668 rdbss - ok
20:57:16.0808 5668 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
20:57:16.0809 5668 rdpbus - ok
20:57:16.0830 5668 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
20:57:16.0830 5668 RDPCDD - ok
20:57:16.0837 5668 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
20:57:16.0837 5668 RDPENCDD - ok
20:57:16.0847 5668 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
20:57:16.0848 5668 RDPREFMP - ok
20:57:16.0895 5668 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
20:57:16.0915 5668 RDPWD - ok
20:57:16.0938 5668 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
20:57:16.0939 5668 rdyboost - ok
20:57:16.0951 5668 ReadyComm.DirectRouter - ok
20:57:17.0036 5668 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
20:57:17.0039 5668 RemoteAccess - ok
20:57:17.0080 5668 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
20:57:17.0095 5668 RemoteRegistry - ok
20:57:17.0139 5668 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
20:57:17.0142 5668 RFCOMM - ok
20:57:17.0233 5668 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
20:57:17.0237 5668 RichVideo - ok
20:57:17.0258 5668 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
20:57:17.0267 5668 RpcEptMapper - ok
20:57:17.0303 5668 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
20:57:17.0304 5668 RpcLocator - ok
20:57:17.0375 5668 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:57:17.0379 5668 RpcSs - ok
20:57:17.0418 5668 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
20:57:17.0422 5668 rspndr - ok
20:57:17.0483 5668 RSUSBSTOR (8c22f21c924413d4e109995f748e18bb) C:\windows\system32\Drivers\RtsUStor.sys
20:57:17.0498 5668 RSUSBSTOR - ok
20:57:17.0518 5668 RtsUIR - ok
20:57:17.0562 5668 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:57:17.0564 5668 SamSs - ok
20:57:17.0689 5668 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:57:17.0689 5668 SASDIFSV - ok
20:57:17.0716 5668 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:57:17.0717 5668 SASKUTIL - ok
20:57:17.0788 5668 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
20:57:17.0789 5668 sbp2port - ok
20:57:17.0837 5668 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
20:57:17.0861 5668 SCardSvr - ok
20:57:17.0914 5668 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\windows\system32\drivers\SCDEmu.sys
20:57:17.0915 5668 SCDEmu - ok
20:57:17.0988 5668 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
20:57:17.0989 5668 scfilter - ok
20:57:18.0130 5668 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
20:57:18.0156 5668 Schedule - ok
20:57:18.0171 5668 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:57:18.0173 5668 SCPolicySvc - ok
20:57:18.0214 5668 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
20:57:18.0225 5668 SDRSVC - ok
20:57:18.0280 5668 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
20:57:18.0282 5668 secdrv - ok
20:57:18.0299 5668 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
20:57:18.0302 5668 seclogon - ok
20:57:18.0335 5668 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
20:57:18.0339 5668 SENS - ok
20:57:18.0358 5668 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
20:57:18.0360 5668 SensrSvc - ok
20:57:18.0392 5668 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
20:57:18.0393 5668 Serenum - ok
20:57:18.0445 5668 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
20:57:18.0453 5668 Serial - ok
20:57:18.0499 5668 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
20:57:18.0500 5668 sermouse - ok
20:57:18.0551 5668 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
20:57:18.0566 5668 SessionEnv - ok
20:57:18.0601 5668 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
20:57:18.0603 5668 sffdisk - ok
20:57:18.0612 5668 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
20:57:18.0613 5668 sffp_mmc - ok
20:57:18.0629 5668 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
20:57:18.0629 5668 sffp_sd - ok
20:57:18.0652 5668 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
20:57:18.0654 5668 sfloppy - ok
20:57:18.0717 5668 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
20:57:18.0731 5668 SharedAccess - ok
20:57:18.0783 5668 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
20:57:18.0798 5668 ShellHWDetection - ok
20:57:18.0835 5668 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:57:18.0836 5668 SiSRaid2 - ok
20:57:18.0871 5668 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
20:57:18.0873 5668 SiSRaid4 - ok
20:57:18.0907 5668 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
20:57:18.0909 5668 Smb - ok
20:57:18.0953 5668 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
20:57:18.0955 5668 SNMPTRAP - ok
20:57:18.0964 5668 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
20:57:18.0965 5668 spldr - ok
20:57:19.0035 5668 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
20:57:19.0042 5668 Spooler - ok
20:57:19.0376 5668 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
20:57:19.0464 5668 sppsvc - ok
20:57:19.0601 5668 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
20:57:19.0618 5668 sppuinotify - ok
20:57:19.0763 5668 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:57:19.0767 5668 SQLBrowser - ok
20:57:19.0831 5668 SQLWriter (3c432a96363097870995e2a3c8b66abd) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:57:19.0834 5668 SQLWriter - ok
20:57:19.0939 5668 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
20:57:19.0955 5668 srv - ok
20:57:20.0000 5668 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
20:57:20.0013 5668 srv2 - ok
20:57:20.0040 5668 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
20:57:20.0054 5668 srvnet - ok
20:57:20.0105 5668 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
20:57:20.0119 5668 SSDPSRV - ok
20:57:20.0148 5668 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
20:57:20.0151 5668 SstpSvc - ok
20:57:20.0178 5668 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
20:57:20.0179 5668 stexstor - ok
20:57:20.0243 5668 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
20:57:20.0267 5668 stisvc - ok
20:57:20.0311 5668 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
20:57:20.0312 5668 swenum - ok
20:57:20.0356 5668 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
20:57:20.0364 5668 swprv - ok
20:57:20.0432 5668 SynTP (12a35e44d8647985fcdb8d298a590134) C:\windows\system32\DRIVERS\SynTP.sys
20:57:20.0433 5668 SynTP - ok
20:57:20.0623 5668 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
20:57:20.0658 5668 SysMain - ok
20:57:20.0776 5668 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
20:57:20.0779 5668 TabletInputService - ok
20:57:20.0826 5668 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
20:57:20.0833 5668 TapiSrv - ok
20:57:20.0862 5668 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
20:57:20.0864 5668 TBS - ok
20:57:21.0096 5668 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
20:57:21.0110 5668 Tcpip - ok
20:57:21.0409 5668 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
20:57:21.0423 5668 TCPIP6 - ok
20:57:21.0539 5668 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
20:57:21.0540 5668 tcpipreg - ok
20:57:21.0580 5668 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
20:57:21.0581 5668 TDPIPE - ok
20:57:21.0627 5668 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
20:57:21.0629 5668 TDTCP - ok
20:57:21.0672 5668 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
20:57:21.0675 5668 tdx - ok
20:57:21.0728 5668 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
20:57:21.0729 5668 TermDD - ok
20:57:21.0837 5668 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
20:57:21.0850 5668 TermService - ok
20:57:21.0875 5668 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
20:57:21.0879 5668 Themes - ok
20:57:21.0906 5668 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:57:21.0908 5668 THREADORDER - ok
20:57:21.0930 5668 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
20:57:21.0941 5668 TrkWks - ok
20:57:22.0027 5668 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
20:57:22.0032 5668 TrustedInstaller - ok
20:57:22.0084 5668 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
20:57:22.0086 5668 tssecsrv - ok
20:57:22.0160 5668 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
20:57:22.0166 5668 TsUsbFlt - ok
20:57:22.0215 5668 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
20:57:22.0217 5668 tunnel - ok
20:57:22.0255 5668 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
20:57:22.0260 5668 uagp35 - ok
20:57:22.0310 5668 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
20:57:22.0326 5668 udfs - ok
20:57:22.0372 5668 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
20:57:22.0374 5668 UI0Detect - ok
20:57:22.0430 5668 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
20:57:22.0433 5668 uliagpkx - ok
20:57:22.0486 5668 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
20:57:22.0487 5668 umbus - ok
20:57:22.0517 5668 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
20:57:22.0518 5668 UmPass - ok
20:57:22.0573 5668 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
20:57:22.0587 5668 upnphost - ok
20:57:22.0628 5668 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
20:57:22.0630 5668 USBAAPL64 - ok
20:57:22.0669 5668 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
20:57:22.0684 5668 usbccgp - ok
20:57:22.0699 5668 USBCCID - ok
20:57:22.0745 5668 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
20:57:22.0760 5668 usbcir - ok
20:57:22.0778 5668 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
20:57:22.0780 5668 usbehci - ok
20:57:22.0822 5668 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
20:57:22.0827 5668 usbhub - ok
20:57:22.0851 5668 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
20:57:22.0852 5668 usbohci - ok
20:57:22.0893 5668 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
20:57:22.0895 5668 usbprint - ok
20:57:22.0926 5668 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
20:57:22.0927 5668 USBSTOR - ok
20:57:22.0946 5668 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
20:57:22.0947 5668 usbuhci - ok
20:57:22.0979 5668 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
20:57:22.0980 5668 usbvideo - ok
20:57:23.0010 5668 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
20:57:23.0012 5668 UxSms - ok
20:57:23.0064 5668 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:57:23.0065 5668 VaultSvc - ok
20:57:23.0099 5668 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
20:57:23.0099 5668 vdrvroot - ok
20:57:23.0166 5668 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
20:57:23.0170 5668 vds - ok
20:57:23.0198 5668 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
20:57:23.0199 5668 vga - ok
20:57:23.0222 5668 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
20:57:23.0223 5668 VgaSave - ok
20:57:23.0252 5668 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
20:57:23.0254 5668 vhdmp - ok
20:57:23.0285 5668 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
20:57:23.0286 5668 viaide - ok
20:57:23.0309 5668 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
20:57:23.0310 5668 volmgr - ok
20:57:23.0370 5668 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
20:57:23.0372 5668 volmgrx - ok
20:57:23.0411 5668 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
20:57:23.0413 5668 volsnap - ok
20:57:23.0463 5668 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
20:57:23.0497 5668 vsmraid - ok
20:57:23.0710 5668 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
20:57:23.0734 5668 VSS - ok
20:57:23.0849 5668 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\System32\drivers\vwifibus.sys
20:57:23.0850 5668 vwifibus - ok
20:57:23.0899 5668 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
20:57:23.0916 5668 W32Time - ok
20:57:23.0948 5668 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
20:57:23.0949 5668 WacomPen - ok
20:57:24.0011 5668 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:57:24.0013 5668 WANARP - ok
20:57:24.0018 5668 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:57:24.0019 5668 Wanarpv6 - ok
20:57:24.0303 5668 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
20:57:24.0319 5668 WatAdminSvc - ok
20:57:24.0473 5668 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
20:57:24.0482 5668 wbengine - ok
20:57:24.0667 5668 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
20:57:24.0677 5668 WbioSrvc - ok
20:57:24.0749 5668 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
20:57:24.0761 5668 wcncsvc - ok
20:57:24.0780 5668 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
20:57:24.0783 5668 WcsPlugInService - ok
20:57:24.0835 5668 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
20:57:24.0836 5668 Wd - ok
20:57:24.0917 5668 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
20:57:24.0925 5668 Wdf01000 - ok
20:57:24.0953 5668 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:57:24.0960 5668 WdiServiceHost - ok
20:57:24.0965 5668 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:57:24.0968 5668 WdiSystemHost - ok
20:57:25.0007 5668 wdmirror (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys
20:57:25.0008 5668 wdmirror - ok
20:57:25.0064 5668 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
20:57:25.0075 5668 WebClient - ok
20:57:25.0095 5668 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
20:57:25.0107 5668 Wecsvc - ok
20:57:25.0121 5668 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
20:57:25.0125 5668 wercplsupport - ok
20:57:25.0146 5668 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
20:57:25.0149 5668 WerSvc - ok
20:57:25.0186 5668 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
20:57:25.0186 5668 WfpLwf - ok
20:57:25.0235 5668 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
20:57:25.0251 5668 WimFltr - ok
20:57:25.0277 5668 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
20:57:25.0278 5668 WIMMount - ok
20:57:25.0319 5668 WinDefend - ok
20:57:25.0350 5668 WinHttpAutoProxySvc - ok
20:57:25.0427 5668 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
20:57:25.0438 5668 Winmgmt - ok
20:57:25.0725 5668 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
20:57:25.0760 5668 WinRM - ok
20:57:25.0967 5668 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
20:57:25.0970 5668 WinUsb - ok
20:57:26.0098 5668 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
20:57:26.0122 5668 Wlansvc - ok
20:57:26.0211 5668 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:57:26.0214 5668 wlcrasvc - ok
20:57:26.0527 5668 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:57:26.0560 5668 wlidsvc - ok
20:57:26.0718 5668 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
20:57:26.0721 5668 WmiAcpi - ok
20:57:26.0816 5668 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
20:57:26.0821 5668 wmiApSrv - ok
20:57:26.0876 5668 WMPNetworkSvc - ok
20:57:26.0903 5668 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
20:57:26.0907 5668 WPCSvc - ok
20:57:26.0955 5668 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
20:57:26.0967 5668 WPDBusEnum - ok
20:57:26.0993 5668 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
20:57:26.0994 5668 ws2ifsl - ok
20:57:27.0015 5668 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
20:57:27.0028 5668 wscsvc - ok
20:57:27.0033 5668 WSearch - ok
20:57:27.0087 5668 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
20:57:27.0099 5668 wsvd - ok
20:57:27.0351 5668 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
20:57:27.0366 5668 wuauserv - ok
20:57:27.0518 5668 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
20:57:27.0520 5668 WudfPf - ok
20:57:27.0559 5668 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
20:57:27.0573 5668 WUDFRd - ok
20:57:27.0594 5668 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
20:57:27.0597 5668 wudfsvc - ok
20:57:27.0635 5668 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
20:57:27.0644 5668 WwanSvc - ok
20:57:27.0698 5668 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:57:27.0892 5668 \Device\Harddisk0\DR0 - ok
20:57:27.0912 5668 Boot (0x1200) (2b1e119e0250a48e15a9f5224a0a62ab) \Device\Harddisk0\DR0\Partition0
20:57:27.0913 5668 \Device\Harddisk0\DR0\Partition0 - ok
20:57:27.0931 5668 Boot (0x1200) (654c8f791f867b14b8fb8aafbb1e7d68) \Device\Harddisk0\DR0\Partition1
20:57:27.0932 5668 \Device\Harddisk0\DR0\Partition1 - ok
20:57:27.0959 5668 Boot (0x1200) (36acd53b2e9d4aba1a8d7c35dd3f42a8) \Device\Harddisk0\DR0\Partition2
20:57:27.0960 5668 \Device\Harddisk0\DR0\Partition2 - ok
20:57:27.0963 5668 ============================================================
20:57:27.0963 5668 Scan finished
20:57:27.0963 5668 ============================================================
20:57:27.0975 5660 Detected object count: 0
20:57:27.0975 5660 Actual detected object count: 0

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-20 20:59:48
-----------------------------
20:59:48.730 OS Version: Windows x64 6.1.7601 Service Pack 1
20:59:48.730 Number of processors: 2 586 0x170A
20:59:48.731 ComputerName: NEILXXXXX-PC UserName: Neil Rafol
20:59:49.896 Initialize success
21:01:57.789 AVAST engine defs: 12062001
21:03:23.821 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:03:23.825 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
21:03:23.838 Disk 0 MBR read successfully
21:03:23.841 Disk 0 MBR scan
21:03:23.845 Disk 0 Windows 7 default MBR code
21:03:23.853 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
21:03:23.871 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 258961 MB offset 411648
21:03:23.876 Disk 0 Partition - 00 0F Extended LBA 30973 MB offset 530766848
21:03:23.903 Disk 0 Partition 3 00 12 Compaq diag NTFS 15108 MB offset 594199552
21:03:23.921 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 30972 MB offset 530768896
21:03:23.966 Disk 0 scanning C:\windows\system32\drivers
21:03:34.841 Service scanning
21:04:04.171 Modules scanning
21:04:04.517 Disk 0 trace - called modules:
21:04:04.576 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:04:04.590 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c34060]
21:04:04.604 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800481a050]
21:04:05.672 AVAST engine scan C:\windows
21:04:08.541 AVAST engine scan C:\windows\system32
21:07:34.076 AVAST engine scan C:\windows\system32\drivers
21:07:47.420 AVAST engine scan C:\Users\Neil XXXXX
21:16:55.467 AVAST engine scan C:\ProgramData
21:21:56.275 Scan finished successfully
21:25:11.197 Disk 0 MBR has been saved successfully to "C:\Users\Neil XXXXX\Documents\MBR.dat"
21:25:11.204 The log file has been saved successfully to "C:\Users\Neil XXXXX\Documents\aswMBR.txt"

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\program files (x86)\Conduit
c:\users\Neil noname\AppData\Local\Conduit
c:\program files (x86)\BitTorrentBar

FireFox::
FF - ProfilePath - c:\users\Neil noname\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
  
• report from Combofix
• let me know of any problems you may have had
• How is the computer doing now after running the script?

Gringo

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo

ComboFix 12-06-24.03 - Neil noname 06/24/2012 20:16:46.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4091.2828 [GMT -4:00]
Running from: c:\users\Neil noname\Downloads\Fixing PC\ComboFix.exe
Command switches used :: c:\users\Neil noname\Downloads\Fixing PC\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BitTorrentBar
c:\program files (x86)\BitTorrentBar\BitTorrentBarToolbarHelper.exe
c:\program files (x86)\BitTorrentBar\GottenAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\ldrtbBitT.dll
c:\program files (x86)\BitTorrentBar\OtherAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
c:\program files (x86)\BitTorrentBar\SharedAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\tbBitT.dll
c:\program files (x86)\BitTorrentBar\toolbar.cfg
c:\program files (x86)\BitTorrentBar\ToolbarContextMenu.xml
c:\program files (x86)\BitTorrentBar\uninstall.exe
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\users\Neil noname\AppData\Local\Conduit
c:\users\Neil noname\AppData\Local\Conduit\CT2790392\BitTorrentBarAutoUpdateHelper.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-05-25 to 2012-06-25 )))))))))))))))))))))))))))))))
.
.
2012-06-25 00:22 . 2012-06-25 00:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-23 12:52 . 2012-06-23 12:52 -------- d-----w- c:\users\Neil noname\AppData\Local\Macromedia
2012-06-21 00:43 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 00:43 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 00:43 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 00:43 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 00:43 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 00:43 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 00:43 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 00:42 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 00:42 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-14 18:58 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-11 21:45 . 2012-06-11 21:45 -------- d-----w- c:\users\Neil noname\AppData\Local\CRE
2012-06-04 00:23 . 2012-06-04 00:23 -------- d-----w- c:\program files (x86)\Vid-Saver
2012-06-04 00:23 . 2012-06-04 00:23 -------- d-----w- c:\users\Neil noname\AppData\Local\Vid-Saver
2012-06-04 00:22 . 2012-06-04 01:39 -------- d-----w- c:\programdata\blekko toolbars
2012-06-04 00:02 . 2012-06-04 00:02 388096 ----a-r- c:\users\Neil noname\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-04 00:02 . 2012-06-04 00:02 -------- d-----w- c:\program files (x86)\Trend Micro
2012-06-03 23:31 . 2012-06-03 23:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-03 23:31 . 2012-06-03 23:31 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-06-03 23:31 . 2012-06-03 23:31 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-06-03 23:31 . 2012-06-03 23:31 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-06-03 23:31 . 2012-06-03 23:31 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-06-03 22:51 . 2012-06-03 22:51 -------- d-----w- c:\programdata\GFI Software
2012-06-03 21:43 . 2012-06-03 21:43 -------- d-----w- c:\program files\CCleaner
2012-06-03 21:04 . 2012-06-03 21:09 -------- d-----w- c:\users\Neil noname\AppData\Local\adaware
2012-06-03 21:04 . 2012-06-03 21:04 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 12:47 . 2012-05-16 01:11 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 12:47 . 2011-06-26 10:50 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 01:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-04-04 01:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-04-02 00:14 . 2011-03-28 22:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-03-30 11:35 . 2012-05-14 01:34 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-01-28 05:39 . 2012-01-28 05:39 378 ----a-w- c:\program files (x86)\temp995.bat
.
.
((((((((((((((((((((((((((((( SnapShot_2012-06-17_12.50.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-06-17 12:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-06-24 17:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-17 12:26 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-24 17:24 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-24 17:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-17 12:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-23 02:25 . 2012-06-24 17:23 68604 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-24 21:43 53310 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-03 03:04 . 2012-06-24 21:43 24282 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-141985954-1552009316-2749100623-1004_UserData.bin
+ 2009-12-01 06:57 . 2012-06-23 12:47 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-01 06:57 . 2012-05-28 18:37 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-01 06:57 . 2012-06-23 12:47 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-01 06:57 . 2012-05-28 18:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-23 12:47 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-28 18:37 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-06-22 09:37 93904 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-06-24 18:47 . 2012-06-24 18:47 35088 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-06-24 18:47 . 2012-06-24 18:47 18704 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\mspicons.exe
+ 2012-06-24 18:47 . 2012-06-24 18:47 20240 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\cagicon.exe
+ 2006-10-26 23:59 . 2006-10-26 23:59 12080 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VBIDEPOL.DLL
+ 2006-10-26 23:59 . 2006-10-26 23:59 64288 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VBIDEPIA.DLL
+ 2006-10-26 23:49 . 2006-10-26 23:49 34104 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SETLANG.EXE
+ 2006-10-27 01:13 . 2006-10-27 01:13 38168 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 23:59 . 2006-10-26 23:59 46936 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OSETUPPS.DLL
+ 2006-10-27 00:00 . 2006-10-27 00:00 23392 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OISCTRL.DLL
+ 2006-10-26 23:59 . 2006-10-26 23:59 11544 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OFFICEPL.DLL
+ 2006-10-27 00:12 . 2006-10-27 00:12 16192 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\NPOFF12.DLL
+ 2006-10-27 00:12 . 2006-10-27 00:12 65824 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-26 23:59 . 2006-10-26 23:59 43832 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSSH.DLL
+ 2006-10-27 19:26 . 2006-10-27 19:26 35152 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSOSTYLE.DLL
+ 2006-10-27 00:12 . 2006-10-27 00:12 67896 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSOHTMED.EXE
+ 2006-10-27 19:01 . 2006-10-27 19:01 76088 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSOHEV.DLL
+ 2006-10-27 01:13 . 2006-10-27 01:13 26936 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 23:48 . 2006-10-26 23:48 14664 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 23:59 . 2006-10-26 23:59 19768 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSMH.DLL
+ 2006-10-27 00:12 . 2006-10-27 00:12 53576 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\AUTHZAX.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 56120 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-27 19:00 . 2006-10-27 19:00 47976 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 56192 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACECNFLT.EXE
+ 2012-06-17 13:36 . 2012-06-17 13:36 53760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\11c324b9616d95c2685716fbae9324ab\System.Web.DynamicData.Design.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 98816 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\996336086554a7d71a257e42a2e63043\WindowsFormsIntegration.Package.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\be0023b0814db0cd39b177e21632f8e9\System.Web.DynamicData.Design.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 94208 c:\windows\assembly\NativeImages_v4.0.30319_32\ResGen\51551680f568f15adb1efa073493d3f6\ResGen.ni.exe
+ 2012-06-17 13:29 . 2012-06-17 13:29 39936 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VSDesigne#\fcd4e79389713eacf11d71b3339d45ab\Microsoft.VSDesigner.Core.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 51712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\e14964c25eacd304363a90e282918b12\Microsoft.VisualStudio.Modeling.Components.10.0.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 74752 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\dcbc379f6df0808403b24de489c2eed4\Microsoft.VisualStudio.TextTemplating.Modeling.10.0.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 51200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\8cb384c9e293d6d2918ed29980d7b284\Microsoft.VisualStudio.Platform.AppDomainManager.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\eef76dd965ea0a8ae5fb0c734d84389c\System.Web.DynamicData.Design.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll
+ 2012-06-24 18:47 . 2012-06-24 18:47 12104 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.VisOcx\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.VisOcx.dll
+ 2012-06-24 18:47 . 2012-06-24 18:47 12096 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Visio\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Visio.dll
+ 2012-06-24 18:47 . 2012-06-24 18:47 12632 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Visio.SaveAsWeb\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Visio.SaveAsWeb.dll
+ 2012-06-24 18:47 . 2012-06-24 18:47 80688 c:\windows\assembly\GAC\Microsoft.Office.Interop.VisOcx\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.VisOcx.dll
+ 2012-06-24 18:47 . 2012-06-24 18:47 20280 c:\windows\assembly\GAC\Microsoft.Office.Interop.Visio.SaveAsWeb\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Visio.SaveAsWeb.dll
+ 2009-12-11 23:39 . 2012-06-21 01:44 3886 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-06-17 12:50 . 2012-06-17 12:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-24 21:41 . 2012-06-24 21:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-17 12:50 . 2012-06-17 12:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-24 21:41 . 2012-06-24 21:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-23 12:47 . 2012-06-23 12:47 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe
+ 2012-05-16 01:11 . 2012-06-23 12:47 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2009-12-01 02:25 . 2012-06-24 12:20 370564 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-12-01 00:36 . 2012-06-24 23:26 301836 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-06-23 12:47 . 2012-06-23 12:47 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_262_Plugin.exe
+ 2009-07-14 05:01 . 2012-06-24 20:00 426908 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-17 12:49 426908 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-06-24 18:47 . 2012-06-24 18:47 327952 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\visicon.exe
+ 2012-06-24 18:47 . 2012-06-24 18:47 217864 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\misc.exe
+ 2006-10-27 00:06 . 2006-10-27 00:06 439600 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-27 00:13 . 2006-10-27 00:13 503624 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-27 01:30 . 2006-10-27 01:30 482088 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-07-26 22:53 . 2006-07-26 22:53 459080 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 00:00 . 2006-10-27 00:00 285008 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-27 00:00 . 2006-10-27 00:00 998208 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-27 00:00 . 2006-10-27 00:00 274744 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-20 12:37 . 2006-10-20 12:37 637744 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OGALEGIT.DLL
+ 2006-10-27 00:00 . 2006-10-27 00:00 416544 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OFFICE.DLL
+ 2006-10-27 00:06 . 2006-10-27 00:06 232816 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 23:55 . 2006-10-26 23:55 538904 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 23:55 . 2006-10-26 23:55 145688 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSTORE.EXE
+ 2006-10-26 23:55 . 2006-10-26 23:55 832800 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 17:56 . 2006-10-26 17:56 505136 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 18:47 . 2006-10-26 18:47 727840 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSPROOF6.DLL
+ 2006-10-26 17:56 . 2006-10-26 17:56 436520 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-27 00:12 . 2006-10-27 00:12 428816 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-27 18:59 . 2006-10-27 18:59 161080 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 17:58 . 2006-10-26 17:58 117552 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-26 23:55 . 2006-10-26 23:55 828704 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-27 00:12 . 2006-10-27 00:12 173328 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-27 19:09 . 2006-10-27 19:09 983376 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 23:48 . 2006-10-26 23:48 434528 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DWTRIG20.EXE
+ 2006-10-27 00:12 . 2006-10-27 00:12 106824 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DSSM.EXE
+ 2006-10-26 23:59 . 2006-10-26 23:59 205616 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-27 19:41 . 2006-10-27 19:41 399640 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 371568 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 19:40 . 2006-10-27 19:40 208760 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 826232 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEWDAT.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 224104 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 551800 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 289648 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 260976 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 392048 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-27 19:00 . 2006-10-27 19:00 387960 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 279352 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 207736 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 629616 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 338800 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-27 19:00 . 2006-10-27 19:00 191360 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-27 19:00 . 2006-10-27 19:00 576376 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 00:13 . 2006-10-27 00:13 764800 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACECNF.DLL
+ 2012-06-17 13:37 . 2012-06-17 13:37 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll
+ 2012-06-17 13:37 . 2012-06-17 13:37 244736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\99cb318f961215576faaa1545dda4f49\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 451072 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity\319e75d7f46269746bf9b0e90bb6bd72\System.Web.Entity.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 367104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity.D#\36a0e6286d72d98d39588687815731bb\System.Web.Entity.Design.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 973824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\4167c5a7841a7d28d41c1c3729b3924c\System.Web.DynamicData.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 331776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\3e3b88c0768491811650ffae55afb0cb\System.Web.DataVisualization.Design.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 292352 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing.Desi#\b296ac056fd009b084b03fdfc9559b92\System.Drawing.Design.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\25eb7872629fa58a31f99c64225ab508\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 206336 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\66ae33d9fff62d1cb8060e3468d7f594\WindowsFormsIntegration.Design.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\122b5ef2b93132bd770c2c5d753d73ee\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\c85b43405ac9aa403a714af716ef3c5e\System.Web.Extensions.Design.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\a0abe24dff94a2fb2c27c631a45aa95f\System.Web.Entity.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\951b0d1b999b49a47fb06f4011565ffa\System.Web.Entity.Design.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\ae2121b64d021313d3c1ddd621e4d472\System.Web.DynamicData.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\15e5acbd2196d1d4bde8466ff690aa76\System.Web.DataVisualization.Design.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 168448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\5cffff036195fbe8c08545f625b64eb8\PresentationFramework.VisualStudio.Design.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 306688 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\fc451ecf6f1969d5eab0efbd21f285d9\Microsoft.VisualStudio.ComponentModelHost.Implementation.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 311808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\a587867bfc7cafb6dbdeaae94ca612f5\Microsoft.VisualStudio.Configuration.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 819712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\a4c091a3e6c3aa5a3c95ef1c21c627e9\Microsoft.VisualStudio.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 563712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\95370d858e42f29f64f8081282c4b0ca\Microsoft.VisualStudio.Dialogs.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 148992 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\8dda61c76b3757ab37b1f15f0ba1cd23\Microsoft.VisualStudio.WizardFramework.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 920064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\783b91f810a18bd7c0e3143410ce2085\Microsoft.VisualStudio.Shell.9.0.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 247296 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\5ea527ea06ce5e1e47e393954112bc9a\Microsoft.VisualStudio.Modeling.Sdk.Integration.Shell.10.0.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 922624 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\582b79298c3d37ef59f43acb674bb93f\Microsoft.VisualStudio.AppDesigner.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 201216 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\430e4c46439c267e2253a4cf547e31da\Microsoft.VisualStudio.TemplateWizard.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 256512 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\31b876a639ef613a762c5d21c5f22edd\Microsoft.VisualStudio.TextTemplating.VSHost.10.0.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 848896 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\2cbdbe8efd8fabdf817ea649b5650d45\Microsoft.VisualStudio.Shell.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 702976 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\086de87ddca9b70e7099236cf9f98711\Microsoft.VisualStudio.Diagnostics.Common.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 203264 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\077c66f85aaf4b0ca1f747e37eaef0c3\Microsoft.VisualStudio.Modeling.Sdk.Integration.10.0.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\de152cc627ec2359caee04fcb339b82a\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 757248 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Data.Sche#\3320a41b536d205c224579766ef5bfea\Microsoft.Data.Schema.Utilities.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 852480 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\b02ad189fc3de84d6361f0bf0cfafbf5\AspNetMMCExt.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\681410f842337dccc72eb059738c3ced\TaskScheduler.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\72b4992e45d232251a273a59eb3333d5\System.Web.Routing.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\b905eb57b631a30c60caa4d68c186963\System.Web.Entity.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e412dfbf1aa49bbe345a02a4d23104f5\System.Web.Entity.Design.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\815769f953ebe3f84439d522c97317b8\System.Web.DynamicData.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c8144ee08dccdac183527e53c86aa901\System.Web.Abstractions.ni.dll
+ 2012-06-17 13:31 . 2012-06-17 13:31 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\d5d612f7d372f500e3062e3814e79d75\System.Messaging.ni.dll
+ 2012-06-17 13:31 . 2012-06-17 13:31 116736 c:\windows\assembly\NativeImages_v2.0.50727_64\ResGen\4914e2b25ab7b1c855948e58052ee86c\ResGen.ni.exe
+ 2012-06-17 13:33 . 2012-06-17 13:33 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\2f1bad2fb963482a02443d5e7fece2b6\napsnap.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\bb4947f0ecc925a7bcfd129b6eec8f9b\napinit.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\67240ddde494b9cc05cd732ccd099668\MMCFxCommon.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e29cbd30a31d3c8dae19eb17f70c4ec4\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\409dae089f2e041343cff71f822cd505\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\803188573fb19785a94284e097c48a67\Microsoft.ManagementConsole.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4ae6ccc32dafb4e3765b9db05585bd48\mcplayerinterop.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\b0db345fd62a84c98fd8b0bf3c72e8bb\mcGlidHostObj.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bc5df15ee827e248dd6f819874a85718\EventViewer.ni.dll
+ 2012-06-17 13:31 . 2012-06-17 13:31 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\08c9aa18b306aa47ddc0ae4a63b05d04\ehExtHost.ni.exe
+ 2012-06-17 13:27 . 2012-06-17 13:27 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\f3e052584df9c614407da662dd3c3df3\TaskScheduler.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\06e4119a0a3484bb0ca667a16145ce74\System.Web.Routing.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\4f13c2c06fb97f6659473f02802b377b\System.Web.Extensions.Design.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\3701488fb9e601ebe963db25b784d684\System.Web.Entity.Design.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a09cc9877f51f16a4610b702155e8b70\System.Web.DynamicData.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c6aad1edcc51862ceb26b6b65dad1490\System.Web.Abstractions.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\acfafa161ea232928cb02b01c50acf1c\napsnap.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\0abec246c5ca6ec4858bfd3ab84da0ec\napinit.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1e03b7c2539c5376f0665a4aba04efbd\MMCFxCommon.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\622b582866fca37f113bd97ae4c6d1f6\Microsoft.ManagementConsole.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\02577b78c6ed2f9bda301de888dccad8\EventViewer.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe
+ 2012-06-24 18:47 . 2012-06-24 18:47 871216 c:\windows\assembly\GAC\Microsoft.Office.Interop.Visio\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Visio.dll
+ 2012-06-23 12:47 . 2012-06-23 12:47 9459912 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
+ 2012-06-23 12:47 . 2012-06-23 12:47 1535176 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
+ 2009-07-14 04:45 . 2012-06-22 02:02 7172107 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-06-17 12:26 7172107 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-05-15 05:44 . 2012-06-24 20:00 6323100 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-141985954-1552009316-2749100623-1004-8192.dat
- 2011-05-15 05:44 . 2012-06-14 09:59 6323100 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-141985954-1552009316-2749100623-1004-8192.dat
+ 2012-06-19 00:02 . 2012-06-19 00:02 2871808 c:\windows\Installer\5b8d648.msi
+ 2012-06-24 18:45 . 2012-06-24 18:45 6180352 c:\windows\Installer\4d6e29.msi
+ 2012-06-24 18:45 . 2012-06-24 18:45 1935360 c:\windows\Installer\4d6de6.msi
+ 2006-09-30 04:42 . 2006-09-30 04:42 2583344 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-27 18:57 . 2006-10-27 18:57 2330968 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-09-15 20:25 . 2006-09-15 20:25 3611416 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-10-27 00:07 . 2006-10-27 00:07 6536992 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-10-27 19:18 . 2006-10-27 19:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-27 00:14 . 2006-10-27 00:14 7033152 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-26 18:47 . 2006-10-26 18:47 1512304 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\NLSD0000.DLL
+ 2006-10-27 00:00 . 2006-10-27 00:00 6635320 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 23:21 . 2006-10-26 23:21 1682232 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-26 18:10 . 2006-10-26 18:10 1190688 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-27 19:00 . 2006-10-27 19:00 1751904 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2012-06-17 13:34 . 2012-06-17 13:34 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll
+ 2012-06-17 13:37 . 2012-06-17 13:37 1602560 c:\windows\assembly\NativeImages_v4.0.30319_64\System.WorkflowServ#\fb9bda76fdb95462be5964d24b3a3694\System.WorkflowServices.ni.dll
+ 2012-06-17 13:37 . 2012-06-17 13:37 5922304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Com#\7e21b535d75b72744702755d91df3e04\System.Workflow.ComponentModel.ni.dll
+ 2012-06-17 13:37 . 2012-06-17 13:37 3744768 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Act#\788eeff916be29e97c39ceed908b36c1\System.Workflow.Activities.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 2964992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Mobile\1991b901c67dc756a410b4352a0b82d5\System.Web.Mobile.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 1101312 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\a08563ecdd9d8c25776f7697b82441b8\System.Web.Extensions.Design.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 3805184 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\4e3d591d1ffa8ce8d8659f6b096a968e\System.Web.Extensions.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 5618688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\1d5dfd6fd8c797913853b3bb7b58e340\System.Web.DataVisualization.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll
+ 2012-06-17 13:35 . 2012-06-17 13:35 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll
+ 2012-06-17 13:35 . 2012-06-17 13:35 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 1829888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\84c1dba9531efedac2fe5adef99668b2\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 13:36 . 2012-06-17 13:36 3821056 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Tas#\9857693ea27b34f5c8d00356eddefb9b\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 1007104 c:\windows\assembly\NativeImages_v4.0.30319_64\AspNetMMCExt\582c7d14b9ce7ac950f2a432a0809270\AspNetMMCExt.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 4041216 c:\windows\assembly\NativeImages_v4.0.30319_32\VsDebugPresentation#\fae2bc73923f7ea9dec4db2fd5b8f24c\VsDebugPresentationPackage.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 1226752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\6831f648f5b925f1194f691b0b491662\System.WorkflowServices.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 4476416 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\a1705962a6725e5f40066496222d67e7\System.Workflow.ComponentModel.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 2872320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\ec819e8a7e4585ffc87ae93d3b0662d8\System.Workflow.Activities.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 2334720 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\98709826ecf4cc93d6b85c8fe2c009b7\System.Web.Mobile.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 3127296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\27b66f127250f2ba37f9bf1d519c6039\System.Web.Extensions.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 4575232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\794ebda123b04ccc874a5624bdced900\System.Web.DataVisualization.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 3295744 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.XmlEditor\f4797a86023c34c09256093f2195123c\Microsoft.XmlEditor.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 2872320 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Windows.D#\7ae0a265ab4b790a0743447ac4580c19\Microsoft.Windows.Design.Platform.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 1356800 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Windows.D#\5413cd24b06f12338efebeb33f1af6b8\Microsoft.Windows.Design.Platform.WPF.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 1376256 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\ecc4018e2ae0db89a5982f0eeefd801a\Microsoft.VisualStudio.ExtensionManager.Implementation.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 1870848 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\bca997803a429745e03c9e7cda3e27b2\Microsoft.VisualStudio.Shell.UI.Internal.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 7111680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\b83d852822e7a14f4462107795c4d585\Microsoft.VisualStudio.Xaml.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 2655232 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\a0a2c20b2c2b25ec84373ad0b7be6db9\Microsoft.VisualStudio.Editor.Implementation.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 2717184 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\9e84b082db36c5859aa8c512e619a903\Microsoft.VisualStudio.Shell.10.0.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 1038336 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\97f4b8e5618eff10c301f9c16365e081\Microsoft.VisualStudio.VirtualTreeGrid.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 2346496 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\92260630b1c18bf34bb05088a41280d7\Microsoft.VisualStudio.Platform.WindowManagement.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\7cec6835fe8922b24a1593e45602dc7e\Microsoft.VisualStudio.Modeling.Sdk.Shell.10.0.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 2285568 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\7b680be2e96fe0f496bdec2e7eec830f\Microsoft.VisualStudio.Modeling.Sdk.10.0.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 1157632 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\762c6ef6a9813e92d495d1f0d5f63f61\Microsoft.VisualStudio.CommonIDE.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 1467392 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\701124fd62c00db82377165961a4adea\Microsoft.VisualStudio.Shell.Design.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 2900480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\6bbe89fa3729f303d7196b77f855634a\Microsoft.VisualStudio.Modeling.Sdk.Diagrams.10.0.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 1830912 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\5d93cb0425dae0f43ddd907af5955220\Microsoft.VisualStudio.Design.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 1318400 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\50e1c1d60dea8fb00b70c6a8bfe02b9c\Microsoft.VisualStudio.Windows.Forms.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 6914560 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\50badccb228fed52627e7f7208a0ae0f\Microsoft.VisualStudio.CSharp.Services.Language.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 6051328 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\4122340cd2f21fcd634a7d164afc3cbf\Microsoft.VisualStudio.Editors.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 5588480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\14ef122dace04272354a87d3abf45718\Microsoft.VisualStudio.Platform.VSEditor.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2cd710a03ffd858273a1fe560ddb9012\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 2703360 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Data.Sche#\9edc4dd0999a3523c1350c805a83b012\Microsoft.Data.Schema.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 1035776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Data.Sche#\43c98776105c5d628d24e6ef92458f03\Microsoft.Data.Schema.Generators.Sql.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 2877440 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\545d26502454316492990b42b093e673\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\70cc5e8a5a3372fe0b104c1b20392cd2\System.WorkflowServices.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\af7689e8cbec5d2755497be23c30e293\System.Web.Mobile.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\768ea257d75839979b4efb2d49d653f6\System.Web.Extensions.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2c47bc5d426a7cf9ffef1425eda08184\System.Web.Extensions.Design.ni.dll
+ 2012-06-17 13:33 . 2012-06-17 13:33 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\ac1ba76ed19d668ce53a74593f040453\Narrator.ni.exe
+ 2012-06-17 13:33 . 2012-06-17 13:33 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\df2557ab1b8e4389d846e13dc82eba57\MMCEx.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\61812970c4743b686a67f28687e1dcb6\MIGUIControls.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ca7e936eed0de2436d87b2601ee3a20a\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6caa366471176a065a96d77e8ba01eeb\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3040e2de07177c0a6a66a49de61fdc59\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-17 13:31 . 2012-06-17 13:31 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b2afc0af3d89ae00e973b4e6e9db382c\Microsoft.MediaCenter.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\73bfbdccdc1b0ae87f70a0ec594fee3c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-06-17 13:31 . 2012-06-17 13:31 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\653e1ee01f10d658d52ca42e17e74283\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\dac69844e6333484159a4cf544190906\Microsoft.Ink.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4b362e9e25c33e371f06403edec8849a\Microsoft.Build.Tasks.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\33730d136a34d2f4e56a0322f49ee9b6\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-17 13:31 . 2012-06-17 13:31 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\cc4844e7242c1e35d145bf2439f944c5\mcstore.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a90802e36dee6e10d9bf54832cbf549\System.Web.Mobile.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c45efc7ec92c1da8e67eb597559ec39c\System.Web.Extensions.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\17add09c98fa34255142d42697db53df\Narrator.ni.exe
+ 2012-06-17 13:27 . 2012-06-17 13:27 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\21abde8efab609732b2ade3f05234e79\MMCEx.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\0e7da0df83f0619e3b0e0a7d7ee05fa3\MIGUIControls.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\99ae5f32cd1dc3618659bc3c77f2b2a9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77b5496d214dd5034294b058c0bb0e8d\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-17 13:27 . 2012-06-17 13:27 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\72765e5fab12761eb6d3f58180fa34d7\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4d381048e3b9c0914c0f72c6aa0a599d\Microsoft.Ink.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3893fa9a19b52dee8b2cc424840d5d08\Microsoft.Build.Tasks.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1d2250044b1ecff755e26ed12f6d27cb\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-17 13:26 . 2012-06-17 13:26 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\3a4e56a8d1075cf0af0619c383b3e592\mcstore.ni.dll
+ 2009-07-14 02:34 . 2012-06-21 00:56 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-06-17 12:22 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-06-23 12:47 . 2012-06-23 12:47 12310216 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll
+ 2006-10-27 19:14 . 2006-10-27 19:14 14151456 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-27 19:26 . 2006-10-27 19:26 16870712 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2012-06-17 13:35 . 2012-06-17 13:35 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll
+ 2012-06-17 13:35 . 2012-06-17 13:35 15761920 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\be472c4f636fc5b8fc38476dbfe01358\System.Web.ni.dll
+ 2012-06-17 13:35 . 2012-06-17 13:35 13314048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\2cf901cb93fe6a24b4466094390ec73a\System.Design.ni.dll
+ 2012-06-17 13:35 . 2012-06-17 13:35 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll
+ 2012-06-17 13:34 . 2012-06-17 13:34 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll
+ 2012-06-17 13:30 . 2012-06-17 13:30 12079616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\fdb5565e4c807a8cd79de9f40c0cd644\System.Web.ni.dll
+ 2012-06-17 13:29 . 2012-06-17 13:29 10637824 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VSDesigner\e56988e005cf855e8f9a1ae11817d683\Microsoft.VSDesigner.ni.dll
+ 2012-06-17 13:28 . 2012-06-17 13:28 15003648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Data.Sche#\cfc725e9e80a088cc1337e8e86a15216\Microsoft.Data.Schema.Sql.ni.dll
+ 2012-06-17 13:32 . 2012-06-17 13:32 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\0c1f96a4136efe532bbb8eb91d3de300\ehshell.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-07-29 5464448]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"IdeaNotesUser"="c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe" [2009-08-24 221872]
"OnekeyDM"="c:\program files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe" [2009-03-27 468480]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2009-11-22 3122440]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Lenovo SlideNav"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe" [2009-08-19 839680]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"AmazonGSDownloaderTray"="c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
c:\users\Neil noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-3-22 1014112]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-25 544768]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-03 129976]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 funfrm;funfrm; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 DDNIMSGService;DDNIMSGService;c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-01-21 172720]
S2 DDNIService;DDNIService;c:\program files (x86)\DDNI\DIBS\DDNIService.exe [2010-03-04 160432]
S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 12:47]
.
2012-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004Core.job
- c:\users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004UA.job
- c:\users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-11-22 10:58 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-08-26 4366192]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-06-01 2342800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-07 16416360]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.live.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save Flash - c:\program files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Neil noname\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
BHO-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
Toolbar-Locked - (no file)
Toolbar-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-BitTorrentBar Toolbar - c:\program files (x86)\BitTorrentBar\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-24 20:25:02
ComboFix-quarantined-files.txt 2012-06-25 00:25
ComboFix2.txt 2012-06-17 12:56
ComboFix3.txt 2012-06-04 02:15
.
Pre-Run: 166,837,321,728 bytes free
Post-Run: 166,857,830,400 bytes free
.
- - End Of File - - 38FBB12880BDF378626BE7B678A10E8C