Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

searchbif redirect


  • This topic is locked This topic is locked
20 replies to this topic

#1 jlg2012

jlg2012

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 31 January 2012 - 03:49 PM

Hello there, I have never had to post on here before. Combofix has always resolved any issues I had without a hitch.

However this time around I am having no luck with any of the spyware removal tools. My search results were being redirected to searchbif.net. I was able to resolve this by removing a proxy that was maliciously set in my browser and in my LMHOST file.

It appears however that my PC is still infected. I cannot enable my Mcafee (it automatically disables itself) or Windows Firewall (Windows Firewall can't change some of your settings. Error code 0x80070424). Nor can i enable Real time scanning. Windows Update gives me an error that the updates failed to install.

I ran kaspersky boot level scan, Malwarebytes' Anti-Malware, and superantispyware to no avail.

Any help would be greatly appreciated.

Thanks


DDS.txt


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_21
Run by Jose at 13:24:04 on 2012-01-31
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6126.4221 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\server\apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Infringo\Rar Mount 3\Dokan\mounter.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\mfevtps.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
C:\server\apache\bin\httpd.exe
C:\Program Files (x86)\SolidWorks Corp\SolidWorks Workgroup PDM\Vault\pdmwService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Users\Jose\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Jose\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [AdobeBridge]
uRun: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
Trusted Zone: adobe.com\get
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FFFFFFFF-19EB-49E8-BB30-8DE03499D2F0} - hxxp://192.168.1.130/NetVideo.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\354554053502E45445 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\354554053502E45445 : DhcpNameServer = 216.199.54.9 216.199.46.11 216.199.54.9 216.199.46.11
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\642514E4B43534F4C4C4943594F4E4 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\642514E4B43534F4C4C4943594F4E4 : DhcpNameServer = 64.238.96.12 66.180.96.12
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\649455355434552554 : DhcpNameServer = 131.94.7.220 131.94.205.10 131.94.226.10
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\6494556594359445F425 : DhcpNameServer = 131.94.7.220 131.94.205.10 131.94.226.10
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\649455F5C4F67696E6F594E666F627D6164796F6E6 : DhcpNameServer = 131.94.7.220 131.94.205.10 131.94.226.10
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\A456272797026202A4F6567237 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\A456272797026202A4F6567237 : DhcpNameServer = 192.168.1.254
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun-x64: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\g775c8jl.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npEModelPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files (x86)\Protomold\ProtoView\nppview.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Jose\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Users\Jose\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Jose\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 EUBAKUP;EUBAKUP;C:\Windows\system32\drivers\eubakup.sys --> C:\Windows\system32\drivers\eubakup.sys [?]
R0 EUBKMON;EUBKMON;C:\Windows\system32\drivers\EUBKMON.sys --> C:\Windows\system32\drivers\EUBKMON.sys [?]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
R1 EUDSKACS;EUDSKACS;\??\C:\Windows\system32\drivers\eudskacs.sys --> C:\Windows\system32\drivers\eudskacs.sys [?]
R1 EUFDDISK;EUFDDISK;\??\C:\Windows\system32\drivers\EuFdDisk.sys --> C:\Windows\system32\drivers\EuFdDisk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 Apache2.2;Apache2.2;C:\server\apache\bin\httpd.exe [2010-3-4 24645]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cpuz132;cpuz132;\??\C:\Windows\system32\drivers\cpuz132_x64.sys --> C:\Windows\system32\drivers\cpuz132_x64.sys [?]
R2 DokanMounter;DokanMounter;C:\Program Files (x86)\Infringo\Rar Mount 3\Dokan\mounter.exe [2009-5-1 20992]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-1-31 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-1-31 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-1-31 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 MSSQL$DDNI;SQL Server (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-9-22 43028328]
R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2011-3-9 1104608]
R2 PDMWorks Workgroup Server;SolidWorks Workgroup PDM Server;C:\Program Files (x86)\SolidWorks Corp\SolidWorks Workgroup PDM\Vault\pdmwService.exe [2011-9-27 3291648]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2007-4-17 11032]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-2-16 1153368]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-15 2984832]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 GenericMount;Generic Mount Driver;C:\Windows\system32\DRIVERS\GenericMount.sys --> C:\Windows\system32\DRIVERS\GenericMount.sys [?]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 SymSnapService;SymSnapService;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-9-21 2963960]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-18 571248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 SgtSch2Svc;Seagate Scheduler2 Service;"C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe" --> C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [?]
S2 TrustedInstaller32;Windows Modules Installer ;C:\Windows\system32\unimdmat32.exe --> C:\Windows\system32\unimdmat32.exe [?]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe [2011-9-27 89160]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-3-18 1431888]
S3 GenericMount Helper Service;GenericMount Helper Service;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [2009-9-21 1571336]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 prwntdrv;prwntdrv;C:\Windows\System32\prwntdrv.sys [2011-4-27 13704]
S3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2011-8-17 109624]
S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2010-1-18 167424]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-18 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-18 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-18 427304]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-18 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-18 91432]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;C:\Windows\System32\dllhost.exe [2009-7-13 7168]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-1-18 480624]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-18 361840]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-1-18 110960]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-1-18 1021840]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 EaseUS Agent;EaseUS Agent;C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe [2011-8-31 60040]
S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-18 135664]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]
S4 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]
S4 SQLAgent$DDNI;SQL Server Agent (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 370024]
S4 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-18 104960]
.
=============== Created Last 30 ================
.
2012-01-31 18:17:09 -------- d-sh--w- C:\$RECYCLE.BIN
2012-01-31 17:30:41 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-01-31 17:30:40 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-01-31 17:15:21 -------- d-s---w- C:\Windows\SysWow64\Microsoft
2012-01-31 14:09:50 73064 ----a-w- C:\Windows\SysWow64\perf-MSSQL$DDNI-sqlctr10.3.5500.0.dll
2012-01-31 14:09:49 89960 ----a-w- C:\Windows\SysWow64\SQSRVRES.DLL
2012-01-31 13:41:15 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-31 13:41:15 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-31 09:17:52 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2012-01-31 08:43:31 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-01-31 08:43:08 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-01-31 08:42:45 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-01-31 08:42:45 647080 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2012-01-31 08:42:45 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-01-31 08:42:45 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-01-31 08:42:45 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-01-31 08:42:45 160280 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2012-01-31 08:42:45 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-01-31 08:42:24 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-01-31 08:42:22 -------- d-----w- C:\Program Files\McAfee.com
2012-01-31 08:42:21 -------- d-----w- C:\Program Files\McAfee
2012-01-31 08:41:47 -------- d-----w- C:\Program Files (x86)\McAfee
2012-01-30 22:59:49 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-01-30 22:59:24 145224 ----a-w- C:\Windows\System32\LnkProtect.dll
2012-01-30 22:59:10 -------- d-----w- C:\ProgramData\HitmanPro
2012-01-30 19:41:50 161168 ----a-w- C:\Windows\System32\mfevtps.exe
2012-01-30 19:19:06 -------- d-----w- C:\Program Files (x86)\Common Files\Cisco
2012-01-30 13:42:25 -------- d-----w- C:\Users\Jose\AppData\Roaming\SUPERAntiSpyware.com
2012-01-30 13:42:11 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-01-30 13:42:11 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-01-29 18:46:03 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-29 18:46:03 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-29 18:46:03 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-29 18:46:03 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2012-01-27 22:33:48 -------- d-----w- C:\Windows\System32\RsFx
2012-01-27 22:26:19 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2012-01-27 22:26:19 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2012-01-27 22:26:13 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-01-27 22:24:15 -------- d-----w- C:\ProgramData\PreEmptive Solutions
2012-01-27 22:19:03 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2012-01-27 22:18:58 -------- d-----w- C:\Program Files\IIS
2012-01-27 22:18:58 -------- d-----w- C:\Program Files (x86)\IIS
2012-01-27 22:08:14 -------- d-----w- C:\Program Files (x86)\Microsoft F#
2012-01-27 22:08:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-01-27 22:08:13 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules
2012-01-27 22:03:42 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2012-01-25 22:30:51 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-01-25 22:30:51 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-01-25 22:30:51 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-01-25 22:30:51 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-01-25 22:30:51 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-01-25 22:30:51 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-01-25 22:30:51 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-01-25 22:30:51 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-01-25 22:30:51 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-01-25 22:30:51 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
.
==================== Find3M ====================
.
2011-12-13 08:51:32 2948312 ----a-w- C:\Toolbar_production_100639.exe
2011-12-10 20:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-19 00:18:53 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 13:25:18.61 ===============

BC AdBot (Login to Remove)

 


#2 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:57 AM

Posted 04 February 2012 - 12:37 PM

Hi there,

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Do you still require help? If so...

:exclame: ComboFix warning

You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.

:step1: Having said that, since you have run it, could you post me the most recent log? It will be located at C:\ComboFix.txt


:step2: Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#3 jlg2012

jlg2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 04 February 2012 - 01:02 PM

======COMBOFIX LOG==========


ComboFix 12-02-03.02 - Jose 02/04/2012 10:12:18.17.8 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6126.5236 [GMT -5:00]
Running from: c:\users\Jose\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-01-04 to 2012-02-04 )))))))))))))))))))))))))))))))
.
.
2012-02-04 15:22 . 2012-02-04 15:22 -------- d-----w- c:\users\Work\AppData\Local\temp
2012-02-04 15:22 . 2012-02-04 15:22 -------- d-----w- c:\users\work.Jose-VAIO\AppData\Local\temp
2012-02-04 15:22 . 2012-02-04 15:22 -------- d-----w- c:\users\ReleaseEngineer.MACROVISION\AppData\Local\temp
2012-02-04 15:22 . 2012-02-04 15:22 -------- d-----w- c:\users\QBDataServiceUser20\AppData\Local\temp
2012-02-04 15:22 . 2012-02-04 15:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-02-04 15:22 . 2012-02-04 15:22 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-02-04 15:22 . 2012-02-04 15:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-04 11:21 . 2011-12-06 22:22 28760 ----a-w- c:\program files (x86)\Mozilla Firefox\ScriptFF.dll
2012-02-01 19:17 . 2011-10-15 17:16 10248 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-02-01 19:17 . 2012-02-01 19:18 -------- d-----w- c:\program files (x86)\Common Files\McAfee
2012-02-01 19:17 . 2011-10-15 17:16 75808 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2012-02-01 19:17 . 2011-10-15 17:16 65264 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-02-01 19:17 . 2011-10-15 17:16 481768 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-02-01 19:17 . 2011-10-15 17:16 284648 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-02-01 19:17 . 2011-10-15 17:16 229528 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-02-01 19:17 . 2011-10-15 17:16 100912 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-02-01 19:17 . 2012-02-01 19:18 -------- d-----w- c:\program files\Common Files\McAfee
2012-02-01 19:17 . 2012-02-01 19:18 -------- d-----w- c:\program files\McAfee
2012-02-01 19:17 . 2012-02-01 19:18 -------- d-----w- c:\program files (x86)\McAfee
2012-02-01 19:01 . 2011-11-18 21:36 161168 ----a-w- c:\windows\system32\mfevtps.exe
2012-02-01 14:17 . 2012-02-01 14:17 -------- d-----w- c:\program files\CCleaner
2012-02-01 14:06 . 2012-02-01 14:06 -------- d-----w- C:\6078496c0fc3f4e04c
2012-01-31 18:53 . 2012-01-31 18:53 -------- d-----w- C:\a1fe1b2e11b37796bcd8
2012-01-31 17:15 . 2012-01-31 17:15 -------- d-s---w- c:\windows\SysWow64\Microsoft
2012-01-31 14:09 . 2011-09-22 22:18 73064 ----a-w- c:\windows\SysWow64\perf-MSSQL$DDNI-sqlctr10.3.5500.0.dll
2012-01-31 14:09 . 2011-09-22 22:18 89960 ----a-w- c:\windows\SysWow64\SQSRVRES.DLL
2012-01-31 13:41 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-31 13:41 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-31 09:17 . 2012-01-31 09:17 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-01-30 22:59 . 2012-01-31 09:02 25160 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-01-30 22:59 . 2012-01-30 22:59 145224 ----a-w- c:\windows\system32\LnkProtect.dll
2012-01-30 19:19 . 2012-01-30 19:19 -------- d-----w- c:\program files (x86)\Common Files\Cisco
2012-01-30 13:42 . 2012-01-30 13:42 -------- d-----w- c:\users\Jose\AppData\Roaming\SUPERAntiSpyware.com
2012-01-30 13:42 . 2012-01-30 13:42 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-29 18:46 . 2012-02-03 17:55 45016 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-29 18:46 . 2011-12-21 04:30 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-29 18:46 . 2011-12-21 04:30 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-29 18:46 . 2011-12-21 04:30 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-27 22:33 . 2012-01-27 22:33 -------- d-----w- c:\windows\system32\RsFx
2012-01-27 22:33 . 2012-01-27 22:33 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-01-27 22:26 . 2012-01-27 22:26 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-01-27 22:26 . 2012-01-27 22:26 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-01-27 22:26 . 2012-01-27 22:26 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-01-27 22:26 . 2012-01-27 22:26 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-01-27 22:19 . 2012-01-27 22:19 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET
2012-01-27 22:18 . 2012-01-27 22:18 -------- d-----w- c:\program files\IIS
2012-01-27 22:18 . 2012-01-27 22:18 -------- d-----w- c:\program files (x86)\IIS
2012-01-27 22:08 . 2012-01-29 02:06 -------- d-----w- c:\program files (x86)\Microsoft F#
2012-01-27 22:08 . 2012-01-29 02:06 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2012-01-27 22:08 . 2012-01-29 02:06 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2012-01-27 22:03 . 2012-01-27 22:26 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2012-01-27 22:03 . 2012-01-27 22:03 -------- d-----w- c:\program files\Microsoft Help Viewer
2012-01-25 22:30 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-01-25 22:30 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-01-25 22:30 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-01-25 22:30 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-01-25 22:30 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-01-25 22:30 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-01-25 22:30 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-01-25 22:30 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-01-25 22:30 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-01-25 22:30 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-13 08:51 . 2011-12-13 08:51 2948312 ----a-w- C:\Toolbar_production_100639.exe
2011-12-10 20:24 . 2010-02-03 06:34 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 10:29 . 2011-11-25 10:29 158056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin ERROR(0x00000005)
2011-11-19 00:18 . 2011-06-27 18:24 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-18 23:25 . 2011-11-18 23:25 53248 ----a-r- c:\users\Jose\AppData\Roaming\Microsoft\Installer\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}\ARPPRODUCTICON.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2012-01-31_17.51.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-23 20:17 . 2012-01-31 18:18 75676 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2010-01-27 12:25 . 2012-01-30 23:02 12066 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-01-27 12:25 . 2012-02-01 15:16 12066 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-07-14 05:10 . 2012-02-01 15:22 44874 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-18 23:13 . 2012-02-01 15:22 19550 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2016452030-1855440420-3470329722-1005_UserData.bin
+ 2009-07-14 05:30 . 2012-02-01 19:18 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-01-31 15:21 86016 c:\windows\system32\DriverStore\infpub.dat
- 2012-01-31 08:42 . 2011-10-15 17:16 75808 c:\windows\system32\DriverStore\FileRepository\mfenlfk.inf_amd64_neutral_acec8c424d80b3f4\mfenlfk.sys
+ 2012-02-01 19:17 . 2011-10-15 17:16 75808 c:\windows\system32\DriverStore\FileRepository\mfenlfk.inf_amd64_neutral_acec8c424d80b3f4\mfenlfk.sys
+ 2010-01-18 20:44 . 2012-02-03 17:06 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-18 20:44 . 2012-01-31 17:33 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-18 20:44 . 2012-02-03 17:06 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-18 20:44 . 2012-01-31 17:33 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-31 17:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-03 17:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-01-31 18:44 80352 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-02-01 02:41 . 2012-02-01 02:41 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\59e70022e798ce28f9f5b8870c5c8bf2\System.Xml.Serialization.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 70656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml.Hosting\53a04d67925ebd229e6b1abd7856b774\System.Xaml.Hosting.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\d32e9d2d879649adb929915723e1eecb\System.Windows.Presentation.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Routing\d9544e7d63a900c1a0d73c441b5a174f\System.Web.Routing.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 53760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\a9f5d739951335baf2cea57a4e54fd9c\System.Web.DynamicData.Design.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\f36d1265de7263ea199fa7058bf40477\System.Web.ApplicationServices.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Abstract#\f4aa8d1923a8b18d6d052738e5bfbd3f\System.Web.Abstractions.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 13824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\32149f9ad57dd61bb69469bdb4dd7c47\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\09132e10556be9ab331f43b2a8c52235\System.AddIn.Contract.ni.dll
+ 2012-01-31 21:00 . 2012-01-31 21:00 47616 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Workflow.#\a93198e6ff47d4a1ef127bb92e2f52e6\Microsoft.Workflow.Compiler.ni.exe
+ 2012-01-31 21:00 . 2012-01-31 21:00 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\49a7edb0d7f35bebc304b303b0700ddc\Microsoft.VisualC.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\5b39108886107f654624373c54000e3c\dfsvc.ni.exe
+ 2012-01-31 20:58 . 2012-01-31 20:58 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\41d4534c5a98fd1bc7edc2f73cd41a0a\Accessibility.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 55808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\5489f3d82b02843c58a4942afd3807e6\System.Xaml.Hosting.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\e4f0e0d45a1739bad6cc96377c9dd7f2\System.Windows.Presentation.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\dcb1470c8023acb632bcfcbfc59ec414\System.Web.Routing.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\55b0452fe2e58293dfd0f6e76c69521f\System.Web.DynamicData.Design.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\746c855ad48e4617be760a79dac159b8\System.Web.Abstractions.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e6b2baae6e7f7ce6d4686c2a0ae21417\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e08ecf530f270cd45c72318b67826cb1\System.ServiceModel.Channels.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\05d0a49b0cd7b80305d245b6080c662b\System.Windows.Presentation.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\05d0a49b0cd7b80305d245b6080c662b\System.Windows.Presentation.ni.dll
+ 2012-01-31 20:56 . 2012-01-31 20:56 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c7d84e878fa635651882a6552d001e4f\System.Web.DynamicData.Design.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c7d84e878fa635651882a6552d001e4f\System.Web.DynamicData.Design.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\e1ff1753577ffb86c96da1e578f4460d\stdole.ni.dll
- 2010-02-24 08:01 . 2010-02-24 08:01 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\e1ff1753577ffb86c96da1e578f4460d\stdole.ni.dll
+ 2012-01-31 20:08 . 2012-01-31 20:08 48640 c:\windows\assembly\NativeImages_v2.0.50727_64\SldServiceClients\953a59cbeef9c83a4b67548c5e29ce74\SldServiceClients.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 48640 c:\windows\assembly\NativeImages_v2.0.50727_64\SldServiceClients\953a59cbeef9c83a4b67548c5e29ce74\SldServiceClients.ni.dll
- 2011-11-30 14:12 . 2011-11-30 14:12 48640 c:\windows\assembly\NativeImages_v2.0.50727_64\SldServiceClients\7eb801ef460706bfb55a9a4d987c1d17\SldServiceClients.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 48640 c:\windows\assembly\NativeImages_v2.0.50727_64\SldServiceClients\7eb801ef460706bfb55a9a4d987c1d17\SldServiceClients.ni.dll
+ 2012-01-31 20:08 . 2012-01-31 20:08 45568 c:\windows\assembly\NativeImages_v2.0.50727_64\SldService\da725215633158235419ff44170990f7\SldService.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 45568 c:\windows\assembly\NativeImages_v2.0.50727_64\SldService\da725215633158235419ff44170990f7\SldService.ni.dll
- 2011-11-30 14:12 . 2011-11-30 14:12 45568 c:\windows\assembly\NativeImages_v2.0.50727_64\SldService\ac4ec04f5c6f8247da9bbca6ae62c1d2\SldService.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 45568 c:\windows\assembly\NativeImages_v2.0.50727_64\SldService\ac4ec04f5c6f8247da9bbca6ae62c1d2\SldService.ni.dll
+ 2012-01-31 20:08 . 2012-01-31 20:08 62464 c:\windows\assembly\NativeImages_v2.0.50727_64\SldJobs\f497af468e3593bc7ef01ac3259e735a\SldJobs.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 62464 c:\windows\assembly\NativeImages_v2.0.50727_64\SldJobs\f497af468e3593bc7ef01ac3259e735a\SldJobs.ni.dll
+ 2012-01-31 19:19 . 2012-01-31 19:19 62464 c:\windows\assembly\NativeImages_v2.0.50727_64\SldJobs\a1fe6e4664fd0fad1f7f2e3f96d05b99\SldJobs.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 68608 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchUI\b548ca49aedc25e7e3655a9bf17fe8af\SketchUI.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 68608 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchUI\b548ca49aedc25e7e3655a9bf17fe8af\SketchUI.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 69632 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchUI\10b9f8372fdcdf9379e395ecd91159b3\SketchUI.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchOperation\a154b777d803c82aa964ee81d380be96\SketchOperation.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchOperation\a154b777d803c82aa964ee81d380be96\SketchOperation.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchOperation\0f493bcbd41bf49c0bd41d0ae4fe2b70\SketchOperation.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 83456 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalWPF\18bdd176b6266667be4212f22833eccf\SheetMetalWPF.ni.dll
+ 2012-01-31 19:43 . 2012-01-31 19:43 83456 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalWPF\18bdd176b6266667be4212f22833eccf\SheetMetalWPF.ni.dll
+ 2012-01-31 19:43 . 2012-01-31 19:43 99840 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalUi\3eb2ba2eb8ccf1d0a923d4af444ffa6b\SheetMetalUi.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 99840 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalUi\3eb2ba2eb8ccf1d0a923d4af444ffa6b\SheetMetalUi.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 33280 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalOperation\53d6778e59784d31dcf9dd67733f5de5\SheetMetalOperation.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 33280 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalOperation\53d6778e59784d31dcf9dd67733f5de5\SheetMetalOperation.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 35328 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalOperation\1babbecd309b20330ce807b8edaf6351\SheetMetalOperation.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 88576 c:\windows\assembly\NativeImages_v2.0.50727_64\RefPlaneWPF\29a63fa78139a2bfe7302f418984d91b\RefPlaneWPF.ni.dll
+ 2012-01-31 19:43 . 2012-01-31 19:43 88576 c:\windows\assembly\NativeImages_v2.0.50727_64\RefPlaneWPF\29a63fa78139a2bfe7302f418984d91b\RefPlaneWPF.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 88064 c:\windows\assembly\NativeImages_v2.0.50727_64\RefPlaneWPF\0d1f6495123d6aae9502761fd6005521\RefPlaneWPF.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 95744 c:\windows\assembly\NativeImages_v2.0.50727_64\RefGeomUI\a9be745f0a3c38799cf011750d144c08\RefGeomUI.ni.dll
+ 2012-01-31 19:43 . 2012-01-31 19:43 95744 c:\windows\assembly\NativeImages_v2.0.50727_64\RefGeomUI\a9be745f0a3c38799cf011750d144c08\RefGeomUI.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 96768 c:\windows\assembly\NativeImages_v2.0.50727_64\RefGeomUI\242f50bc06294d28d5a50e9adab24a63\RefGeomUI.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 34304 c:\windows\assembly\NativeImages_v2.0.50727_64\RefGeomOperation\885580341f182d5e5b4e2bd1a21c39ed\RefGeomOperation.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 34304 c:\windows\assembly\NativeImages_v2.0.50727_64\RefGeomOperation\6ef3f11285bf69ee0fe32ac4a1f8746f\RefGeomOperation.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 34304 c:\windows\assembly\NativeImages_v2.0.50727_64\RefGeomOperation\6ef3f11285bf69ee0fe32ac4a1f8746f\RefGeomOperation.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\86f43c5c59136c1e17a05fff9058fce4\PresentationFontCache.ni.exe
- 2009-07-14 04:57 . 2009-07-14 04:57 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\86f43c5c59136c1e17a05fff9058fce4\PresentationFontCache.ni.exe
+ 2012-01-31 19:16 . 2012-01-31 19:16 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\9b35e5133862d53125a2d1f3cfd17ea1\PresentationCFFRasterizer.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 61440 c:\windows\assembly\NativeImages_v2.0.50727_64\OperationBase\a81d4dd9faa3cd8d82131c011186f46f\OperationBase.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\OperationBase\6e6409fbe09018f47f86f5fdc20d3a6e\OperationBase.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\OperationBase\6e6409fbe09018f47f86f5fdc20d3a6e\OperationBase.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\e9354030c5e28bf3071553a177d832c5\Microsoft.WSMan.Runtime.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\e9354030c5e28bf3071553a177d832c5\Microsoft.WSMan.Runtime.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\cdd85f03ce23835194bf008b8b65ce65\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\cdd85f03ce23835194bf008b8b65ce65\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\b7d5f18d88be9be3382a78e68f7acacb\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\b7d5f18d88be9be3382a78e68f7acacb\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\ac46a5fcccdc881984872f7b89436e0d\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\ac46a5fcccdc881984872f7b89436e0d\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\7d753c39b35fae1b58cb971f2461f315\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\7d753c39b35fae1b58cb971f2461f315\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\7c880f173f5d3728290459b71ecf7717\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\7c880f173f5d3728290459b71ecf7717\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\01f7ce8c44031a2dcd588634f4078c4b\Microsoft.Windows.Diagnosis.SDHost.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\01f7ce8c44031a2dcd588634f4078c4b\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-01-31 19:01 . 2012-01-31 19:01 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\1704e3b1946592fbab4de1230d824311\Microsoft.VisualC.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\402b47ebed05d7f04ea91399c16088e7\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\402b47ebed05d7f04ea91399c16088e7\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 38400 c:\windows\assembly\NativeImages_v2.0.50727_64\Manipulator\b2bdb01e1f622c2ae9d0e8330c59b880\Manipulator.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 38912 c:\windows\assembly\NativeImages_v2.0.50727_64\Manipulator\097e673eda6ad1df834dec6d3a50b56e\Manipulator.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 38912 c:\windows\assembly\NativeImages_v2.0.50727_64\Manipulator\097e673eda6ad1df834dec6d3a50b56e\Manipulator.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\5dc6d2fdd7e86540037bc3e7e20691c9\LoadMxf.ni.exe
+ 2012-01-31 20:11 . 2012-01-31 20:11 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\5dc6d2fdd7e86540037bc3e7e20691c9\LoadMxf.ni.exe
+ 2012-01-31 19:18 . 2012-01-31 19:18 79360 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureUI\eb1292467ed6939c041e8caa5c7d0148\FeatureUI.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 73728 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureUI\095ea4dc41251cfb52edaa6d943d0693\FeatureUI.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 73728 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureUI\095ea4dc41251cfb52edaa6d943d0693\FeatureUI.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 38400 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureOperation\4e45ff9a4b1431521fa0d6c3a3951d9a\FeatureOperation.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 38400 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureOperation\4e45ff9a4b1431521fa0d6c3a3951d9a\FeatureOperation.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 39936 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureOperation\2cdecd9e979b67c26d14a9fa75ed1a81\FeatureOperation.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 50176 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentWPF\770e1e03ffd11514457d3ffaa5c78a5f\EnvironmentWPF.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 50688 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentWPF\4b48d5f5fe4a8ea7b40fc034df3287e3\EnvironmentWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 50688 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentWPF\4b48d5f5fe4a8ea7b40fc034df3287e3\EnvironmentWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 39936 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentUI\8539e76f66da6567f79da581600664c4\EnvironmentUI.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 39936 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentUI\8539e76f66da6567f79da581600664c4\EnvironmentUI.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 38912 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentUI\0115bf565bff263c9f7f3e45f20cbfea\EnvironmentUI.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 30720 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentOperation\dec226c04da4d6b744f0f9501b632ae3\EnvironmentOperation.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 30720 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentOperation\dec226c04da4d6b744f0f9501b632ae3\EnvironmentOperation.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 30208 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentOperation\2333eca8c645498622c69034e36715c8\EnvironmentOperation.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 48640 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentCore\de465f9dbadb97d15cd8151bd5be784e\EnvironmentCore.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 48640 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentCore\de465f9dbadb97d15cd8151bd5be784e\EnvironmentCore.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 48640 c:\windows\assembly\NativeImages_v2.0.50727_64\EnvironmentCore\04e20fbb372dc00dfbf25234508ba01b\EnvironmentCore.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\6a23e4a2c0cd1bb289504fb2f07c3553\ehiUPnP.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\6a23e4a2c0cd1bb289504fb2f07c3553\ehiUPnP.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\669f599c8df8588447dd9abcbcc442b6\ehiTVMSMusic.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\669f599c8df8588447dd9abcbcc442b6\ehiTVMSMusic.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\DveSupport\652e30ba4aafc9d5a944952d5b244040\DveSupport.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\DveSupport\652e30ba4aafc9d5a944952d5b244040\DveSupport.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 92672 c:\windows\assembly\NativeImages_v2.0.50727_64\DveSupport\2050f1808b137e2b6973466aec0635da\DveSupport.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\adeac4d3b57f16e3c3b6cb34f920d3cf\dfsvc.ni.exe
+ 2012-01-31 20:09 . 2012-01-31 20:09 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\adeac4d3b57f16e3c3b6cb34f920d3cf\dfsvc.ni.exe
+ 2012-01-31 19:17 . 2012-01-31 19:17 55808 c:\windows\assembly\NativeImages_v2.0.50727_64\DebugControls\5318aed8e242d94f0c7a44c81faa9e50\DebugControls.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 56832 c:\windows\assembly\NativeImages_v2.0.50727_64\DebugControls\30bfeaeabc2e7d3fb40d46b373b748e9\DebugControls.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 56832 c:\windows\assembly\NativeImages_v2.0.50727_64\DebugControls\30bfeaeabc2e7d3fb40d46b373b748e9\DebugControls.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 71680 c:\windows\assembly\NativeImages_v2.0.50727_64\CoreInterface\abe1cf46d4b379c9f229ecb821f0acf3\CoreInterface.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 71680 c:\windows\assembly\NativeImages_v2.0.50727_64\CoreInterface\abe1cf46d4b379c9f229ecb821f0acf3\CoreInterface.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 80384 c:\windows\assembly\NativeImages_v2.0.50727_64\CoreInterface\8f42d23e2e58568ad336639635fc3ccc\CoreInterface.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 56320 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentWPF\e632e9f53cc76620bbe8a60a0cbe15e0\ContentWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 56320 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentWPF\e632e9f53cc76620bbe8a60a0cbe15e0\ContentWPF.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentUI\a96dc8e1573798219a3ae615ceb67beb\ContentUI.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentUI\0d5d7055cb196b477980e47664e7def3\ContentUI.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentUI\0d5d7055cb196b477980e47664e7def3\ContentUI.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 34816 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentOperation\9d6c75a17ce5b0c97a4c25984036b320\ContentOperation.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 34816 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentOperation\9d6c75a17ce5b0c97a4c25984036b320\ContentOperation.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 41984 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentOperation\1e7f98bf6d9181a1b0a1d4138cf2c987\ContentOperation.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeaturewpf\c37d703745b281e5afb7cbc199e7dad5\asmfeaturewpf.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeaturewpf\13275e19a5ab59a1ef141ebbebe6cb84\asmfeaturewpf.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeaturewpf\13275e19a5ab59a1ef141ebbebe6cb84\asmfeaturewpf.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 47104 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeatureui\fc37ee72e35987b9e27000e165fbf2a0\asmfeatureui.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 47104 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeatureui\fc37ee72e35987b9e27000e165fbf2a0\asmfeatureui.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 46080 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeatureui\9ffff3f5509c99e1a0d0ef956662b0e4\asmfeatureui.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 35840 c:\windows\assembly\NativeImages_v2.0.50727_64\AsmFeatureOperation\ff72c0b3677d5b43e7847ef166c99ef5\AsmFeatureOperation.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 35840 c:\windows\assembly\NativeImages_v2.0.50727_64\AsmFeatureOperation\ff72c0b3677d5b43e7847ef166c99ef5\AsmFeatureOperation.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 35840 c:\windows\assembly\NativeImages_v2.0.50727_64\AsmFeatureOperation\8cdf9882b893e2c3ab9d001d4246f6a9\AsmFeatureOperation.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 38400 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationUI\df6303c896ba3884b18339c89b4388a0\AnnotationUI.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 38400 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationUI\df6303c896ba3884b18339c89b4388a0\AnnotationUI.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 37376 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationUI\94b314fe39c256e7eb78d4dbdb166cde\AnnotationUI.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 32768 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationOperation\c7b3c7d4be13205fe95c32705f3dc8b4\AnnotationOperation.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 32768 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationOperation\4b417b26bfe9d2375081ab38d2f7d037\AnnotationOperation.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 32768 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationOperation\4b417b26bfe9d2375081ab38d2f7d037\AnnotationOperation.ni.dll
+ 2012-01-31 19:01 . 2012-01-31 19:01 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\77b98272a5ab8188eced5ff6cc571f58\Accessibility.ni.dll
+ 2012-01-31 18:12 . 2012-02-04 15:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-31 16:33 . 2012-01-31 17:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-31 18:12 . 2012-02-04 15:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-31 16:33 . 2012-01-31 17:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-31 20:07 . 2012-01-31 20:07 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
+ 2012-01-30 19:27 . 2012-01-31 18:42 262144 c:\windows\SysWOW64\config\TxR\NTUSER.DAT
- 2012-01-30 19:27 . 2012-01-31 17:15 262144 c:\windows\SysWOW64\config\TxR\NTUSER.DAT
- 2012-01-30 19:27 . 2012-01-31 17:15 262144 c:\windows\SysWOW64\config\RegBack\NTUSER.DAT
+ 2012-01-30 19:27 . 2012-01-31 18:42 262144 c:\windows\SysWOW64\config\RegBack\NTUSER.DAT
+ 2012-01-30 19:27 . 2012-01-31 18:42 262144 c:\windows\SysWOW64\config\Journal\NTUSER.DAT
- 2012-01-30 19:27 . 2012-01-31 17:15 262144 c:\windows\SysWOW64\config\Journal\NTUSER.DAT
+ 2010-01-18 21:33 . 2012-02-04 10:19 466708 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-01-18 20:42 . 2012-02-04 11:47 498064 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-01-31 23:42 730972 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-01-31 23:42 147408 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:30 . 2012-02-01 19:18 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-01-31 15:21 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-02-01 19:18 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-01-31 15:21 143360 c:\windows\system32\DriverStore\infstor.dat
- 2012-01-31 08:42 . 2011-10-15 17:16 647080 c:\windows\system32\drivers\mfehidk.sys
+ 2011-10-15 17:16 . 2011-10-15 17:16 647080 c:\windows\system32\drivers\mfehidk.sys
- 2012-01-31 08:42 . 2011-10-15 17:16 160280 c:\windows\system32\drivers\mfeapfk.sys
+ 2011-10-15 17:16 . 2011-10-15 17:16 160280 c:\windows\system32\drivers\mfeapfk.sys
+ 2012-02-01 02:41 . 2012-02-01 02:41 553984 c:\windows\assembly\NativeImages_v4.0.30319_64\XamlBuildTask\0fbac86c8651e99068a007ed3ef3ac19\XamlBuildTask.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 462336 c:\windows\assembly\NativeImages_v4.0.30319_64\WsatConfig\23080c9d63ee42eae5ac396c264e495a\WsatConfig.ni.exe
+ 2012-02-01 02:41 . 2012-02-01 02:41 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\7bd6a3a7ccecff64ae970ef25b5fedb0\WindowsFormsIntegration.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\a5daacd5d0f46d77f10814f975152b34\UIAutomationTypes.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\86dd26195072a7ba1241c316a90d76c0\UIAutomationProvider.ni.dll
+ 2012-02-01 02:41 . 2012-02-01 02:41 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\9b9b20440b1acb0bcbbb2f66aa421f0e\UIAutomationClient.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\d26a80d8e9ee010d3d1bc8c8c19f2d4d\System.Xml.Linq.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\2f4927e3f120092b6d65371d502d6e73\System.Windows.Input.Manipulations.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 244736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\e65c6c47ccaa94a71f3a0c85a20df648\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 314880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.RegularE#\a34337dd5397a4f47ca9098aad7c4a63\System.Web.RegularExpressions.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 451072 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity\c47cd2fc542c0fc7e20689433fa5123c\System.Web.Entity.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 367104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity.D#\efc6dead4b44c8e2e1963b7a3acd4988\System.Web.Entity.Design.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 973824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\23d96e7cca727a45aca6f28b5bec7dc5\System.Web.DynamicData.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 331264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\7257d37f6ed2f933793381870db07a81\System.Web.DataVisualization.Design.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\578f67c81f61729a88f5de3b46f73c29\System.Transactions.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\127b422c3177e9f042ee3390dc53abff\System.ServiceProcess.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\b93d584ea973a95d5e2632445fe47d30\System.ServiceModel.Channels.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\acd98781c9317af9edaf3da46ce1befc\System.ServiceModel.Routing.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 587776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\92b694399f4f39b23a78ba679073f375\System.ServiceModel.Activation.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\b94e86c584564773de3fe2b4b3b8ecbb\System.Security.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\6cd778cd2c8c61130ff71ee7a685222b\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 995328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\fd8d112a2b0b4a65909d4174d503ae47\System.Runtime.Remoting.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 311296 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Cach#\d1041f713819b49df94c4121b7c11a67\System.Runtime.Caching.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\55ac95edd96a5e6b675bb9b42d460b0b\System.Numerics.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\5d1aa20dae99fcc9bd68410eb81eb9c0\System.Net.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\75f4107c91447218fac9cc052c77d89d\System.Messaging.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\1e191470099054203157049f808f6629\System.Management.Instrumentation.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\e5f5a73a8fb1040b1f30a14a2adf9d5d\System.IO.Log.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\d23c19bfe0f8a508f143c5bf5d0d732f\System.IdentityModel.Selectors.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\5a86b6067f001cef079bde90f001d54d\System.EnterpriseServices.Wrapper.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\86913afe1c8f5138c9ba36fdf6603bf8\System.Dynamic.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 289792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing.Desi#\6c34e82e5e15e645c782ac969bff3ae7\System.Drawing.Design.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\cc9c9cebee876445d2b6439b15ffef94\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\8465ce07d4753d5891458d09ee0b1fe7\System.Device.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 662528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\f36f39f48842409277d30dce974f6e7d\System.Data.Services.Design.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\bc62508161a5a687274ef5cb39a09da3\System.Data.DataSetExtensions.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c9db420a1795c4347f93f2f089a8b49f\System.Configuration.Install.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\deff07dc250a4de404090ed98736b690\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\89a509497e04317189aa568e44d7a1e5\System.AddIn.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\04abc0f1feffd7a15c4815c15738324b\System.Activities.DurableInstancing.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\bf456f7f6470250f58b92158aefdc008\SMSvcHost.ni.exe
+ 2012-02-01 02:36 . 2012-02-01 02:36 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\2d3c35ffc646287827a79c31eb91c21d\SMDiagnostics.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\bafbbd94a2c60bdf546669699b05a7fe\PresentationFramework.Classic.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a60a1e1a47525ec0b227d3d612d65c60\PresentationFramework.Royale.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\900cacd34dc5bd770289d04b0b6face1\PresentationFramework.Aero.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\39a8890967e22ae6bd24a2ebf7ee694e\PresentationFramework.Luna.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 364544 c:\windows\assembly\NativeImages_v4.0.30319_64\MSBuild\4dcb4a50313669fd0fd695618ade63bb\MSBuild.ni.exe
+ 2012-01-31 21:00 . 2012-01-31 21:00 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\c673d1195da211fe6bbe9eba573bd565\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-01-31 21:00 . 2012-01-31 21:00 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\694c3f74f790e2c327f114dfbe4983c2\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-01-31 21:00 . 2012-01-31 21:00 851456 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Uti#\94330d77746349995cc1a3796f001d22\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 353792 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Fra#\564ac3c43476b8ab10b6cb58796050b1\Microsoft.Build.Framework.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\39973e3573bd27e6897e631ac1570c85\CustomMarshalers.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 661504 c:\windows\assembly\NativeImages_v4.0.30319_64\ComSvcConfig\09cc3399142a93d77f317dda8c18a346\ComSvcConfig.ni.exe
+ 2012-01-31 20:08 . 2012-01-31 20:08 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\7e0d2d75413d4a9e9bd8c0f4247cb5ad\XamlBuildTask.ni.dll
+ 2012-01-31 20:08 . 2012-01-31 20:08 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\962b04386ebf18f5871d5ceefa83ba4b\WindowsFormsIntegration.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\1c29539a07226b411e0a1a47aed57183\UIAutomationClient.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\61d167ccb39883e299dc77f063ab2e12\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\c4688bf6b864e76fbd936a7fdd5f0748\System.Web.Extensions.Design.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\8614eb36d94b640ab78ca4b7165f08f8\System.Web.Entity.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\8e2860651899e90f4de23486fbd5be87\System.Web.Entity.Design.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\b1c10c1591154f94a93dad7bb306f3ed\System.Web.DynamicData.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\17f371e10888ff6fdee8274a11f2605a\System.Web.DataVisualization.Design.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\bd104bb2f798661c5a972249582b5441\System.ServiceModel.Routing.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 432640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b998d241c567915a2069d0c790dd6c53\System.ServiceModel.Activation.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\56fe9070b1d56613fd5cf7c73ec3b26f\System.Net.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\420c9d9b271bc26d1b6f437f1f4913a9\System.Messaging.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\b71ea67c5bfa5b660efc12eb1c6ea4af\System.Management.Instrumentation.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\267d7dbdbe126590fba4a11c1ab12926\System.IO.Log.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\4ca1f130cbacf72beedf13da42b93e75\System.IdentityModel.Selectors.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\324617c0a492d6acc64325c836553f2c\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\ca25f888c067fa170d8bba824efa2ca8\System.Device.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 508928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\8feecdcd543403861ae71d1c7c37a67b\System.Data.Services.Design.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\a22313de05dfa683d1f101fc0d3704db\WsatConfig.ni.exe
- 2009-07-14 05:11 . 2009-07-14 05:11 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\a22313de05dfa683d1f101fc0d3704db\WsatConfig.ni.exe
+ 2012-01-31 19:17 . 2012-01-31 19:17 412672 c:\windows\assembly\NativeImages_v2.0.50727_64\wpfsupport\8359e05cea4c0eafb0c8d5138b5de0f7\wpfsupport.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 367616 c:\windows\assembly\NativeImages_v2.0.50727_64\wpfsupport\1b0beb5d8e606b0f2edbd970ff4613d7\wpfsupport.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 367616 c:\windows\assembly\NativeImages_v2.0.50727_64\wpfsupport\1b0beb5d8e606b0f2edbd970ff4613d7\wpfsupport.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 510464 c:\windows\assembly\NativeImages_v2.0.50727_64\WPFRes\c4d2f1dd1eb864c61d8e3d3a6d30af64\WPFRes.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 497664 c:\windows\assembly\NativeImages_v2.0.50727_64\WPFRes\829483226a863ea7365141a90de7c527\WPFRes.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 497664 c:\windows\assembly\NativeImages_v2.0.50727_64\WPFRes\829483226a863ea7365141a90de7c527\WPFRes.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\76290827c2b696a500a7f59a2cdb51d8\WindowsFormsIntegration.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\76290827c2b696a500a7f59a2cdb51d8\WindowsFormsIntegration.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 171520 c:\windows\assembly\NativeImages_v2.0.50727_64\UiBase\c967d00d48ebdb4e536d467966078d09\UiBase.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 171520 c:\windows\assembly\NativeImages_v2.0.50727_64\UiBase\c967d00d48ebdb4e536d467966078d09\UiBase.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 173568 c:\windows\assembly\NativeImages_v2.0.50727_64\UiBase\4d6b20cb7e4442c403920a6eb661277f\UiBase.ni.dll
+ 2012-01-31 19:16 . 2012-01-31 19:16 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\e2dc38b16020055eaa990d417f39da34\UIAutomationTypes.ni.dll
+ 2012-01-31 19:16 . 2012-01-31 19:16 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\3b65f1ccc1f23c3711c81e92bb73c0a0\UIAutomationProvider.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\3cc5a692d6add1607d52ab08ed70caa6\UIAutomationClient.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\3cc5a692d6add1607d52ab08ed70caa6\UIAutomationClient.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\f0c9f67eba09746ec6b7d8111de3fecd\TaskScheduler.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\f0c9f67eba09746ec6b7d8111de3fecd\TaskScheduler.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\c252d65b60a6198312ffc7b7e1cfa4e2\System.Xml.Linq.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\c252d65b60a6198312ffc7b7e1cfa4e2\System.Xml.Linq.ni.dll
+ 2012-01-31 20:56 . 2012-01-31 20:56 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\809995efa6fe510cec139670a254692e\System.Web.Routing.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\809995efa6fe510cec139670a254692e\System.Web.Routing.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\bf11731ff6e75c72e9939a05151e7484\System.Web.RegularExpressions.ni.dll
+ 2012-01-31 20:56 . 2012-01-31 20:56 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\0003851d0b5b76801a2dbe62672627fe\System.Web.Entity.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\0003851d0b5b76801a2dbe62672627fe\System.Web.Entity.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\b449822c24e84832fd40ba9e0430a5a7\System.Web.Entity.Design.ni.dll
+ 2012-01-31 20:56 . 2012-01-31 20:56 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\b449822c24e84832fd40ba9e0430a5a7\System.Web.Entity.Design.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\228a346eda5e7d9eac660d1d761058de\System.Web.DynamicData.ni.dll
+ 2012-01-31 20:56 . 2012-01-31 20:56 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\228a346eda5e7d9eac660d1d761058de\System.Web.DynamicData.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\79f948b35f9e60b56cddb97df8d76cfe\System.Web.Abstractions.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\79f948b35f9e60b56cddb97df8d76cfe\System.Web.Abstractions.ni.dll
+ 2012-01-31 19:03 . 2012-01-31 19:03 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\c92eb7f61e9703abbf85f340e4a38c54\System.Transactions.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\cdbb9ec9236094dc4ee8550f11026618\System.ServiceProcess.ni.dll
+ 2012-01-31 19:02 . 2012-01-31 19:02 924672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\2df5caebaff2aa374a48182f20c65430\System.Security.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\7cf6d15b285f8aa85c3bbe83266cd206\System.Net.ni.dll
+ 2012-01-31 20:46 . 2012-01-31 20:46 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\7cf6d15b285f8aa85c3bbe83266cd206\System.Net.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\a33a535b49e4540692540e4cf033f0db\System.Messaging.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\a33a535b49e4540692540e4cf033f0db\System.Messaging.ni.dll
+ 2012-01-31 20:46 . 2012-01-31 20:46 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\08a9ab07bdfa3269a6f8acc955e840ec\System.Management.Instrumentation.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\08a9ab07bdfa3269a6f8acc955e840ec\System.Management.Instrumentation.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 569344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\b9be2f406746e257cf86e77722bedaea\System.IO.Log.ni.dll
+ 2012-01-31 20:46 . 2012-01-31 20:46 569344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\b9be2f406746e257cf86e77722bedaea\System.IO.Log.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\aeed8c20c75cdbab3e4c3d4fa021ebce\System.IdentityModel.Selectors.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\aeed8c20c75cdbab3e4c3d4fa021ebce\System.IdentityModel.Selectors.ni.dll
+ 2012-01-31 19:03 . 2012-01-31 19:03 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\a3af29f85ea516622318918d501118d2\System.EnterpriseServices.Wrapper.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\b176362922deb1851592490cce69e0a7\System.Drawing.Design.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\b098863d4fe3331acfbb498ecfaccb6a\System.DirectoryServices.Protocols.ni.dll
+ 2012-01-31 20:46 . 2012-01-31 20:46 493056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\a49ade10057cf1517d16e7d75330d293\System.Data.Services.Design.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 493056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\a49ade10057cf1517d16e7d75330d293\System.Data.Services.Design.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\f898839ba4008a5d7df4a1c200fa605f\System.Data.DataSetExtensions.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\f898839ba4008a5d7df4a1c200fa605f\System.Data.DataSetExtensions.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a98aceda77ea01c568b5aeb815be36dd\System.Configuration.Install.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\c5ff0bbf91403d78f3e8bfda7b5956d1\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\c5ff0bbf91403d78f3e8bfda7b5956d1\System.ComponentModel.DataAnnotations.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\108fc5aff3b68fff82d5b3110c2ef98e\System.AddIn.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\108fc5aff3b68fff82d5b3110c2ef98e\System.AddIn.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\b25729d135deaeeca9a92a9fa9235dca\System.AddIn.Contract.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\b25729d135deaeeca9a92a9fa9235dca\System.AddIn.Contract.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\e33b6d1455ec97f8a3abdb027a656696\sysglobl.ni.dll
+ 2012-01-31 20:56 . 2012-01-31 20:56 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\e33b6d1455ec97f8a3abdb027a656696\sysglobl.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\e070c573122bda85762730889b1c185b\SMSvcHost.ni.exe
- 2009-07-14 05:11 . 2009-07-14 05:11 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\e070c573122bda85762730889b1c185b\SMSvcHost.ni.exe
+ 2012-01-31 19:20 . 2012-01-31 19:20 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\9582e0909da23bef64014e4eacd0c8d8\SMDiagnostics.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 105472 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchWPF\c7c94c77919528ffcc6b2bd0b8f147cc\SketchWPF.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 105472 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchWPF\c7c94c77919528ffcc6b2bd0b8f147cc\SketchWPF.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 105472 c:\windows\assembly\NativeImages_v2.0.50727_64\SketchWPF\c4459311b34ef3f4db4fe8f8729b8462\SketchWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 660992 c:\windows\assembly\NativeImages_v2.0.50727_64\Sketchcplu\7214545975e52b464e4e979bebe165ed\Sketchcplu.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 660992 c:\windows\assembly\NativeImages_v2.0.50727_64\Sketchcplu\7214545975e52b464e4e979bebe165ed\Sketchcplu.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 115200 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalWPF\e61010255f5faf75ea668f8ee107eedd\SheetMetalWPF.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 174080 c:\windows\assembly\NativeImages_v2.0.50727_64\SheetMetalUi\359b6470d1cea2b317a4b4eba085b9fd\SheetMetalUi.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 668160 c:\windows\assembly\NativeImages_v2.0.50727_64\sheetmetalcplu\b6b46ed1c300ca4100ba8644d0c100da\sheetmetalcplu.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 433152 c:\windows\assembly\NativeImages_v2.0.50727_64\sheetmetalcplu\14e4ded21d773b86e2f65cebd357bb9c\sheetmetalcplu.ni.dll
+ 2012-01-31 19:43 . 2012-01-31 19:43 433152 c:\windows\assembly\NativeImages_v2.0.50727_64\sheetmetalcplu\14e4ded21d773b86e2f65cebd357bb9c\sheetmetalcplu.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 235520 c:\windows\assembly\NativeImages_v2.0.50727_64\refgeomcplu\57d29d39acc82c3de00cbce572e82efd\refgeomcplu.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 235520 c:\windows\assembly\NativeImages_v2.0.50727_64\refgeomcplu\57d29d39acc82c3de00cbce572e82efd\refgeomcplu.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 271360 c:\windows\assembly\NativeImages_v2.0.50727_64\refgeomcplu\3059eb093c8052780446463fab9b67ae\refgeomcplu.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f83ca4b51e91133415061876d4ec8243\PresentationFramework.Luna.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 279040 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\d2a38c7a75ee7f508fc248023e90264f\PresentationFramework.Classic.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 279040 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\d2a38c7a75ee7f508fc248023e90264f\PresentationFramework.Classic.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\8e063806944330786c030e486a6f4dbd\PresentationFramework.Aero.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\8e063806944330786c030e486a6f4dbd\PresentationFramework.Aero.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\2a584f6c96065a89c3e23d5b29f5ac82\PresentationFramework.Royale.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\2a584f6c96065a89c3e23d5b29f5ac82\PresentationFramework.Royale.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\f105bb0b5c103dfe4d514b7239ead3c5\napsnap.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\f105bb0b5c103dfe4d514b7239ead3c5\napsnap.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\3cf9c6a67b9145fe4bef15e1d23905b9\napinit.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\3cf9c6a67b9145fe4bef15e1d23905b9\napinit.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\d1af60f4454b207d7292d63e1c0037be\naphlpr.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\d1af60f4454b207d7292d63e1c0037be\naphlpr.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\f099ccb0bc5b18fb6991c5b3ae624b50\napcrypt.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\f099ccb0bc5b18fb6991c5b3ae624b50\napcrypt.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\d9cbc5fcb026e53eb732da2be40c4801\MSBuild.ni.exe
- 2009-07-14 05:12 . 2009-07-14 05:12 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\d9cbc5fcb026e53eb732da2be40c4801\MSBuild.ni.exe
- 2009-07-14 05:11 . 2009-07-14 05:11 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\93374f3b7034e8f0af28cf29f414b4a3\MMCFxCommon.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\93374f3b7034e8f0af28cf29f414b4a3\MMCFxCommon.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 681472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\a1915651e71eee2c2b3e8426635d4882\Microsoft.WSMan.Management.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 681472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\a1915651e71eee2c2b3e8426635d4882\Microsoft.WSMan.Management.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\e4b082e3a05677a6f7c7f6788e2c199c\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\e4b082e3a05677a6f7c7f6788e2c199c\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\b2cbb4455a455e0e6e818145f01ada52\Microsoft.Vsa.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\b2cbb4455a455e0e6e818145f01ada52\Microsoft.Vsa.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 368640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vbe.Inter#\fec992bea56a8d18d69310c11cb5e525\Microsoft.Vbe.Interop.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 368640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vbe.Inter#\fec992bea56a8d18d69310c11cb5e525\Microsoft.Vbe.Interop.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\9643c01420289d3d19c4dca052f134a2\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\9643c01420289d3d19c4dca052f134a2\Microsoft.Transactions.Bridge.Dtc.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f02d034122441d309f3ae09af49c7112\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f02d034122441d309f3ae09af49c7112\Microsoft.PowerShell.ConsoleHost.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\9e6b2bb3b87482c32389e4fbe256713b\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\9e6b2bb3b87482c32389e4fbe256713b\Microsoft.PowerShell.GraphicalHost.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\977d76ad58402ae474d37603c93aa531\Microsoft.PowerShell.Security.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\977d76ad58402ae474d37603c93aa531\Microsoft.PowerShell.Security.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\086b8671970a5b83d0bf863a3507c8be\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\086b8671970a5b83d0bf863a3507c8be\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:15 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\db222f5c7d1af1472a9b67ea6852dbff\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\db222f5c7d1af1472a9b67ea6852dbff\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\d88f7b13e8d66c90e39c74eb37b37be6\Microsoft.MediaCenter.ITVVM.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\d88f7b13e8d66c90e39c74eb37b37be6\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ba9aa87aed0fbb2e73d96a63e9c7d184\Microsoft.MediaCenter.Playback.ni.dll
- 2010-02-24 08:01 . 2010-02-24 08:01 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ba9aa87aed0fbb2e73d96a63e9c7d184\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b4a3f00db7f25e1a49e12e81d23c8bcf\Microsoft.MediaCenter.Sports.ni.dll
- 2010-02-24 08:01 . 2010-02-24 08:01 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b4a3f00db7f25e1a49e12e81d23c8bcf\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b4a0f11b8ed7b9878393ca21128a630e\Microsoft.MediaCenter.iTv.Media.ni.dll
- 2010-02-24 08:02 . 2010-02-24 08:02 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b4a0f11b8ed7b9878393ca21128a630e\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\4d2e43f6764f572b1923ee49bafdf187\Microsoft.MediaCenter.Interop.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\4d2e43f6764f572b1923ee49bafdf187\Microsoft.MediaCenter.Interop.ni.dll
- 2010-02-24 08:02 . 2010-02-24 08:02 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1dff598776c032c1848aed70117fdf6a\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1dff598776c032c1848aed70117fdf6a\Microsoft.MediaCenter.iTv.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 797696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\92af4acb9fb3d8c89c5c364a1ad6b230\Microsoft.ManagementConsole.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 797696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\92af4acb9fb3d8c89c5c364a1ad6b230\Microsoft.ManagementConsole.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\7c284a54a9fc21e1088d530b20abb317\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\7c284a54a9fc21e1088d530b20abb317\Microsoft.Build.Utilities.v3.5.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\40772a4afd4cdbafe979b99d58dee15a\Microsoft.Build.Utilities.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\40772a4afd4cdbafe979b99d58dee15a\Microsoft.Build.Utilities.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\8b04595e9e93810a9e3280c322705823\Microsoft.Build.Framework.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\8b04595e9e93810a9e3280c322705823\Microsoft.Build.Framework.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\8654df2ef6c54c77fdfb64faeccdba1f\Microsoft.Build.Framework.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\8654df2ef6c54c77fdfb64faeccdba1f\Microsoft.Build.Framework.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\a08908c466da0a0cfddbcee5a7877a63\Microsoft.Build.Conversion.v3.5.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\a08908c466da0a0cfddbcee5a7877a63\Microsoft.Build.Conversion.v3.5.ni.dll
- 2010-02-24 08:03 . 2010-02-24 08:03 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\6bea6fa4b16b03024ebc50f7e899edf5\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\6bea6fa4b16b03024ebc50f7e899edf5\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\7fda6d00a394764772ddeb2d89356db6\Mcx2Dvcs.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\7fda6d00a394764772ddeb2d89356db6\Mcx2Dvcs.ni.dll
- 2010-02-24 08:03 . 2010-02-24 08:03 545792 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\0d1b180c124a3c801774150950be3c7b\mcupdate.ni.exe
+ 2012-01-31 20:12 . 2012-01-31 20:12 545792 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\0d1b180c124a3c801774150950be3c7b\mcupdate.ni.exe
+ 2012-01-31 20:09 . 2012-01-31 20:09 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\42c5dfa7dd79b677f5b17ffc54bbe8b9\mcstoredb.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\42c5dfa7dd79b677f5b17ffc54bbe8b9\mcstoredb.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\273f1af93768c9657960805f908a1234\mcplayerinterop.ni.dll
- 2010-02-24 08:03 . 2010-02-24 08:03 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\273f1af93768c9657960805f908a1234\mcplayerinterop.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\44d9d0a4591c0868dd41a2637c0b2ccf\mcGlidHostObj.ni.dll
- 2010-02-24 08:03 . 2010-02-24 08:03 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\44d9d0a4591c0868dd41a2637c0b2ccf\mcGlidHostObj.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\665aeadf0a5df52506deffdf95a63dd7\MCESidebarCtrl.ni.dll
- 2010-02-24 08:03 . 2010-02-24 08:03 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\665aeadf0a5df52506deffdf95a63dd7\MCESidebarCtrl.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 123392 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureWPF\d59ca4a4432a871514b7c1d186b395d6\FeatureWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 108544 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureWPF\2fe94ee3acd812cf7be9c5ad194e34a1\FeatureWPF.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 108544 c:\windows\assembly\NativeImages_v2.0.50727_64\FeatureWPF\2fe94ee3acd812cf7be9c5ad194e34a1\FeatureWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 273408 c:\windows\assembly\NativeImages_v2.0.50727_64\featurecplu\f02781f9112fc15cd683f95fe238425f\featurecplu.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 273408 c:\windows\assembly\NativeImages_v2.0.50727_64\featurecplu\f02781f9112fc15cd683f95fe238425f\featurecplu.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 364544 c:\windows\assembly\NativeImages_v2.0.50727_64\featurecplu\6851172c7969b8e364e1a9dd6ebafcba\featurecplu.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\d1083cb166af041842fc0f91e249a3c8\EventViewer.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\d1083cb166af041842fc0f91e249a3c8\EventViewer.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 102912 c:\windows\assembly\NativeImages_v2.0.50727_64\environmentcplu\a9ce060042195659ceb44653c8543b73\environmentcplu.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 101376 c:\windows\assembly\NativeImages_v2.0.50727_64\environmentcplu\802b0bec3d97396bbb67bf918ce82022\environmentcplu.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 101376 c:\windows\assembly\NativeImages_v2.0.50727_64\environmentcplu\802b0bec3d97396bbb67bf918ce82022\environmentcplu.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\ce64568b9e2d1b17f4c6dce244a25dc9\ehRecObj.ni.dll
- 2010-02-24 08:01 . 2010-02-24 08:01 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\ce64568b9e2d1b17f4c6dce244a25dc9\ehRecObj.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\ef41822bae98abb5b4c1b8a3391b3f3b\ehiWUapi.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\ef41822bae98abb5b4c1b8a3391b3f3b\ehiWUapi.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\c5f1939782cdb26b31869184a40b96ed\ehiwmp.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\c5f1939782cdb26b31869184a40b96ed\ehiwmp.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\522f56539335bf090a5a6d7652f417ad\ehiUserXp.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\522f56539335bf090a5a6d7652f417ad\ehiUserXp.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\7cbb74460c640f4382c9a5aa793a37a7\ehiiTv.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\7cbb74460c640f4382c9a5aa793a37a7\ehiiTv.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\2d6644b6f204eb452f034d56624111cd\ehiExtens.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\2d6644b6f204eb452f034d56624111cd\ehiExtens.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\cfc24c3d237b3e4599f79dce93095338\ehiBmlDataCarousel.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\cfc24c3d237b3e4599f79dce93095338\ehiBmlDataCarousel.ni.dll
- 2010-02-24 08:03 . 2010-02-24 08:03 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\b91259bca4e232c3edf0cbb793613186\ehiActivScp.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\b91259bca4e232c3edf0cbb793613186\ehiActivScp.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:12 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\dfb930056924c8600b85ce7130253de1\ehExtHost.ni.exe
+ 2012-01-31 20:09 . 2012-01-31 20:09 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\dfb930056924c8600b85ce7130253de1\ehExtHost.ni.exe
+ 2012-01-31 20:09 . 2012-01-31 20:09 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\2bffa7f7660d5bbcef94efcf884de19b\ehCIR.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:12 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\2bffa7f7660d5bbcef94efcf884de19b\ehCIR.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\0a65298ce17ed417867b48a06a532f94\CustomMarshalers.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\0a65298ce17ed417867b48a06a532f94\CustomMarshalers.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 631296 c:\windows\assembly\NativeImages_v2.0.50727_64\Controls\b729ab8d1c458de0c66223ada57caa7e\Controls.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 631296 c:\windows\assembly\NativeImages_v2.0.50727_64\Controls\b729ab8d1c458de0c66223ada57caa7e\Controls.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 643584 c:\windows\assembly\NativeImages_v2.0.50727_64\Controls\0690c06d5e84d2c20b885abfd4fa5fb1\Controls.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 785408 c:\windows\assembly\NativeImages_v2.0.50727_64\contentcplu\8b3155eb078ba9b7ad924fc78a268674\contentcplu.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 513536 c:\windows\assembly\NativeImages_v2.0.50727_64\contentcplu\311034f7f1bdf17a0a42f09802c96818\contentcplu.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 513536 c:\windows\assembly\NativeImages_v2.0.50727_64\contentcplu\311034f7f1bdf17a0a42f09802c96818\contentcplu.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 879104 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentBase\87c29b02712ed28010f5efabe3fb9516\ContentBase.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 879104 c:\windows\assembly\NativeImages_v2.0.50727_64\ContentBase\87c29b02712ed28010f5efabe3fb9516\ContentBase.ni.dll
+ 2012-01-31 20:08 . 2012-01-31 20:08 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\d952d0839d44e8ea350fa270df6f6bc7\ComSvcConfig.ni.exe
- 2009-07-14 05:01 . 2009-07-14 05:01 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\d952d0839d44e8ea350fa270df6f6bc7\ComSvcConfig.ni.exe
- 2010-06-24 14:32 . 2010-06-24 14:32 267264 c:\windows\assembly\NativeImages_v2.0.50727_64\CmdInterface\f18dc03b09692887b5b10f50c1f024e6\CmdInterface.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 267264 c:\windows\assembly\NativeImages_v2.0.50727_64\CmdInterface\f18dc03b09692887b5b10f50c1f024e6\CmdInterface.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 285696 c:\windows\assembly\NativeImages_v2.0.50727_64\CmdInterface\b46b916b8640ad76b571373ddc1bdef3\CmdInterface.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 114688 c:\windows\assembly\NativeImages_v2.0.50727_64\clrloadu\57bea01f9b24d1914210f3b79816a3e5\clrloadu.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 110592 c:\windows\assembly\NativeImages_v2.0.50727_64\clrloadu\39073254d09e4f2d9b6db086dca46666\clrloadu.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 110592 c:\windows\assembly\NativeImages_v2.0.50727_64\clrloadu\39073254d09e4f2d9b6db086dca46666\clrloadu.ni.dll
+ 2012-01-31 19:02 . 2012-01-31 19:02 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\d97c4c44c3139b5a8b5af2e21392cb6b\BDATunePIA.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeaturecplu\7193be964874d016ed1dd345910ec6d3\asmfeaturecplu.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 611840 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeaturecplu\0f3d066066effbe0e733f0e7fd6170eb\asmfeaturecplu.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 611840 c:\windows\assembly\NativeImages_v2.0.50727_64\asmfeaturecplu\0f3d066066effbe0e733f0e7fd6170eb\asmfeaturecplu.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 233472 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationWPF\a7ac4d81bc774a61605c0e45d601159f\AnnotationWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 210432 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationWPF\0cb4160dd56c5c012e760dc718569e1a\AnnotationWPF.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 210432 c:\windows\assembly\NativeImages_v2.0.50727_64\AnnotationWPF\0cb4160dd56c5c012e760dc718569e1a\AnnotationWPF.ni.dll
+ 2012-01-31 19:03 . 2012-01-31 19:03 335872 c:\windows\assembly\NativeImages_v2.0.50727_64\annotationcplu\d336a807d228d5b94c5416e2b472ef0b\annotationcplu.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 295936 c:\windows\assembly\NativeImages_v2.0.50727_64\annotationcplu\494740bd9a067e6d46e03f545f2f1d05\annotationcplu.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 295936 c:\windows\assembly\NativeImages_v2.0.50727_64\annotationcplu\494740bd9a067e6d46e03f545f2f1d05\annotationcplu.ni.dll
- 2009-07-14 02:34 . 2012-01-31 16:20 9961472 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2012-02-03 00:42 9961472 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-01-31 21:00 . 2012-01-31 21:00 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\d23388948ad58ad0fbd4eb2b8ce3af84\WindowsBase.ni.dll
+ 2012-02-01 02:41 . 2012-02-01 02:41 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\5a2dc348e7292fe2927385e4a31a4532\UIAutomationClientsideProviders.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\9a1aea68b24af9040536b0677c6c35ab\System.Xml.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e814961ae6ed88dea384d113dca52c04\System.Xaml.ni.dll
+ 2012-02-01 02:41 . 2012-02-01 02:41 1601024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.WorkflowServ#\b581bfffc1808ae8b75717f2a8dd2135\System.WorkflowServices.ni.dll
+ 2012-02-01 02:41 . 2012-02-01 02:41 2887680 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Run#\e69d85c8210a988b4c104948f04cf5aa\System.Workflow.Runtime.ni.dll
+ 2012-02-01 02:41 . 2012-02-01 02:41 5909504 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Com#\52cd2eea5350877e82c9a9820eee4fbe\System.Workflow.ComponentModel.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 3743744 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Act#\572967d338f59ea254e9c1affc52695d\System.Workflow.Activities.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\1d65501f517ac04f851625cfc1c20abb\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 2287104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\43728abc794e8a2f8b9178d83299f691\System.Web.Services.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 2964480 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Mobile\ae6e69ee7b8f89872246462ba8b6b186\System.Web.Mobile.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 3805184 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\6d04600d11baa5d8a09b594b591d0572\System.Web.Extensions.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 1100800 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\5a312292936c549b4a013fac180e2187\System.Web.Extensions.Design.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 5599232 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\4c3d1f744e5edf4b2ee6a6001c4e19c3\System.Web.DataVisualization.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\680da560f61c4c594f504fe784c04d20\System.Speech.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\ee537f5c792668106adacdcd2e5b185f\System.ServiceModel.Discovery.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 1506816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\cfbec2879ae56c6bb8b1ba78a92694e9\System.ServiceModel.Web.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\3d07edda7a71c988260a553534cab32a\System.ServiceModel.Activities.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\f68180d9f4ade9c313f9ad20422eb1c0\System.Runtime.Serialization.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\b719608cfb73833aec4ffb15928325ec\System.Runtime.DurableInstancing.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\7fd539a7cc8fba27e16b0e32ba41eb54\System.Printing.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\1bb0e129449a55ddd883368e3aa3c922\System.Management.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\06cd9761b93a2882309d01af90f9cc9c\System.IdentityModel.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\5a86b6067f001cef079bde90f001d54d\System.EnterpriseServices.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 2290688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\a167f693a1c75650b73e1c63231d879d\System.Drawing.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\860ec610fac6c83debf77d84c6145ab4\System.DirectoryServices.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 1217536 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\39f9fc075ec143345b32e19c2f9a2dde\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\410945be3ec8a637b6cd6eae72e43368\System.Deployment.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\d9c354c0ac635de922c7d53d4619fdb6\System.Data.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\98dd37909515a67fd621cfafd612c24e\System.Data.SqlXml.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 2702848 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Services\0bd655a7f8793293240accf4c65758c8\System.Data.Services.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 1798656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\7f671e2b6e3112a0eef84f8353b628b9\System.Data.Services.Client.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 1498112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.OracleC#\5707bdff115f1265354a1c22f2026b9a\System.Data.OracleClient.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\eb7264494ea0af497b92ea427e942ac2\System.Data.Linq.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 1750528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity.#\18688c8627c24053b0b967d88210548b\System.Data.Entity.Design.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\88d89c2eb5f36a33cec8d1734c311f23\System.Configuration.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\e7b35e6834805f513151c702f842ee65\System.ComponentModel.Composition.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\1540d14fd301d62241d230fa88f0b8ff\System.Activities.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\a68d1111d860d0af6810bbcd4f117c87\System.Activities.Presentation.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\da9be9b930c7a4cf948213101d6ef289\System.Activities.Core.Presentation.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 4232704 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\38ca6544a50c75f91f387f242a7b3f5c\ReachFramework.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\c9bb3f12c4f6f255805f1415f8ec3bb4\PresentationUI.ni.dll
+ 2012-01-31 21:00 . 2012-01-31 21:00 1891328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationBuildTa#\7eb9804c4cfe7519f599481fc0963b5c\PresentationBuildTasks.ni.dll
+ 2012-01-31 21:00 . 2012-01-31 21:00 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\a48478443ecab348f6ec13b2c8a2a9bb\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-01-31 21:00 . 2012-01-31 21:00 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\8d82f84f064acfa2e734042c688fd599\Microsoft.VisualBasic.ni.dll
+ 2012-01-31 21:00 . 2012-01-31 21:00 1829888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\61b5e642d21b7e31457885975af7ce11\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\72cbd2497c6b84681a6926a84be01f5c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-01 02:40 . 2012-02-01 02:40 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\fdec29103893482cb31213e4f7d7bfcf\Microsoft.JScript.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\5776a31cf6c5891f87a52a801f9e1f09\Microsoft.CSharp.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 6004736 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build\f1d04aa2110520e93378c661211c6190\Microsoft.Build.ni.dll
+ 2012-02-01 02:38 . 2012-02-01 02:38 3820544 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Tas#\429fdb22ae5604c289ae4cf16b3ba581\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 2521088 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Eng#\4822820cf3af306793ecfc6f88d91306\Microsoft.Build.Engine.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 1007104 c:\windows\assembly\NativeImages_v4.0.30319_64\AspNetMMCExt\122733b12d421862dca6ce320ac6b733\AspNetMMCExt.ni.dll
+ 2012-01-31 20:08 . 2012-01-31 20:08 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\ac9379a0db1d8da11fbc46f09da411db\UIAutomationClientsideProviders.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 1223168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\c62d9d8bb2b22f8eaf9d8cbbf6123e47\System.WorkflowServices.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 1971712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\e8804a70f32e7804d259792e7d27b5b8\System.Workflow.Runtime.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 4462080 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\f638262978c936c3303c8f23e6da9e13\System.Workflow.ComponentModel.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 2871808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\a0ba653e91dcb6fbbfb94e37e18ed736\System.Workflow.Activities.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\e3a0483820fafd51c8cd4576de6eb45f\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 2334208 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\f2f7d93088dc2d346d680763d464c03f\System.Web.Mobile.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 3126784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\3722b214046f3e48d9e78d9adf233263\System.Web.Extensions.ni.dll
+ 2012-01-31 20:07 . 2012-01-31 20:07 4535808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\a439f6190b9ad82d9345292736777c85\System.Web.DataVisualization.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\6663f8ba0327399c1a5b313707cff36f\System.Speech.ni.dll
+ 2012-01-31 20:05 . 2012-01-31 20:05 1086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d40d01d24635877797a3c389510d9c3a\System.ServiceModel.Web.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a19563d781ccd0807a41d27701d485c6\System.ServiceModel.Activities.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9be7f7f68d488eb02161d3f0663a61a4\System.ServiceModel.Discovery.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\7c4eea005578d9990f604fda345fb2b4\System.Management.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\16c385f23b5e493899f0d206dfb60094\System.IdentityModel.ni.dll
+ 2012-01-31 20:05 . 2012-01-31 20:05 2026496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\66ebacc95030b565991917af67cbd885\System.Data.Services.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\c05998cb3411b039bdfb5d852e1413be\System.Data.Services.Client.ni.dll
+ 2012-01-31 20:05 . 2012-01-31 20:05 1424384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\3713bc9e571e75a2f26a3b082b3f2609\System.Data.Entity.Design.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\614f6f698d269e2c56bf23feba58551c\Microsoft.JScript.ni.dll
+ 2012-01-31 19:06 . 2012-01-31 19:06 4893696 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\385daef1d59c01201d35cdd277f99a56\WindowsBase.ni.dll
+ 2012-01-31 20:58 . 2012-01-31 20:58 1458688 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\6817c8b1be4d98a3202e5f1f39f3bf0f\UIAutomationClientsideProviders.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 1458688 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\6817c8b1be4d98a3202e5f1f39f3bf0f\UIAutomationClientsideProviders.ni.dll
+ 2012-01-31 19:02 . 2012-01-31 19:02 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\1fb1b14199d6aec70df1a0626a3ae5f2\System.Xml.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 1817600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\9ec0a9841b8583304838b1a302ba8692\System.WorkflowServices.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 1817600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\9ec0a9841b8583304838b1a302ba8692\System.WorkflowServices.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 2707456 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\9ba1c9e1c6041122406f1f0e53ba2f23\System.Workflow.Runtime.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 2707456 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\9ba1c9e1c6041122406f1f0e53ba2f23\System.Workflow.Runtime.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 5955072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\c97362b18d680134dda4876e53c5bf7b\System.Workflow.ComponentModel.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 5955072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\c97362b18d680134dda4876e53c5bf7b\System.Workflow.ComponentModel.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\675b63f7c6567772f520661f246a5745\System.Workflow.Activities.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\675b63f7c6567772f520661f246a5745\System.Workflow.Activities.ni.dll
+ 2012-01-31 19:04 . 2012-01-31 19:04 2291712 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\9ce5b1bd7d0aaa6e1b126c9ee0509454\System.Web.Services.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\fbeb96d2a01bd1cda737af956a68f276\System.Web.Mobile.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\fbeb96d2a01bd1cda737af956a68f276\System.Web.Mobile.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\b5a98425da122b650bc8a3e85416aefd\System.Web.Extensions.Design.ni.dll
+ 2012-01-31 20:57 . 2012-01-31 20:57 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\b5a98425da122b650bc8a3e85416aefd\System.Web.Extensions.Design.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 3039232 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\8bb4b1b823a2b316df1e4c7cce03f554\System.Web.Extensions.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 3039232 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\8bb4b1b823a2b316df1e4c7cce03f554\System.Web.Extensions.ni.dll
+ 2012-01-31 20:46 . 2012-01-31 20:46 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\16237407f095bb3ecf4b2b7242205ac0\System.Speech.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\16237407f095bb3ecf4b2b7242205ac0\System.Speech.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\1de55f167e4bc82f34a10c5957a3f8fa\System.ServiceModel.Web.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\1de55f167e4bc82f34a10c5957a3f8fa\System.ServiceModel.Web.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
+ 2012-01-31 19:03 . 2012-01-31 19:03 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\28b3698c0e8eac7c31e65542ece11346\System.Runtime.Remoting.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 1453568 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\faa421f2a2b147ca0436e1176604b706\System.Printing.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 1408512 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\c58314beec308d002d31dd33ff970d5e\System.Management.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 1408512 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\c58314beec308d002d31dd33ff970d5e\System.Management.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 1433088 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\4720ef897a36c2ce494b6c3d07fce065\System.IdentityModel.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 1433088 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\4720ef897a36c2ce494b6c3d07fce065\System.IdentityModel.ni.dll
+ 2012-01-31 19:03 . 2012-01-31 19:03 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\a3af29f85ea516622318918d501118d2\System.EnterpriseServices.ni.dll
+ 2012-01-31 19:04 . 2012-01-31 19:04 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\10f1e1ffca16e550af8a8fd7685a48ef\System.Drawing.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 1229824 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ec4952b2496fe22ea1ddc4134f40c0bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-01-31 20:46 . 2012-01-31 20:46 1229824 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ec4952b2496fe22ea1ddc4134f40c0bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-01-31 19:03 . 2012-01-31 19:03 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\6db4f323fc83a2a96893e68f4bd884f1\System.DirectoryServices.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\ade09e27235d706799db94f0b2927d6b\System.Deployment.ni.dll
+ 2012-01-31 19:03 . 2012-01-31 19:03 8692736 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\46a0336046744a9f29986b208b8d38d4\System.Data.ni.dll
+ 2012-01-31 19:02 . 2012-01-31 19:02 3461632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\38cdb4fcac8b0356349074bcdadf1242\System.Data.SqlXml.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 1846272 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\ec719b41906b7f5f36e9e56d78536736\System.Data.Services.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 1846272 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\ec719b41906b7f5f36e9e56d78536736\System.Data.Services.ni.dll
+ 2012-01-31 20:46 . 2012-01-31 20:46 1289728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\bb3fdc8c23d0e5100bd2527b86cbdb35\System.Data.Services.Client.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 1289728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\bb3fdc8c23d0e5100bd2527b86cbdb35\System.Data.Services.Client.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\389b8b01b52a86adf86ad3e67e5b106c\System.Data.OracleClient.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\3efef1e85e4d21d110810092a149a1db\System.Data.Linq.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\3efef1e85e4d21d110810092a149a1db\System.Data.Linq.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\588d1fefc348f77fddff11eb8cbaf4ad\System.Data.Entity.Design.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\588d1fefc348f77fddff11eb8cbaf4ad\System.Data.Entity.Design.ni.dll
- 2009-07-14 04:59 . 2009-07-14 04:59 3312128 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\27ed9d7013e71f31cacdf8cc438386b6\System.Core.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 3312128 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\27ed9d7013e71f31cacdf8cc438386b6\System.Core.ni.dll
+ 2012-01-31 19:02 . 2012-01-31 19:02 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\907b2b3dae591e0484acfc0ea63e8caa\System.Configuration.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 7919104 c:\windows\assembly\NativeImages_v2.0.50727_64\sldcoreu\b2cce5690f2f7e63b21998f9f8f332d0\sldcoreu.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 7919104 c:\windows\assembly\NativeImages_v2.0.50727_64\sldcoreu\b2cce5690f2f7e63b21998f9f8f332d0\sldcoreu.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 9039872 c:\windows\assembly\NativeImages_v2.0.50727_64\sldcoreu\adfbebf4d065ddd6332a8f1fb050dbad\sldcoreu.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 1102848 c:\windows\assembly\NativeImages_v2.0.50727_64\Sketchcplu\3705bcafa0e832686f12ca933cb30e5c\Sketchcplu.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 3101696 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\9e0b99b0feee814bf6903b84b439062f\ReachFramework.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 1717248 c:\windows\assembly\NativeImages_v2.0.50727_64\propertiesManagerWPF\f2ae3a02ed7dc33db273071932a8107c\propertiesManagerWPF.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 1717248 c:\windows\assembly\NativeImages_v2.0.50727_64\propertiesManagerWPF\f2ae3a02ed7dc33db273071932a8107c\propertiesManagerWPF.ni.dll
+ 2012-01-31 19:18 . 2012-01-31 19:18 2369536 c:\windows\assembly\NativeImages_v2.0.50727_64\propertiesManagerWPF\70a772446b0858be8be081d1b291b9f4\propertiesManagerWPF.ni.dll
+ 2012-01-31 19:16 . 2012-01-31 19:16 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\d37ad70182405d23182e6f77a65b78c9\PresentationUI.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 1881088 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\a84ed51bd593854ce6f6b03c79bb4d60\PresentationBuildTasks.ni.dll
+ 2012-01-31 20:21 . 2012-01-31 20:21 1881088 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\a84ed51bd593854ce6f6b03c79bb4d60\PresentationBuildTasks.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 2824704 c:\windows\assembly\NativeImages_v2.0.50727_64\office\a0dce2c8ba68ee34b86779a7cfd58963\office.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 2824704 c:\windows\assembly\NativeImages_v2.0.50727_64\office\a0dce2c8ba68ee34b86779a7cfd58963\office.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\47e9e64ff5a0e590af9e5f60c3117847\Narrator.ni.exe
+ 2012-01-31 20:21 . 2012-01-31 20:21 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\47e9e64ff5a0e590af9e5f60c3117847\Narrator.ni.exe
+ 2012-01-31 20:21 . 2012-01-31 20:21 2327040 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\495a1d4acb8ce34924a0bc7ceffd429e\MMCEx.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 2327040 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\495a1d4acb8ce34924a0bc7ceffd429e\MMCEx.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 7966208 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\73b796cc49c55b223858782918919496\MIGUIControls.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 7966208 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\73b796cc49c55b223858782918919496\MIGUIControls.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1ec65ef1b8265780b3a6e7f1855db885\Microsoft.VisualBasic.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1ec65ef1b8265780b3a6e7f1855db885\Microsoft.VisualBasic.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 1598464 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\7c736f85b98360c906c6ccc153931a98\Microsoft.Transactions.Bridge.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 1598464 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\7c736f85b98360c906c6ccc153931a98\Microsoft.Transactions.Bridge.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\92d313330e2c3509d67fa7c8e681a901\Microsoft.PowerShell.GPowerShell.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\92d313330e2c3509d67fa7c8e681a901\Microsoft.PowerShell.GPowerShell.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 5351424 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6204c8a819a23a094bd23bdf4578c8c6\Microsoft.PowerShell.Editor.ni.dll
+ 2012-01-31 20:14 . 2012-01-31 20:14 5351424 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6204c8a819a23a094bd23bdf4578c8c6\Microsoft.PowerShell.Editor.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 2175488 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3ca926afb9383daf9ad84816af6a9f6b\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 2175488 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3ca926afb9383daf9ad84816af6a9f6b\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0a11d9aba2b9bf69ebef503a095c98d5\Microsoft.PowerShell.Commands.Management.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0a11d9aba2b9bf69ebef503a095c98d5\Microsoft.PowerShell.Commands.Management.ni.dll
- 2010-06-24 14:33 . 2010-06-24 14:33 8210432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.In#\2e82e0c3480d964137e13470f3090558\Microsoft.Office.Interop.Excel.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 8210432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.In#\2e82e0c3480d964137e13470f3090558\Microsoft.Office.Interop.Excel.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:15 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ee3743298769df9dc5b50aaa50b4eb10\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ee3743298769df9dc5b50aaa50b4eb10\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cbf0146c5b229d3f305e122cffcfdc05\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cbf0146c5b229d3f305e122cffcfdc05\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\a72f2fd0e100adbd91f34e7fde91e756\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\a72f2fd0e100adbd91f34e7fde91e756\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\7a86064db0d16db088f073ecea4b3324\Microsoft.MediaCenter.UI.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\7a86064db0d16db088f073ecea4b3324\Microsoft.MediaCenter.UI.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 1516032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\65fc30e8b26e301b45debb9de9aaedc7\Microsoft.MediaCenter.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:12 1516032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\65fc30e8b26e301b45debb9de9aaedc7\Microsoft.MediaCenter.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 3208192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\c4efec9d2692e87ba29c75572aacb379\Microsoft.JScript.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 3208192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\c4efec9d2692e87ba29c75572aacb379\Microsoft.JScript.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\a74c0d3c245f65a65128a8c23836a9b6\Microsoft.Ink.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\a74c0d3c245f65a65128a8c23836a9b6\Microsoft.Ink.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 2677760 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\afa2a27bb5f516c5f936dcd8b433a541\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 2677760 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\afa2a27bb5f516c5f936dcd8b433a541\Microsoft.Build.Tasks.v3.5.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\7f1c7140aee3faf4922b875ff93e369b\Microsoft.Build.Tasks.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\7f1c7140aee3faf4922b875ff93e369b\Microsoft.Build.Tasks.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\b5b6e58ead9f4c317071660c1ffb19f8\Microsoft.Build.Engine.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\b5b6e58ead9f4c317071660c1ffb19f8\Microsoft.Build.Engine.ni.dll
- 2009-07-14 05:11 . 2009-07-14 05:11 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\689c3a35026857a3ff1319a14c0d8fbb\Microsoft.Build.Engine.ni.dll
+ 2012-01-31 20:12 . 2012-01-31 20:12 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\689c3a35026857a3ff1319a14c0d8fbb\Microsoft.Build.Engine.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:13 2796032 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\c1e88f651b6b845984b3914251ce0895\mcstore.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 2796032 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\c1e88f651b6b845984b3914251ce0895\mcstore.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 4075520 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\93a7d7ec303eed0273237473e115adaa\mcepg.ni.dll
- 2010-02-24 08:01 . 2010-02-24 08:01 4075520 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\93a7d7ec303eed0273237473e115adaa\mcepg.ni.dll
+ 2012-01-31 20:10 . 2012-01-31 20:10 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\830055622018eb5a0b67f22944164b36\ehiVidCtl.ni.dll
- 2010-02-24 08:01 . 2010-02-24 08:01 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\830055622018eb5a0b67f22944164b36\ehiVidCtl.ni.dll
- 2009-07-14 06:21 . 2009-07-14 06:12 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\6e20af225fed130229d83c931eaba05a\ehiProxy.ni.dll
+ 2012-01-31 20:09 . 2012-01-31 20:09 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\6e20af225fed130229d83c931eaba05a\ehiProxy.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 1338368 c:\windows\assembly\NativeImages_v2.0.50727_64\couplingBase\e873c91b08eb68cb70b51d5b16d1499c\couplingBase.ni.dll
+ 2012-01-31 19:41 . 2012-01-31 19:41 1338368 c:\windows\assembly\NativeImages_v2.0.50727_64\couplingBase\e873c91b08eb68cb70b51d5b16d1499c\couplingBase.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 1707520 c:\windows\assembly\NativeImages_v2.0.50727_64\couplingBase\76f8727df7b7cf77411615399e7f1c8c\couplingBase.ni.dll
+ 2012-01-31 19:17 . 2012-01-31 19:17 2125824 c:\windows\assembly\NativeImages_v2.0.50727_64\apicoupleru\e34765fd168f01fa6092d77a7e6268b7\apicoupleru.ni.dll
+ 2012-01-31 19:42 . 2012-01-31 19:42 1109504 c:\windows\assembly\NativeImages_v2.0.50727_64\apicoupleru\aa76c927b9b2bc0e30f8e05008a277ee\apicoupleru.ni.dll
- 2010-06-24 14:32 . 2010-06-24 14:32 1109504 c:\windows\assembly\NativeImages_v2.0.50727_64\apicoupleru\aa76c927b9b2bc0e30f8e05008a277ee\apicoupleru.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 17290752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\7850c7a1f97fc3980b67ed7d31416aea\System.Windows.Forms.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 15761920 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\866ef200ca7a2ed4f26835709646125d\System.Web.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\41ff109cc439d1cdb05465f9101261c3\System.ServiceModel.ni.dll
+ 2012-02-01 02:37 . 2012-02-01 02:37 13300736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\6be8e8e57a83372e41481009ef6de482\System.Design.ni.dll
+ 2012-02-01 02:39 . 2012-02-01 02:39 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\f0634b66ceb548b635218f02f1101f18\System.Data.Entity.ni.dll
+ 2012-01-31 20:59 . 2012-01-31 20:59 10439168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\06e5638d1925f6cf87ff8fad1ef06d75\System.Core.ni.dll
+ 2012-02-01 02:36 . 2012-02-01 02:36 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\9b5148ac4ab43aa07d5dbcfbe54ceaf5\PresentationFramework.ni.dll
+ 2012-02-01 02:35 . 2012-02-01 02:35 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\ffb7c7fb374f445e39f7224134ebca02\PresentationCore.ni.dll
+ 2012-01-31 20:06 . 2012-01-31 20:06 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\559ebac0a85ae55da09827b8048f77bd\System.ServiceModel.ni.dll
+ 2012-01-31 20:05 . 2012-01-31 20:05 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\78afce4e1bd3d345ef1fff004659191c\System.Data.Entity.ni.dll
+ 2012-01-31 19:02 . 2012-01-31 19:02 10597376 c:\windows\assembly\NativeImages_v2.0.50727_64\System\247913fa7ae6fcf04ea33d28d24ab611\System.ni.dll
+ 2012-01-31 19:05 . 2012-01-31 19:05 17378816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\2e0044fa7cabadce65fa8964fe2c90dd\System.Windows.Forms.ni.dll
+ 2012-01-31 19:04 . 2012-01-31 19:04 15227392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\d753bba0990df9a19883f05d5b681d3b\System.Web.ni.dll
+ 2012-01-31 19:20 . 2012-01-31 19:20 23812096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\0270a4b611f4102a46c03a3703a19871\System.ServiceModel.ni.dll
- 2009-07-14 05:12 . 2009-07-14 05:12 11898880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\37b559c3217d06feba7d07abbc389972\System.Management.Automation.ni.dll
+ 2012-01-31 20:13 . 2012-01-31 20:13 11898880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\37b559c3217d06feba7d07abbc389972\System.Management.Automation.ni.dll
+ 2012-01-31 19:04 . 2012-01-31 19:04 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\eb22b2810da7ec92a78291c48bf7e74d\System.Design.ni.dll
- 2009-07-14 05:13 . 2009-07-14 05:13 13757952 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\3049e7deee3d68d5b005d89b7e06e3db\System.Data.Entity.ni.dll
+ 2012-01-31 20:45 . 2012-01-31 20:45 13757952 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\3049e7deee3d68d5b005d89b7e06e3db\System.Data.Entity.ni.dll
+ 2012-01-31 19:16 . 2012-01-31 19:16 19164160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\0c6622a25e6d1a5957990b371875f679\PresentationFramework.ni.dll
+ 2012-01-31 19:06 . 2012-01-31 19:06 16513536 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\fca77b7d373c52493f2bbaca2bd7d2fb\PresentationCore.ni.dll
+ 2012-01-31 19:01 . 2012-01-31 19:01 15566848 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9a017aa8d51322f18a40f414fa35872d\mscorlib.ni.dll
+ 2012-01-31 20:11 . 2012-01-31 20:11 25462272 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\23f1ecf7930c180e290468d5769c8231\ehshell.ni.dll
- 2010-02-24 08:02 . 2010-02-24 08:02 25462272 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\23f1ecf7930c180e290468d5769c8231\ehshell.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="" [BU]
"OpenDNS Updater"="c:\program files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" [2010-06-16 839680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-02-28 273544]
"NACAgentUI"="c:\program files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe" [2011-03-09 524512]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 03:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv]
@=""
.
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [x]
R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [x]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 0196801328123901mcinstcleanup;McAfee Application Installer Cleanup (0196801328123901);c:\users\Jose\AppData\Local\Temp\019680~1.EXE [x]
R2 Apache2.2;Apache2.2;c:\server\apache\bin\httpd.exe [2010-03-04 24645]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DokanMounter;DokanMounter;c:\program files (x86)\Infringo\Rar Mount 3\Dokan\mounter.exe [2009-05-01 20992]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
R2 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328]
R2 NACAgent;Cisco NAC Agent;c:\program files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2011-03-09 1104608]
R2 PDMWorks Workgroup Server;SolidWorks Workgroup PDM Server;c:\program files (x86)\SolidWorks Corp\SolidWorks Workgroup PDM\Vault\pdmwService.exe [2011-09-27 3291648]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
R2 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-15 642416]
R3 ALSysIO;ALSysIO;c:\users\Jose\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe [2011-09-27 89160]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-30 1431888]
R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [2009-09-22 1571336]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 Lltdsyasrsect;Lltdsyasrsect; [x]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 prwntdrv;prwntdrv;c:\windows\system32\prwntdrv.sys [2010-08-25 16776]
R3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2011-08-18 109624]
R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-16 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-16 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-16 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-16 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-16 91432]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 9728]
R3 SymSnapService;SymSnapService;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-09-22 2963960]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-12-01 571248]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-02 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-09 110960]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 1021840]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 EaseUS Agent;EaseUS Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2011-08-06 60040]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-18 135664]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
R4 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [x]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2010-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-18 20:45]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2016452030-1855440420-3470329722-1005Core.job
- c:\users\Jose\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-23 09:27]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2016452030-1855440420-3470329722-1005UA.job
- c:\users\Jose\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-23 09:27]
.
2012-02-04 c:\windows\Tasks\SDMsgUpdate (SD).job
- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2010-02-01 19:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jose\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-02 16395880]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060320]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\system32\blank.htm
Trusted Zone: adobe.com\get
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\354554053502E45445: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\642514E4B43534F4C4C4943594F4E4: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}\A456272797026202A4F6567237: NameServer = 208.67.222.222,208.67.220.220
DPF: {FFFFFFFF-19EB-49E8-BB30-8DE03499D2F0} - hxxp://192.168.1.130/NetVideo.cab
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{7D60BFEC-20FE-265D-839A42C690738D89}\{0C1E6AF2-1483-C7CF-098F8C114EBC51A6}\{39CC659F-6E98-795B-B0A37C0553ACE38D}*]
"RA4KGUJC6T6LBNJRIDQ63C2L6C1"=hex:01,00,01,00,00,00,00,00,f7,8a,3d,85,55,45,07,
82,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{945169D7-C27E-315B-97A3E6913A1C7622}\{06C63AB7-5C18-FA8E-E5D32118C99A5B59}\{F7BD6AFF-A45B-6FB8-BB91AB79C0A3DA53}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,c1,da,b0,
b1,35,63,3a,77,dd,d9,a6,3c,18,44,d8,d4,86,b7,09,e6,b1,ea,fd,8c,0a,ce,c0,25,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-02-04 10:26:00
ComboFix-quarantined-files.txt 2012-02-04 15:26
ComboFix2.txt 2012-01-31 17:54
ComboFix3.txt 2012-01-31 16:42
ComboFix4.txt 2012-01-29 19:16
ComboFix5.txt 2012-02-04 15:02
.
Pre-Run: 324,458,512,384 bytes free
Post-Run: 324,567,379,968 bytes free
.
- - End Of File - - 866D443D23F34105E31F77171D23DC68

#4 jlg2012

jlg2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 04 February 2012 - 01:03 PM

The TDSS found no threats.

I should note that although the combofix log shows AVAST as my AV, this has not been the case for sometime. I have run the AVAST uninstall tool and yet AVAST still appears as my AV on combofix. McAfee is my current antivirus.

Thanks for your help!

==========TDSS LOG =========




12:58:40.0474 3708 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
12:58:41.0090 3708 ============================================================
12:58:41.0090 3708 Current date / time: 2012/02/04 12:58:41.0090
12:58:41.0090 3708 SystemInfo:
12:58:41.0090 3708
12:58:41.0090 3708 OS Version: 6.1.7600 ServicePack: 0.0
12:58:41.0090 3708 Product type: Workstation
12:58:41.0090 3708 ComputerName: JOSE-VAIO
12:58:41.0090 3708 UserName: Jose
12:58:41.0090 3708 Windows directory: C:\Windows
12:58:41.0090 3708 System windows directory: C:\Windows
12:58:41.0090 3708 Running under WOW64
12:58:41.0090 3708 Processor architecture: Intel x64
12:58:41.0090 3708 Number of processors: 8
12:58:41.0090 3708 Page size: 0x1000
12:58:41.0090 3708 Boot type: Normal boot
12:58:41.0090 3708 ============================================================
12:58:41.0427 3708 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:41.0436 3708 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:58:41.0440 3708 \Device\Harddisk0\DR0:
12:58:41.0440 3708 MBR used
12:58:41.0440 3708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1154000, BlocksNum 0x32000
12:58:41.0440 3708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1186000, BlocksNum 0x391FF830
12:58:41.0440 3708 \Device\Harddisk3\DR3:
12:58:41.0441 3708 MBR used
12:58:41.0441 3708 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x1154000, BlocksNum 0x39231000
12:58:41.0493 3708 Initialize success
12:58:41.0493 3708 ============================================================
12:58:45.0965 6828 ============================================================
12:58:45.0965 6828 Scan started
12:58:45.0965 6828 Mode: Manual;
12:58:45.0965 6828 ============================================================
12:58:46.0501 6828 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
12:58:46.0502 6828 1394ohci - ok
12:58:46.0640 6828 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
12:58:46.0641 6828 ACPI - ok
12:58:46.0744 6828 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
12:58:46.0745 6828 AcpiPmi - ok
12:58:46.0834 6828 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
12:58:46.0835 6828 adfs - ok
12:58:46.0992 6828 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
12:58:46.0995 6828 adp94xx - ok
12:58:47.0119 6828 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
12:58:47.0121 6828 adpahci - ok
12:58:47.0239 6828 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
12:58:47.0240 6828 adpu320 - ok
12:58:47.0345 6828 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
12:58:47.0347 6828 AFD - ok
12:58:47.0405 6828 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:58:47.0406 6828 agp440 - ok
12:58:47.0456 6828 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:58:47.0457 6828 aliide - ok
12:58:47.0582 6828 ALSysIO - ok
12:58:47.0715 6828 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:58:47.0715 6828 amdide - ok
12:58:47.0753 6828 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
12:58:47.0754 6828 AmdK8 - ok
12:58:47.0790 6828 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
12:58:47.0790 6828 AmdPPM - ok
12:58:47.0835 6828 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys
12:58:47.0836 6828 amdsata - ok
12:58:47.0861 6828 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
12:58:47.0862 6828 amdsbs - ok
12:58:47.0903 6828 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys
12:58:47.0903 6828 amdxata - ok
12:58:47.0993 6828 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:58:47.0995 6828 ApfiltrService - ok
12:58:48.0052 6828 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
12:58:48.0053 6828 AppID - ok
12:58:48.0156 6828 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
12:58:48.0156 6828 arc - ok
12:58:48.0198 6828 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
12:58:48.0199 6828 arcsas - ok
12:58:48.0244 6828 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
12:58:48.0244 6828 ArcSoftKsUFilter - ok
12:58:48.0295 6828 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:58:48.0296 6828 AsyncMac - ok
12:58:48.0355 6828 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:58:48.0355 6828 atapi - ok
12:58:48.0427 6828 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
12:58:48.0434 6828 athr - ok
12:58:48.0624 6828 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
12:58:48.0626 6828 b06bdrv - ok
12:58:48.0708 6828 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:58:48.0710 6828 b57nd60a - ok
12:58:48.0773 6828 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:58:48.0773 6828 Beep - ok
12:58:48.0876 6828 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
12:58:48.0876 6828 blbdrive - ok
12:58:48.0932 6828 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
12:58:48.0933 6828 bowser - ok
12:58:48.0995 6828 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
12:58:48.0996 6828 BrFiltLo - ok
12:58:49.0024 6828 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
12:58:49.0025 6828 BrFiltUp - ok
12:58:49.0107 6828 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:58:49.0108 6828 BridgeMP - ok
12:58:49.0154 6828 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:58:49.0156 6828 Brserid - ok
12:58:49.0211 6828 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:58:49.0211 6828 BrSerWdm - ok
12:58:49.0252 6828 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:58:49.0252 6828 BrUsbMdm - ok
12:58:49.0285 6828 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:58:49.0285 6828 BrUsbSer - ok
12:58:49.0324 6828 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
12:58:49.0325 6828 BthEnum - ok
12:58:49.0366 6828 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
12:58:49.0366 6828 BTHMODEM - ok
12:58:49.0401 6828 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:58:49.0402 6828 BthPan - ok
12:58:49.0450 6828 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
12:58:49.0452 6828 BTHPORT - ok
12:58:49.0557 6828 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
12:58:49.0558 6828 BTHUSB - ok
12:58:49.0632 6828 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
12:58:49.0633 6828 btusbflt - ok
12:58:49.0679 6828 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
12:58:49.0680 6828 btwaudio - ok
12:58:49.0720 6828 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
12:58:49.0721 6828 btwavdt - ok
12:58:49.0778 6828 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:58:49.0778 6828 btwl2cap - ok
12:58:49.0815 6828 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
12:58:49.0816 6828 btwrchid - ok
12:58:49.0838 6828 catchme - ok
12:58:49.0907 6828 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:58:49.0908 6828 cdfs - ok
12:58:49.0967 6828 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
12:58:49.0968 6828 cdrom - ok
12:58:50.0051 6828 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
12:58:50.0051 6828 cfwids - ok
12:58:50.0106 6828 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
12:58:50.0106 6828 circlass - ok
12:58:50.0164 6828 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:58:50.0166 6828 CLFS - ok
12:58:50.0292 6828 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
12:58:50.0293 6828 CmBatt - ok
12:58:50.0341 6828 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:58:50.0342 6828 cmdide - ok
12:58:50.0387 6828 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
12:58:50.0390 6828 CNG - ok
12:58:50.0447 6828 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
12:58:50.0448 6828 Compbatt - ok
12:58:50.0497 6828 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
12:58:50.0498 6828 CompositeBus - ok
12:58:50.0618 6828 cpuz132 (c9c25778efe890baa4087e32937016a0) C:\Windows\system32\drivers\cpuz132_x64.sys
12:58:50.0619 6828 cpuz132 - ok
12:58:50.0672 6828 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
12:58:50.0673 6828 crcdisk - ok
12:58:50.0973 6828 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
12:58:50.0973 6828 ctxusbm - ok
12:58:51.0122 6828 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
12:58:51.0124 6828 DfsC - ok
12:58:51.0169 6828 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:58:51.0169 6828 discache - ok
12:58:51.0274 6828 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
12:58:51.0275 6828 Disk - ok
12:58:51.0399 6828 Dokan - ok
12:58:51.0532 6828 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:58:51.0533 6828 drmkaud - ok
12:58:51.0668 6828 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
12:58:51.0674 6828 DXGKrnl - ok
12:58:52.0123 6828 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
12:58:52.0138 6828 ebdrv - ok
12:58:52.0327 6828 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
12:58:52.0330 6828 elxstor - ok
12:58:52.0363 6828 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:58:52.0363 6828 ErrDev - ok
12:58:52.0424 6828 EUBAKUP (074f9e4fd65756a03c9818a8942cb2f6) C:\Windows\system32\drivers\eubakup.sys
12:58:52.0424 6828 EUBAKUP - ok
12:58:52.0487 6828 EUBKMON (907c9130a3b3fd39717b5cf9a57a0e7c) C:\Windows\system32\drivers\EUBKMON.sys
12:58:52.0487 6828 EUBKMON - ok
12:58:52.0554 6828 EUDSKACS (e4ceca858b5aa84bf33eebcefbc6c09b) C:\Windows\system32\drivers\eudskacs.sys
12:58:52.0555 6828 EUDSKACS - ok
12:58:52.0614 6828 EUFDDISK (a6d46965ae1bc124eab28a734ec951e0) C:\Windows\system32\drivers\EuFdDisk.sys
12:58:52.0615 6828 EUFDDISK - ok
12:58:52.0666 6828 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:58:52.0668 6828 exfat - ok
12:58:52.0703 6828 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:58:52.0705 6828 fastfat - ok
12:58:52.0752 6828 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
12:58:52.0752 6828 fdc - ok
12:58:52.0789 6828 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:58:52.0790 6828 FileInfo - ok
12:58:52.0821 6828 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:58:52.0821 6828 Filetrace - ok
12:58:52.0893 6828 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
12:58:52.0893 6828 flpydisk - ok
12:58:52.0925 6828 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
12:58:52.0926 6828 FltMgr - ok
12:58:52.0974 6828 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:58:52.0975 6828 FsDepends - ok
12:58:53.0015 6828 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:58:53.0016 6828 Fs_Rec - ok
12:58:53.0052 6828 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
12:58:53.0053 6828 fvevol - ok
12:58:53.0111 6828 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
12:58:53.0111 6828 gagp30kx - ok
12:58:53.0183 6828 GEARAspiWDM (cb121f1009623e83ebcc2c4dcef6d3fe) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:58:53.0183 6828 GEARAspiWDM - ok
12:58:53.0238 6828 GenericMount (022807b149127b8faa3dbeb13a7d9b41) C:\Windows\system32\DRIVERS\GenericMount.sys
12:58:53.0239 6828 GenericMount - ok
12:58:53.0314 6828 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:58:53.0315 6828 hcw85cir - ok
12:58:53.0367 6828 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
12:58:53.0368 6828 HdAudAddService - ok
12:58:53.0415 6828 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
12:58:53.0416 6828 HDAudBus - ok
12:58:53.0446 6828 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
12:58:53.0446 6828 HidBatt - ok
12:58:53.0476 6828 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
12:58:53.0477 6828 HidBth - ok
12:58:53.0527 6828 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
12:58:53.0528 6828 HidIr - ok
12:58:53.0583 6828 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
12:58:53.0584 6828 HidUsb - ok
12:58:53.0660 6828 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
12:58:53.0661 6828 HpSAMD - ok
12:58:53.0718 6828 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
12:58:53.0722 6828 HTTP - ok
12:58:53.0760 6828 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
12:58:53.0761 6828 hwpolicy - ok
12:58:53.0800 6828 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:58:53.0801 6828 i8042prt - ok
12:58:53.0856 6828 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\drivers\iaStor.sys
12:58:53.0858 6828 iaStor - ok
12:58:53.0930 6828 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys
12:58:53.0932 6828 iaStorV - ok
12:58:53.0991 6828 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
12:58:53.0991 6828 iirsp - ok
12:58:54.0074 6828 Impcd (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\drivers\Impcd.sys
12:58:54.0075 6828 Impcd - ok
12:58:54.0167 6828 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
12:58:54.0177 6828 IntcAzAudAddService - ok
12:58:54.0279 6828 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:58:54.0279 6828 intelide - ok
12:58:54.0341 6828 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:58:54.0342 6828 intelppm - ok
12:58:54.0398 6828 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:58:54.0399 6828 IpFilterDriver - ok
12:58:54.0445 6828 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
12:58:54.0446 6828 IPMIDRV - ok
12:58:54.0485 6828 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:58:54.0485 6828 IPNAT - ok
12:58:54.0531 6828 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:58:54.0532 6828 IRENUM - ok
12:58:54.0561 6828 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:58:54.0562 6828 isapnp - ok
12:58:54.0609 6828 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
12:58:54.0611 6828 iScsiPrt - ok
12:58:54.0651 6828 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:58:54.0652 6828 kbdclass - ok
12:58:54.0692 6828 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
12:58:54.0693 6828 kbdhid - ok
12:58:54.0724 6828 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
12:58:54.0725 6828 KSecDD - ok
12:58:54.0763 6828 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
12:58:54.0764 6828 KSecPkg - ok
12:58:54.0811 6828 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:58:54.0812 6828 ksthunk - ok
12:58:54.0942 6828 LEqdUsb (abfd2b5726f4cce49297ae48806cc594) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
12:58:54.0942 6828 LEqdUsb - ok
12:58:54.0978 6828 LHidEqd (933f69cf9acd2498693bfcd7ed68e8d4) C:\Windows\system32\DRIVERS\LHidEqd.Sys
12:58:54.0979 6828 LHidEqd - ok
12:58:55.0025 6828 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:58:55.0026 6828 LHidFilt - ok
12:58:55.0138 6828 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:58:55.0138 6828 lltdio - ok
12:58:55.0169 6828 Lltdsyasrsect - ok
12:58:55.0277 6828 LMIInfo - ok
12:58:55.0362 6828 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
12:58:55.0362 6828 lmimirr - ok
12:58:55.0385 6828 LMIRfsClientNP - ok
12:58:55.0422 6828 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
12:58:55.0422 6828 LMIRfsDriver - ok
12:58:55.0459 6828 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:58:55.0460 6828 LMouFilt - ok
12:58:55.0523 6828 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
12:58:55.0524 6828 LSI_FC - ok
12:58:55.0560 6828 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
12:58:55.0560 6828 LSI_SAS - ok
12:58:55.0593 6828 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
12:58:55.0593 6828 LSI_SAS2 - ok
12:58:55.0633 6828 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
12:58:55.0634 6828 LSI_SCSI - ok
12:58:55.0675 6828 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:58:55.0676 6828 luafv - ok
12:58:55.0752 6828 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
12:58:55.0753 6828 mcdbus - ok
12:58:55.0856 6828 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
12:58:55.0856 6828 megasas - ok
12:58:55.0890 6828 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
12:58:55.0891 6828 MegaSR - ok
12:58:55.0933 6828 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
12:58:55.0934 6828 mfeapfk - ok
12:58:55.0979 6828 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
12:58:55.0981 6828 mfeavfk - ok
12:58:56.0034 6828 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
12:58:56.0037 6828 mfefirek - ok
12:58:56.0097 6828 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
12:58:56.0100 6828 mfehidk - ok
12:58:56.0159 6828 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
12:58:56.0160 6828 mfenlfk - ok
12:58:56.0203 6828 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
12:58:56.0204 6828 mferkdet - ok
12:58:56.0286 6828 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
12:58:56.0288 6828 mfewfpk - ok
12:58:56.0350 6828 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:58:56.0350 6828 Modem - ok
12:58:56.0404 6828 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:58:56.0405 6828 monitor - ok
12:58:56.0442 6828 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:58:56.0443 6828 mouclass - ok
12:58:56.0465 6828 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:58:56.0465 6828 mouhid - ok
12:58:56.0489 6828 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
12:58:56.0490 6828 mountmgr - ok
12:58:56.0511 6828 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
12:58:56.0512 6828 mpio - ok
12:58:56.0536 6828 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:58:56.0537 6828 mpsdrv - ok
12:58:56.0554 6828 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
12:58:56.0555 6828 MRxDAV - ok
12:58:56.0600 6828 mrxsmb (ab5892797c4114640ba333949568de8c) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:58:56.0602 6828 mrxsmb - ok
12:58:56.0676 6828 mrxsmb10 (81a38f7aeeb265634b05ae5f3f29fbc4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:58:56.0678 6828 mrxsmb10 - ok
12:58:56.0699 6828 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:58:56.0700 6828 mrxsmb20 - ok
12:58:56.0718 6828 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
12:58:56.0719 6828 msahci - ok
12:58:56.0757 6828 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
12:58:56.0758 6828 msdsm - ok
12:58:56.0822 6828 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:58:56.0823 6828 Msfs - ok
12:58:56.0856 6828 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:58:56.0857 6828 mshidkmdf - ok
12:58:56.0873 6828 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:58:56.0873 6828 msisadrv - ok
12:58:56.0907 6828 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:58:56.0908 6828 MSKSSRV - ok
12:58:56.0927 6828 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:58:56.0930 6828 MSPCLOCK - ok
12:58:56.0977 6828 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:58:56.0978 6828 MSPQM - ok
12:58:57.0006 6828 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
12:58:57.0011 6828 MsRPC - ok
12:58:57.0049 6828 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:58:57.0050 6828 mssmbios - ok
12:58:57.0073 6828 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:58:57.0074 6828 MSTEE - ok
12:58:57.0102 6828 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
12:58:57.0103 6828 MTConfig - ok
12:58:57.0122 6828 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:58:57.0123 6828 Mup - ok
12:58:57.0269 6828 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:58:57.0273 6828 NativeWifiP - ok
12:58:57.0366 6828 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
12:58:57.0378 6828 NDIS - ok
12:58:57.0402 6828 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:58:57.0404 6828 NdisCap - ok
12:58:57.0435 6828 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:58:57.0436 6828 NdisTapi - ok
12:58:57.0460 6828 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
12:58:57.0461 6828 Ndisuio - ok
12:58:57.0500 6828 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:58:57.0502 6828 NdisWan - ok
12:58:57.0534 6828 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
12:58:57.0536 6828 NDProxy - ok
12:58:57.0577 6828 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:58:57.0578 6828 NetBIOS - ok
12:58:57.0602 6828 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
12:58:57.0606 6828 NetBT - ok
12:58:57.0662 6828 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
12:58:57.0664 6828 nfrd960 - ok
12:58:57.0685 6828 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:58:57.0687 6828 Npfs - ok
12:58:57.0713 6828 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:58:57.0714 6828 nsiproxy - ok
12:58:57.0785 6828 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
12:58:57.0805 6828 Ntfs - ok
12:58:57.0823 6828 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:58:57.0824 6828 Null - ok
12:58:57.0888 6828 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
12:58:57.0888 6828 NVHDA - ok
12:58:58.0140 6828 nvlddmkm (9d1b69708732b57d1dbc0f648692a04b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:58:58.0194 6828 nvlddmkm - ok
12:58:58.0327 6828 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys
12:58:58.0331 6828 nvraid - ok
12:58:58.0354 6828 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys
12:58:58.0357 6828 nvstor - ok
12:58:58.0407 6828 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:58:58.0409 6828 nv_agp - ok
12:58:58.0445 6828 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:58:58.0447 6828 ohci1394 - ok
12:58:58.0514 6828 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
12:58:58.0516 6828 Parport - ok
12:58:58.0538 6828 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
12:58:58.0539 6828 partmgr - ok
12:58:58.0570 6828 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
12:58:58.0573 6828 pci - ok
12:58:58.0600 6828 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:58:58.0601 6828 pciide - ok
12:58:58.0633 6828 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
12:58:58.0637 6828 pcmcia - ok
12:58:58.0671 6828 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:58:58.0672 6828 pcw - ok
12:58:58.0711 6828 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:58:58.0720 6828 PEAUTH - ok
12:58:58.0810 6828 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
12:58:58.0812 6828 PptpMiniport - ok
12:58:58.0839 6828 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
12:58:58.0841 6828 Processor - ok
12:58:58.0918 6828 prwntdrv (577c79b8f5c6a6925f6ef0ae1b0d4051) C:\Windows\system32\prwntdrv.sys
12:58:58.0921 6828 prwntdrv - ok
12:58:58.0959 6828 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
12:58:58.0961 6828 Psched - ok
12:58:59.0006 6828 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:58:59.0007 6828 PxHlpa64 - ok
12:58:59.0069 6828 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
12:58:59.0088 6828 ql2300 - ok
12:58:59.0107 6828 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
12:58:59.0110 6828 ql40xx - ok
12:58:59.0135 6828 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:58:59.0137 6828 QWAVEdrv - ok
12:58:59.0176 6828 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:58:59.0177 6828 RasAcd - ok
12:58:59.0224 6828 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:58:59.0226 6828 RasAgileVpn - ok
12:58:59.0249 6828 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:58:59.0252 6828 Rasl2tp - ok
12:58:59.0296 6828 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:58:59.0298 6828 RasPppoe - ok
12:58:59.0325 6828 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:58:59.0327 6828 RasSstp - ok
12:58:59.0351 6828 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
12:58:59.0356 6828 rdbss - ok
12:58:59.0383 6828 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
12:58:59.0384 6828 rdpbus - ok
12:58:59.0426 6828 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:58:59.0427 6828 RDPCDD - ok
12:58:59.0445 6828 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:58:59.0447 6828 RDPENCDD - ok
12:58:59.0474 6828 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:58:59.0475 6828 RDPREFMP - ok
12:58:59.0498 6828 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
12:58:59.0501 6828 RDPWD - ok
12:58:59.0526 6828 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
12:58:59.0529 6828 rdyboost - ok
12:58:59.0575 6828 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
12:58:59.0576 6828 regi - ok
12:58:59.0639 6828 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:58:59.0642 6828 RFCOMM - ok
12:58:59.0709 6828 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
12:58:59.0711 6828 rimspci - ok
12:58:59.0776 6828 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:58:59.0778 6828 RimUsb - ok
12:58:59.0807 6828 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:58:59.0808 6828 RimVSerPort - ok
12:58:59.0856 6828 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
12:58:59.0857 6828 risdsnpe - ok
12:58:59.0902 6828 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
12:58:59.0903 6828 ROOTMODEM - ok
12:58:59.0948 6828 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:58:59.0950 6828 rspndr - ok
12:59:00.0076 6828 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:59:00.0076 6828 SASDIFSV - ok
12:59:00.0121 6828 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:59:00.0122 6828 SASKUTIL - ok
12:59:00.0150 6828 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
12:59:00.0152 6828 sbp2port - ok
12:59:00.0249 6828 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
12:59:00.0250 6828 SCDEmu - ok
12:59:00.0278 6828 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
12:59:00.0279 6828 scfilter - ok
12:59:00.0311 6828 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
12:59:00.0313 6828 sdbus - ok
12:59:00.0366 6828 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:59:00.0367 6828 secdrv - ok
12:59:00.0421 6828 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
12:59:00.0423 6828 Serenum - ok
12:59:00.0458 6828 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
12:59:00.0461 6828 Serial - ok
12:59:00.0493 6828 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
12:59:00.0495 6828 sermouse - ok
12:59:00.0555 6828 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
12:59:00.0556 6828 SFEP - ok
12:59:00.0580 6828 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:59:00.0581 6828 sffdisk - ok
12:59:00.0598 6828 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:59:00.0600 6828 sffp_mmc - ok
12:59:00.0625 6828 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
12:59:00.0626 6828 sffp_sd - ok
12:59:00.0658 6828 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
12:59:00.0660 6828 sfloppy - ok
12:59:00.0706 6828 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
12:59:00.0708 6828 SiSRaid2 - ok
12:59:00.0754 6828 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
12:59:00.0757 6828 SiSRaid4 - ok
12:59:00.0794 6828 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:59:00.0797 6828 Smb - ok
12:59:00.0906 6828 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:59:00.0907 6828 spldr - ok
12:59:00.0967 6828 srv (37c3abc2338010e110d2a6a3930f3149) C:\Windows\system32\DRIVERS\srv.sys
12:59:00.0974 6828 srv - ok
12:59:00.0999 6828 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
12:59:01.0005 6828 srv2 - ok
12:59:01.0047 6828 srvnet (cce32bb223e9ff55d241099a858fa889) C:\Windows\system32\DRIVERS\srvnet.sys
12:59:01.0050 6828 srvnet - ok
12:59:01.0098 6828 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
12:59:01.0099 6828 stexstor - ok
12:59:01.0152 6828 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
12:59:01.0153 6828 StillCam - ok
12:59:01.0191 6828 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:59:01.0192 6828 swenum - ok
12:59:01.0287 6828 symsnap (2d9b2746f7dea46d1572b84a06311566) C:\Windows\system32\DRIVERS\symsnap.sys
12:59:01.0290 6828 symsnap - ok
12:59:01.0360 6828 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
12:59:01.0382 6828 Tcpip - ok
12:59:01.0433 6828 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
12:59:01.0442 6828 TCPIP6 - ok
12:59:01.0472 6828 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
12:59:01.0474 6828 tcpipreg - ok
12:59:01.0501 6828 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:59:01.0503 6828 TDPIPE - ok
12:59:01.0527 6828 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:59:01.0528 6828 TDTCP - ok
12:59:01.0550 6828 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
12:59:01.0552 6828 tdx - ok
12:59:01.0612 6828 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
12:59:01.0613 6828 TermDD - ok
12:59:01.0681 6828 tifsfilter (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
12:59:01.0682 6828 tifsfilter - ok
12:59:01.0740 6828 timounter (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
12:59:01.0749 6828 timounter - ok
12:59:01.0795 6828 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:59:01.0797 6828 tssecsrv - ok
12:59:01.0850 6828 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
12:59:01.0853 6828 tunnel - ok
12:59:01.0898 6828 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
12:59:01.0915 6828 TurboB - ok
12:59:01.0968 6828 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
12:59:01.0969 6828 uagp35 - ok
12:59:01.0998 6828 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
12:59:02.0004 6828 udfs - ok
12:59:02.0059 6828 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:59:02.0061 6828 uliagpkx - ok
12:59:02.0086 6828 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
12:59:02.0088 6828 umbus - ok
12:59:02.0129 6828 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
12:59:02.0130 6828 UmPass - ok
12:59:02.0179 6828 USBAAPL64 (9e58997a211c8c9ac9e6cffa53614a73) C:\Windows\system32\Drivers\usbaapl64.sys
12:59:02.0181 6828 USBAAPL64 - ok
12:59:02.0211 6828 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
12:59:02.0213 6828 usbccgp - ok
12:59:02.0252 6828 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:59:02.0255 6828 usbcir - ok
12:59:02.0276 6828 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys
12:59:02.0278 6828 usbehci - ok
12:59:02.0322 6828 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
12:59:02.0327 6828 usbhub - ok
12:59:02.0351 6828 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
12:59:02.0353 6828 usbohci - ok
12:59:02.0394 6828 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:59:02.0395 6828 usbprint - ok
12:59:02.0444 6828 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:59:02.0446 6828 usbscan - ok
12:59:02.0494 6828 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:59:02.0496 6828 USBSTOR - ok
12:59:02.0553 6828 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
12:59:02.0554 6828 usbuhci - ok
12:59:02.0592 6828 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
12:59:02.0596 6828 usbvideo - ok
12:59:02.0654 6828 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
12:59:02.0656 6828 usb_rndisx - ok
12:59:02.0695 6828 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:59:02.0696 6828 vdrvroot - ok
12:59:02.0725 6828 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:59:02.0727 6828 vga - ok
12:59:02.0748 6828 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:59:02.0749 6828 VgaSave - ok
12:59:02.0779 6828 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
12:59:02.0783 6828 vhdmp - ok
12:59:02.0817 6828 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:59:02.0818 6828 viaide - ok
12:59:02.0845 6828 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
12:59:02.0846 6828 volmgr - ok
12:59:02.0880 6828 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
12:59:02.0885 6828 volmgrx - ok
12:59:02.0922 6828 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
12:59:02.0926 6828 volsnap - ok
12:59:03.0005 6828 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\Windows\system32\DRIVERS\vpchbus.sys
12:59:03.0008 6828 vpcbus - ok
12:59:03.0053 6828 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\Windows\system32\DRIVERS\vpcnfltr.sys
12:59:03.0054 6828 vpcnfltr - ok
12:59:03.0084 6828 vpcusb (31924e31bc315773e6d149b157db46d5) C:\Windows\system32\DRIVERS\vpcusb.sys
12:59:03.0086 6828 vpcusb - ok
12:59:03.0144 6828 vpcvmm (c5b651e52540e6f46da66574c74b4898) C:\Windows\system32\drivers\vpcvmm.sys
12:59:03.0146 6828 vpcvmm - ok
12:59:03.0198 6828 VProEventMonitor (8b7454930230db4bc4ba35a467be09aa) C:\Windows\system32\DRIVERS\vproeventmonitor.sys
12:59:03.0199 6828 VProEventMonitor - ok
12:59:03.0253 6828 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
12:59:03.0256 6828 vsmraid - ok
12:59:03.0319 6828 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:59:03.0320 6828 vwifibus - ok
12:59:03.0347 6828 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:59:03.0349 6828 vwififlt - ok
12:59:03.0400 6828 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:59:03.0401 6828 vwifimp - ok
12:59:03.0427 6828 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
12:59:03.0429 6828 WacomPen - ok
12:59:03.0464 6828 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:59:03.0466 6828 WANARP - ok
12:59:03.0472 6828 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:59:03.0473 6828 Wanarpv6 - ok
12:59:03.0528 6828 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
12:59:03.0529 6828 Wd - ok
12:59:03.0562 6828 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:59:03.0570 6828 Wdf01000 - ok
12:59:03.0612 6828 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:59:03.0613 6828 WfpLwf - ok
12:59:03.0653 6828 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
12:59:03.0656 6828 WimFltr - ok
12:59:03.0683 6828 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:59:03.0684 6828 WIMMount - ok
12:59:03.0788 6828 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
12:59:03.0790 6828 WinUsb - ok
12:59:03.0813 6828 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:59:03.0814 6828 WmiAcpi - ok
12:59:03.0862 6828 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:59:03.0864 6828 ws2ifsl - ok
12:59:03.0940 6828 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
12:59:03.0942 6828 WudfPf - ok
12:59:04.0012 6828 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:59:04.0016 6828 WUDFRd - ok
12:59:04.0066 6828 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
12:59:04.0073 6828 yukonw7 - ok
12:59:04.0167 6828 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:59:04.0232 6828 \Device\Harddisk0\DR0 - ok
12:59:04.0236 6828 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
12:59:04.0239 6828 \Device\Harddisk3\DR3 - ok
12:59:04.0241 6828 Boot (0x1200) (0be04fff32027d7e31a79b159e226c5f) \Device\Harddisk0\DR0\Partition0
12:59:04.0242 6828 \Device\Harddisk0\DR0\Partition0 - ok
12:59:04.0263 6828 Boot (0x1200) (7363624974a354f94787d5bee1dd5097) \Device\Harddisk0\DR0\Partition1
12:59:04.0265 6828 \Device\Harddisk0\DR0\Partition1 - ok
12:59:04.0268 6828 Boot (0x1200) (4b49048a46fb0de1ab83cbe41608aef3) \Device\Harddisk3\DR3\Partition0
12:59:04.0270 6828 \Device\Harddisk3\DR3\Partition0 - ok
12:59:04.0270 6828 ============================================================
12:59:04.0270 6828 Scan finished
12:59:04.0270 6828 ============================================================
12:59:04.0279 2192 Detected object count: 0
12:59:04.0279 2192 Actual detected object count: 0
12:59:14.0574 5816 Deinitialize success

Edited by jlg2012, 04 February 2012 - 01:10 PM.


#5 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:57 AM

Posted 05 February 2012 - 07:31 AM

Hello,

Could you attach the following log C:\ComboFix\ComboFix-quarantined-files.txt - it would be good to see what ComboFix has removed in the past before we proceed.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#6 jlg2012

jlg2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 05 February 2012 - 07:45 AM

2012-01-31 16:40:57 . 2012-01-31 16:40:57 152 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-dplaysvr.reg.dat
2012-01-30 07:19:19 . 2012-01-30 05:51:22 114,736 ----a-w- C:\Qoobox\Quarantine\C\Users\Jose\AppData\Local\dplayx.dll.vir
2011-07-24 12:36:05 . 2012-02-04 15:24:10 2,364 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-Locked.reg.dat
2011-07-23 19:30:17 . 2011-07-23 19:30:17 134 ----a-w- C:\Qoobox\Quarantine\C\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cmkknibx.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\chrome.manifest.vir
2011-07-23 19:30:17 . 2011-07-23 19:30:17 1,672 ----a-w- C:\Qoobox\Quarantine\C\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cmkknibx.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\chrome\xulcache.jar.vir
2011-07-23 19:30:17 . 2011-07-23 19:30:17 256 ----a-w- C:\Qoobox\Quarantine\C\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cmkknibx.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\defaults\preferences\xulcache.js.vir
2011-07-23 19:30:17 . 2011-07-23 19:30:17 771 ----a-w- C:\Qoobox\Quarantine\C\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cmkknibx.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\install.rdf.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 134 ----a-w- C:\Qoobox\Quarantine\C\Users\work.Jose-VAIO\AppData\Roaming\Mozilla\Firefox\Profiles\you5xwl8.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\chrome.manifest.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 1,672 ----a-w- C:\Qoobox\Quarantine\C\Users\work.Jose-VAIO\AppData\Roaming\Mozilla\Firefox\Profiles\you5xwl8.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\chrome\xulcache.jar.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 256 ----a-w- C:\Qoobox\Quarantine\C\Users\work.Jose-VAIO\AppData\Roaming\Mozilla\Firefox\Profiles\you5xwl8.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\defaults\preferences\xulcache.js.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 771 ----a-w- C:\Qoobox\Quarantine\C\Users\work.Jose-VAIO\AppData\Roaming\Mozilla\Firefox\Profiles\you5xwl8.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\install.rdf.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 134 ----a-w- C:\Qoobox\Quarantine\C\Users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\g775c8jl.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\chrome.manifest.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 1,672 ----a-w- C:\Qoobox\Quarantine\C\Users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\g775c8jl.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\chrome\xulcache.jar.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 256 ----a-w- C:\Qoobox\Quarantine\C\Users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\g775c8jl.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\defaults\preferences\xulcache.js.vir
2011-07-23 19:30:16 . 2011-07-23 19:30:16 771 ----a-w- C:\Qoobox\Quarantine\C\Users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\g775c8jl.default\extensions\{80b812be-8439-43df-8fb7-9e1b68f59bd9}\install.rdf.vir
2011-02-13 21:38:47 . 2011-02-13 21:38:47 544 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-{FBBC4667-2521-4E78-B1BD-8706F774549B}.reg.dat
2011-02-13 21:38:47 . 2011-02-13 21:38:47 1,380 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-Adobe Shockwave Player.reg.dat
2011-02-13 21:38:39 . 2011-02-13 21:38:39 127 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Apoint.reg.dat
2011-02-13 21:13:06 . 2011-02-13 21:13:06 688 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Notify-VESWinlogon.reg.dat
2011-02-13 21:12:49 . 2011-02-13 21:12:49 97 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKCU-Run-AdobeBridge.reg.dat
2011-02-13 20:44:53 . 2012-02-04 15:21:15 20,568 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2011-02-13 20:34:46 . 2012-02-04 15:10:53 1,530 ----a-w- C:\Qoobox\Quarantine\catchme.log
2010-01-21 15:35:39 . 2011-11-08 17:13:43 47,616 ----a-w- C:\Qoobox\Quarantine\C\Users\Jose\Documents\~WRL0003.tmp.vir
2010-01-21 15:35:39 . 2010-09-13 16:25:40 50,176 ----a-w- C:\Qoobox\Quarantine\C\Users\Jose\Documents\~WRL3687.tmp.vir
2010-01-18 20:47:45 . 2010-01-18 20:47:42 165,888 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\java.exe.vir
2007-11-07 13:03:18 . 2007-11-07 13:03:18 562,688 ----a-w- C:\Qoobox\Quarantine\C\install.exe.vir


Here is my last malwarebytes log. I am not sure if this would be any help.

HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders|SecurityProviders (Trojan.FakeMS) -> Bad: (AtsoccUfzuvy.dll) Good: () -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Windows\System32\AtsoccUfzuvy.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Users\Jose\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7JF5VRH2\10[1].exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Users\Jose\AppData\Local\Temp\7416.tmp (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\AtsoccUfzuvy.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.

Edited by jlg2012, 05 February 2012 - 07:47 AM.


#7 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:57 AM

Posted 05 February 2012 - 07:59 AM

OK, thanks :thumbup2:

Let's get a scan with another tool:

We need to create an OTL Report
  • Please download OTL from here
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#8 jlg2012

jlg2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 05 February 2012 - 08:16 AM

OTL

OTL logfile created on: 2/5/2012 8:00:35 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jose\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.20 Gb Available Physical Memory | 53.44% Memory free
11.96 Gb Paging File | 8.70 Gb Available in Paging File | 72.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.00 Gb Total Space | 305.57 Gb Free Space | 66.87% Space Free | Partition Type: NTFS

Computer Name: JOSE-VAIO | User Name: Jose | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/05 07:59:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jose\Desktop\OTL.exe
PRC - [2011/12/14 06:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011/12/09 16:16:00 | 000,161,336 | ---- | M] (Google) -- C:\Users\Jose\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/09/27 02:07:00 | 003,291,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files (x86)\SolidWorks Corp\SolidWorks Workgroup PDM\Vault\pdmwService.exe
PRC - [2011/03/09 17:49:00 | 000,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
PRC - [2011/03/09 17:48:18 | 001,104,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
PRC - [2011/02/28 16:10:54 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2010/08/17 20:58:17 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2010/06/16 16:42:58 | 000,839,680 | ---- | M] () -- C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
PRC - [2010/06/02 19:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/03/11 00:05:52 | 000,071,024 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
PRC - [2010/03/04 10:27:50 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\server\apache\bin\httpd.exe
PRC - [2009/11/30 22:20:00 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/11/30 22:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/11/20 11:58:20 | 002,557,296 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe
PRC - [2009/10/13 14:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/10/13 14:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/10/01 21:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
PRC - [2009/09/14 22:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/09/14 21:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/07/13 20:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/05/01 18:29:12 | 000,020,992 | ---- | M] () -- C:\Program Files (x86)\Infringo\Rar Mount 3\Dokan\mounter.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/07/24 14:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2010/08/17 20:58:16 | 000,111,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\5.0.375.127\rlz.dll
MOD - [2010/08/17 20:56:51 | 000,071,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\5.0.375.127\avutil-50.dll
MOD - [2010/08/17 20:56:50 | 000,151,608 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\5.0.375.127\avformat-52.dll
MOD - [2010/08/17 20:56:49 | 001,186,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\5.0.375.127\avcodec-52.dll
MOD - [2010/08/17 19:25:58 | 005,964,752 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\5.0.375.127\gcswf32.dll
MOD - [2010/06/16 16:42:58 | 000,839,680 | ---- | M] () -- C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
MOD - [2010/06/02 19:51:08 | 000,095,528 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/06/02 19:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/08/17 22:54:46 | 000,136,520 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2008/10/26 05:42:14 | 000,065,376 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2006/10/27 15:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/12/06 17:16:02 | 000,208,536 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/12/06 17:15:46 | 000,199,272 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/11/30 08:49:35 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/11/18 16:36:42 | 000,161,168 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/09/27 04:00:24 | 000,089,160 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV:64bit: - [2011/08/17 20:04:36 | 000,109,624 | ---- | M] (Mentor Graphics Corporation) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2012)
SRV:64bit: - [2011/08/11 18:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/06/17 02:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/04/20 09:50:52 | 001,021,840 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2009/11/30 22:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/11/02 12:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/09/17 02:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2009/09/16 16:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/09/08 21:09:20 | 000,110,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2009/09/04 16:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/09/02 00:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011/12/14 06:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/11/30 08:56:26 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/09/27 02:07:00 | 003,291,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [Auto | Running] -- C:\Program Files (x86)\SolidWorks Corp\SolidWorks Workgroup PDM\Vault\pdmwService.exe -- (PDMWorks Workgroup Server)
SRV - [2011/08/05 23:52:46 | 000,060,040 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2011/03/09 17:48:18 | 001,104,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe -- (NACAgent)
SRV - [2010/06/24 09:31:07 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 10:27:50 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\server\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/30 22:20:00 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/10/24 06:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/10/15 19:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/10/15 19:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/10/15 19:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/10/15 19:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/10/15 19:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/10/13 14:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/10/01 21:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2009/09/21 20:25:34 | 001,571,336 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2009/09/21 20:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009/09/14 22:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/09/14 22:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/09/14 21:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/08/31 04:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/08/31 04:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/01 18:29:12 | 000,020,992 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Infringo\Rar Mount 3\Dokan\mounter.exe -- (DokanMounter)
SRV - [2009/02/06 20:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/09/18 13:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/01/29 16:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/07/24 14:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/01/04 22:48:50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/15 12:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,481,768 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/10/15 12:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,160,280 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/10/15 12:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/10/15 12:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/08/05 23:52:40 | 000,189,576 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:64bit: - [2011/08/05 23:52:38 | 000,050,312 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:64bit: - [2011/08/05 23:52:32 | 000,019,592 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:64bit: - [2011/08/05 23:52:30 | 000,044,680 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/04/30 06:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/04/30 06:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/04/30 06:59:10 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/04/30 06:59:10 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2010/12/01 15:05:16 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2010/09/17 15:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010/09/17 15:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010/08/25 18:39:00 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\prwntdrv.sys -- (prwntdrv)
DRV:64bit: - [2010/07/16 09:30:08 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010/07/16 09:30:08 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2010/04/27 13:40:40 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/04/12 03:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/11/18 15:03:16 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/11/18 15:03:15 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/11/18 15:03:15 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/11/18 15:03:13 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/11/18 15:02:45 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/11/06 15:34:48 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/11/06 15:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009/11/05 01:30:19 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/04 04:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/11/02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/27 15:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/13 14:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/05 10:08:44 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/10/01 22:03:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009/09/22 20:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009/09/22 20:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/09/22 20:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 20:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/09/21 20:40:14 | 000,020,528 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009/09/21 20:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009/09/21 20:20:42 | 000,170,032 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009/09/15 15:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/08/19 15:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/07/31 15:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 19:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/13 18:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/08 06:02:14 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2009/05/26 17:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/03/27 01:23:54 | 000,019,432 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:64bit: - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/01/09 16:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/04/17 12:12:54 | 000,019,304 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/04/17 14:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2010/08/25 18:39:00 | 000,013,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\prwntdrv.sys -- (prwntdrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/08 05:57:40 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2009/05/01 19:37:28 | 000,060,928 | R-S- | M] (Windows ® Codename Longhorn DDK provider) [File_System | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\dokan.sys -- (Dokan)
DRV - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/04/17 23:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = DC 62 9C 02 AC 4F 10 40 BE 5C 81 9D AC 19 51 BE [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = DC 62 9C 02 AC 4F 10 40 BE 5C 81 9D AC 19 51 BE [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = DC 62 9C 02 AC 4F 10 40 BE 5C 81 9D AC 19 51 BE [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = DC 62 9C 02 AC 4F 10 40 BE 5C 81 9D AC 19 51 BE [binary data]

IE - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
IE - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = DC 62 9C 02 AC 4F 10 40 BE 5C 81 9D AC 19 51 BE [binary data]
IE - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@protomold.com/ProtomoldProtoView: C:\Program Files (x86)\Protomold\ProtoView\nppview.dll (Protomold)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jose\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jose\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jose\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jose\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/03/14 10:32:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/02/04 10:08:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: G:\ANDREINA\New folder\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: G:\ANDREINA\New folder\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 12:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 11:17:45 | 000,000,000 | ---D | M]

[2012/01/29 13:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/03 12:55:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/03/11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/03/11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/03/11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/03/11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/10/14 16:21:24 | 000,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files (x86)\mozilla firefox\plugins\npEModelPlugin.dll
[2010/03/11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2010/03/11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2011/12/20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/12/20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012/01/31 11:34:41 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120201141759.dll (McAfee, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120204062121.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005..\Run: [OpenDNS Updater] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2016452030-1855440420-3470329722-1005\..Trusted Domains: adobe.com ([get] http in Trusted sites)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFFFFFFF-19EB-49E8-BB30-8DE03499D2F0} http://192.168.1.130/NetVideo.cab (NetClientOCX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F73DCE4-4155-4351-A0B8-5D5F66293778}: NameServer = 208.67.222.222,208.67.220.220
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/05 08:00:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jose\Desktop\OTL.exe
[2012/02/04 15:29:27 | 002,059,312 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jose\Desktop\tdsskiller (2).exe
[2012/02/04 10:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/02/04 10:29:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/04 10:26:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/02/01 14:18:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2012/02/01 14:17:59 | 000,010,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2012/02/01 14:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2012/02/01 14:17:54 | 000,481,768 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2012/02/01 14:17:54 | 000,284,648 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2012/02/01 14:17:54 | 000,229,528 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2012/02/01 14:17:54 | 000,100,912 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2012/02/01 14:17:54 | 000,075,808 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2012/02/01 14:17:54 | 000,065,264 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2012/02/01 14:17:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2012/02/01 14:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2012/02/01 14:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2012/02/01 14:17:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2012/02/01 14:01:54 | 000,161,168 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2012/02/01 14:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/02/01 09:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/02/01 09:06:27 | 000,000,000 | ---D | C] -- C:\6078496c0fc3f4e04c
[2012/01/31 13:53:52 | 000,000,000 | ---D | C] -- C:\a1fe1b2e11b37796bcd8
[2012/01/31 12:15:21 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2012/01/31 09:09:50 | 000,073,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL$DDNI-sqlctr10.3.5500.0.dll
[2012/01/31 09:09:49 | 000,089,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SQSRVRES.DLL
[2012/01/31 08:56:44 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/01/31 08:41:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/31 08:41:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/31 04:17:52 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/01/30 17:59:24 | 000,145,224 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\LnkProtect.dll
[2012/01/30 17:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/01/30 14:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2012/01/30 14:19:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Cisco
[2012/01/30 08:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/01/30 08:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/01/30 08:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/01/27 17:33:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RsFx
[2012/01/27 17:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2012/01/27 17:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
[2012/01/27 17:26:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2012/01/27 17:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012/01/27 17:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012/01/27 17:26:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/01/27 17:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2012/01/27 17:19:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2012/01/27 17:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2012/01/27 17:18:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2012/01/27 17:17:38 | 000,000,000 | ---D | C] -- C:\Users\Jose\Documents\Visual Studio 2008
[2012/01/27 17:16:07 | 000,000,000 | ---D | C] -- C:\Users\Jose\Documents\Visual Studio 2010
[2012/01/27 17:08:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft F#
[2012/01/27 17:08:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2012/01/27 17:08:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2012/01/27 17:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2012/01/27 17:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2012/01/25 17:30:51 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012/01/25 17:30:51 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/01/25 17:30:51 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012/01/25 17:30:51 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/01/25 17:30:51 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012/01/25 17:30:51 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/01/25 17:30:51 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/01/25 17:30:51 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[1 C:\Users\Jose\Desktop\*.tmp files -> C:\Users\Jose\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/05 07:59:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jose\Desktop\OTL.exe
[2012/02/05 07:59:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/05 07:53:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2016452030-1855440420-3470329722-1005UA.job
[2012/02/04 15:29:27 | 002,059,312 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jose\Desktop\tdsskiller (2).exe
[2012/02/04 15:27:15 | 000,029,957 | ---- | M] () -- C:\Users\Jose\Desktop\ITINVOICE_LEHIGH_242012.pdf
[2012/02/04 12:41:58 | 000,875,894 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/04 12:41:58 | 000,730,972 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/04 12:41:58 | 000,147,408 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/04 12:08:49 | 000,002,014 | -H-- | M] () -- C:\Users\Jose\Documents\Default.rdp
[2012/02/04 10:38:17 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/04 10:38:17 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/04 10:33:59 | 000,001,788 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2012/02/04 10:29:16 | 000,000,460 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (SD).job
[2012/02/04 10:28:44 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/02/04 10:27:45 | 522,768,383 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/04 09:58:55 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2016452030-1855440420-3470329722-1005Core.job
[2012/02/01 09:22:05 | 000,404,488 | ---- | M] () -- C:\Users\Jose\Documents\cc_20120201_092149.reg
[2012/01/31 14:31:50 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 13:49:50 | 000,000,000 | ---- | M] () -- C:\Users\Jose\defogger_reenable
[2012/01/31 11:34:41 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/01/31 10:20:53 | 000,871,956 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/31 04:17:52 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/01/31 04:02:45 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012/01/30 17:59:24 | 000,145,224 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\LnkProtect.dll
[2012/01/30 14:19:11 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Cisco NAC Agent.lnk
[2012/01/30 08:42:15 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/01/29 13:46:05 | 000,002,056 | ---- | M] () -- C:\Users\Jose\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/01/29 13:46:05 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/01/23 02:47:26 | 000,009,272 | ---- | M] () -- C:\test.xml
[2012/01/06 12:30:44 | 663,556,164 | ---- | M] () -- C:\Windows\MEMORY.DMP
[1 C:\Users\Jose\Desktop\*.tmp files -> C:\Users\Jose\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/04 15:27:34 | 000,029,957 | ---- | C] () -- C:\Users\Jose\Desktop\ITINVOICE_LEHIGH_242012.pdf
[2012/02/01 14:18:50 | 000,001,788 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2012/02/01 09:21:52 | 000,404,488 | ---- | C] () -- C:\Users\Jose\Documents\cc_20120201_092149.reg
[2012/02/01 08:48:55 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2016452030-1855440420-3470329722-1005Core.job
[2012/01/31 14:31:50 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 13:49:50 | 000,000,000 | ---- | C] () -- C:\Users\Jose\defogger_reenable
[2012/01/30 17:59:49 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012/01/30 14:19:11 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Cisco NAC Agent.lnk
[2012/01/30 08:42:15 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/14 09:20:23 | 000,040,436 | ---- | C] () -- C:\Users\Jose\AppData\Local\Temp_table.xml
[2011/08/13 09:40:41 | 000,000,000 | ---- | C] () -- C:\Users\Jose\AppData\Local\Temptable.xml
[2011/07/07 20:29:10 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/27 13:12:46 | 000,098,696 | ---- | C] () -- C:\Windows\SysWow64\setupprwdrv03.exe
[2011/04/27 13:12:46 | 000,013,704 | ---- | C] () -- C:\Windows\SysWow64\prwntdrv.sys
[2011/03/03 18:23:57 | 000,001,665 | ---- | C] () -- C:\Windows\solvermfc.INI
[2011/03/01 07:12:59 | 000,008,192 | ---- | C] () -- C:\Users\Jose\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/13 15:34:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/02/13 15:34:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/02/13 15:34:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/02/13 15:34:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/02/13 15:34:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/01/18 16:44:36 | 000,253,952 | -H-- | C] () -- C:\Windows\SysWow64\AME411CODEC.DLL
[2011/01/18 16:44:36 | 000,086,016 | -H-- | C] () -- C:\Windows\SysWow64\AMD422CODEC.DLL
[2010/08/27 18:07:26 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/07/12 12:29:54 | 000,003,039 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010/07/04 08:40:45 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2010/06/24 09:33:55 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2010/03/30 12:00:32 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/02/26 11:39:43 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth2.dll
[2010/02/26 11:39:43 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth1.dll
[2010/02/26 11:39:43 | 000,000,100 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.dll
[2010/02/26 11:35:43 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010/02/26 11:35:43 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010/01/23 20:35:52 | 000,007,655 | ---- | C] () -- C:\Users\Jose\AppData\Local\Resmon.ResmonCfg
[2010/01/18 16:22:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll
[2010/01/18 16:05:07 | 000,871,956 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/05/01 19:37:36 | 000,039,424 | --S- | C] () -- C:\Windows\SysWow64\dokan.dll
[2008/12/30 15:00:44 | 000,040,996 | ---- | C] () -- C:\Windows\SysWow64\PTZUI.DLL
[2008/12/30 15:00:42 | 000,200,743 | ---- | C] () -- C:\Windows\SysWow64\CONFIGUI.DLL
[2008/12/30 15:00:40 | 000,512,037 | ---- | C] () -- C:\Windows\SysWow64\OCXRES.DLL
[2007/08/21 19:46:34 | 000,059,160 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll

< End of report >

Attached Files


Edited by Casey_boy, 05 February 2012 - 08:48 AM.
Deleted OTL Extras from post since it is also attached


#9 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:57 AM

Posted 06 February 2012 - 07:07 AM

Hi,

There doesn't appear to be much wrong in the logs there. It is quite possible that the issues you're facing are as a result of corruption from the infection.

My first few suggested steps are:

:step1: Run Checkdisk:
Click Start > Type cmd > Right click cmd and Run as Administrator > Type chkdsk C: /R /F and then hit Enter.
You will be asked to restart your PC and the tool will run before Windows re-loads. Let me know of the outcome.:step2: Run System File Checker:
Click Start > Type cmd > Right click cmd and Run as Administrator > Type sfc /scannow and then hit Enter.
The scan may take quite a while to run. Let me know of the outcome.:step3: Uninstall and then re-install McAfee.

Casey

Edited by Casey_boy, 06 February 2012 - 07:07 AM.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#10 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:57 AM

Posted 09 February 2012 - 11:42 AM

Hi,

This is a 3 day bump, hopefully you're still with me but if you do not reply within two days then this topic will be closed as stale.

Casey

Edited by Casey_boy, 09 February 2012 - 11:46 AM.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#11 jlg2012

jlg2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 09 February 2012 - 05:51 PM

Sorry about that Casey.

I ran SFCSCANNOW. It did not find anything.

Here are the chkdsk results:


--------------------------------------------------------------------.
Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
502528 file records processed. File verification completed.
448 large file records processed. 0 bad file records processed. 0 EA records processed. 106 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)...
613490 index entries processed. Index verification completed.
0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)...
502528 file SDs/SIDs processed. Cleaning up 119 unused index entries from index $SII of file 0x9.
Cleaning up 119 unused index entries from index $SDH of file 0x9.
Cleaning up 119 unused security descriptors.
CHKDSK is compacting the security descriptor stream
55482 data files processed. CHKDSK is verifying Usn Journal...
33687608 USN bytes processed. Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
502512 files processed. File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
79006799 free clusters processed. Free space verification is complete.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

479198231 KB total disk space.
162363764 KB in 383468 files.
190520 KB in 55485 indexes.
0 KB in bad sectors.
616751 KB in use by the system.
65536 KB occupied by the log file.
316027196 KB available on disk.

4096 bytes in each allocation unit.
119799557 total allocation units on disk.
79006799 allocation units available on disk


--------------------------------------------------------------------

I was able to fix the windows update issue with a MS issued "Fix it" app found here http://support.microsoft.com/mats/windows_update/.

I uninstalled Mcafee through the control panel. I then ran the Mcafee uninstall tool. After reinstalling Mcafee I still could not activate the firewall. Windows Firewall will not enable either. The MS Fix it for firewall issues isn't able to repair it.

#12 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:57 AM

Posted 10 February 2012 - 07:06 AM

Hi,

Could you please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#13 jlg2012

jlg2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 10 February 2012 - 08:11 AM

FARBAR SERVICE SCANNER


=========================================================

Farbar Service Scanner Version: 08-02-2012
Ran by Jose (administrator) on 10-02-2012 at 08:10:17
Running from "C:\Users\Jose\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 19:09] - [2009-07-13 20:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 18:36] - [2009-07-13 20:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 19:36] - [2009-07-13 20:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:57 AM

Posted 10 February 2012 - 09:03 AM

Hi,

Looks like we've found the firewall problem :)

:step1: Backup your registry
  • Please go to here and download ERUNT
  • use the setup program to install ERUNT on your computer (installer version) / unzip all the files into a folder of your choice (zipped version)
  • Open Erunt.exe (use the shortcut on your desktop if you used the installer)
  • Follow the prompts leaving the values at default


:step2: Could you please download the following file to your PC: http://download.bleepingcomputer.com/win-services/7/MpsSvc.reg

Then, logged on as an administrator, double click the file and allow it to merge into your registry. We will then have reset the registry value for the missing service. Reboot your machine and see if the firewall works. Also please re-run FSS for me.

Casey

Edited by Casey_boy, 10 February 2012 - 09:05 AM.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#15 jlg2012

jlg2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:57 PM

Posted 10 February 2012 - 10:06 AM

Seems to be all set Casey. Firewall is working fine now.

Farbar Service Scanner Version: 08-02-2012
Ran by Jose (administrator) on 10-02-2012 at 10:01:48
Running from "C:\Users\Jose\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users