Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus


  • This topic is locked This topic is locked
31 replies to this topic

#1 Jellopudding

Jellopudding

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 09 March 2012 - 04:55 PM

Hello Bleepingcomputer.com staff member,
From what I've understood, I have a Google Redirect Virus and have been instructed from this thread to post in this part of the forum with log files.

Description of problem: Sometime when I click on google chrome, I get redirected from my homepage (google.com) to this link: http://developer.yahoo.com/yql/console/
This virus has plagued my computer for quiet some time now. This morning I found my android phone also got redirected to the same yahoo link as well (resetting the phone's web browser settings to default removed the symptom but im not sure if the cause of the problem is also removed).

Attempted solutions: I have tried Norton, Malwarebytes, Zone Alarm, Spybot Search and Destroy all to no avail. Also, I tried to use Combofix (this was before I read that I am not supposed to use it without being instructed to do so) but it did not solve the problem either. Finally I tried Sophos Anti-rootkit which seemed to decrease the frequency in which my browser redirects me to the yahoo link but did not remove the problem entirely (I still occasionally get redirected, especially at night time). I have uninstalled the Sophos Anti-rootkit program prior to creating the log files which I will now attach below.

Note: I have Windows 7 Ultimate 64-bit Operating system on my computer, and according to the Prep Guide I was instructed not to create a GMER log, therefore only the DDS.txt is copy/pasted below and the Attach.txt is attached to this post.

DDS.txt below:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ramey at 16:26:13 on 2012-03-09
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2356 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: ZoneAlarm Free Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\Ramey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\OEM02Mon.exe
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ramey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
TB: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [SansaDispatch] C:\Users\Ramey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{B5E2896A-A54E-47D8-9788-1DB6FCB5BC6C} : DhcpNameServer = 192.168.0.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{B5E2896A-A54E-47D8-9788-1DB6FCB5BC6C}\25554584D20534F5E4564777F627B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B5E2896A-A54E-47D8-9788-1DB6FCB5BC6C}\35F6E6E656E63736865696E6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B5E2896A-A54E-47D8-9788-1DB6FCB5BC6C}\C41697C616E6 : DhcpNameServer = 172.16.0.1
TCP: Interfaces\{B5E2896A-A54E-47D8-9788-1DB6FCB5BC6C}\D40216E64602840234166656 : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO-X64: ZoneAlarm Security Engine Registrar - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
BHO-X64: ZoneAlarm Security - No File
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO-X64: WeCareReminder - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
TB-X64: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
mRun-x64: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
mRun-x64: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-3-2 1157240]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120308.001\IDSviA64.sys [2012-3-9 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\freemakeutilsservice\freemakeutilsservice.exe [2012-2-21 82944]
R2 FreemakeVideoCapture;FreemakeVideoCapture;C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-1-18 8704]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-3 33672]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2011-11-3 827520]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-20 652360]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccsvchst.exe [2012-1-31 130008]
R2 NBSPortDriver;NBSPortDriver;C:\Windows\system32\DRIVERS\NBSPortDriver.sys --> C:\Windows\system32\DRIVERS\NBSPortDriver.sys [?]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe [2011-9-9 135608]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-13 2218600]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe [2011-9-9 126392]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-11-16 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-7 378472]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-4-22 92592]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-3 138360]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\4A9E.tmp --> C:\Windows\system32\4A9E.tmp [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-02-29 02:46:40 -------- d-----w- C:\Users\Ramey\AppData\Local\{CAC21B78-5BC6-4BDE-A6FF-2866B14BF49C}
2012-02-29 02:46:37 -------- d-----w- C:\Users\Ramey\AppData\Local\{9B71A873-1A37-447D-8525-548ED3883BF8}
2012-02-26 06:06:03 -------- d-----w- C:\Users\Ramey\AppData\Local\{C491F0FA-1D9D-4E7F-9CB3-B9DD9C9871C3}
2012-02-26 06:02:12 -------- d-----w- C:\Users\Ramey\AppData\Local\{5AF3FA3E-E0D8-446F-8421-674F84B48F24}
2012-02-26 05:39:26 -------- d-----w- C:\Users\Ramey\AppData\Local\{B1DC354B-B344-4F82-A986-E4FF7E4162B0}
2012-02-26 05:10:09 -------- d-----w- C:\Users\Ramey\AppData\Local\{10C2F22D-9466-4135-90F8-0C2CC77731D7}
2012-02-26 04:37:32 -------- d-----w- C:\Users\Ramey\AppData\Local\{2CC0BA87-861B-4CE8-B814-0DC98850EE02}
2012-02-26 04:36:11 -------- d-----w- C:\Users\Ramey\AppData\Local\{908B7E9A-D0E3-4112-AAD9-8A5CB4F66BA3}
2012-02-26 04:02:04 -------- d-----w- C:\Users\Ramey\AppData\Local\{4F614AD4-0EDF-4541-9439-D5288467D6FE}
2012-02-26 03:50:29 -------- d-----w- C:\Users\Ramey\AppData\Local\{E37F662A-1408-4D5D-A203-53B93055C2AF}
2012-02-26 03:09:43 -------- d-----w- C:\Users\Ramey\AppData\Local\{FCD99DEE-667D-44C0-B690-485AD4A8A890}
2012-02-26 02:19:15 -------- d-----w- C:\Users\Ramey\AppData\Local\{2DF6EB24-BF25-4923-A515-F28A9CB8FC33}
2012-02-26 02:15:27 -------- d-----w- C:\Users\Ramey\AppData\Local\{648C8705-70E4-4898-B9A9-F7EDA98F4306}
2012-02-26 01:05:36 -------- d-----w- C:\Users\Ramey\AppData\Local\{8E104753-6140-4C22-BC2D-A5FFC1AA5D13}
2012-02-26 00:33:11 -------- d-----w- C:\Users\Ramey\AppData\Local\{3552A5C7-1A33-45A8-A447-38CDA3285040}
2012-02-25 23:36:29 -------- d-----w- C:\Users\Ramey\AppData\Local\{39BC1A90-0A0B-4B04-9397-26817014E0AA}
2012-02-25 17:37:34 -------- d-----w- C:\Users\Ramey\AppData\Local\{E39EF541-904B-4974-A1C5-43AB4709D740}
2012-02-25 17:26:22 -------- d-----w- C:\Users\Ramey\AppData\Local\{6B1DE6C7-8358-49CA-97F6-BC8E0AB8A181}
2012-02-25 17:25:29 -------- d-----w- C:\Users\Ramey\AppData\Local\{B1A159A3-98A0-4EDD-A3D7-7EB5CA0FF05E}
2012-02-25 17:15:26 -------- d-----w- C:\Users\Ramey\AppData\Local\{9DA69321-CC73-44ED-9C3F-69DD46648D8F}
2012-02-25 17:14:54 -------- d-----w- C:\Users\Ramey\AppData\Local\{FE6C6D31-F348-4DED-9421-FF0BDA0DBC6E}
2012-02-25 17:08:20 -------- d-----w- C:\Users\Ramey\AppData\Local\{D98D3945-FCA6-438C-BC13-A4189485CB65}
2012-02-25 17:07:10 -------- d-----w- C:\Users\Ramey\AppData\Local\{CACDE893-C41C-47F8-9BCC-A15F11D61588}
2012-02-25 17:02:05 -------- d-----w- C:\Users\Ramey\AppData\Local\{B6367A47-CB90-469C-B398-5ED8B41F0502}
2012-02-25 16:53:49 -------- d-----w- C:\Users\Ramey\AppData\Local\{89C869B9-E6A5-40EE-948A-F7435220A834}
2012-02-25 16:47:54 -------- d-----w- C:\Users\Ramey\AppData\Local\{04409D34-DF17-4A41-9969-E718F15FF7CA}
2012-02-25 16:42:59 -------- d-----w- C:\Users\Ramey\AppData\Local\{DB0B6AFB-B569-4D7A-91CA-D0788C2E60DB}
2012-02-25 16:38:18 -------- d-----w- C:\Users\Ramey\AppData\Local\{1F9E993E-03C1-4CCC-BAAD-1088AD894560}
2012-02-25 16:26:58 -------- d-----w- C:\Users\Ramey\AppData\Local\{84FD3B1D-1361-4212-9B4D-1C731E3842FA}
2012-02-25 16:24:35 -------- d-----w- C:\Users\Ramey\AppData\Local\{713134E8-26A4-46FF-9AFF-59F3054E286E}
2012-02-25 16:17:58 -------- d-----w- C:\Users\Ramey\AppData\Local\{92EF7308-7E0F-4FE1-92E1-D1CE6AA93876}
2012-02-25 16:15:54 -------- d-----w- C:\Users\Ramey\AppData\Local\{C951DA41-97D8-428D-9AB3-45EF328BF0FF}
2012-02-25 16:09:31 -------- d-----w- C:\Users\Ramey\AppData\Local\{503FF8ED-1D5A-45D9-AF17-ACFEF4173998}
2012-02-25 15:59:56 -------- d-----w- C:\Users\Ramey\AppData\Local\{B5B922AA-3245-4C3F-957B-8C512F20FC64}
2012-02-25 15:41:51 -------- d-----w- C:\Users\Ramey\AppData\Local\{EF109B3F-2A2F-48D6-8588-BD2AD872F8C6}
2012-02-25 06:25:43 -------- d-----w- C:\Users\Ramey\AppData\Local\{6B40700E-C51D-4E1F-86E7-9E35C2E5016D}
2012-02-25 05:40:34 -------- d-----w- C:\Users\Ramey\AppData\Local\{1321AEFE-7898-409D-8FA9-D43108E3D614}
2012-02-25 05:26:35 -------- d-----w- C:\Users\Ramey\AppData\Local\{F012B01E-8137-42E4-BFFB-F40E65E81E7F}
2012-02-25 04:23:35 -------- d-----w- C:\Users\Ramey\AppData\Local\{47A3B31C-3854-48DA-8D18-A90AE08C3463}
2012-02-24 04:33:59 -------- d-----w- C:\Users\Ramey\AppData\Local\{D1C5F91E-A292-4FFA-B229-66D1CD3C1FF3}
2012-02-24 04:33:48 -------- d-----w- C:\Users\Ramey\AppData\Local\{B75DA275-47CD-45F1-AF3C-90A5F0A1DA3F}
2012-02-22 22:03:41 -------- d-----w- C:\Users\Ramey\AppData\Local\{85996206-8A2C-47AE-833A-6113FD8E7087}
2012-02-22 22:03:29 -------- d-----w- C:\Users\Ramey\AppData\Local\{D0897E2D-4E70-4CF5-9E93-FF847892A71F}
2012-02-22 08:30:44 -------- d-----w- C:\Users\Ramey\AppData\Local\{A5C64CCC-A251-42CA-ADAF-4AC5050B6D1F}
2012-02-22 08:30:42 -------- d-----w- C:\Users\Ramey\AppData\Local\{FA709DE7-0410-47C0-A30B-5C1E3E7A3F55}
2012-02-22 06:26:30 39184 ----a-w- C:\Windows\System32\Partizan.exe
2012-02-22 06:21:32 2 --shatr- C:\Windows\winstart.bat
2012-02-22 06:21:26 -------- d-----w- C:\Program Files (x86)\UnHackMe
2012-02-22 05:20:12 -------- d-----w- C:\Users\Ramey\AppData\Local\{C1ECD145-38B7-4918-8E15-3C106049A14F}
2012-02-22 05:20:02 -------- d-----w- C:\Users\Ramey\AppData\Local\{6B59E7B5-6D30-4950-95CD-8E5ED8825F8F}
2012-02-21 11:07:39 -------- d-sh--w- C:\$RECYCLE.BIN
2012-02-21 07:42:50 98816 ----a-w- C:\Windows\sed.exe
2012-02-21 07:42:50 518144 ----a-w- C:\Windows\SWREG.exe
2012-02-21 07:42:50 256000 ----a-w- C:\Windows\PEV.exe
2012-02-21 07:42:50 208896 ----a-w- C:\Windows\MBR.exe
2012-02-21 05:14:37 -------- d-----w- C:\Users\Ramey\AppData\Local\NPE
2012-02-21 05:13:42 6144 ------w- C:\Windows\System32\4A9E.tmp
2012-02-21 05:12:51 6144 ------w- C:\Windows\System32\81F2.tmp
2012-02-20 23:04:23 -------- d-----w- C:\Users\Ramey\AppData\Local\{AFA830EE-FE31-4619-B3CF-29BA4658E3A3}
2012-02-20 23:04:11 -------- d-----w- C:\Users\Ramey\AppData\Local\{1505729C-2C63-4BFA-A676-F09BD09C101F}
2012-02-20 21:54:31 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-02-20 18:28:31 -------- d-----w- C:\ProgramData\HitmanPro
2012-02-20 18:25:01 -------- d-----w- C:\Users\Ramey\AppData\Roaming\SUPERAntiSpyware.com
2012-02-20 18:24:52 6144 ------w- C:\Windows\System32\3A9.tmp
2012-02-20 18:23:49 6144 ------w- C:\Windows\System32\CFB.tmp
2012-02-20 18:23:02 -------- d-----w- C:\Program Files (x86)\Sophos
2012-02-20 02:46:13 -------- d-----w- C:\Users\Ramey\AppData\Local\{150CFCE5-3F27-4056-AECC-FE42FC0C4CC3}
2012-02-20 02:45:58 -------- d-----w- C:\Users\Ramey\AppData\Local\{73443115-679C-4425-A855-2E611498401B}
2012-02-19 07:13:27 -------- d-----w- C:\Users\Ramey\AppData\Local\{D64B31AE-E152-4DFC-A1AB-1A6B300CB8C0}
2012-02-19 07:13:16 -------- d-----w- C:\Users\Ramey\AppData\Local\{E340D35B-781C-4646-94C0-04D1B2A6D058}
2012-02-19 06:45:31 -------- d-----w- C:\Users\Ramey\AppData\Local\{D0B5F70F-1363-45B0-9DE0-684CBF2D36A7}
2012-02-19 06:44:32 -------- d-----w- C:\Users\Ramey\AppData\Local\{C20C4B47-7389-4B3E-A2E2-66C648574C35}
2012-02-19 06:42:56 -------- d-----w- C:\Users\Ramey\AppData\Local\{A669818E-D6FE-4E57-ADC4-924B6D358996}
2012-02-19 06:41:06 -------- d-----w- C:\Users\Ramey\AppData\Local\{E45D73CA-CC40-4D21-9B03-7ACDDCBBCCAF}
2012-02-19 06:40:15 -------- d-----w- C:\Users\Ramey\AppData\Local\{6135CD33-BB3B-4BD9-BCE0-5585A744D927}
2012-02-19 06:38:58 -------- d-----w- C:\Users\Ramey\AppData\Local\{D7EE393F-CB99-4B04-A75C-B2AB7433DBDF}
2012-02-19 06:38:00 -------- d-----w- C:\Users\Ramey\AppData\Local\{8F0E332F-8FD7-46A4-B881-CE169FD9C59B}
2012-02-19 06:31:46 -------- d-----w- C:\Users\Ramey\AppData\Local\{9B4ABA3C-0EBB-4D37-AF9A-E094B4C41316}
2012-02-19 06:28:14 -------- d-----w- C:\Users\Ramey\AppData\Local\{9CEB8B11-5315-4A63-B3DA-E18C35499F2A}
2012-02-19 06:26:21 -------- d-----w- C:\Users\Ramey\AppData\Local\{87AE0588-3657-4E5E-BB86-2AE5AF2AC9C8}
2012-02-19 06:23:04 -------- d-----w- C:\Users\Ramey\AppData\Local\{ACA56E41-3779-473B-9B76-8A6AAE0E7A10}
2012-02-19 06:21:55 -------- d-----w- C:\Users\Ramey\AppData\Local\{4A584BD0-F81E-4491-B33B-773853C94F40}
2012-02-19 06:19:30 -------- d-----w- C:\Users\Ramey\AppData\Local\{0F1D0E1D-286D-432A-B51D-BF3311EFD479}
2012-02-19 06:15:27 -------- d-----w- C:\Users\Ramey\AppData\Local\{F5452B64-3677-4CE9-A9BA-8ABA39C6292B}
2012-02-19 06:13:03 -------- d-----w- C:\Users\Ramey\AppData\Local\{80282D60-240A-4964-9AC0-3F60969486A3}
2012-02-19 06:10:34 -------- d-----w- C:\Users\Ramey\AppData\Local\{0B8EA5BD-379B-40EB-BD28-0115E3704071}
2012-02-19 06:08:34 -------- d-----w- C:\Users\Ramey\AppData\Local\{9A5F54E7-7777-4323-B8FA-DE6DF5A1B2B6}
2012-02-19 06:08:16 -------- d-----w- C:\Users\Ramey\AppData\Local\{33E428A2-D687-48A3-A43A-07623BD9275B}
2012-02-19 06:01:38 -------- d-----w- C:\Users\Ramey\AppData\Local\{4F60BAED-4BC4-4B90-8592-BC502B583AA8}
2012-02-19 01:58:14 -------- d-----w- C:\Users\Ramey\AppData\Local\{82557262-8294-4030-9442-DE69B4EAE62B}
2012-02-18 23:54:16 -------- d-----w- C:\Users\Ramey\AppData\Local\{88001B17-351E-4950-B761-A312C6705EE4}
2012-02-18 22:53:20 -------- d-----w- C:\Users\Ramey\AppData\Local\{ADCC485C-BCDD-4EC3-B174-EA749E6F8973}
2012-02-18 22:50:25 -------- d-----w- C:\Users\Ramey\AppData\Local\{F3021E2F-7F34-4B38-AFB5-090D16C97110}
2012-02-18 22:49:15 -------- d-----w- C:\Users\Ramey\AppData\Local\{4290AAAB-0B76-4DEE-8EB1-C7CDDFB42B6D}
2012-02-18 22:21:40 -------- d-----w- C:\Users\Ramey\AppData\Local\{7F959153-3644-4620-AD8C-2B0B6A9359A0}
2012-02-18 22:19:03 -------- d-----w- C:\Users\Ramey\AppData\Local\{6788C77D-290F-429C-97ED-2BDEF5D6DEBD}
2012-02-18 22:16:19 -------- d-----w- C:\Users\Ramey\AppData\Local\{C4360FB7-E006-42A5-8401-3DBC1072A8EE}
2012-02-18 22:12:21 -------- d-----w- C:\Users\Ramey\AppData\Local\{174288D4-80A4-4F9D-966E-482DE66FE699}
2012-02-18 22:11:42 -------- d-----w- C:\Users\Ramey\AppData\Local\{E37B4D8B-B229-417E-9B00-B72189D8C774}
2012-02-18 22:08:02 -------- d-----w- C:\Users\Ramey\AppData\Local\{545A3333-3D2F-4986-98D1-6F3148C9DB83}
2012-02-18 22:02:46 -------- d-----w- C:\Users\Ramey\AppData\Local\{1712A739-6682-4155-A01C-40C50650869B}
2012-02-18 17:50:42 -------- d-----w- C:\Users\Ramey\AppData\Local\{189E2883-A948-4841-8882-309570C032BC}
2012-02-18 17:47:46 -------- d-----w- C:\Users\Ramey\AppData\Local\{0CDBBF9D-2BF4-444B-8C4B-6B5D34F2DEF3}
2012-02-18 08:34:46 -------- d-----w- C:\Users\Ramey\AppData\Local\{0AA7DEA3-B2D0-476E-99B6-5EDB0E67E8FA}
2012-02-18 08:32:36 -------- d-----w- C:\Users\Ramey\AppData\Local\{1E98B0FC-2A4C-438B-A1CB-C4EC113B1DDE}
2012-02-18 08:30:08 -------- d-----w- C:\Users\Ramey\AppData\Local\{5C586037-7C18-4F4C-A48A-11092ADCECB1}
2012-02-18 08:21:41 -------- d-----w- C:\Users\Ramey\AppData\Local\{D5AA937C-9492-45F1-91A7-2C4D2AF43DD6}
2012-02-18 08:13:18 -------- d-----w- C:\Users\Ramey\AppData\Local\{AC408D59-EC4A-4884-9428-4AC4BB0CBE4E}
2012-02-18 08:09:15 -------- d-----w- C:\Users\Ramey\AppData\Local\{5914D711-F1CF-4E51-BB6E-ED23C8FBC417}
2012-02-18 07:51:36 -------- d-----w- C:\Users\Ramey\AppData\Local\{3E6D15C3-8E6C-4BA1-BBCC-79410EFA8722}
2012-02-18 07:49:24 -------- d-----w- C:\Users\Ramey\AppData\Local\{C0F36CAF-9FFB-4D2C-9436-7317E0B40B2E}
2012-02-18 07:47:44 -------- d-----w- C:\Users\Ramey\AppData\Local\{2CD1C30D-D46B-4971-8358-78D99578880D}
2012-02-18 06:38:40 -------- d-----w- C:\Users\Ramey\AppData\Local\{C9119EE6-EE28-4BB4-B133-75F736E3D9E9}
2012-02-18 06:34:13 -------- d-----w- C:\Users\Ramey\AppData\Local\{1979F451-4D47-4AA1-91F6-FA60215726DA}
2012-02-18 06:31:28 -------- d-----w- C:\Users\Ramey\AppData\Local\{4EEB120F-0674-49E0-A89F-6C0F8ADA6131}
2012-02-18 06:22:30 -------- d-----w- C:\Users\Ramey\AppData\Local\{E96169D7-81A5-4F27-A74A-3A9A2C187730}
2012-02-18 06:13:23 -------- d-----w- C:\Users\Ramey\AppData\Local\{B1360B70-A099-4E3C-95C6-57DC4EBE4291}
2012-02-18 06:08:10 -------- d-----w- C:\Users\Ramey\AppData\Local\{581B919A-5FB2-4F76-A6A3-50174C4A61C5}
2012-02-18 06:05:26 -------- d-----w- C:\Users\Ramey\AppData\Local\{AA6E1527-8208-4252-9199-119E1EDC5D8B}
2012-02-18 06:03:12 -------- d-----w- C:\Users\Ramey\AppData\Local\{8ECEB9B0-93AA-4792-BAEE-FF03688BF8A7}
2012-02-18 06:01:47 -------- d-----w- C:\Users\Ramey\AppData\Local\{EE852CD5-4A74-4067-AE0D-86AC0A30F358}
2012-02-18 05:58:32 -------- d-----w- C:\Users\Ramey\AppData\Local\{FC7FF14D-1180-4B05-A90A-D3D7E504AA95}
2012-02-18 05:55:56 -------- d-----w- C:\Users\Ramey\AppData\Local\{2960AF62-2EEC-4D68-AFFE-5F69FE191CF7}
2012-02-18 05:51:07 -------- d-----w- C:\Users\Ramey\AppData\Local\{ECDCB739-3F94-4C4A-9742-2351C49D27F8}
2012-02-18 05:43:54 -------- d-----w- C:\Users\Ramey\AppData\Local\{5871D731-24A2-4D2B-821C-DA30BA4AB726}
2012-02-18 05:33:51 -------- d-----w- C:\Users\Ramey\AppData\Local\{5B5BA692-2F7B-4F79-951D-69639C26B64E}
2012-02-18 05:30:16 -------- d-----w- C:\Users\Ramey\AppData\Local\{E8F07817-D4B1-4EFC-9743-42C4F3EAB1C6}
2012-02-18 05:14:42 -------- d-----w- C:\Users\Ramey\AppData\Local\{B8C9E606-1EDA-43BB-9DEE-4BBDCC48AD4C}
2012-02-18 05:08:52 -------- d-----w- C:\Users\Ramey\AppData\Local\{E22A894F-4471-4521-B669-B9CCBE2E9CCE}
2012-02-18 04:59:48 -------- d-----w- C:\Users\Ramey\AppData\Local\{05B39F1E-16D7-4204-9595-B1D619BE253C}
2012-02-18 04:48:47 -------- d-----w- C:\Users\Ramey\AppData\Local\{BF1E027E-812F-4D8B-B0B1-773D86DC903F}
2012-02-18 04:25:23 -------- d-----w- C:\Users\Ramey\AppData\Local\{B4B99631-2E3C-439B-8847-6212C0426933}
2012-02-18 04:09:54 -------- d-----w- C:\Users\Ramey\AppData\Local\{0C86C436-7B32-432D-9014-8BA4EBBC4E67}
2012-02-18 04:02:31 -------- d-----w- C:\Users\Ramey\AppData\Local\{AA4579DE-1B32-4957-979F-42E59FABB4E1}
2012-02-18 03:49:44 -------- d-----w- C:\Users\Ramey\AppData\Local\{C322E565-05F2-4600-BACD-4FE72BE44033}
2012-02-18 02:36:28 -------- d-----w- C:\Users\Ramey\AppData\Local\{E7E87907-78CB-485E-813B-E755082927F6}
2012-02-18 02:00:36 -------- d-----w- C:\Users\Ramey\AppData\Local\{949374C6-D9E9-4D67-A988-A7CBF7602FFA}
2012-02-18 00:18:06 -------- d-----w- C:\Users\Ramey\AppData\Local\{9EFD6633-C4D9-4200-A205-CF49375A11BF}
2012-02-18 00:17:33 -------- d-----w- C:\Users\Ramey\AppData\Local\{0900AEFE-9634-4A21-B475-CBB1D9412FDF}
2012-02-15 19:14:20 -------- d-----w- C:\Users\Ramey\AppData\Local\{01FEDF55-D483-486C-8456-C2B47037D166}
2012-02-15 18:37:48 -------- d-----w- C:\Users\Ramey\AppData\Local\{7974827E-6DD3-4FE9-A677-17AFF07C054D}
2012-02-15 17:51:41 -------- d-----w- C:\Users\Ramey\AppData\Local\{3A288A90-E4FE-430C-A19F-18738A531E9F}
2012-02-15 17:47:05 -------- d-----w- C:\Users\Ramey\AppData\Local\{0EC6B062-6CCA-4883-BF3B-60B28D14DC7C}
2012-02-15 17:30:28 -------- d-----w- C:\Users\Ramey\AppData\Local\{ED08A8C3-CAAB-4D5C-82AA-EE82EDF231AB}
2012-02-15 17:26:02 -------- d-----w- C:\Users\Ramey\AppData\Local\{4801FF21-77F7-4251-8EE8-E2FBDEC49B69}
2012-02-15 03:32:50 -------- d-----w- C:\Users\Ramey\AppData\Local\{838897C5-1A0C-49C2-83D4-EAFC5210A3AC}
2012-02-15 03:32:49 -------- d-----w- C:\Users\Ramey\AppData\Local\{5B738912-4F7D-4A1B-A635-D74EBFF3C147}
2012-02-15 03:27:18 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-15 03:27:18 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-15 03:27:17 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-15 03:27:17 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-15 03:27:16 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-15 03:27:14 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-15 03:27:09 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-15 03:27:09 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-14 05:52:55 -------- d-----w- C:\Users\Ramey\AppData\Local\{4DDF0E6A-DE9D-4FC8-80D9-28E71448FA58}
2012-02-14 05:52:54 -------- d-----w- C:\Users\Ramey\AppData\Local\{8FB1F52B-60E6-4176-A4C3-FB4F2C6DEB00}
2012-02-11 19:31:12 -------- d-----w- C:\Users\Ramey\AppData\Local\{60B43A5B-4A9A-4F3B-B26C-F7901BA4AE3C}
2012-02-11 19:31:10 -------- d-----w- C:\Users\Ramey\AppData\Local\{C1DE7008-2B2B-4E4B-A61B-84DFD6783920}
2012-02-10 23:34:10 -------- d-----w- C:\Users\Ramey\AppData\Local\{E111DC12-D871-4093-9D77-5239FA993C89}
2012-02-10 23:33:58 -------- d-----w- C:\Users\Ramey\AppData\Local\{EABDECC2-A7A1-405A-A4E2-C6C25C1D4205}
2012-02-10 23:33:37 -------- d-----w- C:\Users\Ramey\AppData\Local\{A7A35E15-D1DF-4119-A12C-DA273B8D906B}
2012-02-10 04:54:10 -------- d-----w- C:\Users\Ramey\AppData\Local\{E2DEB229-5A22-4D78-8315-9A45B51CF69B}
2012-02-10 04:53:58 -------- d-----w- C:\Users\Ramey\AppData\Local\{43A3A414-15EC-4592-8A92-AA62E0C76A22}
2012-02-08 21:43:18 -------- d-----w- C:\Users\Ramey\AppData\Local\{40318A7D-81FA-4C7E-88AF-EFE972AE736C}
2012-02-08 21:43:08 -------- d-----w- C:\Users\Ramey\AppData\Local\{0E568CE0-789C-4D02-B47B-69966360FFA9}
2012-02-08 21:43:07 -------- d-----w- C:\Users\Ramey\AppData\Local\{47811B09-411B-4E4D-84D2-02DFFFDCE637}
.
==================== Find3M ====================
.
2012-03-04 18:26:05 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 16:26:57.78 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 10 March 2012 - 01:55 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 12 March 2012 - 11:31 PM

Hello


Just checking in on you as it has been a couple of days since I have heard from you.

Are you having any troubles or just need more time?




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 Jellopudding

Jellopudding
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 13 March 2012 - 09:53 PM

Thanks Gringo for checking in. I've needed my computer for a vital process at college, so I didn't want to run the risk of ruining my computer because of Combofix (I've heard its a powerful but potentially dangerous program). I will run the program and post up the log within the next 24-36 hours.

Thanks again for all your help. I will post up everything you requested as soon as possible :)

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 13 March 2012 - 10:46 PM

ok no problem and thanks for letting me know


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 16 March 2012 - 01:57 AM

Hello


Just checking in on you as it has been a couple of days since I have heard from you.

Are you having any troubles or just need more time?




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 19 March 2012 - 09:56 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 22 March 2012 - 03:18 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 23 March 2012 - 10:28 AM

This topic has been re-opened at the request of the person who originally posted.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Jellopudding

Jellopudding
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 24 March 2012 - 11:30 AM

Thanks Gringo!
Here's the Combofix log you requested:


ComboFix 12-03-22.01 - Ramey 03/22/2012 19:46:21.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2449 [GMT -4:00]
Running from: c:\users\Ramey\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Ramey\Documents\~WRL3076.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-02-22 to 2012-03-22 )))))))))))))))))))))))))))))))
.
.
2012-03-22 23:53 . 2012-03-22 23:53 -------- d-----w- c:\users\quickstart\AppData\Local\temp
2012-03-22 23:53 . 2012-03-22 23:53 -------- d-----w- c:\users\Q\AppData\Local\temp
2012-03-22 23:53 . 2012-03-22 23:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-03-22 23:53 . 2012-03-22 23:53 -------- d-----w- c:\users\g\AppData\Local\temp
2012-03-22 23:53 . 2012-03-22 23:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-22 23:53 . 2012-03-22 23:53 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-03-22 23:53 . 2012-03-22 23:53 -------- d-----w- c:\users\quickstart.JINX\AppData\Local\temp
2012-03-14 18:47 . 2012-03-14 18:47 -------- d-----w- c:\programdata\Advanced Chemistry Development
2012-03-14 18:46 . 2012-03-14 18:47 -------- d-----w- c:\program files (x86)\ACDFREE11
2012-03-14 00:36 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 00:36 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 00:36 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-13 20:06 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-13 20:06 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-13 20:06 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 20:03 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 20:03 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 20:03 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 20:03 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-13 20:03 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 20:03 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 20:03 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 20:03 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-12 04:08 . 2012-03-12 04:09 -------- d-----w- c:\users\quickstart.JINX\AppData\Local\Microsoft Games
2012-03-11 02:57 . 2012-03-11 06:45 -------- d-----w- c:\users\Ramey\AppData\Roaming\vlc
2012-03-11 02:57 . 2012-03-11 02:57 -------- d-----w- c:\program files (x86)\VideoLAN
2012-03-04 18:26 . 2012-03-04 18:26 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-03-04 18:26 . 2012-03-04 18:26 -------- d-----w- c:\program files (x86)\Java
2012-02-26 08:23 . 2012-02-26 08:23 -------- d-----w- c:\users\quickstart.JINX\AppData\Roaming\Malwarebytes
2012-02-22 06:26 . 2012-02-22 06:26 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-02-22 06:21 . 2012-02-22 06:21 2 --shatr- c:\windows\winstart.bat
2012-02-22 06:21 . 2012-03-09 21:22 -------- d-----w- c:\program files (x86)\UnHackMe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-04 18:26 . 2012-01-19 07:23 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-22 05:33 . 2012-02-20 21:54 25160 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-02-05 00:26 . 2011-03-28 23:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-01-04 10:44 . 2012-02-15 03:27 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 03:27 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-15 03:27 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 03:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 03:27 498688 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-21_10.46.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-28 15:23 . 2012-02-28 15:23 76800 c:\windows\SysWOW64\SetIEInstalledDate.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 74752 c:\windows\SysWOW64\RegisterIEPKEYs.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 54272 c:\windows\SysWOW64\pngfilt.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 48640 c:\windows\SysWOW64\mshtmler.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 11776 c:\windows\SysWOW64\mshta.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 10752 c:\windows\SysWOW64\msfeedssync.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 41472 c:\windows\SysWOW64\msfeedsbs.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 23552 c:\windows\SysWOW64\licmgr10.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 78848 c:\windows\SysWOW64\inseng.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 35840 c:\windows\SysWOW64\imgutil.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 86528 c:\windows\SysWOW64\iesysprep.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 74752 c:\windows\SysWOW64\iesetup.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 31744 c:\windows\SysWOW64\iernonce.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 74240 c:\windows\SysWOW64\ie4uinit.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 66048 c:\windows\SysWOW64\icardie.dll
- 2009-07-14 04:54 . 2012-02-21 08:15 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-22 18:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-02-21 08:15 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-22 18:00 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-22 18:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-21 08:15 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-12 22:17 . 2012-03-22 18:02 45020 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-22 18:02 43972 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-12 20:17 . 2012-03-22 18:02 19816 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-952040154-1380847874-2658013702-1000_UserData.bin
+ 2012-02-28 15:23 . 2012-02-28 15:23 91648 c:\windows\system32\SetIEInstalledDate.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 89088 c:\windows\system32\RegisterIEPKEYs.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 65024 c:\windows\system32\pngfilt.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 48640 c:\windows\system32\mshtmler.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 96256 c:\windows\system32\mshtmled.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 12288 c:\windows\system32\mshta.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 10752 c:\windows\system32\msfeedssync.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 55296 c:\windows\system32\msfeedsbs.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 30720 c:\windows\system32\licmgr10.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 85504 c:\windows\system32\jsproxy.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 49664 c:\windows\system32\imgutil.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 85504 c:\windows\system32\iesetup.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 39936 c:\windows\system32\iernonce.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 89088 c:\windows\system32\ie4uinit.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 82432 c:\windows\system32\icardie.dll
+ 2011-05-12 22:49 . 2012-03-22 12:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-12 22:49 . 2012-02-21 08:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-12 22:49 . 2012-02-21 08:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-12 22:49 . 2012-03-22 12:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-21 08:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-22 12:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-12 23:00 . 2012-02-21 08:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-12 23:00 . 2012-02-28 15:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-03-19 14:31 88576 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-05-12 23:00 . 2012-02-28 15:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-12 23:00 . 2012-02-21 08:17 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-12 23:00 . 2012-02-21 08:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-12 23:00 . 2012-02-28 15:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-12 22:11 . 2012-02-21 10:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-12 22:11 . 2012-02-28 16:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-12 22:11 . 2012-02-21 10:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-12 22:11 . 2012-02-28 16:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-22 04:57 . 2011-11-22 04:57 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-03-06 12:28 . 2012-03-06 12:28 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-03-06 12:26 . 2012-03-06 12:26 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-03-06 12:27 . 2012-03-06 12:27 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-05-12 20:29 . 2012-02-21 08:13 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-05-12 20:29 . 2012-02-21 20:45 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-05-12 20:29 . 2012-02-21 08:13 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2011-05-12 20:29 . 2012-02-21 20:45 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
- 2011-05-12 20:29 . 2012-02-21 08:13 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-05-12 20:29 . 2012-02-21 20:45 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-02-26 18:09 . 2009-02-26 18:09 10120 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\XLCALL32.DLL
+ 2009-02-26 23:43 . 2009-02-26 23:43 71520 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\XL12CNVP.DLL
+ 2009-02-26 22:45 . 2009-02-26 22:45 20808 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\WRD12EXE.EXE
+ 2011-05-31 21:31 . 2011-05-31 21:31 32128 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\VPREVIEW.EXE
+ 2006-07-24 17:50 . 2006-07-24 17:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\VBAME.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 76168 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\TWSTRUCT.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 18808 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\TWRECS.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 50544 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\TWRECE.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 26488 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\TWORIENT.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 57192 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\TWLAY32.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 86896 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\TWCUTLIN.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 29000 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\THOCRAPI.DLL
+ 2011-07-20 10:17 . 2011-07-20 10:17 33152 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\SETLANG.EXE
+ 2009-02-26 03:05 . 2009-02-26 03:05 18808 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\REVERSE.DLL
+ 2011-07-27 09:53 . 2011-07-27 09:53 39464 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\REFIEBAR.DLL
+ 2009-02-27 00:21 . 2009-02-27 00:21 38224 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\REFEDIT.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 76176 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\PSOM.DLL
+ 2009-02-26 19:24 . 2009-02-26 19:24 71536 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONFILTER.DLL
+ 2009-02-26 19:24 . 2009-02-26 19:24 97680 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONENOTEM.EXE
+ 2011-07-27 10:17 . 2011-07-27 10:17 22432 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OISCTRL.DLL
+ 2011-07-27 10:25 . 2011-07-27 10:25 53728 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OFFRHD.DLL
+ 2011-07-27 09:53 . 2011-07-27 09:53 64872 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\NAME.DLL
+ 2009-02-27 08:42 . 2009-02-27 08:42 66440 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSONPUI.DLL
+ 2009-02-27 08:42 . 2009-02-27 08:42 31640 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSONPMON.DLL
+ 2009-02-26 22:07 . 2009-02-26 22:07 67440 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSOHTMED.EXE
+ 2009-02-26 22:07 . 2009-02-26 22:07 75120 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSOHEV.DLL
+ 2009-02-27 00:21 . 2009-02-27 00:21 25968 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSOEURO.DLL
+ 2011-07-27 09:34 . 2011-07-27 09:34 13712 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSOCFU.DLL
+ 2006-07-24 17:50 . 2006-07-24 17:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSADDNDR.DLL
+ 2011-05-31 21:26 . 2011-05-31 21:26 88448 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\METCONV.DLL
+ 2009-02-26 03:05 . 2009-02-26 03:05 75120 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\FORM.DLL
+ 2011-07-27 22:49 . 2011-07-27 22:49 56696 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\EXP_XPS.DLL
+ 2011-07-27 22:49 . 2011-07-27 22:49 95608 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\EXP_PDF.DLL
+ 2009-02-26 22:07 . 2009-02-26 22:07 53120 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\AUTHZAX.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 55168 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACERCLR.DLL
+ 2009-02-26 16:18 . 2009-02-26 16:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEODTXT.DLL
+ 2009-02-26 16:18 . 2009-02-26 16:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEODPDX.DLL
+ 2009-02-26 16:18 . 2009-02-26 16:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEODEXL.DLL
+ 2009-02-26 16:18 . 2009-02-26 16:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEODDBS.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 47024 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEERR.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 55240 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACECNFLT.EXE
+ 2012-03-06 18:50 . 2012-03-06 18:50 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\f137c53afae3903f20eba1fa0f8f8dad\System.Xml.Serialization.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\ef151d5b49d8b0d0052d05fc56d25107\System.Windows.Presentation.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\c5b08a1a9a7a97922af50f30b5e32268\System.Web.ApplicationServices.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\5b53a87f7799ee5454e4fb8faece3a82\System.AddIn.Contract.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\a4e98103e5d36bf22ef19c64442543f2\Microsoft.VisualC.ni.dll
+ 2012-03-06 18:45 . 2012-03-06 18:45 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\cbd21f19057f07ec2cb55b2bef91f344\dfsvc.ni.exe
+ 2012-03-06 18:45 . 2012-03-06 18:45 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\52890eb2a4f8d822bff7e9cddc713fb5\Accessibility.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\8dd565cc0b374e1eec73cf7eaba91e92\UIAutomationProvider.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\077e75015456f75a0495f65cfcf140cb\System.Windows.Presentation.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\22a9aa847a8e4e651a35b63270ce8999\System.Web.ApplicationServices.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\fdeb5ca04943da59f732d3001d6a0df0\System.ServiceModel.Channels.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\9688786618bf6390637c283b5bd1c9b3\System.AddIn.Contract.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\6ffc3ac04451b4978519218fd266403e\Microsoft.VisualC.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\8cbc15b63aa3f06453f1aaa8659cf809\Accessibility.ni.dll
- 2011-06-25 22:35 . 2012-02-20 04:34 3724 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-06-25 22:35 . 2012-02-29 04:50 3724 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-02-22 06:29 . 2012-03-18 23:21 2656 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-952040154-1380847874-2658013702-1008_UserData.bin
+ 2011-05-12 22:49 . 2012-03-22 17:05 3748 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-03-22 18:00 . 2012-03-22 18:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-21 08:15 . 2012-02-21 08:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-22 18:00 . 2012-03-22 18:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-02-21 08:15 . 2012-02-21 08:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-06 18:44 . 2012-03-06 18:44 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\6bafe185b3d23de57ec689035642fe43\System.Xml.Serialization.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\592252ee904bd41f99cd1d19909b548c\dfsvc.ni.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 152064 c:\windows\SysWOW64\wextract.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 203776 c:\windows\SysWOW64\webcheck.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 420864 c:\windows\SysWOW64\vbscript.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 231936 c:\windows\SysWOW64\url.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 123392 c:\windows\SysWOW64\occache.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 162304 c:\windows\SysWOW64\msrating.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 161792 c:\windows\SysWOW64\msls31.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 580608 c:\windows\SysWOW64\msfeeds.dll
- 2012-01-11 17:45 . 2011-10-14 04:24 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 716800 c:\windows\SysWOW64\jscript.dll
- 2012-01-19 07:23 . 2012-01-19 07:23 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-03-04 18:26 . 2012-03-04 18:26 157472 c:\windows\SysWOW64\javaws.exe
- 2012-01-19 07:23 . 2012-01-19 07:23 149280 c:\windows\SysWOW64\javaw.exe
+ 2012-03-04 18:26 . 2012-03-04 18:26 149280 c:\windows\SysWOW64\javaw.exe
- 2012-01-19 07:23 . 2012-01-19 07:23 149280 c:\windows\SysWOW64\java.exe
+ 2012-03-04 18:26 . 2012-03-04 18:26 149280 c:\windows\SysWOW64\java.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 150528 c:\windows\SysWOW64\iexpress.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-02-15 03:27 . 2011-12-16 07:52 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 118784 c:\windows\SysWOW64\iepeers.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 353584 c:\windows\SysWOW64\iedkcs32.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 434176 c:\windows\SysWOW64\ieapfltr.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 163840 c:\windows\SysWOW64\ieakui.dll
- 2009-07-13 23:42 . 2009-07-14 01:05 163840 c:\windows\SysWOW64\ieakui.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 227840 c:\windows\SysWOW64\ieaksie.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 130560 c:\windows\SysWOW64\ieakeng.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 110592 c:\windows\SysWOW64\IEAdvpack.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 223232 c:\windows\SysWOW64\dxtrans.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 353792 c:\windows\SysWOW64\dxtmsft.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 101888 c:\windows\SysWOW64\admparse.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 160256 c:\windows\system32\wextract.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 249344 c:\windows\system32\webcheck.dll
+ 2011-05-19 22:49 . 2012-03-20 20:18 265412 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-06-07 07:50 . 2012-03-22 22:04 255858 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-02-28 15:23 . 2012-02-28 15:23 603648 c:\windows\system32\vbscript.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 237056 c:\windows\system32\url.dll
+ 2009-07-14 02:36 . 2012-03-22 22:12 624412 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-02-21 08:22 624412 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-22 22:12 106756 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-02-21 08:22 106756 c:\windows\system32\perfc009.dat
+ 2012-02-28 15:23 . 2012-02-28 15:23 149504 c:\windows\system32\occache.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 197120 c:\windows\system32\msrating.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 222208 c:\windows\system32\msls31.dll
- 2009-07-13 23:39 . 2009-07-14 01:41 222208 c:\windows\system32\msls31.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 697344 c:\windows\system32\msfeeds.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 818688 c:\windows\system32\jscript.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 103936 c:\windows\system32\inseng.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 165888 c:\windows\system32\iexpress.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 173056 c:\windows\system32\ieUnatt.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 248320 c:\windows\system32\ieui.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 111616 c:\windows\system32\iesysprep.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 145920 c:\windows\system32\iepeers.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 403248 c:\windows\system32\iedkcs32.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 534528 c:\windows\system32\ieapfltr.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 163840 c:\windows\system32\ieakui.dll
- 2009-07-13 23:58 . 2009-07-14 01:27 163840 c:\windows\system32\ieakui.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 267776 c:\windows\system32\ieaksie.dll
- 2009-07-13 23:58 . 2009-07-14 01:41 267776 c:\windows\system32\ieaksie.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 160256 c:\windows\system32\ieakeng.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 135168 c:\windows\system32\IEAdvpack.dll
+ 2009-07-14 04:45 . 2012-03-14 01:36 310928 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2012-02-15 04:33 310928 c:\windows\system32\FNTCACHE.DAT
+ 2012-02-28 15:23 . 2012-02-28 15:23 282112 c:\windows\system32\dxtrans.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 452608 c:\windows\system32\dxtmsft.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 114176 c:\windows\system32\admparse.dll
+ 2009-07-14 05:01 . 2012-03-22 17:05 276364 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-02-21 08:14 276364 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-10 00:26 . 2012-03-10 00:26 277132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-952040154-1380847874-2658013702-1008-8192.dat
+ 2012-02-28 21:17 . 2012-02-28 21:17 277132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-952040154-1380847874-2658013702-1000-4096.dat
+ 2012-02-05 10:34 . 2012-03-14 19:56 277132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-952040154-1380847874-2658013702-1000-12288.dat
- 2012-02-05 10:34 . 2012-02-19 08:59 277132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-952040154-1380847874-2658013702-1000-12288.dat
+ 2011-11-22 04:57 . 2011-11-22 04:57 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-03-06 12:28 . 2012-03-06 12:28 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-03-06 12:28 . 2012-03-06 12:28 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-03-06 12:26 . 2012-03-06 12:26 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-03-06 12:26 . 2012-03-06 12:26 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-03-06 12:27 . 2012-03-06 12:27 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-03-04 18:26 . 2012-03-04 18:26 207360 c:\windows\Installer\69938.msi
+ 2011-05-12 20:29 . 2012-02-21 20:45 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-05-12 20:29 . 2012-02-21 08:13 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-05-12 20:29 . 2012-02-21 08:13 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-05-12 20:29 . 2012-02-21 20:45 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
- 2011-05-12 20:29 . 2012-02-21 08:13 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2011-05-12 20:29 . 2012-02-21 20:45 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2011-05-12 20:29 . 2012-02-21 20:45 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
- 2011-05-12 20:29 . 2012-02-21 08:13 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2012-02-21 20:43 . 2012-02-21 20:43 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2012-02-21 08:12 . 2012-02-21 08:12 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-02-26 03:05 . 2009-02-26 03:05 531840 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\XPAGE3C.DLL
+ 2009-02-26 22:45 . 2009-02-26 22:45 509256 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\WRD12CVR.DLL
+ 2011-09-16 01:41 . 2011-09-16 01:41 408936 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\WINWORD.EXE
+ 2009-02-26 03:05 . 2009-02-26 03:05 126328 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\TWCUTCHR.DLL
+ 2011-07-27 09:58 . 2011-07-27 09:58 439160 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\SETUP.EXE
+ 2011-07-27 09:54 . 2011-07-27 09:54 503184 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\SELFCERT.EXE
+ 2011-05-27 02:13 . 2011-05-27 02:13 368520 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\PPSLAX.DLL
+ 2011-07-27 09:36 . 2011-07-27 09:36 481640 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\PORTCONN.DLL
+ 2007-06-07 23:51 . 2007-06-07 23:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OUTLFLTR.DLL
+ 2011-07-27 11:00 . 2011-07-27 11:00 783296 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONSYNCPC.DLL
+ 2011-07-27 11:25 . 2011-07-27 11:25 664968 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONBTTNOL.DLL
+ 2011-07-27 11:25 . 2011-07-27 11:25 603552 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONBTTNIE.DLL
+ 2011-07-27 10:17 . 2011-07-27 10:17 284560 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OISGRAPH.DLL
+ 2011-07-27 10:16 . 2011-07-27 10:16 997768 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OISAPP.DLL
+ 2011-07-27 10:16 . 2011-07-27 10:16 273792 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OIS.EXE
+ 2008-03-19 10:27 . 2008-03-19 10:27 661536 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OGALEGIT.DLL
+ 2009-02-26 20:24 . 2009-02-26 20:24 231864 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ODEPLOY.EXE
+ 2011-07-20 10:22 . 2011-07-20 10:22 538968 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSTORES.DLL
+ 2011-07-20 10:22 . 2011-07-20 10:22 144728 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSTORE.EXE
+ 2011-07-20 10:22 . 2011-07-20 10:22 832360 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSTORDB.EXE
+ 2009-02-26 03:02 . 2009-02-26 03:02 504176 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSSOAP30.DLL
+ 2011-07-27 11:10 . 2011-07-27 11:10 670560 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSQRY32.EXE
+ 2011-05-31 22:19 . 2011-05-31 22:19 732000 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSPROOF6.DLL
+ 2009-02-26 02:46 . 2009-02-26 02:46 435568 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSORUN.DLL
+ 2009-02-27 08:42 . 2009-02-27 08:42 863128 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSONPDRV.DLL
+ 2011-07-27 09:53 . 2011-07-27 09:53 427856 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSODCW.DLL
+ 2011-07-27 09:34 . 2011-07-27 09:34 160632 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSOCF.DLL
+ 2011-06-23 14:54 . 2011-06-23 14:54 119160 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSCONV97.DLL
+ 2011-07-20 10:22 . 2011-07-20 10:22 828264 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MEDCAT.DLL
+ 2011-07-27 22:49 . 2011-07-27 22:49 177536 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\IETAG.DLL
+ 2008-10-25 10:18 . 2008-10-25 10:18 172880 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\IEAWSDC.DLL
+ 2009-02-26 20:24 . 2009-02-26 20:24 970128 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\FPWEC.DLL
+ 2011-07-27 10:13 . 2011-07-27 10:13 434080 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\DWTRIG20.EXE
+ 2011-07-27 09:53 . 2011-07-27 09:53 105872 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\DSSM.EXE
+ 2011-07-27 09:53 . 2011-07-27 09:53 188800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\CONTACTPICKER.DLL
+ 2011-07-27 11:13 . 2011-07-27 11:13 204664 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\CLVIEW.EXE
+ 2011-07-27 11:20 . 2011-07-27 11:20 400216 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\CDLMSO.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 370608 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEXBE.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 223152 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACETXT.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 550840 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEREP.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 288688 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACER3X.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 255920 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACER2X.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 391096 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEPDE.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 378808 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEOLEDB.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 278912 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEODBC.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 206776 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACELTS.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 632752 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEEXCL.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 337848 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEEXCH.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 186304 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEES.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 571320 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACEDAO.DLL
+ 2011-07-27 09:41 . 2011-07-27 09:41 763848 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACECNF.DLL
+ 2012-03-06 18:50 . 2012-03-06 18:50 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\d05858dd730eef93a5e4a3cc88dd4ec3\WindowsFormsIntegration.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\b2a2a1fb4e1313088250b334b3af2a15\UIAutomationTypes.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\89414bab411eb27c7c181df81b4d36a5\UIAutomationProvider.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\cd55f47d44c3695862bc047b8e86fcd3\UIAutomationClient.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\910d557d55f4fc7bb51ace0546bd3c50\System.Xml.Linq.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\dcb9e1eaa1491094f79c3288b8c78830\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\922f3f17f5112441e77f9d3d56d5b753\System.Transactions.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\73874670b92afbde73b23e8a1200eede\System.ServiceProcess.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\909c8d76773648809478644ac50a21eb\System.ServiceModel.Routing.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\26db69101f5bcf148fd962f00c0e78dd\System.ServiceModel.Channels.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\878946615037b9d5f09916c598420dc1\System.Security.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\73cc698ccc98e37f53cdbff3687a921c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\b73b4f0282ef46505b3e59702ded433b\System.Runtime.Remoting.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\8064e773b9addf027658899e27e94c7b\System.Numerics.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\a46d5472536da900435885b28a19eda8\System.Net.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\ae0089b9135614de304ebe288fa6fca8\System.Messaging.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\3ad050d3f47352421e05b7707ddd3524\System.Management.Instrumentation.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\87efa405cd384d2c47380467fcd7ea86\System.IO.Log.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\50ccc897ad714e66f750ca1e51e0ffde\System.IdentityModel.Selectors.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\7b06b84cb3b99a3ab22adb2a3f6376e6\System.EnterpriseServices.Wrapper.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\cbc3e5d028dd347a294096f068a053d4\System.Dynamic.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\1ae0a8a9eb92ccaf900f5911740b2c3c\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\9edded64312f5cbae54a093eca246aaa\System.Device.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\db296a100034c7dee5f80219f0542df7\System.Data.DataSetExtensions.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\0f771cbf8b32ae1618f4cd4266337b3c\System.Configuration.Install.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\501ad39b1ef6f43e8dc92a4efa7c35ea\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\f8c6e4854178bb4d928c8aec1c04648d\System.AddIn.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\3503e3c2a87db97b720c0ed8a5d59f61\System.Activities.DurableInstancing.ni.dll
+ 2012-03-06 18:45 . 2012-03-06 18:45 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\30cf4fc2c247cf490879f5436c63017c\SMSvcHost.ni.exe
+ 2012-03-06 18:47 . 2012-03-06 18:47 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\b4f75962376771b6b6d39279d780abba\SMDiagnostics.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\eaca48940ac6976d39d5de4d5b42fed6\PresentationFramework.Royale.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\bdb41ce9ab6d561ddb8107255daaee30\PresentationFramework.Luna.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\78310f7eef84b5f9ca4bf32798bd77f9\PresentationFramework.Aero.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\64b86aebea22fd357f22384757caed3f\PresentationFramework.Classic.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\480ae0610a44148c6532d3d134f9956f\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\16bf3be602620d349b25e6c2d08199a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-06 18:45 . 2012-03-06 18:45 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\f6b9abf9cd43524102ad9be82b7136d0\CustomMarshalers.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\d5a18f2355101b19f23ff2f31d1d1e17\WindowsFormsIntegration.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\9562374f940f41cdc64d88268d543f0b\UIAutomationTypes.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\641eec5b274fe3972d02892607f9b650\UIAutomationClient.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\295b3156b838ca161a64a5456522438b\System.Xml.Linq.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\0b68854406b775365c6d91e87813c2dc\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\5e3cf00b80c0aecd8392f1702d2d0f28\System.Transactions.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\bf0b3689dd5e261097f2feb2ed0103e8\System.ServiceProcess.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d3d9c582c7cd77f17fd93167dc462242\System.ServiceModel.Routing.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\c1127f26363bea39c40707b9ddb6bbb9\System.Security.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7b17528dffe47d9b17be6086a575a516\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\533deafc53346179cd118acc874752a3\System.Runtime.Remoting.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\3ce3d5b8126cda36b3dbd3535f249890\System.Numerics.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\965e2749489298cc85387f44f76a40f2\System.Net.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\f5333e6e06a2d476f93b0880c5e7fd14\System.Messaging.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\1bff2d3e952c2160ba0c790d2342a601\System.Management.Instrumentation.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\e6cb98078120266f5310adf0f45aa7df\System.IO.Log.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\22dadf930ad449894633480562d6c913\System.IdentityModel.Selectors.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.Wrapper.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\cbb6e9a9b075d9f6fa303e3eef4c0ffd\System.Dynamic.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e25cc7918b583b3beffcad52920eae29\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\a3be39ae9813098aa81430dd507d22ca\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4975f93d2055b33bd7a91d6f05628e2a\System.Device.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\42d3d301d2adef24edeb3b775fbe3a4b\System.Data.DataSetExtensions.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bab886a18699bab842769c5ce486c332\System.Configuration.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\e844f0d4cf703c2e97515ed020331b76\System.Configuration.Install.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\a92c1bd4d32fbbc54134fc40d2f97389\System.ComponentModel.Composition.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\9b418b211d6207feafcdc27027d26036\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\a4cfba8e3500f8387fe5924b940983be\System.AddIn.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\520d0ed9f48c121fbe79bda6fc176b74\System.Activities.DurableInstancing.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\98ec8a39382e6eee39845bd4759ecf04\SMSvcHost.ni.exe
+ 2012-03-06 15:34 . 2012-03-06 15:34 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3b905cdec5960d51e5bdc7030b005c09\SMDiagnostics.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\94d89db071d382d9ba0bc6381669b85f\PresentationFramework.Classic.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8b8a5c194aacfb2102d4e26b75a84e03\PresentationFramework.Aero.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\443c3fae1f6f0588a542ddc1c02c1be1\PresentationFramework.Royale.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\273034086c19b92034c9f2896724ac33\PresentationFramework.Luna.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\cdd04b14b9dd6ced2e2572a044c3c57e\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5958d9610eb58adb2b62153492a7c27e\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\e3e1fd8ccf76e9eb0147484fb8dd773a\CustomMarshalers.ni.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 1127424 c:\windows\SysWOW64\wininet.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 1103360 c:\windows\SysWOW64\urlmon.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 1798656 c:\windows\SysWOW64\jscript9.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 9705472 c:\windows\SysWOW64\ieframe.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 3695416 c:\windows\SysWOW64\ieapfltr.dat
+ 2012-02-28 15:23 . 2012-02-28 15:23 1390080 c:\windows\system32\wininet.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 1345536 c:\windows\system32\urlmon.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 2308096 c:\windows\system32\jscript9.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 2144256 c:\windows\system32\iertutil.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 3695416 c:\windows\system32\ieapfltr.dat
+ 2009-07-14 04:45 . 2012-03-14 01:38 6048255 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-02-15 04:36 6048255 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-09-08 21:16 . 2012-03-18 19:51 1718407 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-952040154-1380847874-2658013702-1000-8192.dat
+ 2011-11-22 03:31 . 2011-11-22 03:31 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-03-06 12:30 . 2012-03-06 12:30 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-03-06 12:28 . 2012-03-06 12:28 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-03-06 12:29 . 2012-03-06 12:29 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-03-06 12:27 . 2012-03-06 12:27 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-03-06 12:28 . 2012-03-06 12:28 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-03-06 12:26 . 2012-03-06 12:26 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-02-15 04:23 . 2012-02-15 04:23 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-03-06 12:27 . 2012-03-06 12:27 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-09-15 23:40 . 2011-09-15 23:40 7959552 c:\windows\Installer\14e1306.msp
+ 2011-09-15 23:34 . 2011-09-15 23:34 8499712 c:\windows\Installer\14e12f4.msp
+ 2011-05-12 20:29 . 2012-02-21 20:45 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-05-12 20:29 . 2012-02-21 08:13 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-02-26 03:05 . 2009-02-26 03:05 1195912 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\XIMAGE3B.DLL
+ 2011-08-17 14:49 . 2011-08-17 14:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\WRD12CNV.DLL
+ 2011-07-20 13:12 . 2011-07-20 13:12 3750776 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\VVIEWER.DLL
+ 2011-06-29 12:02 . 2011-06-29 12:02 1846656 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\VVIEWDWG.DLL
+ 2009-10-10 03:10 . 2009-10-10 03:10 2594632 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\VBE6.DLL
+ 2011-07-27 23:15 . 2011-07-27 23:15 2335648 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\STSLIST.DLL
+ 2011-06-10 04:51 . 2011-06-10 04:51 2171736 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\PSRCHFEA.DLL
+ 2011-07-27 09:59 . 2011-07-27 09:59 6540136 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OSETUP.DLL
+ 2011-07-27 10:47 . 2011-07-27 10:47 6598008 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONMAIN.DLL
+ 2011-06-10 04:50 . 2011-06-10 04:50 1165176 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONLIBS.DLL
+ 2011-07-27 10:47 . 2011-07-27 10:47 1019760 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONENOTE.EXE
+ 2011-07-07 07:58 . 2011-07-07 07:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OGL.DLL
+ 2011-07-27 10:51 . 2011-07-27 10:51 7040896 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OFFOWC.DLL
+ 2011-08-03 05:14 . 2011-08-03 05:14 8579448 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OARTCONV.DLL
+ 2011-07-20 10:31 . 2011-07-20 10:31 1523632 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\NLSD0000.DLL
+ 2011-05-27 00:28 . 2011-05-27 00:28 6637952 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSORES.DLL
+ 2011-07-27 10:09 . 2011-07-27 10:09 5310848 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\IPEDITOR.DLL
+ 2011-06-22 13:16 . 2011-06-22 13:16 1681784 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\FPSRVUTL.DLL
+ 2011-07-07 07:28 . 2011-07-07 07:28 1193320 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\FM20.DLL
+ 2011-08-03 23:27 . 2011-08-03 23:27 1415072 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ACECORE.DLL
+ 2012-03-06 18:46 . 2012-03-06 18:46 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\02198c29552545c7d7e7a95ab39488e5\WindowsBase.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\d1d48cd30cd275b06fad70778798cae7\UIAutomationClientsideProviders.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\ecdcf3d1d7bc90546464d70a4bee843d\System.Xml.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\3a9670f473f8f9291ca256d9a15fc281\System.Xaml.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\455d5edfdc989057a8fea7bc88a02ef6\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bd044dc068adc34e430faa820e5c5e44\System.Web.Services.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\561e5a115d6d7ade93236df74d61af84\System.Speech.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4606cac0ba2d406b4ddefca21a3db1eb\System.ServiceModel.Activities.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\28b5d075cf252a24a6b007ff5941dce1\System.ServiceModel.Discovery.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\1a361129f93a8190d8797b7c680baecc\System.Runtime.Serialization.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\2c57eff357f1bc56d0367f04adcf6d76\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\7668fa73a73410f2e00d341a8684e28a\System.Printing.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\2280764a011295483642b17fe5d2b1f7\System.Management.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\a77730a57cc54142f1ecbb1e85060e5f\System.IdentityModel.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\7b06b84cb3b99a3ab22adb2a3f6376e6\System.EnterpriseServices.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 2290176 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5b5fe518d1a632afaae9f24dd18cee2f\System.Drawing.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\60390cb3abc6f1d85a572c156d39fc02\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\5eaf17b571cf9fb6f159a0c92d6244ab\System.DirectoryServices.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\0ce1b3a9a0192c2cdb16d848e78e6688\System.Deployment.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\ca4a0bde02b2eb73d2e9f22925719ecf\System.Data.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\657b967b5fd7819f273f5704197ce97e\System.Data.SqlXml.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\930a4b48234d358f2758f075be0684c5\System.Data.Services.Client.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 3386880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\0ba3ab7e136a52fcba260ad7893ede32\System.Data.Linq.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\c24ce44b45c0e0c0961a9755f192eb3a\System.Configuration.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\5a66bc1859e864d87b81e31438a5f07d\System.ComponentModel.Composition.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\f25d1dde40ef0128d9e5163d142bd2e2\System.Activities.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\26671ab09e54e0ecfd23012e32cb6383\System.Activities.Presentation.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\e9f6686e336507594e33cad6ed7814cd\System.Activities.Core.Presentation.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\9c49a7b6fb133a307e3804ca7ba35d16\ReachFramework.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\68d02e44d8b1f23c21a116119fbb65d0\PresentationUI.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\1903f5de0c7c33993c55319d4fc3062e\Microsoft.VisualBasic.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\15b88fefd6d638f01856a68c14e2ab9b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 1843200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\10bfd23b78a3492727e8b11e2fcbb990\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\2d92f0cffe052f601c1bca1f52425fef\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\0fbfc1087f7622c5b6b06f88fce1a45e\Microsoft.JScript.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\83f53b455553f5ad67e756f6762dc3b4\Microsoft.CSharp.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef8c44c3c8766f219f576faab54c8dc7\WindowsBase.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\0f5df23e9f268e9ff4c8033f9865a12a\UIAutomationClientsideProviders.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\19e79fc0f95c93b0244c7b287e254871\System.Xml.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ae31d46211440b11a9e66c3ba1a4e7ff\System.Xaml.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\d6c84e888c7f465844a8ae0e6470e05c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b60e888b3b9e41d46dcbd34d9fae80d6\System.Web.Services.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\90de8ba8101001c8845439cd5f9a76eb\System.Speech.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8c12f469cbd6b8d9718c64a4b2c96d47\System.ServiceModel.Activities.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\746651ce870c2f9cd43bc7246154f81a\System.ServiceModel.Discovery.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a14816d568ee8c7cc9f9923d979d682d\System.Runtime.Serialization.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d6b9e13a40ed53cfc10e04c023c62a49\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\1141220aff69c63f638ab64e5b0186bc\System.Printing.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\dfd9cbfccfadcf84406398a9d83ab4f4\System.Management.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2a4589aeec877df58cbbcd633bc18fb6\System.IdentityModel.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 1653248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\aa90407cafb9b4a0dc5e3fdff170fee9\System.Drawing.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6bd4a77663c0e708e0827be849906fdc\System.DirectoryServices.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\84d9ec8b14f9731797c51d31cae12d87\System.Deployment.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\4a1e0e4ec906686357466a5881de605e\System.Data.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\67ccf8c95fb30e4dcbe3f1eae1f72d00\System.Data.SqlXml.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 1344000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\4b28434c73ac4229c7ae7c4f0598e25f\System.Data.Services.Client.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\f5cc7fbaadd22a9278512102cd30eb3a\System.Data.Linq.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\7292b3e639a6202cf7eaf1f7ed271249\System.Core.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\7bbd2b637fbe2a5b17a16cd4fcc3c3ca\System.Activities.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a479b22107e8fe08689d840a3a1a77e9\System.Activities.Presentation.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\819fccf9934ef29a6078d4accbf9ea0c\System.Activities.Core.Presentation.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\073c60e5566fdaab702636f1474233b0\ReachFramework.ni.dll
+ 2012-03-06 15:34 . 2012-03-06 15:34 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\7194eb8e3da784ae30566a64569314a4\PresentationUI.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e0ea9e02e609e08602bed4392d0e08d7\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\9150a80d10ec86440aa59f6fe4b73f9d\Microsoft.VisualBasic.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1ae1a98af2c7d3e68c7525bf1395fa61\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-03-06 15:33 . 2012-03-06 15:33 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\fb09c8733a8ef9292079399b25d5d973\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\8b1e797d9c7f5ef773c150e15b07a087\Microsoft.JScript.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\a263b12a7f89cd41ef8ea216dcd1e854\Microsoft.CSharp.ni.dll
+ 2012-02-28 15:23 . 2012-02-28 15:23 12282368 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-03-14 01:35 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-02-15 04:33 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-02-28 15:23 . 2012-02-28 15:23 17790464 c:\windows\system32\mshtml.dll
+ 2011-05-12 21:16 . 2012-03-14 00:33 56297240 c:\windows\system32\MRT.exe
+ 2012-02-28 15:23 . 2012-02-28 15:23 10887168 c:\windows\system32\ieframe.dll
+ 2012-03-04 18:25 . 2012-03-04 18:25 12938752 c:\windows\Installer\6992a.msi
+ 2011-11-22 05:42 . 2011-11-22 05:42 33189888 c:\windows\Installer\17e3cd.msp
+ 2011-09-15 23:39 . 2011-09-15 23:39 11163136 c:\windows\Installer\14e1300.msp
+ 2011-09-15 23:38 . 2011-09-15 23:38 10838528 c:\windows\Installer\14e12fa.msp
+ 2011-09-15 23:37 . 2011-09-15 23:37 34428416 c:\windows\Installer\14e12b6.msp
+ 2011-09-15 23:37 . 2011-09-15 23:37 16691712 c:\windows\Installer\14e12a0.msp
+ 2011-09-16 01:42 . 2011-09-16 01:42 18115432 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\WWLIB.DLL
+ 2011-08-17 15:01 . 2011-08-17 15:01 16149352 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OART.DLL
+ 2011-08-04 00:53 . 2011-08-04 00:53 17324928 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSO.DLL
+ 2012-03-06 12:32 . 2012-03-06 12:32 11880448 c:\windows\assembly\NativeImages_v4.0.30319_64\System\a9e29e892ad68ac0b88f0480746a0d0b\System.ni.dll
+ 2012-03-06 18:48 . 2012-03-06 18:48 17291264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\f850dba642b0cc845d9a7d8ac300e243\System.Windows.Forms.ni.dll
+ 2012-03-06 18:50 . 2012-03-06 18:50 24551424 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\bd433ada9b2565b666331b5b1276538a\System.ServiceModel.ni.dll
+ 2012-03-06 18:49 . 2012-03-06 18:49 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9aca7097fc620da8481516b2d4e3fede\System.Data.Entity.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 10440704 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\e91a0d844afdda429e0fbd9814f41134\System.Core.ni.dll
+ 2012-03-06 18:47 . 2012-03-06 18:47 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\8a4ac50c706da226242a99b871c9f981\PresentationFramework.ni.dll
+ 2012-03-06 18:46 . 2012-03-06 18:46 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\b0adff19c63ba3b4be1cae43567af15d\PresentationCore.ni.dll
+ 2012-03-06 12:31 . 2012-03-06 12:31 19355648 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\d9d8d4f8fc868d07be41d4ffb46d7364\mscorlib.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 13138944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7390d789557549200e474b9bbeca3d1a\System.Windows.Forms.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c43869b44f633a3ad003a0ad9e79b273\System.ServiceModel.ni.dll
+ 2012-03-06 18:44 . 2012-03-06 18:44 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\b642a4ad94ff1e027a128b9796878372\System.Data.Entity.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e48a8a41e50ee180c6ca9c50e4575f42\PresentationFramework.ni.dll
+ 2012-03-06 12:33 . 2012-03-06 12:33 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9dee5fd0cf53fc233a7fc20edf8e66ed\PresentationCore.ni.dll
+ 2012-03-06 12:32 . 2012-03-06 12:32 14413824 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll
+ 2011-09-15 23:34 . 2011-09-15 23:34 428804608 c:\windows\Installer\14e12ed.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]
"SansaDispatch"="c:\users\Ramey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2011-11-12 79872]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-10 73360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-02-21 82944]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\4A9E.tmp [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-03-02 1157240]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120321.001\IDSvia64.sys [2011-12-15 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-01-17 8704]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe [2011-04-17 130008]
S2 NBSPortDriver;NBSPortDriver;c:\windows\system32\DRIVERS\NBSPortDriver.sys [x]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe [2011-12-15 135608]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe [2011-05-03 126392]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-08 378472]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 138360]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-952040154-1380847874-2658013702-1000Core.job
- c:\users\Ramey\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 20:39]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-952040154-1380847874-2658013702-1000UA.job
- c:\users\Ramey\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 20:39]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-952040154-1380847874-2658013702-1008Core.job
- c:\users\quickstart.JINX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-21 05:51]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-952040154-1380847874-2658013702-1008UA.job
- c:\users\quickstart.JINX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-21 05:51]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{887cdc33-0de3-4fd5-a5d3-eccd4b4b396c}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-08 318056]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-14 1840720]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 137.52.128.11 137.52.10.10
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - (no file)
HKLM-Run-ISW - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.12.27\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\4A9E.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-03-22 20:02:35
ComboFix-quarantined-files.txt 2012-03-23 00:02
ComboFix2.txt 2012-02-21 10:49
.
Pre-Run: 371,553,902,592 bytes free
Post-Run: 371,117,486,080 bytes free
.
- - End Of File - - 430318FC2AA2F5BAE04A89EA8866F216

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 24 March 2012 - 12:11 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Jellopudding

Jellopudding
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 24 March 2012 - 03:05 PM

tdsskiller Log:


16:02:45.0281 4052 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
16:02:47.0283 4052 ============================================================
16:02:47.0283 4052 Current date / time: 2012/03/24 16:02:47.0283
16:02:47.0283 4052 SystemInfo:
16:02:47.0283 4052
16:02:47.0283 4052 OS Version: 6.1.7601 ServicePack: 1.0
16:02:47.0283 4052 Product type: Workstation
16:02:47.0283 4052 ComputerName: JINX
16:02:47.0283 4052 UserName: Ramey
16:02:47.0283 4052 Windows directory: C:\Windows
16:02:47.0283 4052 System windows directory: C:\Windows
16:02:47.0283 4052 Running under WOW64
16:02:47.0283 4052 Processor architecture: Intel x64
16:02:47.0283 4052 Number of processors: 2
16:02:47.0283 4052 Page size: 0x1000
16:02:47.0283 4052 Boot type: Normal boot
16:02:47.0283 4052 ============================================================
16:02:48.0293 4052 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:02:48.0298 4052 \Device\Harddisk0\DR0:
16:02:48.0298 4052 MBR used
16:02:48.0298 4052 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:02:48.0298 4052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:02:48.0309 4052 Initialize success
16:02:48.0309 4052 ============================================================
16:02:50.0596 4832 ============================================================
16:02:50.0596 4832 Scan started
16:02:50.0596 4832 Mode: Manual;
16:02:50.0596 4832 ============================================================
16:02:51.0911 4832 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:02:51.0914 4832 1394ohci - ok
16:02:51.0931 4832 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:02:51.0937 4832 ACPI - ok
16:02:51.0946 4832 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:02:51.0947 4832 AcpiPmi - ok
16:02:51.0966 4832 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:02:51.0966 4832 AdobeARMservice - ok
16:02:51.0986 4832 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:02:51.0992 4832 adp94xx - ok
16:02:52.0008 4832 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:02:52.0012 4832 adpahci - ok
16:02:52.0025 4832 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:02:52.0027 4832 adpu320 - ok
16:02:52.0038 4832 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:02:52.0040 4832 AeLookupSvc - ok
16:02:52.0063 4832 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:02:52.0068 4832 AFD - ok
16:02:52.0081 4832 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:02:52.0082 4832 agp440 - ok
16:02:52.0091 4832 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:02:52.0093 4832 ALG - ok
16:02:52.0101 4832 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:02:52.0102 4832 aliide - ok
16:02:52.0110 4832 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:02:52.0111 4832 amdide - ok
16:02:52.0122 4832 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:02:52.0123 4832 AmdK8 - ok
16:02:52.0132 4832 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:02:52.0133 4832 AmdPPM - ok
16:02:52.0144 4832 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:02:52.0145 4832 amdsata - ok
16:02:52.0157 4832 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:02:52.0160 4832 amdsbs - ok
16:02:52.0169 4832 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:02:52.0169 4832 amdxata - ok
16:02:52.0181 4832 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:02:52.0182 4832 AppID - ok
16:02:52.0193 4832 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:02:52.0194 4832 AppIDSvc - ok
16:02:52.0204 4832 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:02:52.0205 4832 Appinfo - ok
16:02:52.0214 4832 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:02:52.0215 4832 Apple Mobile Device - ok
16:02:52.0237 4832 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
16:02:52.0241 4832 AppMgmt - ok
16:02:52.0256 4832 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:02:52.0258 4832 arc - ok
16:02:52.0269 4832 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:02:52.0270 4832 arcsas - ok
16:02:52.0279 4832 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:02:52.0280 4832 AsyncMac - ok
16:02:52.0288 4832 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:02:52.0289 4832 atapi - ok
16:02:52.0315 4832 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:02:52.0328 4832 AudioEndpointBuilder - ok
16:02:52.0339 4832 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:02:52.0342 4832 AudioSrv - ok
16:02:52.0354 4832 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:02:52.0356 4832 AxInstSV - ok
16:02:52.0386 4832 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:02:52.0391 4832 b06bdrv - ok
16:02:52.0406 4832 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:02:52.0409 4832 b57nd60a - ok
16:02:52.0465 4832 BCM43XX (fb4fda64f2e8552eaeb5986c3f34462c) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:02:52.0508 4832 BCM43XX - ok
16:02:52.0520 4832 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:02:52.0523 4832 BDESVC - ok
16:02:52.0533 4832 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:02:52.0534 4832 Beep - ok
16:02:52.0561 4832 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:02:52.0574 4832 BFE - ok
16:02:52.0638 4832 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
16:02:52.0649 4832 BHDrvx64 - ok
16:02:52.0677 4832 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
16:02:52.0695 4832 BITS - ok
16:02:52.0704 4832 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:02:52.0705 4832 blbdrive - ok
16:02:52.0723 4832 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:02:52.0725 4832 Bonjour Service - ok
16:02:52.0736 4832 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:02:52.0737 4832 bowser - ok
16:02:52.0746 4832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:02:52.0747 4832 BrFiltLo - ok
16:02:52.0755 4832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:02:52.0755 4832 BrFiltUp - ok
16:02:52.0778 4832 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:02:52.0780 4832 BridgeMP - ok
16:02:52.0790 4832 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:02:52.0792 4832 Browser - ok
16:02:52.0815 4832 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:02:52.0818 4832 Brserid - ok
16:02:52.0827 4832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:02:52.0828 4832 BrSerWdm - ok
16:02:52.0836 4832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:02:52.0837 4832 BrUsbMdm - ok
16:02:52.0845 4832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:02:52.0846 4832 BrUsbSer - ok
16:02:52.0857 4832 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:02:52.0858 4832 BthEnum - ok
16:02:52.0867 4832 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:02:52.0869 4832 BTHMODEM - ok
16:02:52.0880 4832 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:02:52.0881 4832 BthPan - ok
16:02:52.0903 4832 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:02:52.0909 4832 BTHPORT - ok
16:02:52.0919 4832 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:02:52.0920 4832 bthserv - ok
16:02:52.0930 4832 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:02:52.0931 4832 BTHUSB - ok
16:02:52.0942 4832 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
16:02:52.0943 4832 btusbflt - ok
16:02:52.0947 4832 catchme - ok
16:02:52.0959 4832 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:02:52.0968 4832 cdfs - ok
16:02:52.0987 4832 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:02:52.0989 4832 cdrom - ok
16:02:53.0003 4832 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:02:53.0004 4832 CertPropSvc - ok
16:02:53.0014 4832 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:02:53.0015 4832 circlass - ok
16:02:53.0036 4832 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:02:53.0041 4832 CLFS - ok
16:02:53.0049 4832 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:02:53.0050 4832 clr_optimization_v2.0.50727_32 - ok
16:02:53.0057 4832 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:02:53.0059 4832 clr_optimization_v2.0.50727_64 - ok
16:02:53.0070 4832 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:02:53.0075 4832 clr_optimization_v4.0.30319_32 - ok
16:02:53.0084 4832 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:02:53.0086 4832 clr_optimization_v4.0.30319_64 - ok
16:02:53.0098 4832 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:02:53.0099 4832 CmBatt - ok
16:02:53.0107 4832 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:02:53.0108 4832 cmdide - ok
16:02:53.0131 4832 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:02:53.0136 4832 CNG - ok
16:02:53.0145 4832 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:02:53.0146 4832 Compbatt - ok
16:02:53.0156 4832 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:02:53.0157 4832 CompositeBus - ok
16:02:53.0169 4832 COMSysApp - ok
16:02:53.0179 4832 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:02:53.0180 4832 crcdisk - ok
16:02:53.0267 4832 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:02:53.0269 4832 CryptSvc - ok
16:02:53.0290 4832 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
16:02:53.0296 4832 CSC - ok
16:02:53.0319 4832 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
16:02:53.0332 4832 CscService - ok
16:02:53.0354 4832 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:02:53.0364 4832 DcomLaunch - ok
16:02:53.0379 4832 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:02:53.0383 4832 defragsvc - ok
16:02:53.0394 4832 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:02:53.0396 4832 DfsC - ok
16:02:53.0412 4832 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:02:53.0417 4832 Dhcp - ok
16:02:53.0426 4832 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:02:53.0427 4832 discache - ok
16:02:53.0438 4832 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:02:53.0439 4832 Disk - ok
16:02:53.0450 4832 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:02:53.0453 4832 Dnscache - ok
16:02:53.0475 4832 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:02:53.0479 4832 dot3svc - ok
16:02:53.0491 4832 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:02:53.0493 4832 DPS - ok
16:02:53.0501 4832 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:02:53.0502 4832 drmkaud - ok
16:02:53.0534 4832 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:02:53.0544 4832 DXGKrnl - ok
16:02:53.0555 4832 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:02:53.0557 4832 EapHost - ok
16:02:53.0624 4832 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:02:53.0692 4832 ebdrv - ok
16:02:53.0709 4832 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:02:53.0714 4832 eeCtrl - ok
16:02:53.0722 4832 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:02:53.0724 4832 EFS - ok
16:02:53.0742 4832 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:02:53.0749 4832 ehRecvr - ok
16:02:53.0755 4832 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:02:53.0757 4832 ehSched - ok
16:02:53.0782 4832 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:02:53.0787 4832 elxstor - ok
16:02:53.0795 4832 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:02:53.0797 4832 EraserUtilRebootDrv - ok
16:02:53.0806 4832 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:02:53.0807 4832 ErrDev - ok
16:02:53.0835 4832 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:02:53.0840 4832 EventSystem - ok
16:02:53.0860 4832 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:02:53.0863 4832 exfat - ok
16:02:53.0876 4832 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:02:53.0879 4832 fastfat - ok
16:02:53.0902 4832 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:02:53.0910 4832 Fax - ok
16:02:53.0920 4832 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:02:53.0920 4832 fdc - ok
16:02:53.0928 4832 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:02:53.0929 4832 fdPHost - ok
16:02:53.0938 4832 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:02:53.0939 4832 FDResPub - ok
16:02:53.0949 4832 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:02:53.0950 4832 FileInfo - ok
16:02:53.0959 4832 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:02:53.0960 4832 Filetrace - ok
16:02:53.0968 4832 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:02:53.0969 4832 flpydisk - ok
16:02:53.0984 4832 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:02:53.0987 4832 FltMgr - ok
16:02:54.0022 4832 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:02:54.0040 4832 FontCache - ok
16:02:54.0048 4832 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:02:54.0048 4832 FontCache3.0.0.0 - ok
16:02:54.0068 4832 Freemake Improver (8ac0c46bc52f652143582610561d2ea2) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
16:02:54.0069 4832 Freemake Improver - ok
16:02:54.0076 4832 FreemakeVideoCapture (93b5cd0ac126be95f65b28af3d9542dc) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
16:02:54.0077 4832 FreemakeVideoCapture - ok
16:02:54.0087 4832 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:02:54.0088 4832 FsDepends - ok
16:02:54.0098 4832 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:02:54.0099 4832 Fs_Rec - ok
16:02:54.0114 4832 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:02:54.0117 4832 fvevol - ok
16:02:54.0126 4832 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:02:54.0128 4832 gagp30kx - ok
16:02:54.0137 4832 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:02:54.0138 4832 GEARAspiWDM - ok
16:02:54.0169 4832 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:02:54.0178 4832 gpsvc - ok
16:02:54.0187 4832 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:02:54.0188 4832 hcw85cir - ok
16:02:54.0204 4832 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:02:54.0209 4832 HdAudAddService - ok
16:02:54.0221 4832 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:02:54.0222 4832 HDAudBus - ok
16:02:54.0231 4832 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:02:54.0232 4832 HidBatt - ok
16:02:54.0242 4832 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:02:54.0244 4832 HidBth - ok
16:02:54.0253 4832 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:02:54.0254 4832 HidIr - ok
16:02:54.0262 4832 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:02:54.0263 4832 hidserv - ok
16:02:54.0281 4832 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:02:54.0282 4832 HidUsb - ok
16:02:54.0291 4832 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:02:54.0293 4832 hkmsvc - ok
16:02:54.0306 4832 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:02:54.0310 4832 HomeGroupListener - ok
16:02:54.0322 4832 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:02:54.0325 4832 HomeGroupProvider - ok
16:02:54.0335 4832 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:02:54.0337 4832 HpSAMD - ok
16:02:54.0375 4832 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:02:54.0383 4832 HTTP - ok
16:02:54.0393 4832 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:02:54.0393 4832 hwpolicy - ok
16:02:54.0405 4832 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:02:54.0407 4832 i8042prt - ok
16:02:54.0430 4832 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:02:54.0435 4832 iaStorV - ok
16:02:54.0445 4832 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:02:54.0446 4832 IDriverT - ok
16:02:54.0467 4832 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:02:54.0475 4832 idsvc - ok
16:02:54.0527 4832 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120323.002\IDSvia64.sys
16:02:54.0532 4832 IDSVia64 - ok
16:02:54.0541 4832 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:02:54.0543 4832 iirsp - ok
16:02:54.0552 4832 IJPLMSVC (51516252dbbfed36f70b341dba263167) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
16:02:54.0553 4832 IJPLMSVC - ok
16:02:54.0580 4832 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:02:54.0598 4832 IKEEXT - ok
16:02:54.0608 4832 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:02:54.0609 4832 intelide - ok
16:02:54.0620 4832 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:02:54.0621 4832 intelppm - ok
16:02:54.0631 4832 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:02:54.0634 4832 IPBusEnum - ok
16:02:54.0644 4832 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:02:54.0645 4832 IpFilterDriver - ok
16:02:54.0666 4832 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:02:54.0677 4832 iphlpsvc - ok
16:02:54.0688 4832 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:02:54.0689 4832 IPMIDRV - ok
16:02:54.0711 4832 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:02:54.0713 4832 IPNAT - ok
16:02:54.0754 4832 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
16:02:54.0759 4832 iPod Service - ok
16:02:54.0769 4832 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:02:54.0770 4832 IRENUM - ok
16:02:54.0779 4832 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:02:54.0780 4832 isapnp - ok
16:02:54.0803 4832 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:02:54.0807 4832 iScsiPrt - ok
16:02:54.0815 4832 ISWKL (bf65e6d039ae37c988d5b2b680e7d718) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
16:02:54.0815 4832 ISWKL - ok
16:02:54.0837 4832 IswSvc (99148599fe4d0a5cd7c7eb74ed5a63e4) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
16:02:54.0841 4832 IswSvc - ok
16:02:54.0852 4832 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:02:54.0853 4832 kbdclass - ok
16:02:54.0862 4832 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:02:54.0864 4832 kbdhid - ok
16:02:54.0872 4832 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:54.0873 4832 KeyIso - ok
16:02:54.0887 4832 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:02:54.0888 4832 KSecDD - ok
16:02:54.0901 4832 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:02:54.0903 4832 KSecPkg - ok
16:02:54.0912 4832 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:02:54.0913 4832 ksthunk - ok
16:02:54.0929 4832 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:02:54.0935 4832 KtmRm - ok
16:02:54.0959 4832 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
16:02:54.0963 4832 LanmanServer - ok
16:02:54.0974 4832 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:02:54.0978 4832 LanmanWorkstation - ok
16:02:54.0991 4832 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:02:54.0993 4832 lltdio - ok
16:02:55.0008 4832 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:02:55.0012 4832 lltdsvc - ok
16:02:55.0021 4832 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:02:55.0022 4832 lmhosts - ok
16:02:55.0035 4832 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:02:55.0037 4832 LSI_FC - ok
16:02:55.0048 4832 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:02:55.0050 4832 LSI_SAS - ok
16:02:55.0060 4832 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:02:55.0061 4832 LSI_SAS2 - ok
16:02:55.0075 4832 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:02:55.0077 4832 LSI_SCSI - ok
16:02:55.0092 4832 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:02:55.0094 4832 luafv - ok
16:02:55.0105 4832 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
16:02:55.0105 4832 MBAMProtector - ok
16:02:55.0128 4832 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:02:55.0131 4832 MBAMService - ok
16:02:55.0141 4832 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:02:55.0144 4832 Mcx2Svc - ok
16:02:55.0153 4832 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:02:55.0154 4832 megasas - ok
16:02:55.0169 4832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:02:55.0172 4832 MegaSR - ok
16:02:55.0183 4832 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\4A9E.tmp
16:02:55.0183 4832 MEMSWEEP2 - ok
16:02:55.0204 4832 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:02:55.0206 4832 MMCSS - ok
16:02:55.0215 4832 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:02:55.0216 4832 Modem - ok
16:02:55.0226 4832 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:02:55.0227 4832 monitor - ok
16:02:55.0237 4832 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:02:55.0238 4832 mouclass - ok
16:02:55.0247 4832 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:02:55.0248 4832 mouhid - ok
16:02:55.0259 4832 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:02:55.0260 4832 mountmgr - ok
16:02:55.0272 4832 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:02:55.0275 4832 mpio - ok
16:02:55.0285 4832 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:02:55.0286 4832 mpsdrv - ok
16:02:55.0407 4832 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:02:55.0436 4832 MpsSvc - ok
16:02:55.0465 4832 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:02:55.0468 4832 MRxDAV - ok
16:02:55.0480 4832 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:02:55.0482 4832 mrxsmb - ok
16:02:55.0499 4832 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:02:55.0502 4832 mrxsmb10 - ok
16:02:55.0513 4832 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:02:55.0515 4832 mrxsmb20 - ok
16:02:55.0524 4832 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:02:55.0525 4832 msahci - ok
16:02:55.0537 4832 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:02:55.0539 4832 msdsm - ok
16:02:55.0550 4832 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:02:55.0552 4832 MSDTC - ok
16:02:55.0565 4832 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:02:55.0566 4832 Msfs - ok
16:02:55.0575 4832 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:02:55.0575 4832 mshidkmdf - ok
16:02:55.0584 4832 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:02:55.0585 4832 msisadrv - ok
16:02:55.0597 4832 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:02:55.0600 4832 MSiSCSI - ok
16:02:55.0607 4832 msiserver - ok
16:02:55.0618 4832 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:02:55.0619 4832 MSKSSRV - ok
16:02:55.0628 4832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:02:55.0629 4832 MSPCLOCK - ok
16:02:55.0639 4832 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:02:55.0639 4832 MSPQM - ok
16:02:55.0656 4832 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:02:55.0661 4832 MsRPC - ok
16:02:55.0672 4832 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:02:55.0673 4832 mssmbios - ok
16:02:55.0682 4832 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:02:55.0683 4832 MSTEE - ok
16:02:55.0692 4832 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:02:55.0693 4832 MTConfig - ok
16:02:55.0703 4832 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:02:55.0704 4832 Mup - ok
16:02:55.0714 4832 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
16:02:55.0715 4832 N360 - ok
16:02:55.0734 4832 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:02:55.0743 4832 napagent - ok
16:02:55.0760 4832 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:02:55.0764 4832 NativeWifiP - ok
16:02:55.0821 4832 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120323.023\ENG64.SYS
16:02:55.0823 4832 NAVENG - ok
16:02:55.0869 4832 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120323.023\EX64.SYS
16:02:55.0904 4832 NAVEX15 - ok
16:02:55.0916 4832 NBSPortDriver (34f20533f2e8f90914e86257d9a6922e) C:\Windows\system32\DRIVERS\NBSPortDriver.sys
16:02:55.0917 4832 NBSPortDriver - ok
16:02:55.0949 4832 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:02:55.0966 4832 NDIS - ok
16:02:55.0976 4832 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:02:55.0977 4832 NdisCap - ok
16:02:55.0987 4832 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:02:55.0988 4832 NdisTapi - ok
16:02:55.0998 4832 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:02:55.0999 4832 Ndisuio - ok
16:02:56.0012 4832 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:02:56.0014 4832 NdisWan - ok
16:02:56.0024 4832 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:02:56.0026 4832 NDProxy - ok
16:02:56.0036 4832 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:02:56.0037 4832 NetBIOS - ok
16:02:56.0051 4832 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:02:56.0054 4832 NetBT - ok
16:02:56.0063 4832 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:56.0064 4832 Netlogon - ok
16:02:56.0081 4832 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:02:56.0087 4832 Netman - ok
16:02:56.0106 4832 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:02:56.0115 4832 netprofm - ok
16:02:56.0123 4832 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:02:56.0124 4832 NetTcpPortSharing - ok
16:02:56.0134 4832 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:02:56.0136 4832 nfrd960 - ok
16:02:56.0151 4832 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:02:56.0157 4832 NlaSvc - ok
16:02:56.0164 4832 Norton PC Checkup Application Launcher - ok
16:02:56.0175 4832 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:02:56.0177 4832 Npfs - ok
16:02:56.0185 4832 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:02:56.0187 4832 nsi - ok
16:02:56.0197 4832 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:02:56.0198 4832 nsiproxy - ok
16:02:56.0243 4832 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:02:56.0269 4832 Ntfs - ok
16:02:56.0278 4832 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:02:56.0279 4832 Null - ok
16:02:56.0503 4832 nvlddmkm (a963c2c276a97b088ded5d7a83be8052) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:02:56.0705 4832 nvlddmkm - ok
16:02:56.0743 4832 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:02:56.0745 4832 nvraid - ok
16:02:56.0757 4832 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:02:56.0759 4832 nvstor - ok
16:02:56.0794 4832 NVSvc (dd9d86051b8f7669aabf693530f380fe) C:\Windows\system32\nvvsvc.exe
16:02:56.0800 4832 NVSvc - ok
16:02:56.0857 4832 nvUpdatusService (4472183de09f80cb1b56f217d8e0ab9b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:02:56.0869 4832 nvUpdatusService - ok
16:02:56.0881 4832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:02:56.0883 4832 nv_agp - ok
16:02:56.0901 4832 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:02:56.0903 4832 odserv - ok
16:02:56.0918 4832 OEM02Dev (44a9473d72983dd484b4f1bf0d946571) C:\Windows\system32\DRIVERS\OEM02Dev.sys
16:02:56.0922 4832 OEM02Dev - ok
16:02:56.0930 4832 OEM02Vfx (766f689564bc30e5a91f8621ce65ad68) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
16:02:56.0931 4832 OEM02Vfx - ok
16:02:56.0942 4832 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:02:56.0943 4832 ohci1394 - ok
16:02:56.0951 4832 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:02:56.0952 4832 ose - ok
16:02:56.0972 4832 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:56.0976 4832 p2pimsvc - ok
16:02:57.0003 4832 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:02:57.0008 4832 p2psvc - ok
16:02:57.0019 4832 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:02:57.0021 4832 Parport - ok
16:02:57.0031 4832 Partizan - ok
16:02:57.0047 4832 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:02:57.0049 4832 partmgr - ok
16:02:57.0062 4832 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:02:57.0065 4832 PcaSvc - ok
16:02:57.0085 4832 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
16:02:57.0086 4832 PCCUJobMgr - ok
16:02:57.0099 4832 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:02:57.0102 4832 pci - ok
16:02:57.0120 4832 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:02:57.0121 4832 pciide - ok
16:02:57.0139 4832 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:02:57.0142 4832 pcmcia - ok
16:02:57.0152 4832 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:02:57.0153 4832 pcw - ok
16:02:57.0181 4832 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:02:57.0188 4832 PEAUTH - ok
16:02:57.0234 4832 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
16:02:57.0259 4832 PeerDistSvc - ok
16:02:57.0277 4832 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:02:57.0278 4832 PerfHost - ok
16:02:57.0324 4832 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:02:57.0350 4832 pla - ok
16:02:57.0368 4832 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:02:57.0377 4832 PlugPlay - ok
16:02:57.0391 4832 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:02:57.0394 4832 PNRPAutoReg - ok
16:02:57.0405 4832 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:02:57.0408 4832 PNRPsvc - ok
16:02:57.0428 4832 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:02:57.0434 4832 PolicyAgent - ok
16:02:57.0446 4832 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:02:57.0449 4832 Power - ok
16:02:57.0460 4832 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:02:57.0462 4832 PptpMiniport - ok
16:02:57.0473 4832 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:02:57.0474 4832 Processor - ok
16:02:57.0487 4832 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:02:57.0491 4832 ProfSvc - ok
16:02:57.0500 4832 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:57.0501 4832 ProtectedStorage - ok
16:02:57.0514 4832 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:02:57.0516 4832 Psched - ok
16:02:57.0555 4832 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:02:57.0580 4832 ql2300 - ok
16:02:57.0611 4832 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:02:57.0613 4832 ql40xx - ok
16:02:57.0637 4832 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:02:57.0641 4832 QWAVE - ok
16:02:57.0652 4832 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:02:57.0653 4832 QWAVEdrv - ok
16:02:57.0662 4832 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:02:57.0663 4832 RasAcd - ok
16:02:57.0674 4832 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:02:57.0676 4832 RasAgileVpn - ok
16:02:57.0695 4832 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:02:57.0699 4832 RasAuto - ok
16:02:57.0711 4832 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:02:57.0713 4832 Rasl2tp - ok
16:02:57.0728 4832 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:02:57.0733 4832 RasMan - ok
16:02:57.0745 4832 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:02:57.0747 4832 RasPppoe - ok
16:02:57.0767 4832 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:02:57.0769 4832 RasSstp - ok
16:02:57.0785 4832 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:02:57.0788 4832 rdbss - ok
16:02:57.0798 4832 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:02:57.0799 4832 rdpbus - ok
16:02:57.0808 4832 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:02:57.0809 4832 RDPCDD - ok
16:02:57.0823 4832 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
16:02:57.0825 4832 RDPDR - ok
16:02:57.0834 4832 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:02:57.0835 4832 RDPENCDD - ok
16:02:57.0846 4832 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:02:57.0847 4832 RDPREFMP - ok
16:02:57.0866 4832 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
16:02:57.0867 4832 RdpVideoMiniport - ok
16:02:57.0884 4832 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
16:02:57.0888 4832 RDPWD - ok
16:02:57.0905 4832 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:02:57.0907 4832 rdyboost - ok
16:02:57.0918 4832 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:02:57.0921 4832 RemoteAccess - ok
16:02:57.0932 4832 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:02:57.0936 4832 RemoteRegistry - ok
16:02:57.0949 4832 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:02:57.0951 4832 RFCOMM - ok
16:02:57.0962 4832 rimmptsk (e31960692cbb3a8bcdf300bc1d889e1f) C:\Windows\system32\DRIVERS\rimmpx64.sys
16:02:57.0963 4832 rimmptsk - ok
16:02:57.0973 4832 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
16:02:57.0974 4832 rimsptsk - ok
16:02:57.0985 4832 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
16:02:57.0987 4832 rismxdp - ok
16:02:57.0997 4832 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:02:57.0999 4832 RpcEptMapper - ok
16:02:58.0008 4832 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:02:58.0009 4832 RpcLocator - ok
16:02:58.0029 4832 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:02:58.0033 4832 RpcSs - ok
16:02:58.0044 4832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:02:58.0046 4832 rspndr - ok
16:02:58.0055 4832 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
16:02:58.0055 4832 s3cap - ok
16:02:58.0065 4832 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:58.0066 4832 SamSs - ok
16:02:58.0078 4832 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:02:58.0079 4832 sbp2port - ok
16:02:58.0118 4832 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:02:58.0128 4832 SBSDWSCService - ok
16:02:58.0141 4832 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:02:58.0145 4832 SCardSvr - ok
16:02:58.0155 4832 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:02:58.0156 4832 scfilter - ok
16:02:58.0190 4832 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:02:58.0202 4832 Schedule - ok
16:02:58.0212 4832 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:02:58.0213 4832 SCPolicySvc - ok
16:02:58.0225 4832 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:02:58.0226 4832 sdbus - ok
16:02:58.0239 4832 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:02:58.0243 4832 SDRSVC - ok
16:02:58.0252 4832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:02:58.0254 4832 secdrv - ok
16:02:58.0263 4832 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:02:58.0265 4832 seclogon - ok
16:02:58.0275 4832 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:02:58.0277 4832 SENS - ok
16:02:58.0290 4832 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:02:58.0293 4832 SensrSvc - ok
16:02:58.0302 4832 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:02:58.0303 4832 Serenum - ok
16:02:58.0325 4832 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:02:58.0327 4832 Serial - ok
16:02:58.0336 4832 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:02:58.0337 4832 sermouse - ok
16:02:58.0352 4832 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:02:58.0356 4832 SessionEnv - ok
16:02:58.0365 4832 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:02:58.0366 4832 sffdisk - ok
16:02:58.0375 4832 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:02:58.0376 4832 sffp_mmc - ok
16:02:58.0385 4832 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:02:58.0386 4832 sffp_sd - ok
16:02:58.0395 4832 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:02:58.0396 4832 sfloppy - ok
16:02:58.0413 4832 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:02:58.0418 4832 SharedAccess - ok
16:02:58.0435 4832 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:02:58.0442 4832 ShellHWDetection - ok
16:02:58.0452 4832 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:02:58.0453 4832 SiSRaid2 - ok
16:02:58.0464 4832 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:02:58.0465 4832 SiSRaid4 - ok
16:02:58.0477 4832 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:02:58.0478 4832 Smb - ok
16:02:58.0491 4832 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:02:58.0493 4832 SNMPTRAP - ok
16:02:58.0503 4832 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:02:58.0504 4832 spldr - ok
16:02:58.0525 4832 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:02:58.0531 4832 Spooler - ok
16:02:58.0610 4832 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:02:58.0661 4832 sppsvc - ok
16:02:58.0671 4832 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:02:58.0675 4832 sppuinotify - ok
16:02:58.0699 4832 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
16:02:58.0706 4832 SRTSP - ok
16:02:58.0717 4832 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
16:02:58.0718 4832 SRTSPX - ok
16:02:58.0740 4832 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:02:58.0746 4832 srv - ok
16:02:58.0768 4832 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:02:58.0773 4832 srv2 - ok
16:02:58.0787 4832 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:02:58.0789 4832 srvnet - ok
16:02:58.0802 4832 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:02:58.0806 4832 SSDPSRV - ok
16:02:58.0816 4832 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:02:58.0818 4832 SstpSvc - ok
16:02:58.0834 4832 Stereo Service (a2abc52cd8a5b60262b220a17a92eb31) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:02:58.0836 4832 Stereo Service - ok
16:02:58.0846 4832 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:02:58.0847 4832 stexstor - ok
16:02:58.0869 4832 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:02:58.0877 4832 stisvc - ok
16:02:58.0888 4832 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
16:02:58.0889 4832 storflt - ok
16:02:58.0899 4832 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
16:02:58.0900 4832 storvsc - ok
16:02:58.0909 4832 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:02:58.0910 4832 swenum - ok
16:02:58.0931 4832 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:02:58.0938 4832 swprv - ok
16:02:58.0961 4832 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
16:02:58.0966 4832 SymDS - ok
16:02:58.0996 4832 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
16:02:59.0005 4832 SymEFA - ok
16:02:59.0019 4832 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:02:59.0021 4832 SymEvent - ok
16:02:59.0035 4832 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
16:02:59.0037 4832 SymIRON - ok
16:02:59.0056 4832 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
16:02:59.0060 4832 SymNetS - ok
16:02:59.0086 4832 Synth3dVsc - ok
16:02:59.0139 4832 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:02:59.0157 4832 SysMain - ok
16:02:59.0168 4832 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:02:59.0172 4832 TabletInputService - ok
16:02:59.0196 4832 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:02:59.0201 4832 TapiSrv - ok
16:02:59.0211 4832 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:02:59.0214 4832 TBS - ok
16:02:59.0260 4832 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:02:59.0294 4832 Tcpip - ok
16:02:59.0334 4832 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:02:59.0343 4832 TCPIP6 - ok
16:02:59.0356 4832 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:02:59.0358 4832 tcpipreg - ok
16:02:59.0369 4832 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:02:59.0370 4832 TDPIPE - ok
16:02:59.0384 4832 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:02:59.0385 4832 TDTCP - ok
16:02:59.0397 4832 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:02:59.0399 4832 tdx - ok
16:02:59.0410 4832 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:02:59.0411 4832 TermDD - ok
16:02:59.0440 4832 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:02:59.0448 4832 TermService - ok
16:02:59.0458 4832 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:02:59.0460 4832 Themes - ok
16:02:59.0470 4832 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:02:59.0471 4832 THREADORDER - ok
16:02:59.0480 4832 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
16:02:59.0480 4832 TomTomHOMEService - ok
16:02:59.0492 4832 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:02:59.0495 4832 TrkWks - ok
16:02:59.0504 4832 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:02:59.0505 4832 TrustedInstaller - ok
16:02:59.0517 4832 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:02:59.0518 4832 tssecsrv - ok
16:02:59.0529 4832 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:02:59.0531 4832 TsUsbFlt - ok
16:02:59.0539 4832 tsusbhub - ok
16:02:59.0553 4832 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:02:59.0555 4832 tunnel - ok
16:02:59.0566 4832 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:02:59.0567 4832 uagp35 - ok
16:02:59.0591 4832 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:02:59.0595 4832 udfs - ok
16:02:59.0608 4832 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:02:59.0610 4832 UI0Detect - ok
16:02:59.0621 4832 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:02:59.0622 4832 uliagpkx - ok
16:02:59.0632 4832 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:02:59.0633 4832 umbus - ok
16:02:59.0643 4832 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:02:59.0644 4832 UmPass - ok
16:02:59.0657 4832 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
16:02:59.0661 4832 UmRdpService - ok
16:02:59.0684 4832 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:02:59.0689 4832 upnphost - ok
16:02:59.0701 4832 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:02:59.0703 4832 USBAAPL64 - ok
16:02:59.0714 4832 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:02:59.0715 4832 usbccgp - ok
16:02:59.0733 4832 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:02:59.0735 4832 usbcir - ok
16:02:59.0745 4832 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:02:59.0747 4832 usbehci - ok
16:02:59.0764 4832 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:02:59.0767 4832 usbhub - ok
16:02:59.0777 4832 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:02:59.0778 4832 usbohci - ok
16:02:59.0789 4832 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:02:59.0790 4832 usbprint - ok
16:02:59.0801 4832 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:02:59.0802 4832 USBSTOR - ok
16:02:59.0812 4832 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
16:02:59.0813 4832 usbuhci - ok
16:02:59.0827 4832 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:02:59.0830 4832 usbvideo - ok
16:02:59.0839 4832 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:02:59.0842 4832 UxSms - ok
16:02:59.0851 4832 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:02:59.0852 4832 VaultSvc - ok
16:02:59.0863 4832 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:02:59.0864 4832 vdrvroot - ok
16:02:59.0886 4832 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:02:59.0892 4832 vds - ok
16:02:59.0903 4832 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:02:59.0904 4832 vga - ok
16:02:59.0914 4832 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:02:59.0915 4832 VgaSave - ok
16:02:59.0924 4832 VGPU - ok
16:02:59.0946 4832 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:02:59.0949 4832 vhdmp - ok
16:02:59.0959 4832 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:02:59.0960 4832 viaide - ok
16:02:59.0973 4832 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
16:02:59.0976 4832 vmbus - ok
16:02:59.0985 4832 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
16:02:59.0987 4832 VMBusHID - ok
16:02:59.0997 4832 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:02:59.0999 4832 volmgr - ok
16:03:00.0016 4832 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:03:00.0022 4832 volmgrx - ok
16:03:00.0038 4832 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:03:00.0041 4832 volsnap - ok
16:03:00.0073 4832 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
16:03:00.0078 4832 Vsdatant - ok
16:03:00.0085 4832 vsmon - ok
16:03:00.0099 4832 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:03:00.0101 4832 vsmraid - ok
16:03:00.0142 4832 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:03:00.0168 4832 VSS - ok
16:03:00.0178 4832 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:03:00.0179 4832 vwifibus - ok
16:03:00.0191 4832 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:03:00.0193 4832 vwififlt - ok
16:03:00.0204 4832 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:03:00.0205 4832 vwifimp - ok
16:03:00.0222 4832 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:03:00.0230 4832 W32Time - ok
16:03:00.0242 4832 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:03:00.0243 4832 WacomPen - ok
16:03:00.0255 4832 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:00.0257 4832 WANARP - ok
16:03:00.0260 4832 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:00.0261 4832 Wanarpv6 - ok
16:03:00.0294 4832 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:03:00.0320 4832 WatAdminSvc - ok
16:03:00.0360 4832 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:03:00.0385 4832 wbengine - ok
16:03:00.0400 4832 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:03:00.0404 4832 WbioSrvc - ok
16:03:00.0421 4832 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:03:00.0427 4832 wcncsvc - ok
16:03:00.0436 4832 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:03:00.0440 4832 WcsPlugInService - ok
16:03:00.0450 4832 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:03:00.0451 4832 Wd - ok
16:03:00.0514 4832 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:03:00.0520 4832 Wdf01000 - ok
16:03:00.0531 4832 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:00.0533 4832 WdiServiceHost - ok
16:03:00.0537 4832 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:00.0539 4832 WdiSystemHost - ok
16:03:00.0553 4832 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:03:00.0558 4832 WebClient - ok
16:03:00.0582 4832 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:03:00.0587 4832 Wecsvc - ok
16:03:00.0598 4832 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:03:00.0600 4832 wercplsupport - ok
16:03:00.0610 4832 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:03:00.0614 4832 WerSvc - ok
16:03:00.0623 4832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:03:00.0624 4832 WfpLwf - ok
16:03:00.0634 4832 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:03:00.0636 4832 WIMMount - ok
16:03:00.0639 4832 WinDefend - ok
16:03:00.0644 4832 WinHttpAutoProxySvc - ok
16:03:00.0663 4832 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:03:00.0666 4832 Winmgmt - ok
16:03:00.0716 4832 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:03:00.0758 4832 WinRM - ok
16:03:00.0774 4832 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
16:03:00.0776 4832 WinUsb - ok
16:03:00.0804 4832 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:03:00.0814 4832 Wlansvc - ok
16:03:00.0867 4832 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:03:00.0907 4832 wlidsvc - ok
16:03:00.0917 4832 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:03:00.0918 4832 WmiAcpi - ok
16:03:00.0934 4832 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:03:00.0936 4832 wmiApSrv - ok
16:03:00.0941 4832 WMPNetworkSvc - ok
16:03:00.0950 4832 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:03:00.0953 4832 WPCSvc - ok
16:03:00.0965 4832 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:03:00.0968 4832 WPDBusEnum - ok
16:03:00.0978 4832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:03:00.0979 4832 ws2ifsl - ok
16:03:00.0989 4832 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
16:03:00.0992 4832 wscsvc - ok
16:03:00.0999 4832 WSearch - ok
16:03:01.0066 4832 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:03:01.0112 4832 wuauserv - ok
16:03:01.0125 4832 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:03:01.0127 4832 WudfPf - ok
16:03:01.0140 4832 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:03:01.0142 4832 WUDFRd - ok
16:03:01.0153 4832 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:03:01.0155 4832 wudfsvc - ok
16:03:01.0169 4832 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:03:01.0174 4832 WwanSvc - ok
16:03:01.0203 4832 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
16:03:01.0208 4832 yukonw7 - ok
16:03:01.0230 4832 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:03:01.0266 4832 \Device\Harddisk0\DR0 - ok
16:03:01.0269 4832 Boot (0x1200) (412e86fb4442c9429b7d4cda3d0b79a4) \Device\Harddisk0\DR0\Partition0
16:03:01.0270 4832 \Device\Harddisk0\DR0\Partition0 - ok
16:03:01.0273 4832 Boot (0x1200) (f6d9b8727ac5472386c31443fdd628e0) \Device\Harddisk0\DR0\Partition1
16:03:01.0274 4832 \Device\Harddisk0\DR0\Partition1 - ok
16:03:01.0274 4832 ============================================================
16:03:01.0274 4832 Scan finished
16:03:01.0274 4832 ============================================================
16:03:01.0281 5468 Detected object count: 0
16:03:01.0281 5468 Actual detected object count: 0
16:04:42.0971 3904 Deinitialize success

#13 Jellopudding

Jellopudding
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 24 March 2012 - 03:37 PM

and here's the aswMBR one:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-24 16:08:40
-----------------------------
16:08:40.180 OS Version: Windows x64 6.1.7601 Service Pack 1
16:08:40.180 Number of processors: 2 586 0x1706
16:08:40.180 ComputerName: JINX UserName:
16:08:41.443 Initialize success
16:08:44.969 AVAST engine defs: 12032400
16:09:02.971 The log file has been saved successfully to "C:\Users\Ramey\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-24 16:08:40
-----------------------------
16:08:40.180 OS Version: Windows x64 6.1.7601 Service Pack 1
16:08:40.180 Number of processors: 2 586 0x1706
16:08:40.180 ComputerName: JINX UserName:
16:08:41.443 Initialize success
16:08:44.969 AVAST engine defs: 12032400
16:09:02.971 The log file has been saved successfully to "C:\Users\Ramey\Desktop\aswMBR.txt"
16:09:10.720 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
16:09:10.720 Disk 0 Vendor: ST95005620AS SD24 Size: 476940MB BusType: 11
16:09:10.720 Disk 0 MBR read successfully
16:09:10.720 Disk 0 MBR scan
16:09:10.736 Disk 0 Windows 7 default MBR code
16:09:10.736 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:09:10.736 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
16:09:10.751 Disk 0 scanning C:\Windows\system32\drivers
16:09:14.776 Service scanning
16:09:25.244 Modules scanning
16:09:25.244 Disk 0 trace - called modules:
16:09:25.244 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:09:25.244 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004639060]
16:09:25.244 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0xfffffa80041821f0]
16:09:26.508 AVAST engine scan C:\Windows
16:09:28.068 AVAST engine scan C:\Windows\system32
16:11:08.518 AVAST engine scan C:\Windows\system32\drivers
16:11:14.976 AVAST engine scan C:\Users\Ramey
16:15:54.188 AVAST engine scan C:\ProgramData
16:16:19.413 Scan finished successfully
16:36:32.145 Disk 0 MBR has been saved successfully to "C:\Users\Ramey\Desktop\MBR.dat"
16:36:32.161 The log file has been saved successfully to "C:\Users\Ramey\Desktop\aswMBR.txt"

#14 Jellopudding

Jellopudding
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 24 March 2012 - 03:39 PM

Also, I didn't turn off any of the antivirus programs (Norton, Malwarebytes, etc) like I did prior to running combofix as the instructions didn't specify to do so. I just thought I'd let you know that.

-Jello

Edited by Jellopudding, 24 March 2012 - 03:39 PM.


#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 PM

Posted 24 March 2012 - 10:33 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users