Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Codec-c


  • This topic is locked This topic is locked
25 replies to this topic

#1 Mriiadelmar

Mriiadelmar

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 04 April 2012 - 06:47 PM

Hello, I don't know how I got the malware. My sister, who also had problems with the same malware, is the one who told me what it was. The PC is sometimes slow. My homepages have been changed and when I check some pages like Youtube or a Google search I get Adds on the screen. My start programs have not been deleted. The visual indicator for the volume is gone. I do have the Volume icon on the System tray.

Thanks for any help you can give me.

I ran the DDS and here are the logs:

DDS:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Maria del Mar at 18:26:18 on 2012-04-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.57.3082.18.4061.1564 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\nvvsvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Maria del Mar\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\DllHost.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mystart.incredibar.com/mb119?a=6OywHtUUIv&i=26
uSearch Page = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
uSearch Bar = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://startsear.ch/?aff=1&cf=efd4301f-479d-11e1-99da-002622c7103e
mWindow Title =
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
BHO: Browser Companion Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll
BHO: Messenger Plus! Community SmartbarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll
BHO: Codec-C Class: {6dcf92e8-78af-4df2-b1e7-5d26acfd94a3} - C:\ProgramData\Codec-C\bhoclass.dll
BHO: Incredibar.com Helper Object: {6e13dde1-2b6e-46ce-8b66-dc8bf36f6b99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: IE5BarLauncherBHO Class: {78f3a323-798e-4aea-9a57-88f4b05fd5dd} - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Browser Companion Helper Verifier: {963b125b-8b21-49a2-a3a8-e37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll
TB: VShareToolBar: {7ac3e13b-3bca-4158-b330-f66dbb03c1b5} - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll
TB: Messenger Plus! Community Smartbar: {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll
TB: Incredibar Toolbar: {f9639e4a-801b-4843-aee3-03d9da199e77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Facebook Update] "C:\Users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Browser Infrastructure Helper] C:\Users\Maria del Mar\AppData\Local\Smartbar\Application\Smartbar.exe startup
uRun: [MediaGet2] C:\Users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe --minimized
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /S=3
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
StartupFolder: C:\Users\MARIAD~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RECORT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Enviar a OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{148D7B6D-D88E-42F3-AB3F-D42D25783E46} : DhcpNameServer = 192.168.254.254
TCP: Interfaces\{AC7BB24D-3735-4F18-8A02-B2890B1F6E95} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AC7BB24D-3735-4F18-8A02-B2890B1F6E95}\269647F637 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{AC7BB24D-3735-4F18-8A02-B2890B1F6E95}\84F6275737630363 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AC7BB24D-3735-4F18-8A02-B2890B1F6E95}\C696E6162616574796374716 : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{AC7BB24D-3735-4F18-8A02-B2890B1F6E95}\C696E6B6379737 : DhcpNameServer = 190.157.2.140 200.118.2.91
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{00cbb66b-1d3b-46d3-9577-323a336acb50}
{0347C33E-8762-4905-BF09-768834316C61}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}
{2EECD738-5844-4a99-B4B6-146BF802613B}
{31ad400d-1b06-4e33-a59a-90c2c140cba0}
{6DCF92E8-78AF-4DF2-B1E7-5D26ACFD94A3}
{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{963B125B-8B21-49A2-A3A8-E37092276531}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
{ae07101b-46d4-4a98-af68-0333ea26e113}
{F9639E4A-801B-4843-AEE3-03D9DA199E77}
TB-X64: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun-x64: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun-x64: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /S=3
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18776
FF - prefs.js: browser.search.selectedEngine - Plus! Network
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com/mb119?a=6OywHtUUIv&i=26
FF - prefs.js: keyword.URL - hxxp://www.plusnetwork.com/?sp=addr&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Maria del Mar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Maria del Mar\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OywHtUUIv&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 629418cc0000000000000026822fe388
FF - user.js: extensions.incredibar_i.instlDay - 15423
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:49:54
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OywHtUUIv
FF - user.js: extensions.incredibar_i.upn2n - 92261116896765783
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10606
FF - user.js: extensions.incredibar_i.ppd - 85%5F2
.
============= SERVICES / DRIVERS ===============
.
R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]
R1 funfrm;funfrm;C:\windows\system32\drivers\funfrm.sys --> C:\windows\system32\drivers\funfrm.sys [?]
R1 PSINKNC;PSINKNC;C:\windows\system32\DRIVERS\psinknc.sys --> C:\windows\system32\DRIVERS\psinknc.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-17 40384]
R2 epfwwfpr;epfwwfpr;C:\windows\system32\DRIVERS\epfwwfpr.sys --> C:\windows\system32\DRIVERS\epfwwfpr.sys [?]
R2 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]
R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-2-16 124832]
R2 PSINAflt;PSINAflt;C:\windows\system32\DRIVERS\PSINAflt.sys --> C:\windows\system32\DRIVERS\PSINAflt.sys [?]
R2 PSINFile;PSINFile;C:\windows\system32\DRIVERS\PSINFile.sys --> C:\windows\system32\DRIVERS\PSINFile.sys [?]
R2 PSINProc;PSINProc;C:\windows\system32\DRIVERS\PSINProc.sys --> C:\windows\system32\DRIVERS\PSINProc.sys [?]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-17 40384]
R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-17 40384]
R3 LgBttPort;LGE Bluetooth TransPort;C:\windows\system32\DRIVERS\lgbtpt64.sys --> C:\windows\system32\DRIVERS\lgbtpt64.sys [?]
R3 lgbusenum;LG Bluetooth Bus Enumerator;C:\windows\system32\DRIVERS\lgbtbs64.sys --> C:\windows\system32\DRIVERS\lgbtbs64.sys [?]
R3 LGVMODEM;LGE Virtual Modem;C:\windows\system32\DRIVERS\lgvmdm64.sys --> C:\windows\system32\DRIVERS\lgvmdm64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 usbsmi;Lenovo EasyCamera;C:\windows\system32\DRIVERS\SMIksdrv.sys --> C:\windows\system32\DRIVERS\SMIksdrv.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdmirror;wdmirror;C:\windows\system32\DRIVERS\WDMirror.sys --> C:\windows\system32\DRIVERS\WDMirror.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 NanoServiceMain;NanoServiceMain;"C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe" --> C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [?]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253600]
S3 Andbus;LGE Android Platform Composite USB Device;C:\windows\system32\DRIVERS\lgandbus64.sys --> C:\windows\system32\DRIVERS\lgandbus64.sys [?]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\windows\system32\DRIVERS\lganddiag64.sys --> C:\windows\system32\DRIVERS\lganddiag64.sys [?]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\windows\system32\DRIVERS\lgandgps64.sys --> C:\windows\system32\DRIVERS\lgandgps64.sys [?]
S3 ANDModem;LGE Android Platform USB Modem;C:\windows\system32\DRIVERS\lgandmodem64.sys --> C:\windows\system32\DRIVERS\lgandmodem64.sys [?]
S3 Bridge0;Bridge0;C:\windows\system32\drivers\WDBridge.sys --> C:\windows\system32\drivers\WDBridge.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-10-4 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-10-4 472328]
S3 maconfservice;Ma-Config Service;"C:\Program Files (x86)\ma-config.com\maconfservice.exe" --> C:\Program Files (x86)\ma-config.com\maconfservice.exe [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
.
=============== Created Last 30 ================
.
2012-04-03 18:50:54 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{905FBBBC-93B5-4A48-AE30-0EEC09468DD0}\mpengine.dll
2012-04-03 17:52:39 8767136 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-03 17:31:23 418464 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-04-03 17:30:37 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{2F171652-0948-4A8F-B581-A20B2DC8D215}
2012-04-03 17:29:55 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{F43980EF-ED1E-436A-A6DF-365CB538AED6}
2012-03-25 00:15:15 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{79577BE7-2052-4E42-AF78-A9961BD6F9E7}
2012-03-25 00:15:04 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{1ECEE723-24C1-4DEB-92F7-0EA42069EC4B}
2012-03-24 02:21:52 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{A9C26491-2191-47A1-B76E-20E85E9653AE}
2012-03-24 02:21:41 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{6760B057-BA08-41B1-AD24-94E718107506}
2012-03-24 01:50:02 -------- d-----w- C:\ProgramData\Premium
2012-03-24 01:49:54 -------- d-----w- C:\Program Files (x86)\Incredibar.com
2012-03-24 01:49:00 -------- d-----w- C:\ProgramData\Codec-C
2012-03-24 01:48:54 -------- d-----w- C:\codec-info
2012-03-24 01:48:47 -------- d-----w- C:\ProgramData\InstallMate
2012-03-23 14:21:28 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{86B845EE-4BC0-45FB-B58F-02AC31DA489F}
2012-03-23 02:17:57 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{E381DA20-E403-4D1F-B302-9BB326F50595}
2012-03-23 02:17:34 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{78F15DBE-80A4-4784-856A-2F6E63938FFC}
2012-03-18 20:00:51 -------- d-----w- C:\Users\Maria del Mar\AppData\Roaming\Media Get LLC
2012-03-18 20:00:51 -------- d-----w- C:\ProgramData\Media Get LLC
2012-03-18 19:15:49 -------- d-----w- C:\LGP970H
2012-03-18 18:30:28 -------- d-----w- C:\Program Files (x86)\Dll-Files.com Fixer
2012-03-18 18:24:36 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{B060BE77-E38F-483B-B96A-33F2A0D485B1}
2012-03-18 18:24:23 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{37233BB0-15FE-468A-883D-D8CA50DF9F45}
2012-03-18 18:16:22 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\LG Electronics
2012-03-18 18:15:44 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-03-18 17:47:02 655872 ----a-w- C:\windows\SysWow64\msvcr90.dll
2012-03-18 17:47:02 568832 ----a-w- C:\windows\SysWow64\msvcp90.dll
2012-03-18 17:47:02 224768 ----a-w- C:\windows\SysWow64\msvcm90.dll
2012-03-18 17:46:58 53248 ----a-w- C:\windows\SysWow64\CommonDL.dll
2012-03-18 17:46:58 44544 ----a-w- C:\windows\SysWow64\msxml4a.dll
2012-03-18 17:46:52 -------- d-----w- C:\ProgramData\LGMOBILEAX
2012-03-18 17:40:53 -------- d-----w- C:\Program Files (x86)\LG Electronics
2012-03-18 04:55:58 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{7EDB78E5-1BC1-4060-8291-5227B6E978F6}
2012-03-16 22:47:48 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{FF4DEAC3-48CF-4980-9C6E-ED3370D13F07}
2012-03-16 22:47:36 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{B0729520-5E05-4120-9862-6FD906343992}
2012-03-16 04:34:04 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-03-16 04:34:03 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-03-16 04:34:03 3913584 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-03-16 04:29:58 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{38D10A2B-7705-4112-9912-FBB4AC7F6D32}
2012-03-16 04:29:42 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{88B462BC-8EF3-4F65-B329-F4AEF7D85D6B}
2012-03-14 01:10:03 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-03-14 01:10:00 1544192 ----a-w- C:\windows\System32\DWrite.dll
2012-03-14 01:09:59 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-03-13 19:32:28 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-03-13 19:32:28 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-03-13 19:32:28 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-03-13 19:32:27 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2012-03-13 19:32:26 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-03-13 19:32:26 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-03-13 19:32:26 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-03-13 19:19:53 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{AF363254-2A5D-46E6-A5C9-E243CFA83B47}
2012-03-13 04:33:00 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{127BF962-544F-4F30-983D-DEAC41C4005A}
2012-03-13 04:32:47 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{BD99080F-78D5-4B2B-B104-025F05EE29D7}
2012-03-12 02:05:58 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{22BB218C-D3CD-4D64-8B68-FB0DE576CA31}
2012-03-12 02:05:47 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{96F48225-28B6-459D-AFAE-14EAE5EA0ABC}
2012-03-11 14:05:21 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{E39E857B-0171-4866-832A-D34B0E2CF0B5}
2012-03-11 14:05:10 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{B94C614A-E635-4393-83EA-249EEB744A96}
2012-03-10 18:21:59 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{A462750F-B589-4BE0-828B-B3A805092849}
2012-03-10 18:21:48 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{59F614D5-D10B-4CC8-8EF0-EFE06E700DDA}
2012-03-10 06:21:36 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{6A18BCA0-8F32-4449-B5C4-167EC2277947}
2012-03-10 06:21:25 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{85B9B03E-937D-4FD5-8AE3-72C11D7639B4}
2012-03-09 05:06:22 -------- d-----w- C:\ProgramData\ADInstruments
2012-03-09 05:06:20 -------- d-----w- C:\Users\Maria del Mar\AppData\Roaming\ADInstruments
2012-03-09 05:06:19 -------- d-----w- C:\Program Files (x86)\Common Files\ADInstruments
2012-03-09 05:06:19 -------- d-----w- C:\Program Files (x86)\ADInstruments
2012-03-09 04:23:10 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{01F8FFC3-56AB-4930-B4EF-E2A8BC17B09F}
2012-03-09 04:22:59 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{F73FA1AC-0FC0-4DD6-8516-30EBDA696651}
2012-03-07 21:17:40 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{FF7948D5-7E13-4B4C-B045-E9C36554804B}
2012-03-07 21:17:29 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{8674BB8F-E094-4306-89AF-F503AB4AA765}
2012-03-07 06:49:53 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{49C28BAF-CB65-49B8-B44D-D1F12B083A32}
2012-03-07 06:49:42 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{3C939C81-4137-4248-8D88-2041833D3B9B}
2012-03-06 15:34:17 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{8BF97E23-015E-44A8-BE48-9E8B0DDB27BB}
2012-03-06 15:34:06 -------- d-----w- C:\Users\Maria del Mar\AppData\Local\{2E745809-58D4-450E-B467-8D81AB0E0C24}
.
==================== Find3M ====================
.
2012-04-03 17:52:46 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 14:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 18:27:20,48 ===============



Attach:


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 23/12/2009 03:22:43 p.m.
System Uptime: 03/04/2012 12:27:25 p.m. (30 hours ago)
.
Motherboard: LENOVO | | NITU1
Processor: Intel® Core™2 Duo CPU T6600 @ 2.20GHz | U2E1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 253 GiB total, 84,494 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 29,083 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP323: 18/03/2012 12:40:30 p.m. - Instalado LG United Mobile Driver
RP325: 18/03/2012 01:15:02 p.m. - Install LG UNITED Drivers
RP326: 18/03/2012 01:33:29 p.m. - DLL-Files.com Fixer dom, mar 18, 12 13:33
RP327: 18/03/2012 01:41:30 p.m. - Instalado Microsoft Visual C++ 2005 Redistributable
RP328: 18/03/2012 02:34:00 p.m. - Before uninstalling PriceGong 2.5.2
RP329: 18/03/2012 02:38:35 p.m. - Before uninstalling MediaGet2 version 2.1.904.0
RP330: 18/03/2012 02:55:40 p.m. - Before uninstalling MediaGet2 versión 2.1.780.0
RP331: 18/03/2012 02:57:45 p.m. - Before uninstalling Dll-Files.com Fixer
RP332: 18/03/2012 03:01:05 p.m. - Before uninstalling RealPlayer
RP333: 21/03/2012 03:00:15 p.m. - Windows Update
RP334: 27/03/2012 03:36:28 p.m. - Windows Update
RP335: 30/03/2012 05:15:51 p.m. - Windows Update
RP336: 03/04/2012 12:05:31 p.m. - Windows Update
.
==== Installed Programs ======================
.
.
ADInstruments LabChart 7.3.2 Reader
Adobe Reader 9.5.0 - Español
avast! Free Antivirus
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
Broadcom 802.11 Wireless Driver
BrowserCompanion
BufferChm
Codec-C
Compresor WinRAR
Copy
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DivX Setup
DJ_AIO_06_K209a-z_SW_Min
Energy Management
Epi Info
Facebook Video Calling 1.2.0.159
Galería fotográfica de Windows Live
Google Chrome
GPBaseService2
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
Incredibar Toolbar on IE
Java Auto Updater
Java™ 6 Update 29
K209a-z
Lenovo Driver Download Manager
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
LG Bluetooth Drivers
LG United Mobile Drivers
Lizardtech DjVu Control
Ma-Config.com
MarketResearch
Messenger Plus! 5
Messenger Plus! Community Smartbar
Messenger Plus! for Skype
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Spanish) 2010
Microsoft Office Excel MUI (Spanish) 2010
Microsoft Office Groove MUI (Spanish) 2010
Microsoft Office InfoPath MUI (Spanish) 2010
Microsoft Office OneNote MUI (Spanish) 2010
Microsoft Office Outlook MUI (Spanish) 2010
Microsoft Office PowerPoint MUI (Spanish) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Basque) 2010
Microsoft Office Proof (Catalan) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Galician) 2010
Microsoft Office Proof (Portuguese (Brazil)) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (Spanish) 2010
Microsoft Office Publisher MUI (Spanish) 2010
Microsoft Office Shared MUI (Spanish) 2010
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (Spanish) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Setup Support Files (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobipocket Reader 6.2
Mozilla Firefox 6.0.2 (x86 es-ES)
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 Parser and SDK
OpenOffice.org 3.2
PhotoScape
Picasa 3
Power2Go
Realtek USB 2.0 Card Reader
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2478663)
Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2518870)
Skype Click to Call
Skype™ 5.5
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
Uniblue RegistryBooster
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
USB Disk Security
VC80CRTRedist - 8.0.50727.4053
VeriFace
vShare plugin 1.3
VshareComplete
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
Your Uninstaller! 2010
.
==== Event Viewer Messages From Past Week ========
.
03/04/2012 12:28:04 p.m., Error: Service Control Manager [7000] - El servicio ReadyComm.DirectRouter no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado.
03/04/2012 12:28:04 p.m., Error: Service Control Manager [7000] - El servicio NanoServiceMain no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado.
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:03 AM

Posted 05 April 2012 - 01:46 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Mriiadelmar

Mriiadelmar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 05 April 2012 - 01:16 PM

Hi,

I didn't listen to my sister when she said no to do anything and using uninstaller I cleaned my computer a little bit. One of the files it wanted to delete was codec-c and I said yes, so now I'm missing the Start Menu Programs.

Here is the Combofix log Part 1. The forum is telling me it's too long:

omboFix 12-04-05.06 - Maria del Mar 05/04/2012 12:45:17.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.57.3082.18.4061.2358 [GMT -5:00]
Running from: c:\users\Maria del Mar\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Incredibar.com
c:\program files (x86)\StartSearch plugin
c:\programdata\Codec-C
c:\programdata\Codec-C\background.html
c:\programdata\Codec-C\bhoclass.dll
c:\programdata\Codec-C\content.js
c:\programdata\Codec-C\data\content.js
c:\programdata\Codec-C\data\jsondb.js
c:\programdata\Codec-C\hjakmojkcnhgipgkkbiempkfdndcnlah.crx
c:\programdata\Codec-C\settings.ini
c:\programdata\Codec-C\uninstall.exe
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{06ABC949-3FF0-4C02-900E-FB23BA741E6F}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0C937826-5143-4573-BC9E-BFFEFE8ED231}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{2AE946DD-6FC3-4DF4-A9B6-23411B7DECE7}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{3FEFA865-4B19-4513-825F-47132775DC01}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4581E748-D242-4AF9-BAE3-35C39A1C3598}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{62C4E1EA-FA64-437A-907B-F7CF6BD89B1F}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A504A446-8922-4823-A656-2B4B0D9D3844}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B0807875-BD9F-4BA5-8A5C-C0DB233C2AD3}.xps
c:\users\Maria del Mar\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B7CD4270-D466-42A2-AE95-A7423157EAFB}.xps
.
.
((((((((((((((((((((((((( Files Created from 2012-03-05 to 2012-04-05 )))))))))))))))))))))))))))))))
.
.
2012-04-05 17:52 . 2012-04-05 17:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-05 17:52 . 2012-04-05 17:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-05 17:52 . 2012-04-05 17:52 -------- d-----w- c:\users\AppData\AppData\Local\temp
2012-04-04 23:35 . 2012-04-04 23:35 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{905FBBBC-93B5-4A48-AE30-0EEC09468DD0}\offreg.dll
2012-04-03 18:50 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{905FBBBC-93B5-4A48-AE30-0EEC09468DD0}\mpengine.dll
2012-04-03 17:52 . 2012-04-03 17:52 8767136 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-03 17:31 . 2012-04-03 17:52 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-24 01:50 . 2012-03-24 01:50 -------- d-----w- c:\programdata\Premium
2012-03-24 01:49 . 2012-03-24 01:49 453 ----a-w- C:\user.js
2012-03-24 01:48 . 2012-03-24 01:48 -------- d-----w- C:\codec-info
2012-03-24 01:48 . 2012-03-24 01:50 -------- d-----w- c:\programdata\InstallMate
2012-03-18 20:00 . 2012-03-18 20:00 -------- d-----w- c:\users\Maria del Mar\AppData\Roaming\Media Get LLC
2012-03-18 20:00 . 2012-03-18 20:00 -------- d-----w- c:\programdata\Media Get LLC
2012-03-18 19:15 . 2012-03-18 19:21 -------- d-----w- C:\LGP970H
2012-03-18 18:30 . 2012-03-18 19:57 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer
2012-03-18 18:16 . 2012-03-18 19:59 -------- d-----w- c:\users\Maria del Mar\AppData\Local\LG Electronics
2012-03-18 18:15 . 2012-03-18 18:15 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-18 17:47 . 2011-05-10 18:37 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll
2012-03-18 17:47 . 2011-05-10 18:37 568832 ----a-w- c:\windows\SysWow64\msvcp90.dll
2012-03-18 17:47 . 2011-05-10 18:37 224768 ----a-w- c:\windows\SysWow64\msvcm90.dll
2012-03-18 17:46 . 2006-05-04 13:33 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll
2012-03-18 17:46 . 2005-10-04 06:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2012-03-18 17:46 . 2012-03-18 17:47 -------- d-----w- c:\programdata\LGMOBILEAX
2012-03-18 17:40 . 2012-03-18 19:59 -------- d-----w- c:\program files (x86)\LG Electronics
2012-03-16 04:34 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-16 04:34 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-16 04:34 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 01:10 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 01:10 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 01:09 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 19:32 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 19:32 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 19:32 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 19:32 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 19:32 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 19:32 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 19:32 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-09 05:06 . 2012-03-09 05:17 -------- d-----w- c:\programdata\ADInstruments
2012-03-09 05:06 . 2012-03-09 05:06 -------- d-----w- c:\users\Maria del Mar\AppData\Roaming\ADInstruments
2012-03-09 05:06 . 2012-03-09 05:06 -------- d-----w- c:\program files (x86)\Common Files\ADInstruments
2012-03-09 05:06 . 2012-03-09 05:06 -------- d-----w- c:\program files (x86)\ADInstruments
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-03 17:52 . 2011-06-04 02:48 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 14:18 . 2010-01-18 02:52 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-19_15.07.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-04-03 16:38 . 2010-11-20 12:08 96768 c:\windows\SysWOW64\sspicli.dll
+ 2012-01-19 18:14 . 2011-11-17 05:28 96768 c:\windows\SysWOW64\sspicli.dll
+ 2012-01-19 18:14 . 2011-11-17 05:34 22016 c:\windows\SysWOW64\secur32.dll
- 2011-04-03 16:38 . 2010-11-20 12:21 22016 c:\windows\SysWOW64\secur32.dll
+ 2012-01-11 14:45 . 2011-11-19 14:01 67072 c:\windows\SysWOW64\packager.dll
- 2011-10-13 08:01 . 2011-09-01 02:23 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-02-18 15:33 . 2011-12-14 02:50 72704 c:\windows\SysWOW64\mshtmled.dll
- 2011-10-13 08:01 . 2011-09-01 02:26 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-02-18 15:33 . 2011-12-14 02:54 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2011-10-13 08:01 . 2011-09-01 02:26 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-02-18 15:33 . 2011-12-14 02:54 65024 c:\windows\SysWOW64\jsproxy.dll
- 2009-07-14 04:54 . 2011-11-19 14:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-05 17:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-19 14:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-05 17:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-19 14:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-05 17:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-03 05:32 . 2012-04-03 17:30 60560 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-03 17:30 56214 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-24 00:00 . 2012-04-03 17:30 15690 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4254279623-98128295-3263468077-1004_UserData.bin
- 2011-04-03 16:39 . 2010-11-20 13:27 29184 c:\windows\system32\sspisrv.dll
+ 2012-01-19 18:14 . 2011-11-17 06:35 29184 c:\windows\system32\sspisrv.dll
- 2011-04-03 16:38 . 2010-11-20 13:27 28160 c:\windows\system32\secur32.dll
+ 2012-01-19 18:14 . 2011-11-17 06:35 28160 c:\windows\system32\secur32.dll
+ 2012-01-11 14:45 . 2011-11-19 14:58 77312 c:\windows\system32\packager.dll
+ 2012-02-18 15:33 . 2011-12-14 06:57 96256 c:\windows\system32\mshtmled.dll
- 2011-10-13 08:01 . 2011-09-01 05:12 96256 c:\windows\system32\mshtmled.dll
- 2011-10-13 08:01 . 2011-09-01 05:15 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-02-18 15:33 . 2011-12-14 07:02 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2009-07-13 23:20 . 2009-07-14 01:39 31232 c:\windows\system32\lsass.exe
+ 2012-01-19 18:14 . 2011-11-17 06:33 31232 c:\windows\system32\lsass.exe
- 2011-10-13 08:01 . 2011-09-01 05:15 85504 c:\windows\system32\jsproxy.dll
+ 2012-02-18 15:33 . 2011-12-14 07:01 85504 c:\windows\system32\jsproxy.dll
- 2009-07-14 05:30 . 2011-10-27 03:00 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-03-18 18:26 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-04-27 16:08 . 2011-04-27 16:08 34816 c:\windows\system32\DriverStore\FileRepository\lgx64modem.inf_amd64_neutral_97c6e2373c7f60a1\lgx64modem.sys
+ 2011-04-27 16:08 . 2011-04-27 16:08 27136 c:\windows\system32\DriverStore\FileRepository\lgx64gps.inf_amd64_neutral_09a95f23df944f8f\lgx64gps.sys
+ 2011-04-27 16:08 . 2011-04-27 16:08 28160 c:\windows\system32\DriverStore\FileRepository\lgx64diag.inf_amd64_neutral_cfaf158c531d7573\lgx64diag.sys
+ 2011-04-27 16:08 . 2011-04-27 16:08 17920 c:\windows\system32\DriverStore\FileRepository\lgx64bus.inf_amd64_neutral_67749c59e36fff71\lgx64bus.sys
+ 2009-09-29 13:15 . 2009-09-29 13:15 17408 c:\windows\system32\DriverStore\FileRepository\lgvmdm64.inf_amd64_neutral_1e82f777c958ff58\lgvmdm64.sys
+ 2009-09-29 13:15 . 2009-09-29 13:15 16384 c:\windows\system32\DriverStore\FileRepository\lgbtpt64.inf_amd64_neutral_95e66297f4b5c692\lgbtpt64.sys
+ 2009-09-29 13:15 . 2009-09-29 13:15 14848 c:\windows\system32\DriverStore\FileRepository\lgbtbs64.inf_amd64_neutral_4db6aa3dc6d659cb\lgbtbs64.sys
+ 2011-09-16 12:26 . 2011-09-16 12:26 93184 c:\windows\system32\DriverStore\FileRepository\lgandnetndis64.inf_amd64_neutral_7c7b00588a3ab85b\lgandnetndis64.sys
+ 2011-09-06 06:00 . 2011-09-06 06:00 35840 c:\windows\system32\DriverStore\FileRepository\lgandnetmodem64.inf_amd64_neutral_ac3e1b568842367a\lgandnetmodem64.sys
+ 2011-09-06 06:00 . 2011-09-06 06:00 36352 c:\windows\system32\DriverStore\FileRepository\lgandnetmodem264.inf_amd64_neutral_fbfac470dfd0c661\lgandnetmodem264.sys
+ 2011-09-06 06:00 . 2011-09-06 06:00 28160 c:\windows\system32\DriverStore\FileRepository\lgandnetgps64.inf_amd64_neutral_41d2367ff4241031\lgandnetgps64.sys
+ 2011-09-06 06:00 . 2011-09-06 06:00 29184 c:\windows\system32\DriverStore\FileRepository\lgandnetdiag64.inf_amd64_neutral_e44506c5837988b2\lgandnetdiag64.sys
+ 2011-09-06 06:00 . 2011-09-06 06:00 29184 c:\windows\system32\DriverStore\FileRepository\lgandnetdiag264.inf_amd64_neutral_d5483b221ba2a96d\lgandnetdiag264.sys
+ 2011-09-06 06:19 . 2011-09-06 06:19 31744 c:\windows\system32\DriverStore\FileRepository\lgandnetadb.inf_amd64_neutral_ae6269158adde78b\amd64\lgandnetadb.sys
+ 2010-12-23 22:35 . 2010-12-23 22:35 34304 c:\windows\system32\DriverStore\FileRepository\lgandmodem64.inf_amd64_neutral_1f26d627f466380a\lgandmodem64.sys
+ 2010-12-23 22:35 . 2010-12-23 22:35 27136 c:\windows\system32\DriverStore\FileRepository\lgandgps64.inf_amd64_neutral_9c3a3484e5a6122a\lgandgps64.sys
+ 2010-12-23 22:35 . 2010-12-23 22:35 27648 c:\windows\system32\DriverStore\FileRepository\lganddiag64.inf_amd64_neutral_f572e0b309c73741\lganddiag64.sys
+ 2010-12-23 22:35 . 2010-12-23 22:35 19456 c:\windows\system32\DriverStore\FileRepository\lgandbus64.inf_amd64_neutral_18928b454bf95d0c\lgandbus64.sys
+ 2010-08-02 21:19 . 2010-08-02 21:19 31744 c:\windows\system32\DriverStore\FileRepository\lgandadb.inf_amd64_neutral_ce3a1c979b5089a5\amd64\lgandadb.sys
+ 2012-01-19 18:14 . 2011-11-17 06:49 95600 c:\windows\system32\drivers\ksecdd.sys
+ 2011-12-14 18:01 . 2011-10-26 05:21 43520 c:\windows\system32\csrsrv.dll
- 2009-07-13 23:19 . 2009-07-14 01:40 43520 c:\windows\system32\csrsrv.dll
- 2009-12-23 20:23 . 2011-11-15 18:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-23 20:23 . 2012-04-03 17:52 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-23 20:23 . 2012-04-03 17:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-23 20:23 . 2011-11-15 18:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-03 17:52 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-15 18:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:46 . 2011-11-14 16:39 96016 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2012-04-03 17:36 96016 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-11-22 04:57 . 2011-11-22 04:57 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2012-01-06 04:29 . 2011-12-25 20:40 43280 c:\windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_wp.exe
+ 2011-11-22 03:31 . 2011-11-22 03:31 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2012-01-06 04:29 . 2011-12-25 20:42 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-04-03 17:09 . 2012-04-03 17:09 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 35264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 76200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 43976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 79776 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 25016 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.resources.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 28600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.resources.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 15208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 14760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Word.Implementation.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Office.Tools.Word.Implementation.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 27528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.v4.0.Framework\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.v4.0.Framework.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 13728 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.v4.0.Framework.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Office.Tools.v4.0.Framework.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 56184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Outlook\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Outlook.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 17840 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Outlook.Implementation.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Office.Tools.Outlook.Implementation.resources.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 12720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Excel.Implementation.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Office.Tools.Excel.Implementation.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 91512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Common\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Common.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 27056 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Common.Implementation.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.Office.Tools.Common.Implementation.resources.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 08:02 . 2011-10-13 08:02 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-02-06 20:14 . 2012-03-16 04:30 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-04 08:01 . 2011-10-13 08:08 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 08:01 . 2012-02-18 15:37 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-03-18 18:15 . 2012-03-18 18:15 32768 c:\windows\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\icon.exe
+ 2010-02-25 16:07 . 2010-02-25 16:07 49488 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VBAJET32.DLL
+ 2010-01-10 02:47 . 2010-01-10 02:47 29528 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\THOCRAPI.DLL
+ 2010-03-23 01:36 . 2010-03-23 01:36 82848 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PEOPLEDATAHANDLER.DLL
+ 2010-03-23 01:36 . 2010-03-23 01:36 45984 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OSETUPPS.DLL
+ 2010-03-23 01:36 . 2010-03-23 01:36 15776 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OMUOPTINPS.DLL
+ 2010-02-28 07:13 . 2010-02-28 07:13 20880 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MUOPTIN.DLL
+ 2010-03-01 10:17 . 2010-03-01 10:17 14736 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOCFUIU.DLL
+ 2010-01-11 00:48 . 2010-01-11 00:48 18832 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOCFU.DLL
+ 2010-03-01 10:09 . 2010-03-01 10:09 61832 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSAEXP30.DLL
+ 2010-03-13 05:59 . 2010-03-13 05:59 14208 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICUI.DLL
+ 2010-03-23 01:36 . 2010-03-23 01:36 58232 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXP_XPS.DLL
+ 2010-03-23 01:51 . 2010-03-23 01:51 44480 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACERCLR.DLL
+ 2010-03-23 01:51 . 2010-03-23 01:51 14776 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODTXT.DLL
+ 2010-03-23 01:51 . 2010-03-23 01:51 14776 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODEXL.DLL
+ 2010-03-23 01:51 . 2010-03-23 01:51 14776 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODDBS.DLL
+ 2010-03-23 15:54 . 2010-03-23 15:54 37776 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEERR.DLL
+ 2010-02-28 09:33 . 2010-02-28 09:33 93576 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACCOLK.DLL
+ 2011-02-06 20:11 . 2011-02-06 20:11 11656 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACCESSPL.DLL
+ 2011-02-06 20:11 . 2011-02-06 20:11 11656 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACC12PL.DLL
+ 2012-04-03 19:28 . 2012-04-03 19:28 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\f137c53afae3903f20eba1fa0f8f8dad\System.Xml.Serialization.ni.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\ef151d5b49d8b0d0052d05fc56d25107\System.Windows.Presentation.ni.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\c5b08a1a9a7a97922af50f30b5e32268\System.Web.ApplicationServices.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\5b53a87f7799ee5454e4fb8faece3a82\System.AddIn.Contract.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\a4e98103e5d36bf22ef19c64442543f2\Microsoft.VisualC.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 28160 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\6885348510555806f55825539f99691b\Microsoft.Office.Tools.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 55808 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\1564c97d4494d51111c907058d8664e8\Microsoft.Office.Tools.v4.0.Framework.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\cbd21f19057f07ec2cb55b2bef91f344\dfsvc.ni.exe
+ 2012-04-03 18:19 . 2012-04-03 18:19 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\52890eb2a4f8d822bff7e9cddc713fb5\Accessibility.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9a3f2f7233160bfcb2fd278d05da630c\UIAutomationProvider.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\931e299528cf8cb4c1b7321e5be5fb1e\System.Windows.Presentation.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\89383b658e1538a95c9004e5b30fff39\System.Web.ApplicationServices.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5173df5175ccade890b8e0117297fdae\System.ServiceModel.Channels.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\541d664486e505282e6805462b288507\System.AddIn.Contract.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\bf2bfecb57a7987d05968d7494512ce8\Microsoft.VisualC.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 45056 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\7d363b2bb16439c008ed5107080c7cbc\Microsoft.Office.Tools.v4.0.Framework.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 21504 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\0bad7df647990a3703a20159e0940d66\Microsoft.Office.Tools.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\cbc5e9834f47c0aaa4808764ac2afd11\Accessibility.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\265f654b8eed2ac1e42d225a30433c37\System.Windows.Presentation.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\62889e05923a83fa32400e7f3b28f9c6\System.Web.DynamicData.Design.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\c1577aa4e5874f1debc9a63343e5a0d7\PresentationFontCache.ni.exe
+ 2012-02-18 16:16 . 2012-02-18 16:16 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\697c9c4ec947a0a5e21bc9e4c6471b74\PresentationCFFRasterizer.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\2d80e48139b13bf06e85c0c1db06bc20\Microsoft.WSMan.Runtime.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\df5c0dac9e7db175acc8a9755942f87f\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8a9356f77bd1d1155202f59119ee57c9\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4e53199f22c13aa3e4bc6f063da0aee7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0f361440d7cbda4bf5b44bfbd4623812\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 87040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e8d8257e7685fcdbec1d55c91ef849b9\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d1f2d3b5e187e3bc12ec2522bb845392\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 71680 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b7affd3de0eb5567baa0ea01dcbbde31\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\8878ca8ff774e592cbbb264fc72f4ac6\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 84992 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\60011d8c51e32dffe9342397dabf4e5d\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5b75d5795521241fb2344a38cf42f295\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 86016 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\54372f6724e4b83e703b68a13bf72066\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2012-02-23 22:20 . 2012-02-23 22:20 93696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\1bfd71e2bb2110f637dadfdad19c6089\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0c7c182d287c4aaab55bbf98171391bb\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f8f0b08845fb76dfcf57e00d86fc13fc\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\8cd347067dbe1ec5a79c9d261d2d75d9\LoadMxf.ni.exe
+ 2012-02-18 16:26 . 2012-02-18 16:26 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\4089bf2cec6e1a1539076c5bd6d95ce7\ehiTVMSMusic.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\df6e2f050af3e7a7676650240ef9d7e5\System.Windows.Presentation.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e66fcffbc602b284e20b6c49f4ac64b6\System.Web.DynamicData.Design.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2463cb2600fc129e38f67974f3553368\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\bef92fc6725738f2a261600dab88cd66\PresentationFontCache.ni.exe
+ 2012-02-18 16:20 . 2012-02-18 16:20 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\dcdbd6714f689d7be2a15fe8ed1bc095\PresentationCFFRasterizer.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\7834abeef71f9188bb9d9253d8f807ab\Microsoft.WSMan.Runtime.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ef668f1802501935d634458ef637f5e7\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\a66c7d26f61bb8e12960441a77159102\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\61a8d567fe6450b5b77584b0044a6979\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\52785c0dca46f1e08b5cf9299fba9ae0\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\183073b14873e3b18951879ae4a8b425\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\824d2cc6a8193a2458ce90e579c8b8f5\Microsoft.Vsa.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ff76b4dc606a89bb555bf6b3847e369d\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f9ac3f5d32bfdb6e11210fa4debc4ec1\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cd2766ef74cee07c420507db80aed932\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 51712 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b63cd78bf6dd3e9df6dd1b3b8e550c03\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a290ea7a45914e4466803b05cdd1153c\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9cd2ba0393b01eabb090905becda3d1c\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\625efeb26f5791302a0777b08feeae18\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\560af98e8232dfaa8f745112ed6b8be1\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\207589160a3dd1da72d4237f9cbf72e6\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2012-02-23 22:18 . 2012-02-23 22:18 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0c7d30a3d4b7a03d5d150b40befb02fa\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.dll
- 2011-02-06 20:11 . 2011-02-06 20:11 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.dll
- 2011-02-06 20:11 . 2011-02-06 20:11 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 83896 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 10192 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.resources\10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 63408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 77752 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 23976 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 62392 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 55256 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.resources\10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 32688 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 38856 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.resources\10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 35256 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 24496 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 41408 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
+ 2011-12-14 18:01 . 2011-11-05 04:26 2048 c:\windows\SysWOW64\tzres.dll
- 2011-08-27 14:28 . 2011-07-09 04:29 2048 c:\windows\SysWOW64\tzres.dll
+ 2010-10-04 23:59 . 2010-10-04 23:59 5632 c:\windows\SysWOW64\StarOpen.sys
+ 2011-12-14 18:01 . 2011-11-05 05:32 2048 c:\windows\system32\tzres.dll
- 2011-08-27 14:28 . 2011-07-09 05:26 2048 c:\windows\system32\tzres.dll
+ 2012-01-19 15:41 . 2012-01-19 15:41 9560 c:\windows\system32\NetworkList\Icons\{EEC3DE15-BF1B-4D1A-B71A-ACE6EBB0D8A6}_48.bin
+ 2012-01-19 15:41 . 2012-01-19 15:41 4280 c:\windows\system32\NetworkList\Icons\{EEC3DE15-BF1B-4D1A-B71A-ACE6EBB0D8A6}_32.bin
+ 2012-01-19 15:41 . 2012-01-19 15:41 2456 c:\windows\system32\NetworkList\Icons\{EEC3DE15-BF1B-4D1A-B71A-ACE6EBB0D8A6}_24.bin
+ 2012-03-12 23:33 . 2012-03-12 23:33 9560 c:\windows\system32\NetworkList\Icons\{D7226E81-2E6D-4090-A508-88EAF2792FFD}_48.bin
+ 2012-03-12 23:33 . 2012-03-12 23:33 4280 c:\windows\system32\NetworkList\Icons\{D7226E81-2E6D-4090-A508-88EAF2792FFD}_32.bin
+ 2012-03-12 23:33 . 2012-03-12 23:33 2456 c:\windows\system32\NetworkList\Icons\{D7226E81-2E6D-4090-A508-88EAF2792FFD}_24.bin
+ 2012-03-02 13:00 . 2012-03-02 13:00 9560 c:\windows\system32\NetworkList\Icons\{BEB6FECF-2CA9-44DF-AA9F-4D3DAB88F403}_48.bin
+ 2012-03-02 13:00 . 2012-03-02 13:00 4280 c:\windows\system32\NetworkList\Icons\{BEB6FECF-2CA9-44DF-AA9F-4D3DAB88F403}_32.bin
+ 2012-03-02 13:00 . 2012-03-02 13:00 2456 c:\windows\system32\NetworkList\Icons\{BEB6FECF-2CA9-44DF-AA9F-4D3DAB88F403}_24.bin
+ 2012-03-21 20:05 . 2012-03-21 20:05 9560 c:\windows\system32\NetworkList\Icons\{9B017A51-E8CD-47E0-863A-796B4967C506}_48.bin
+ 2012-03-21 20:05 . 2012-03-21 20:05 4280 c:\windows\system32\NetworkList\Icons\{9B017A51-E8CD-47E0-863A-796B4967C506}_32.bin
+ 2012-03-21 20:05 . 2012-03-21 20:05 2456 c:\windows\system32\NetworkList\Icons\{9B017A51-E8CD-47E0-863A-796B4967C506}_24.bin
+ 2011-12-01 20:42 . 2011-12-01 20:42 9560 c:\windows\system32\NetworkList\Icons\{7A300F00-5387-4A40-84EE-F3E0F4AAF664}_48.bin
+ 2011-12-01 20:42 . 2011-12-01 20:42 4280 c:\windows\system32\NetworkList\Icons\{7A300F00-5387-4A40-84EE-F3E0F4AAF664}_32.bin
+ 2011-12-01 20:42 . 2011-12-01 20:42 2456 c:\windows\system32\NetworkList\Icons\{7A300F00-5387-4A40-84EE-F3E0F4AAF664}_24.bin
+ 2012-01-19 16:14 . 2012-01-19 16:14 9560 c:\windows\system32\NetworkList\Icons\{6565E48A-5545-4B5E-B021-415F20FFA642}_48.bin
+ 2012-01-19 16:14 . 2012-01-19 16:14 4280 c:\windows\system32\NetworkList\Icons\{6565E48A-5545-4B5E-B021-415F20FFA642}_32.bin
+ 2012-01-19 16:14 . 2012-01-19 16:14 2456 c:\windows\system32\NetworkList\Icons\{6565E48A-5545-4B5E-B021-415F20FFA642}_24.bin
+ 2012-01-19 16:46 . 2012-01-19 16:46 9560 c:\windows\system32\NetworkList\Icons\{4BB42CE9-3133-47ED-9655-A2413E43B40A}_48.bin
+ 2012-01-19 16:46 . 2012-01-19 16:46 4280 c:\windows\system32\NetworkList\Icons\{4BB42CE9-3133-47ED-9655-A2413E43B40A}_32.bin
+ 2012-01-19 16:46 . 2012-01-19 16:46 2456 c:\windows\system32\NetworkList\Icons\{4BB42CE9-3133-47ED-9655-A2413E43B40A}_24.bin
+ 2012-04-02 02:19 . 2012-04-02 02:19 9560 c:\windows\system32\NetworkList\Icons\{0F5806B0-DFC9-41D7-AC5D-6B2F5B0118D6}_48.bin
+ 2012-04-02 02:19 . 2012-04-02 02:19 4280 c:\windows\system32\NetworkList\Icons\{0F5806B0-DFC9-41D7-AC5D-6B2F5B0118D6}_32.bin
+ 2012-04-02 02:19 . 2012-04-02 02:19 2456 c:\windows\system32\NetworkList\Icons\{0F5806B0-DFC9-41D7-AC5D-6B2F5B0118D6}_24.bin
+ 2012-04-03 17:27 . 2012-04-03 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-19 14:23 . 2011-11-19 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-03 17:27 . 2012-04-03 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-19 14:23 . 2011-11-19 14:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-03 18:17 . 2012-04-03 18:17 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\1d9f36e98e17e1f594b25f42269801ac\System.Xml.Serialization.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\ae8a2abe6e9b5931480460c20967b216\dfsvc.ni.exe
+ 2012-01-19 18:14 . 2011-11-17 05:35 314880 c:\windows\SysWOW64\webio.dll
- 2011-04-03 16:40 . 2010-11-20 12:21 314880 c:\windows\SysWOW64\webio.dll
+ 2012-02-18 15:33 . 2011-12-14 02:55 231936 c:\windows\SysWOW64\url.dll
- 2011-10-13 08:01 . 2011-09-01 02:27 231936 c:\windows\SysWOW64\url.dll
+ 2012-01-19 18:14 . 2011-11-17 05:34 224768 c:\windows\SysWOW64\schannel.dll
- 2011-04-03 16:39 . 2010-11-20 12:20 514560 c:\windows\SysWOW64\qdvd.dll
+ 2012-01-11 14:45 . 2011-10-26 04:32 514560 c:\windows\SysWOW64\qdvd.dll
+ 2012-02-17 00:39 . 2012-01-04 08:58 442880 c:\windows\SysWOW64\ntshrui.dll
- 2011-04-03 16:39 . 2010-11-20 12:20 442880 c:\windows\SysWOW64\ntshrui.dll
+ 2012-02-17 00:39 . 2011-12-16 07:52 690688 c:\windows\SysWOW64\msvcrt.dll
- 2009-07-13 23:12 . 2009-07-14 01:15 690688 c:\windows\SysWOW64\msvcrt.dll
+ 2012-04-03 17:31 . 2012-04-03 17:31 353440 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_Plugin.exe
+ 2012-04-03 17:52 . 2012-04-03 17:52 353440 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe
+ 2012-04-03 17:52 . 2012-04-03 17:52 424608 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.dll
+ 2012-02-23 03:00 . 2012-02-23 03:00 250016 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_Plugin.exe
+ 2012-04-03 17:31 . 2012-04-03 17:52 253600 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2011-10-13 08:01 . 2011-09-01 02:24 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-02-18 15:33 . 2011-12-14 02:53 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-02-18 15:33 . 2011-12-14 02:47 176640 c:\windows\SysWOW64\ieui.dll
- 2011-10-13 08:01 . 2011-09-01 02:21 176640 c:\windows\SysWOW64\ieui.dll
+ 2011-12-14 18:01 . 2011-10-15 05:38 534528 c:\windows\SysWOW64\EncDec.dll
- 2011-03-09 03:39 . 2010-12-23 05:54 534528 c:\windows\SysWOW64\EncDec.dll
+ 2012-01-19 18:14 . 2011-11-17 06:35 395776 c:\windows\system32\webio.dll
- 2011-04-03 16:40 . 2010-11-20 13:27 395776 c:\windows\system32\webio.dll
+ 2009-12-25 16:15 . 2012-03-27 00:26 307790 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-12-24 18:28 . 2012-04-05 17:31 287374 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-02-18 15:33 . 2011-12-14 07:03 237056 c:\windows\system32\url.dll
- 2011-10-13 08:01 . 2011-09-01 05:16 237056 c:\windows\system32\url.dll
- 2011-04-03 16:39 . 2010-11-20 13:27 136192 c:\windows\system32\sspicli.dll
+ 2012-01-19 18:14 . 2011-11-17 06:35 136192 c:\windows\system32\sspicli.dll
+ 2012-01-19 18:14 . 2011-11-17 06:35 340992 c:\windows\system32\schannel.dll
- 2011-04-03 16:40 . 2010-11-20 13:27 340992 c:\windows\system32\schannel.dll
+ 2012-01-11 14:45 . 2011-10-26 05:25 366592 c:\windows\system32\qdvd.dll
- 2011-04-03 16:39 . 2010-11-20 13:27 366592 c:\windows\system32\qdvd.dll
+ 2009-09-03 12:54 . 2012-04-03 17:08 707672 c:\windows\system32\perfh00A.dat
- 2009-09-03 12:54 . 2011-11-19 14:50 707672 c:\windows\system32\perfh00A.dat
- 2009-07-14 02:36 . 2011-11-19 14:50 619146 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-03 17:08 619146 c:\windows\system32\perfh009.dat
+ 2009-09-03 12:54 . 2012-04-03 17:08 139208 c:\windows\system32\perfc00A.dat
- 2009-09-03 12:54 . 2011-11-19 14:50 139208 c:\windows\system32\perfc00A.dat
- 2009-07-14 02:36 . 2011-11-19 14:50 107466 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-04-03 17:08 107466 c:\windows\system32\perfc009.dat
+ 2012-02-17 00:39 . 2012-01-04 10:44 509952 c:\windows\system32\ntshrui.dll
- 2011-04-03 16:39 . 2010-11-20 13:27 509952 c:\windows\system32\ntshrui.dll
- 2009-07-13 23:19 . 2009-07-14 01:41 634880 c:\windows\system32\msvcrt.dll
+ 2012-02-17 00:39 . 2011-12-16 08:46 634880 c:\windows\system32\msvcrt.dll
+ 2012-04-03 17:31 . 2012-04-03 17:31 630432 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_228_Plugin.exe
+ 2012-04-03 17:52 . 2012-04-03 17:52 630432 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_228_ActiveX.exe
+ 2012-04-03 17:52 . 2012-04-03 17:52 462496 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_228_ActiveX.dll
+ 2012-02-18 15:33 . 2011-12-14 07:00 818688 c:\windows\system32\jscript.dll
- 2011-10-13 08:01 . 2011-09-01 05:08 248320 c:\windows\system32\ieui.dll
+ 2012-02-18 15:33 . 2011-12-14 06:53 248320 c:\windows\system32\ieui.dll
- 2009-07-14 04:45 . 2011-11-11 16:07 453352 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-03-16 14:49 453352 c:\windows\system32\FNTCACHE.DAT
+ 2011-12-14 18:01 . 2011-10-15 06:31 723456 c:\windows\system32\EncDec.dll
- 2009-07-14 05:30 . 2011-10-27 03:00 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-03-18 18:26 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-03-18 18:15 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-10-27 03:00 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-01-19 18:14 . 2011-11-17 06:49 152432 c:\windows\system32\drivers\ksecpkg.sys
+ 2012-01-19 18:14 . 2011-11-17 06:44 459232 c:\windows\system32\drivers\cng.sys
+ 2012-02-17 00:39 . 2011-12-28 03:59 498688 c:\windows\system32\drivers\afd.sys
- 2009-10-04 23:20 . 2011-10-27 03:53 472416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-10-04 23:20 . 2012-03-16 14:48 472416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2011-11-18 22:25 450556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-04-03 17:26 450556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-22 04:57 . 2011-11-22 04:57 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2011-12-26 10:47 . 2011-12-26 10:47 261912 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe
+ 2012-01-06 04:29 . 2011-12-25 20:40 746256 c:\windows\Microsoft.NET\Framework64\v2.0.50727\webengine.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-12-26 09:39 . 2011-12-26 09:39 192792 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
+ 2011-11-22 03:31 . 2011-11-22 03:31 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2012-01-06 04:29 . 2011-12-25 20:42 437520 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 397208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 151472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.resources\v4.0_10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 133544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.Internal\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 201648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 163744 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 141688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Word\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Word.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 341392 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Word.Implementation\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Word.Implementation.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 139672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Outlook.Implementation\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Outlook.Implementation.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 171384 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Excel\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Excel.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 465304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Excel.Implementation\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Excel.Implementation.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 357272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.Tools.Common.Implementation\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Common.Implementation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-08-08 19:11 . 2008-08-08 19:11 232960 c:\windows\Installer\b092e19.msi
+ 2011-10-27 03:46 . 2011-10-27 03:46 794112 c:\windows\Installer\84470c31.msp
+ 2011-04-29 03:29 . 2011-04-29 03:29 608768 c:\windows\Installer\3fb1fe9.msp
+ 2011-12-15 19:34 . 2011-12-15 19:34 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
- 2011-11-11 14:52 . 2011-11-11 14:52 571232 c:\windows\Installer\{90140000-006E-0C0A-0000-0000000FF1CE}\misc.exe
+ 2012-02-23 21:31 . 2012-02-23 21:31 571232 c:\windows\Installer\{90140000-006E-0C0A-0000-0000000FF1CE}\misc.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2010-02-28 08:13 . 2010-02-28 08:13 579968 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VPREVIEW.EXE
+ 2010-01-10 02:47 . 2010-01-10 02:47 133512 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\TWCUTCHR.DLL
+ 2010-03-01 10:09 . 2010-03-01 10:09 524176 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SOA.DLL
+ 2010-03-25 15:23 . 2010-03-25 15:23 203632 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SHAREPOINTPROVIDER.DLL
+ 2010-02-28 07:13 . 2010-02-28 07:13 521616 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SELFCERT.EXE
+ 2010-03-01 09:56 . 2010-03-01 09:56 647552 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PTXT9.DLL
+ 2010-02-28 07:22 . 2010-02-28 07:22 139136 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PRTF9.DLL
+ 2010-02-28 07:21 . 2010-02-28 07:21 259960 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OISGRAPH.DLL
+ 2010-02-28 07:21 . 2010-02-28 07:21 886640 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OISAPP.DLL
+ 2010-02-28 07:21 . 2010-02-28 07:21 274280 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OIS.EXE
+ 2010-02-28 07:09 . 2010-02-28 07:09 401784 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OFFXML.DLL
+ 2010-03-11 05:44 . 2010-03-11 05:44 510904 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ODEPLOY.EXE
+ 2010-01-10 02:23 . 2010-01-10 02:23 169352 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OARPMANY.EXE
+ 2010-02-28 07:15 . 2010-02-28 07:15 702312 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSTORDB.EXE
+ 2010-03-30 02:47 . 2010-03-30 02:47 218464 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSPROOF6.DLL
+ 2010-03-25 01:28 . 2010-03-25 01:28 473952 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOICONS.EXE
+ 2010-03-06 10:29 . 2010-03-06 10:29 501088 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSODCW.DLL
+ 2010-03-01 10:17 . 2010-03-01 10:17 152952 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOCF.DLL
+ 2009-09-04 14:02 . 2009-09-04 14:02 591680 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSLID.DLL
+ 2010-03-30 02:47 . 2010-03-30 02:47 787864 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSET7TKJP.DLL
+ 2010-03-30 02:47 . 2010-03-30 02:47 512392 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSET7TK.DLL
+ 2010-03-30 02:47 . 2010-03-30 02:47 543144 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSET7.DLL
+ 2010-03-25 01:28 . 2010-03-25 01:28 571232 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MISC.EXE
+ 2010-02-28 07:15 . 2010-02-28 07:15 698216 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MEDCAT.DLL
+ 2011-02-06 20:12 . 2011-02-06 20:12 427904 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBITOOL.DLL
+ 2011-02-06 20:13 . 2011-02-06 20:13 169856 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBITOIN.DLL
+ 2010-03-13 05:58 . 2010-03-13 05:58 960384 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIOBDR.DLL
+ 2011-02-06 20:13 . 2011-02-06 20:13 960384 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIOBDA.DLL
+ 2011-02-06 20:12 . 2011-02-06 20:12 567168 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICLNT.DLL
+ 2010-03-13 05:58 . 2010-03-13 05:58 567168 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICLNR.DLL
+ 2010-03-13 19:54 . 2010-03-13 19:54 447872 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICLI.DLL
+ 2010-03-13 05:58 . 2010-03-13 05:58 518016 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIBDCR.DLL
+ 2011-02-06 20:12 . 2011-02-06 20:12 518016 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIBDCA.DLL
+ 2010-03-30 01:45 . 2010-03-30 01:45 169352 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IPOLK.DLL
+ 2010-03-23 01:36 . 2010-03-23 01:36 178560 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IETAG.DLL
+ 2010-03-25 02:17 . 2010-03-25 02:17 944008 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GROOVEMN.EXE
+ 2010-02-04 09:41 . 2010-02-04 09:41 120160 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FLTLDR.EXE
+ 2010-02-25 16:07 . 2010-02-25 16:07 452936 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXPSRV.DLL
+ 2010-03-23 16:03 . 2010-03-23 16:03 104824 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXP_PDF.DLL
+ 2010-03-23 02:30 . 2010-03-23 02:30 115584 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EMABLT32.DLL
+ 2010-02-28 07:09 . 2010-02-28 07:09 519584 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\DWTRIG20.EXE
+ 2010-03-01 10:18 . 2010-03-01 10:18 397656 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CDLMSO.DLL
+ 2010-01-19 01:59 . 2010-01-19 01:59 998776 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASMAIN.DLL
+ 2010-01-19 01:59 . 2010-01-19 01:59 100280 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASLTS.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 362904 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEXBE.DLL
+ 2010-03-01 10:19 . 2010-03-01 10:19 247200 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEWSS.DLL
+ 2010-03-23 15:54 . 2010-03-23 15:54 220560 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACETXT.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 527776 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEREP.DLL
+ 2010-03-23 01:51 . 2010-03-23 01:51 329624 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACER3X.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 383904 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEOLEDB.DLL
+ 2010-03-23 01:51 . 2010-03-23 01:51 278448 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODBC.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 643992 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEEXCL.DLL
+ 2010-03-23 15:54 . 2010-03-23 15:54 334752 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEEXCH.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 686504 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEES.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 548792 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEDAO.DLL
+ 2010-02-28 09:33 . 2010-02-28 09:33 164224 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACCWIZ.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 548792 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACACEDAO.DLL
+ 2012-01-11 14:45 . 2011-10-29 05:23 465920 c:\windows\ehome\mstvcapn.dll
- 2011-04-03 16:39 . 2010-11-20 13:27 465920 c:\windows\ehome\mstvcapn.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\d05858dd730eef93a5e4a3cc88dd4ec3\WindowsFormsIntegration.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\b2a2a1fb4e1313088250b334b3af2a15\UIAutomationTypes.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\89414bab411eb27c7c181df81b4d36a5\UIAutomationProvider.ni.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\cd55f47d44c3695862bc047b8e86fcd3\UIAutomationClient.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\910d557d55f4fc7bb51ace0546bd3c50\System.Xml.Linq.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\dcb9e1eaa1491094f79c3288b8c78830\System.Windows.Input.Manipulations.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\922f3f17f5112441e77f9d3d56d5b753\System.Transactions.ni.dll
+ 2012-04-03 19:27 . 2012-04-03 19:27 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\73874670b92afbde73b23e8a1200eede\System.ServiceProcess.ni.dll
+ 2012-04-03 19:27 . 2012-04-03 19:27 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\909c8d76773648809478644ac50a21eb\System.ServiceModel.Routing.ni.dll
+ 2012-04-03 19:27 . 2012-04-03 19:27 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\26db69101f5bcf148fd962f00c0e78dd\System.ServiceModel.Channels.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\878946615037b9d5f09916c598420dc1\System.Security.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\73cc698ccc98e37f53cdbff3687a921c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\b73b4f0282ef46505b3e59702ded433b\System.Runtime.Remoting.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\8064e773b9addf027658899e27e94c7b\System.Numerics.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\a46d5472536da900435885b28a19eda8\System.Net.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\ae0089b9135614de304ebe288fa6fca8\System.Messaging.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\3ad050d3f47352421e05b7707ddd3524\System.Management.Instrumentation.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\87efa405cd384d2c47380467fcd7ea86\System.IO.Log.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\50ccc897ad714e66f750ca1e51e0ffde\System.IdentityModel.Selectors.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\7b06b84cb3b99a3ab22adb2a3f6376e6\System.EnterpriseServices.Wrapper.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\cbc3e5d028dd347a294096f068a053d4\System.Dynamic.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\1ae0a8a9eb92ccaf900f5911740b2c3c\System.DirectoryServices.Protocols.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\9edded64312f5cbae54a093eca246aaa\System.Device.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\db296a100034c7dee5f80219f0542df7\System.Data.DataSetExtensions.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\0f771cbf8b32ae1618f4cd4266337b3c\System.Configuration.Install.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\501ad39b1ef6f43e8dc92a4efa7c35ea\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\f8c6e4854178bb4d928c8aec1c04648d\System.AddIn.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\3503e3c2a87db97b720c0ed8a5d59f61\System.Activities.DurableInstancing.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\30cf4fc2c247cf490879f5436c63017c\SMSvcHost.ni.exe
+ 2012-04-03 18:22 . 2012-04-03 18:22 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\b4f75962376771b6b6d39279d780abba\SMDiagnostics.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\eaca48940ac6976d39d5de4d5b42fed6\PresentationFramework.Royale.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\bdb41ce9ab6d561ddb8107255daaee30\PresentationFramework.Luna.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\78310f7eef84b5f9ca4bf32798bd77f9\PresentationFramework.Aero.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\64b86aebea22fd357f22384757caed3f\PresentationFramework.Classic.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 235008 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\fe01daeef629915469fda2c48c383116\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 864256 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\d6a78fca145941e7b30ef2f9438986e7\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 169984 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\c45a27e16f1710fbb5f9a1998d91ffc0\Microsoft.VisualStudio.Tools.Applications.Runtime.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 475136 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\b1e9a84a2436a463c35ded871dca6419\Microsoft.VisualStudio.Tools.Applications.Hosting.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 247808 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\8cc272eda49bc1202de40a2691882fcc\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 992256 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\4c1b69eea40a1af64f8c4f833e367864\Microsoft.VisualStudio.Tools.Applications.ServerDocument.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\480ae0610a44148c6532d3d134f9956f\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\16bf3be602620d349b25e6c2d08199a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 199680 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\8d3f8f9a871b8ae65cfcba1ad30e66df\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 408064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\71916c632fbaf146cb6d5acd35b484dd\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\4d19c61aec2865efe1785fff3577466e\Microsoft.Office.Tools.Common.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 993280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\113a4f070ece23d8ea4650d8601eff05\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\f6b9abf9cd43524102ad9be82b7136d0\CustomMarshalers.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\2e1468ce2858baafbab0482a638eb251\WindowsFormsIntegration.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\3229ca959686fc6c4e3ef5a9dd285cd4\UIAutomationTypes.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\fa5ac28e670cb4917e8f3f22c059724b\UIAutomationClient.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\706f0cbe7c279c059b52ad8b4bd248d8\System.Xml.Linq.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\77cd8b170b07f428c98896e35eb556f3\System.Windows.Input.Manipulations.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\678637ab7a50a87b13c287992ef7fbd8\System.Transactions.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9a1e3b04442d5c7ec79946335b412b8b\System.ServiceProcess.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4808a59d1eb0e6484162f9a4a2eda748\System.ServiceModel.Routing.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\68e9fba708d531093efed0d06fc255ae\System.Security.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8242a11970b6c106bc860a168fbf0d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4017661cfa4a173b878d7e2a949c3a9e\System.Runtime.Remoting.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\db65b5a04bb376ef4df08803ec27c12e\System.Numerics.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\89e476c433069af1957535a158feac9a\System.Net.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\0a7f81c69a451afc1c29f406af951b4e\System.Messaging.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\04fec0e57becb283fbeddf031f2e201a\System.Management.Instrumentation.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\5495c14e5629c89453853fa2a6e6fd3a\System.IO.Log.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\6886e37c6d37f6d2523fe10dd02ce983\System.IdentityModel.Selectors.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\dfa641de28b73dda041bf7f47972b5eb\System.EnterpriseServices.Wrapper.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\dfa641de28b73dda041bf7f47972b5eb\System.EnterpriseServices.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\7612a70db260ea55fe72f57cee028092\System.Dynamic.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\d754996afc55c4ad30377765fb1af5f7\System.DirectoryServices.Protocols.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\cf4a74f7bb940cfede8c0758026211a9\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\77372a2fb9e95c02b2d76efcbed718bd\System.Device.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\623ae2e1d7735e14f9adb9d830f29d29\System.Data.DataSetExtensions.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6757251401cd9c17d5e608db6e5f964a\System.Configuration.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\522ff751bd7c2d6560abd743c967eeef\System.Configuration.Install.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\90cc58de90e1d3cbb4a4c06600096331\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\521d371ccd63aba119d74e1352fda6dc\System.ComponentModel.Composition.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\4281a2e60037fa6e043569d2b70ed864\System.AddIn.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\8e122e72de21cfbf2e41e6a338844415\System.Activities.DurableInstancing.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\abec8eb49acd9d3dad8066795b9d095d\SMSvcHost.ni.exe
+ 2012-04-03 17:15 . 2012-04-03 17:15 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4e6da16e44ef441e463e006185b1b5d8\SMDiagnostics.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ec80c61fa0d532d78f0b50eec27a4a1f\PresentationFramework.Classic.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ec69ab111679b2775127815726f87a7d\PresentationFramework.Luna.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e5cd234a62bbdaafdd21857a7cc3a28a\PresentationFramework.Royale.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1c5b741f270fccb3b527b4fc3a8431f3\PresentationFramework.Aero.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 364544 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\dbb532ba6c234fa76d218daa4d5563ff\Microsoft.VisualStudio.Tools.Applications.Hosting.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\96b2218b0b61475aed532171e55a085b\Microsoft.VisualStudio.Tools.Applications.Runtime.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 738304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\947c8a59c1b9ae095c8f026aa0f0dba5\Microsoft.VisualStudio.Tools.Applications.ServerDocument.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 178176 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\4f7815f37f2207dfcdc5e15284c5e8c2\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 210432 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\4a145bbd979c60a2765733018c548f20\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 708096 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\1c53c57427888a3f26a19b0b8611f04b\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\f730eb20c2189e35b0f0d0739c893057\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\b25cf7ec03eb047aecbe2fcc842b3471\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 312320 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\f681c06fa9c8febdf19f8eeeb5da20ec\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 152064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\efb61604ebe719b247875142283ad2b9\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 336384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\ebb6ef56671157b4b2cf302328b37750\Microsoft.Office.Tools.Common.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 730624 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\79eda834f3fe1c9b2fca9bd5e9e0fe90\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 676864 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\6aa3eff830ca504e718da3549a672877\Microsoft.Office.Tools.Word.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 864768 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\0696ce70f10e9c892d778bff141a1bc5\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\ed336359eb1b1312b935f4692e71474b\CustomMarshalers.ni.dll
+ 2012-02-18 16:31 . 2012-02-18 16:31 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\600f8ca5fcc54f10623903952fcc10ac\WsatConfig.ni.exe
+ 2012-02-18 16:31 . 2012-02-18 16:31 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\ddb96c334583dc79463edcb14ae16c99\WindowsFormsIntegration.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\152b577b846875cb3ac5e2097451daf0\UIAutomationClient.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\fb5fce5cf09733b71a796d1da399f07a\TaskScheduler.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\bc3bbe78635aeacaeea3b310ea5ff002\System.Xml.Linq.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\894b696a87ad47b5e18ac89954813a94\System.Web.Routing.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\ed681c0aefa909f528d50d0d7f87b799\System.Web.RegularExpressions.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\a6885ee42ea49eb80f1bd18a5252684d\System.Web.Entity.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\88ffeea88ac9ce23de0c5a27a95e773a\System.Web.Entity.Design.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\7a311c3305dbbd5cfa2613997608a4ae\System.Web.DynamicData.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\e5069f3c90b4413dd2f3dc226c80bc68\System.Web.Abstractions.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\caa6d0e3ec056ab964616da777c2fcb1\System.Transactions.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\872d9ab7e9259b407668c38b6112499e\System.ServiceProcess.ni.dll
+ 2012-02-18 16:15 . 2012-02-18 16:15 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\ffc67ee81b75ac04dfc1fee6a7fef8c5\System.Security.ni.dll
+ 2012-02-18 16:16 . 2012-02-18 16:16 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\bc8c5bdae37a113b2274279ceb94d6d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\e238ca4ca02f9309283c98e1a4235bbd\System.Net.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\9880905a6fde778e564adf54b2afbaa5\System.Messaging.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\c340633057ed6b9ffcf2214cb348a1fa\System.Management.Instrumentation.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\c24a84d54ad05618cf6cab545c31b06b\System.IO.Log.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\2ba95581264a766410a6dbbe767c5ed8\System.IdentityModel.Selectors.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\dbd535c6b73a9d9ffab8b91124ea7dda\System.EnterpriseServices.Wrapper.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\f1fd4593259aaf5fd2b2e9a7aed2d8cb\System.Drawing.Design.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3c2c8f083f34a3c75e0aa17ef9ac4127\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\be6635364f1af379afff83dd877a4e03\System.Data.Services.Design.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\027959159200e828ccfddaef5f01b3a9\System.Data.DataSetExtensions.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\e71e38d2ca2cd291467d890336f45931\System.Configuration.Install.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\8c954be3f8d070b1364844741ff4b4b1\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\bd9159951d0caa9bf5c90c44fc96661b\System.AddIn.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\8bfc7a328911ae69686576bd24f4f771\SMSvcHost.ni.exe
+ 2012-02-18 16:25 . 2012-02-18 16:25 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\823bd996cb5aefd6c2b2fa7e19e0ef40\SMDiagnostics.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\cc864feeea3e918e3d9790b301bb2004\PresentationFramework.Royale.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\ab440c134c4d619f82ba6eab569c8fed\PresentationFramework.Luna.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\0e79d12dc8bede29dc337dba8d803bfa\PresentationFramework.Aero.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\0e6121dbd31ce6b51354b38075dc9007\PresentationFramework.Classic.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\9c808282a0cfdc5bafcb43e1778d97d6\napsnap.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\616ce317134d4225fc7eec80f9351855\napinit.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\a4b5d98bf175a3f10c47f223195c34b0\MSBuild.ni.exe
+ 2012-02-18 16:27 . 2012-02-18 16:27 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\b94e1c9115d8e37e734b27b48f54d236\MMCFxCommon.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\04532b2b5174ca249e01a8b21d0ba6fd\Microsoft.WSMan.Management.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\5cd854d075caf8b50de3c803b4303e03\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\cb1c199305d00b2424e707311eb9dcfd\Microsoft.Vsa.ni.dll
+ 2012-02-23 22:20 . 2012-02-23 22:20 773120 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c13e9f25f1ffd561653449e5a2580591\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 209920 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b5c4f756288fb4b299bb3011a8d6306e\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2012-02-23 22:20 . 2012-02-23 22:20 495616 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b45b8ce21d0fd161749b2de5bc7df56e\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2012-04-03 18:18 . 2012-04-03 18:18 229888 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\92dafb8b1f6212af0b1b29d7e6d5dfdf\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 202752 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\8c8d9b3a05d2b948d5eec7400d6f6984\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 270336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\832084dcfa55d0bd3c091b5da52a6c07\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 311296 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\61d1db62bd48420602d147f5448f1435\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:20 . 2012-02-23 22:20 956416 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5d5f9b6272e24579f25243fbe7304f45\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 215040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\2f8d8854c8abd9ad1e6651386dc0070d\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 124928 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\17f9bb540a98d9b5724fd2f0191489ae\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0dd84fcddeb70fd96d678129f9a59566\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d7f5b39fba028d2f9e2b3a772845a2a6\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99bb7896ddbe74236efaa97733c63cbc\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\71542ecf96342dc1464fe471852be89a\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0bafa5e2dc431bb12108395cf2e18773\Microsoft.PowerShell.Security.ni.dll
+ 2012-02-23 22:19 . 2012-02-23 22:19 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\ac0e6858100690fc61b873d44c5f0bf2\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ddd2f252bea1cce14bb498257992635a\Microsoft.MediaCenter.Interop.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cf9be66d53dddbf49b75cead76ef3cea\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\55172dec8f1353d1a8d9cdc4c0b9fac0\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5495e7eca3dac7eee473e30a3611f178\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\35ce662c1368782ede0852134106ea43\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\505549b05e5c3ceccd26ad9c398381e8\Microsoft.ManagementConsole.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\f356844d3667b88d03bde2ae524659b6\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\86f7fa65013864ae7da2fba058199dae\Microsoft.Build.Utilities.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\c467a4d9eeda620e3e7602a9ecf9ae76\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\304068df803748d7743a6a4dc344915f\Mcx2Dvcs.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\fb79aad0c745ff7b45151bc58b4dc8e9\mcupdate.ni.exe
+ 2012-02-18 16:26 . 2012-02-18 16:26 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\4a29229fecf805779bee25b756d78a0d\mcstoredb.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\8affc4346a86b80727282966ce58662b\mcplayerinterop.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\756a74d6b322877662a0f6da4bc7d8e6\mcGlidHostObj.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\2ce02776e0f2f1770f4bb77e1f6d7472\MCESidebarCtrl.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\956ca0e08e881df7f16f7d6d1381f71d\EventViewer.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\307ca4b67db79b05b4781634ea8ec0d7\ehRecObj.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\5f53457f49927ecf00156d20466cc5a6\ehExtHost.ni.exe
+ 2012-02-18 16:25 . 2012-02-18 16:25 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\b49168b11f5f60ddafed2ab1fdd4540f\ehCIR.ni.dll
+ 2012-02-18 16:24 . 2012-02-18 16:24 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\f2808fb3389d3e28e2b0223dcd654e02\ComSvcConfig.ni.exe
+ 2012-02-18 16:24 . 2012-02-18 16:24 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\45af2aab82a69a1a6fe0f7cef4024673\BDATunePIA.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\105e77fbca8c5bb29988f3847b0d599f\WsatConfig.ni.exe
+ 2012-02-18 16:34 . 2012-02-18 16:34 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d0972fea9e965a565c3cff76982709db\UIAutomationClient.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ff345d3a2aaafb8a960c3d400e3c11a9\TaskScheduler.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\43e0731fbb58632563909f1fa5dfe063\System.Web.Routing.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\84ee5a23a20b65773686657254ea9831\System.Web.RegularExpressions.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\95f94674ddc4b1224df94bd7ae19c9ef\System.Web.Extensions.Design.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4c569a365154300e49ab3450f74c2618\System.Web.Entity.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fb21c5770bc64fc4105787238842f70d\System.Web.Entity.Design.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\785e2ad4125cef423bc367b37fabb71c\System.Web.DynamicData.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\685fb72f0189330eda1d62176fb38996\System.Web.Abstractions.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e8dfbd1334d30a08ce1f2df29ca9aff\System.Transactions.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\075d9c27aa02085fef8983b5f5f85834\System.ServiceProcess.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\dc4a4350f8c0c0919b5fb78f0c44291b\System.Security.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\adb2fc93e7a4462eb399442c678be681\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2273d6ab12c9ae0d52842a84d586b8df\System.Net.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\a717cdb44ec0d3238c621efa420a9956\System.Messaging.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b5930434d0d624701114e014513c9041\System.Management.Instrumentation.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7651951311f9d134e6bc08be7dc9ddc7\System.IO.Log.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8b0dc9405f292a93ddd52eb76bb88169\System.IdentityModel.Selectors.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3fccda0d4dd150a217c2798e39e97a48\System.EnterpriseServices.Wrapper.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3fccda0d4dd150a217c2798e39e97a48\System.EnterpriseServices.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\a09d397c3a4eb60b04a0628cc187ce34\System.Drawing.Design.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\eebb837dbb8e5781e448c72eeda27983\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\344d3289061b28a0f7fb19229f45bb9c\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6a6642467bcccf0345c5e9139e7fd9ae\System.Data.Services.Design.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\c1cf8e31da405f07780fa7b0f28cc650\System.Data.Entity.Design.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\71400a36c8621388031e00075f2fc8e9\System.Data.DataSetExtensions.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\47e25ae9163f4624a66f99ede0ea98fe\System.Configuration.Install.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\05c4011ad0068d0af722b4b52677d915\System.AddIn.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\17b78ffee2144cf38f024e73b131158d\SMSvcHost.ni.exe
+ 2012-02-18 16:32 . 2012-02-18 16:32 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fbcb09488417e40b6f7f7737f737bbfd\PresentationFramework.Luna.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbd1929fa377b354903e37469838d9a1\PresentationFramework.Classic.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4ff6c887092d4db687441d71e2c812ff\PresentationFramework.Royale.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\62531ec9534c96e83de2bbd4edfd07e8\napsnap.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\bb49eea48fd5f546afc6d5be634d3cb9\napinit.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\4ac4095081957a001a6174c0b9f7f195\MSBuild.ni.exe
+ 2012-02-18 16:32 . 2012-02-18 16:32 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\bd5a72adac7a95585984d5bcce994b71\MMCFxCommon.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\928fb6b2401fffd8cc993578c3a04acd\Microsoft.WSMan.Management.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 179200 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\def783c41abb5586ef6328fdf84d952f\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:18 . 2012-02-23 22:18 617472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dabddeb1ae3791305880141fa81aff30\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-04-03 17:14 . 2012-04-03 17:14 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c0bb35b41326aeb4411aefe1f34468c9\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-02-23 22:18 . 2012-02-23 22:18 650752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9949ca42861385d6f9ed0057faa58027\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2012-02-23 22:18 . 2012-02-23 22:18 363008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\73a385d0a8e76c44988c813a93d626b3\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3f56864cebe764c6af79d84a8fe81143\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1b98c6bd77315aab522a9b196a69f88b\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0e6685fa21a5e598c0ebdee764af7a7f\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 134144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0253ef9d5d0aec9f51da7f72af61687f\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\00ee7d81dc0f0e79eb7c0d1ae2ce785f\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eda566c4dc6595779c3c9dfc359575ed\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4f6b6f33d84b7f438c3f3b66f0336d\Microsoft.PowerShell.Security.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\951235283ff1d4a91ffaa92ea8693249\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5f7928a2ffe462f16e25f03be01966e9\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2015eca4346e34310e958089b22a9c62\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-02-23 22:17 . 2012-02-23 22:17 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\e70e2c0f00d80635280c793a86229356\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 268800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\7c41f7088c8b428499cfb351b557ddee\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6386ef67ed70f53fe6424246d256190d\Microsoft.ManagementConsole.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 343552 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\1398a27a5c79788ee453d2a8ac2e64c7\Microsoft.BusinessData.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c8e128b5e6ceee852cb1f8c165c2177e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9795da40a8ee0bc54e91792de7422152\Microsoft.Build.Utilities.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\be7ad749a064283deab76fad38bf2930\Microsoft.Build.Engine.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\f42105699650a206e2ae439ac54ad40a\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\886a8c3d4f00567df779318fea56f28a\mcstoredb.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\58ea1059f397ccd13d6a8d94d7be7830\EventViewer.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\9d5219961228fb5236c843ea75c69d39\ehRecObj.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\6a07aa6df4d45d1485b6a2749647a3aa\ehExtHost32.ni.exe
+ 2012-02-18 16:31 . 2012-02-18 16:31 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\39ab6b73bdbaac85b90cc561761916f7\ComSvcConfig.ni.exe
+ 2012-02-18 16:31 . 2012-02-18 16:31 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\d89086a63a9d85aa9d719d7088e5ae69\BDATunePIA.ni.dll
- 2009-09-03 12:52 . 2009-09-03 12:52 614400 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2012-01-06 04:29 . 2010-11-12 23:35 614400 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 363936 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll
+ 2012-02-23 21:31 . 2012-02-23 21:31 161720 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.resources\10.0.0.0_es_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.resources.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 193472 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 153008 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 427904 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.dll
- 2011-02-06 20:12 . 2011-02-06 20:12 427904 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 169856 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.Intl.dll
- 2011-02-06 20:13 . 2011-02-06 20:13 169856 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.Intl.dll
- 2011-02-06 20:12 . 2011-02-06 20:12 567168 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 567168 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.dll
- 2011-02-06 20:12 . 2011-02-06 20:12 518016 c:\windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.BusinessData.Administration.Client.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 518016 c:\windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.BusinessData.Administration.Client.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 964480 c:\windows\assembly\GAC_32\Microsoft.Office.BusinessData\14.0.0.0__71e9bce111e9429c\microsoft.office.businessdata.dll
+ 2012-02-18 15:33 . 2011-12-14 02:57 1127424 c:\windows\SysWOW64\wininet.dll
+ 2012-02-18 15:33 . 2011-12-14 02:57 1103360 c:\windows\SysWOW64\urlmon.dll
+ 2012-01-11 14:45 . 2011-10-26 04:32 1328128 c:\windows\SysWOW64\quartz.dll
- 2011-04-03 16:40 . 2010-11-20 12:20 1328128 c:\windows\SysWOW64\quartz.dll
+ 2012-01-11 14:45 . 2011-11-17 05:38 1292080 c:\windows\SysWOW64\ntdll.dll
+ 2012-04-03 17:31 . 2012-04-03 17:31 8797344 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
+ 2009-10-28 03:40 . 2012-02-23 03:00 8527008 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
- 2009-10-28 03:40 . 2011-11-11 16:24 8527008 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2012-02-18 15:33 . 2011-12-14 03:04 1798656 c:\windows\SysWOW64\jscript9.dll
+ 2012-02-18 15:33 . 2011-12-14 02:52 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-02-18 15:33 . 2011-12-14 03:10 9705472 c:\windows\SysWOW64\ieframe.dll
+ 2010-02-19 23:47 . 2010-02-19 23:47 3604480 c:\windows\SysWOW64\GPhotos.scr
+ 2010-10-20 17:44 . 2010-10-20 17:44 1207656 c:\windows\SysWOW64\FM20.DLL
+ 2012-02-18 15:33 . 2011-12-14 07:04 1390080 c:\windows\system32\wininet.dll
+ 2012-02-18 15:33 . 2011-12-14 07:04 1345536 c:\windows\system32\urlmon.dll
+ 2012-01-11 14:45 . 2011-10-26 05:25 1572864 c:\windows\system32\quartz.dll
+ 2012-01-11 14:45 . 2011-11-17 06:41 1731920 c:\windows\system32\ntdll.dll
- 2011-04-03 16:40 . 2010-11-20 13:26 1447936 c:\windows\system32\lsasrv.dll
+ 2012-01-19 18:14 . 2011-11-17 06:35 1447936 c:\windows\system32\lsasrv.dll
+ 2012-02-18 15:33 . 2011-12-14 07:11 2308096 c:\windows\system32\jscript9.dll
+ 2012-02-18 15:33 . 2011-12-14 06:59 2144256 c:\windows\system32\iertutil.dll
+ 2011-07-18 11:03 . 2011-07-18 11:03 1919968 c:\windows\system32\DriverStore\FileRepository\lgandnetadb.inf_amd64_neutral_ae6269158adde78b\amd64\wdfcoinstaller01005.dll
+ 2011-07-18 11:03 . 2011-07-18 11:03 1919968 c:\windows\system32\DriverStore\FileRepository\lgandadb.inf_amd64_neutral_ce3a1c979b5089a5\amd64\wdfcoinstaller01005.dll
- 2009-07-14 04:45 . 2011-11-14 16:21 7173047 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-03-21 03:15 7173047 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-08-12 12:25 . 2012-04-03 17:27 6010934 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-8192.dat
+ 2011-07-06 20:20 . 2012-02-25 00:58 4647519 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-4096.dat
- 2011-03-31 12:22 . 2011-11-14 16:29 1250284 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-12288.dat
+ 2011-03-31 12:22 . 2012-01-12 14:56 1250284 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-12288.dat
+ 2011-11-22 03:31 . 2011-11-22 03:31 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-11-22 04:57 . 2011-11-22 04:57 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2012-01-06 04:29 . 2011-12-25 20:40 5263360 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Web.dll
- 2011-08-27 14:25 . 2011-05-04 22:31 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
+ 2012-02-17 00:39 . 2011-10-31 23:15 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-11-22 03:31 . 2011-11-22 03:31 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2012-01-06 04:29 . 2011-12-25 20:42 5255168 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2012-02-17 00:39 . 2011-10-31 23:16 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2011-08-27 14:25 . 2011-05-04 22:32 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-03 17:09 . 2012-04-03 17:09 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-03 17:08 . 2012-04-03 17:08 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-10-13 08:03 . 2011-10-13 08:03 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2010-10-04 23:59 . 2010-10-04 23:59 2818048 c:\windows\Installer\b092e13.msi
+ 2010-10-04 23:59 . 2010-10-04 23:59 5289984 c:\windows\Installer\b092e0d.msi
+ 2011-12-12 21:13 . 2011-12-12 21:13 3461120 c:\windows\Installer\8f384501.msp
+ 2011-10-16 19:45 . 2011-10-16 19:45 4966912 c:\windows\Installer\84470c78.msp
+ 2011-10-16 19:28 . 2011-10-16 19:28 1138688 c:\windows\Installer\84470c5f.msp
+ 2011-12-01 21:16 . 2011-12-01 21:16 3464704 c:\windows\Installer\84470c48.msp
+ 2011-10-27 03:46 . 2011-10-27 03:46 1833472 c:\windows\Installer\84470c1a.msp
+ 2011-10-27 03:49 . 2011-10-27 03:49 3283968 c:\windows\Installer\84470c03.msp
+ 2011-10-27 03:49 . 2011-10-27 03:49 3621376 c:\windows\Installer\84470be4.msp
+ 2011-12-26 11:24 . 2011-12-26 11:24 8835072 c:\windows\Installer\75cd15f3.msp
+ 2012-01-04 08:50 . 2012-01-04 08:50 4000768 c:\windows\Installer\6d8d3.msi
+ 2011-04-29 04:33 . 2011-04-29 04:33 3879424 c:\windows\Installer\3fb2021.msp
+ 2011-04-29 04:29 . 2011-04-29 04:29 1211904 c:\windows\Installer\3fb201a.msp
+ 2011-04-29 04:28 . 2011-04-29 04:28 1211904 c:\windows\Installer\3fb2009.msp
+ 2011-04-29 04:31 . 2011-04-29 04:31 4817408 c:\windows\Installer\3fb1ff0.msp
+ 2011-04-29 02:23 . 2011-04-29 02:23 4093952 c:\windows\Installer\3fb1e6c.msp
+ 2011-04-29 02:05 . 2011-04-29 02:05 1845760 c:\windows\Installer\3fb1e29.msp
+ 2012-03-01 04:55 . 2012-03-01 04:55 3462656 c:\windows\Installer\3f783861.msp
+ 2011-12-15 19:34 . 2011-12-15 19:34 6561792 c:\windows\Installer\29e3ba.msi
+ 2011-11-18 23:52 . 2011-11-18 23:52 9183232 c:\windows\Installer\1e0a68d7.msp
+ 2012-01-05 11:21 . 2012-01-05 11:21 4964864 c:\windows\Installer\1e0a68c0.msp
+ 2012-01-25 06:32 . 2012-01-25 06:32 3458560 c:\windows\Installer\1e0a68a9.msp
+ 2011-10-26 21:36 . 2011-10-26 21:36 2829312 c:\windows\Installer\1e0a6893.msp
+ 2005-09-23 12:48 . 2005-09-23 12:48 2483200 c:\windows\Installer\136971.msi
+ 2012-03-20 01:15 . 2012-03-20 01:15 4460544 c:\windows\Installer\102cc5bd.msi
- 2011-02-06 20:14 . 2011-11-11 14:53 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2011-02-06 20:14 . 2011-11-11 14:53 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-02-06 20:14 . 2012-03-16 04:30 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-02-18 02:56 . 2010-02-18 02:56 1199008 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WKCONV.EXE
+ 2010-02-25 16:07 . 2010-02-25 16:07 2672456 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VBE7.DLL

#4 Mriiadelmar

Mriiadelmar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 05 April 2012 - 01:17 PM

Part 2:

+ 2010-02-28 07:55 . 2010-02-28 07:55 1040736 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\UMOUTLOOKADDIN.DLL
+ 2010-03-01 10:07 . 2010-03-01 10:07 2831768 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\STSLIST.DLL
+ 2010-03-11 05:44 . 2010-03-11 05:44 1100664 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SETUP.EXE
+ 2010-03-09 14:57 . 2010-03-09 14:57 2162024 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\POWERPNT.EXE
+ 2010-03-11 05:44 . 2010-03-11 05:44 5789544 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OSETUP.DLL
+ 2010-03-30 13:29 . 2010-03-30 13:29 1177968 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONFILTER.DLL
+ 2010-01-10 02:24 . 2010-01-10 02:24 3483000 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OIMG.DLL
+ 2010-02-28 07:19 . 2010-02-28 07:19 7277440 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OFFOWC.DLL
+ 2010-03-30 02:48 . 2010-03-30 02:48 6629808 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\NL7MODELS0011.DLL
+ 2010-03-30 02:48 . 2010-03-30 02:48 2460080 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\NL7LEXICONS0011.DLL
+ 2010-03-30 02:47 . 2010-03-30 02:47 7467440 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\NL7DATA0011.DLL
+ 2011-02-06 20:12 . 2011-02-06 20:12 1689472 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBISYNC.DLL
+ 2010-03-30 13:36 . 2010-03-30 13:36 5496688 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IPEDITOR.DLL
+ 2010-03-30 13:36 . 2010-03-30 13:36 5867896 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IPDESIGN.DLL
+ 2010-03-30 13:36 . 2010-03-30 13:36 1734000 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INFOPATH.EXE
+ 2010-03-13 03:45 . 2010-03-13 03:45 4299648 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GRAPH.EXE
+ 2010-03-01 10:08 . 2010-03-01 10:08 1746280 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GFX.DLL
+ 2010-02-20 22:20 . 2010-02-20 22:20 1207144 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FM20.DLL
+ 2010-01-19 01:59 . 2010-01-19 01:59 2182040 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASSAPIFE.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 3049376 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEWDAT.DLL
+ 2010-03-23 15:55 . 2010-03-23 15:55 2193800 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACECORE.DLL
+ 2010-03-25 01:28 . 2010-03-25 01:28 1449312 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACCICONS.EXE
+ 2011-02-06 20:12 . 2011-02-06 20:12 1857400 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACCESS.DLL
+ 2012-04-03 18:20 . 2012-04-03 18:20 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\02198c29552545c7d7e7a95ab39488e5\WindowsBase.ni.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\d1d48cd30cd275b06fad70778798cae7\UIAutomationClientsideProviders.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\ecdcf3d1d7bc90546464d70a4bee843d\System.Xml.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\3a9670f473f8f9291ca256d9a15fc281\System.Xaml.ni.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\455d5edfdc989057a8fea7bc88a02ef6\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bd044dc068adc34e430faa820e5c5e44\System.Web.Services.ni.dll
+ 2012-04-03 19:28 . 2012-04-03 19:28 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\561e5a115d6d7ade93236df74d61af84\System.Speech.ni.dll
+ 2012-04-03 19:27 . 2012-04-03 19:27 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4606cac0ba2d406b4ddefca21a3db1eb\System.ServiceModel.Activities.ni.dll
+ 2012-04-03 19:27 . 2012-04-03 19:27 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\28b5d075cf252a24a6b007ff5941dce1\System.ServiceModel.Discovery.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\1a361129f93a8190d8797b7c680baecc\System.Runtime.Serialization.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\2c57eff357f1bc56d0367f04adcf6d76\System.Runtime.DurableInstancing.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\7668fa73a73410f2e00d341a8684e28a\System.Printing.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\2280764a011295483642b17fe5d2b1f7\System.Management.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\a77730a57cc54142f1ecbb1e85060e5f\System.IdentityModel.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\7b06b84cb3b99a3ab22adb2a3f6376e6\System.EnterpriseServices.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 2290176 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5b5fe518d1a632afaae9f24dd18cee2f\System.Drawing.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\60390cb3abc6f1d85a572c156d39fc02\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\5eaf17b571cf9fb6f159a0c92d6244ab\System.DirectoryServices.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\0ce1b3a9a0192c2cdb16d848e78e6688\System.Deployment.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\ca4a0bde02b2eb73d2e9f22925719ecf\System.Data.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\657b967b5fd7819f273f5704197ce97e\System.Data.SqlXml.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\930a4b48234d358f2758f075be0684c5\System.Data.Services.Client.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 3386880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\0ba3ab7e136a52fcba260ad7893ede32\System.Data.Linq.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\c24ce44b45c0e0c0961a9755f192eb3a\System.Configuration.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\5a66bc1859e864d87b81e31438a5f07d\System.ComponentModel.Composition.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\f25d1dde40ef0128d9e5163d142bd2e2\System.Activities.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\26671ab09e54e0ecfd23012e32cb6383\System.Activities.Presentation.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\e9f6686e336507594e33cad6ed7814cd\System.Activities.Core.Presentation.ni.dll
+ 2012-04-03 18:23 . 2012-04-03 18:23 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\9c49a7b6fb133a307e3804ca7ba35d16\ReachFramework.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\68d02e44d8b1f23c21a116119fbb65d0\PresentationUI.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\1903f5de0c7c33993c55319d4fc3062e\Microsoft.VisualBasic.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\15b88fefd6d638f01856a68c14e2ab9b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 1843200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\10bfd23b78a3492727e8b11e2fcbb990\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\2d92f0cffe052f601c1bca1f52425fef\Microsoft.Transactions.Bridge.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 1070080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\7280f718952c94a73dcebf81c01c399f\Microsoft.Office.Tools.Word.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 1117696 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\50d6ca168f0fb557828f3464a0b4f2de\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 2034688 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\50658ecfdf567c8dbdd7b0ff7bbf8faa\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-04-03 18:20 . 2012-04-03 18:20 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\1a7b9ecf2638f80e24f791c0b056686a\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\0fbfc1087f7622c5b6b06f88fce1a45e\Microsoft.JScript.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\83f53b455553f5ad67e756f6762dc3b4\Microsoft.CSharp.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0c7b3ff43f1b29cad7dde24bdbd5b79\WindowsBase.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\75c3f67e1911f5b2b7f0e2d7349d7d3f\UIAutomationClientsideProviders.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\57e066d0b97757dbd26d59302c3d701a\System.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\68345d6b57fe33c9a94fe6a72ab5e85e\System.Xml.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b9942cb07813f553f6d6374dd4541362\System.Xaml.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\c2ed38a4852d1795a28630b943132a8f\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\ed3c3da0975b58d65c97de64ad12b67f\System.Web.Services.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\ebf81a3c4b84173e4c261b53c36dc2c7\System.Speech.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\bd56724925a1ac99f75696295cbb078a\System.ServiceModel.Discovery.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1a9500e548a617a7ff96d4260554e4d5\System.ServiceModel.Activities.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ca261c617636f2ff269d6233b19f97b8\System.Runtime.Serialization.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\e4f2a7b1e685e937ccefac6ff0a36b27\System.Runtime.DurableInstancing.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\03109a409036c6e939bc9881f9e60b37\System.Printing.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\eef171dee81858018c3956485fff7ba7\System.Management.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\38f1dee7d3bebfb9bf83898f598ea4c2\System.IdentityModel.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 1653248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2c958d61dd28474ec780db9d18d266ae\System.Drawing.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\45e9729f55f25e4c70f7ea3cfc0a8087\System.DirectoryServices.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\d6ca9981841735085e10843bb7187573\System.Deployment.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\b0df867e9242cf4d254ec8eb8da97332\System.Data.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\32fffd4b8760322bc2e35c2417676b7f\System.Data.SqlXml.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 1344000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\f4087e23c683a35e4628d9f829aaa41d\System.Data.Services.Client.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\a791cec82d0c142b843025f25c8277f9\System.Data.Linq.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\b7409080f31b0a702281b68c37bac326\System.Core.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\004bf96bf646e4f1126b919316be5c2f\System.Activities.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\2456337e1ae6411ec64b9d18042d5c13\System.Activities.Presentation.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\3206d2885d46ae9513c1489d7bc97b9c\System.Activities.Core.Presentation.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\ccc1a34a0a532480e00219ca5645ffeb\ReachFramework.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\dee17bfe2a1b329bd8bb2199446dda83\PresentationUI.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\f1451a88d3bc4ab55d1cde85ceb4cd35\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\7a3431124b8ded91068710226c0a00d4\Microsoft.VisualBasic.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\363a87c6f2b70055eb822596173ba1ac\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\ba7e3823b1a01f31e53be9b57b392035\Microsoft.Transactions.Bridge.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1117696 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\cf102a9a266a7902a7e7f6ebe166ea50\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-04-03 17:15 . 2012-04-03 17:15 1551872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\432eb77ca8a01f2401ad57d269e5c1ff\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\ddba6895bf4a65312155228d9744c912\Microsoft.JScript.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\409a7c3f32302875f33d0910cc484bac\Microsoft.CSharp.ni.dll
+ 2012-02-18 16:15 . 2012-02-18 16:15 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\a6d9b6658c7778345cc60fe0d9bb6e64\WindowsBase.ni.dll
+ 2012-02-18 16:31 . 2012-02-18 16:31 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\dac9f71ca1332da2a359e2d07589b7e9\UIAutomationClientsideProviders.ni.dll
+ 2012-02-18 16:15 . 2012-02-18 16:15 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\e04d9231de2f5d2ababdb425df670e63\System.Xml.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5571a92171f93c8a4806b9f1805f1c56\System.WorkflowServices.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\3b2e60a9cfedffc4c850f1d0ef17e5e1\System.Workflow.Runtime.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\809f0c7c2d0233f086f83b75f6aa9560\System.Workflow.ComponentModel.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\f09110bd4c01129e8ef2e345e8b58920\System.Workflow.Activities.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\28c5f5bb725935286936596e3f5f4f38\System.Web.Services.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\2b012fd0a270bdac848843047bb93312\System.Web.Mobile.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\cf203792167bd243b057b8daf79e0d98\System.Web.Extensions.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\7f261dc1eaa3e4e0b93c44678888dd44\System.Web.Extensions.Design.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\a49bc70b640e21c9bcecbd8122203283\System.Speech.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\8ef813ce3f85ea3b3f499d734ac8019e\System.ServiceModel.Web.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\f99728bbb535157b904873158379dc67\System.Runtime.Serialization.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\8b193e216f8cf8cd74d7f63cc3ebd2d9\System.Runtime.Remoting.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\1194371f7bf016fa5f5db6a6003af63e\System.Printing.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\6860203a3f244d4c6b89ff38a9c9cadb\System.Management.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\3fae8a8515a716f1fae4a64a7f2a4b05\System.IdentityModel.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\dbd535c6b73a9d9ffab8b91124ea7dda\System.EnterpriseServices.ni.dll
+ 2012-02-18 16:16 . 2012-02-18 16:16 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\6c52a4ed4a4d301b51cae24e0d0b28ac\System.Drawing.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\cc26a70ca09b5e09736df4f2f4af045a\System.DirectoryServices.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\48a91957a4b86c3bcebec68eb1471def\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-18 16:16 . 2012-02-18 16:16 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6d33e51aa1dd1c4c8ac5bff1c7ad7b4b\System.Deployment.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\bc98c6a47226c05d244f7ffb07b6d6bf\System.Data.ni.dll
+ 2012-02-18 16:15 . 2012-02-18 16:15 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\134d55401aae7ef73c10ad743774127f\System.Data.SqlXml.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\2dd10ff57a987aa347518b0abfcaf8b3\System.Data.Services.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\0177f6ff2b3faf1805b3ba63e0e20ad0\System.Data.Services.Client.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\7892bc65d0be332ab0d4f5dae01d2c3c\System.Data.OracleClient.ni.dll
+ 2012-02-18 16:30 . 2012-02-18 16:30 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\dd28d55dd94fb4d1e4dca6393e4b15a4\System.Data.Linq.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\caf124d5431e8d8aba046e54a8b7dea5\System.Data.Entity.Design.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\9e59bc2c8cf98cd315468ca01f68663c\System.Core.ni.dll
+ 2012-02-18 16:14 . 2012-02-18 16:14 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\da9e586395168489e96323c7cbd635a3\System.Configuration.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\c2b60ec84728f2a0b99f2113ed7eba37\ReachFramework.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\d5b793b7c0429d61e51fe917d1066df8\PresentationUI.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\0618574a66f03040f765c43693bf58f6\PresentationBuildTasks.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\24f9a2d494b01bcbc6919f60a278c715\Narrator.ni.exe
+ 2012-02-18 16:28 . 2012-02-18 16:28 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\8988116626390eae76ef9e492c0e2894\MMCEx.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\77c418992d39a8c1ce569194f9b1ff1e\MIGUIControls.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\e05059a258a8b75d8981f29ecd9baf72\Microsoft.VisualBasic.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\11bd9381aca79215bc01b45a5e7bddce\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ecc930a57b339ba3d126b05b2d756a01\Microsoft.PowerShell.Editor.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\8d5a4862d0e61fdd2e958fc989df3cca\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\713f3cf6037ed7047485c738934f9054\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\09516cb547f50c165051c5512c0770d3\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\d7d03c116e282c198f398652dbddc074\Microsoft.MediaCenter.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\bf5f76b58c88f17410effc17059685a8\Microsoft.MediaCenter.UI.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b54d398a06452904630482f2f83d21dd\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5f69561da0086365718db46e1172d204\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5e550f8b6414d82551174d1dd0f8f15c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\551b383e39b9fedb84e25c9fc7d763ee\Microsoft.JScript.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\2ec15928bc76c2a6af54ad507c513cd4\Microsoft.Ink.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4ccd2dddff73b52cd77ecaed30075b09\Microsoft.Build.Tasks.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\35cee0a531b3136b21b2c7e2ff56b5eb\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\a22f83fa561173b77ee1215e0dfd7a76\Microsoft.Build.Engine.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\5cd9b4020f38edbdc2718884fe3e68f0\Microsoft.Build.Engine.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\0217b5f9a72020bee3d0291bbae125ff\mcstore.ni.dll
+ 2012-02-18 16:26 . 2012-02-18 16:26 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\905166e37a4a5f45a7d1672fb756d96e\mcepg.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c463ccf17b00f16ed8e60a6ba1cb46e5\UIAutomationClientsideProviders.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 7967232 c:\windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\99f03be29e7f6de2f4bc278b83f0761b\System.WorkflowServices.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\ee22bb1fef89981da77783c69aa1f154\System.Workflow.Runtime.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\5fc69203193c26b91b068695b00bcebf\System.Workflow.ComponentModel.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\e5bfe89d19b368c5eb64bdf2c3c29d7a\System.Workflow.Activities.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a595aa31f93ed043fd02ec9d8ff40b32\System.Web.Services.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0eada94e6fc22ecdf69ec412fe7df0b9\System.Web.Mobile.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8ae9ee071050afc6dce19f5248817d66\System.Web.Extensions.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\8e4b0ae89bdfbe3eac1b79dacef4ef79\System.Speech.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e20ce129c23781d9a8430b63edc3c24e\System.Printing.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f4d8c56c790b998bd1bb971905bfae78\System.Management.Automation.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\2d379df0010f87d5c3d8c2be00b3de7a\System.DirectoryServices.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\45fedf46ca69b8437800ffed652fb2e4\System.Deployment.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll
+ 2012-02-18 16:19 . 2012-02-18 16:19 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\d7621134717a86f5062dcf80206ab164\System.Data.SqlXml.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\47c2a93f42a371ac1b3756d098ac18a5\System.Data.Services.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3763b8ac5fa0a96ad5100a53b10b4449\System.Data.Services.Client.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\c3e0c299c00016b5ffb5006bc32dd0db\System.Data.OracleClient.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1fe993f1045190570a2c69cb32f9d62d\System.Data.Linq.ni.dll
+ 2012-02-18 16:34 . 2012-02-18 16:34 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\932542a144496e3a9cb9155270fd4492\System.Data.Entity.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\9f09338d4240f6ea19318665fcea008f\ReachFramework.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\10d61b241fbf27d82942eecb454105e1\PresentationUI.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\d2c547794ac1c167fe24904e6848d5cc\PresentationBuildTasks.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\308236e39e3ad82c6b5bfa2d955735e3\Narrator.ni.exe
+ 2012-02-18 16:33 . 2012-02-18 16:33 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\b792eec16fb24a0f73ca20e1551bfcbf\MMCEx.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\44f2bd588202e6bdacf0b867c7011057\MIGUIControls.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\659bc287f3b51e5e604208ce93d983ec\Microsoft.VisualBasic.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1a6921bcfb8ade6652efb9f095b275f1\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86fa49490bc929adf75488903f0dac4b\Microsoft.PowerShell.Editor.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\413c3be0ba8ed04984a0bb3044e0c2e0\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2f66392066352b804d8022664e7bf8de\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\8411ef1da1134cb78aae6b47c6572235\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll
+ 2012-02-23 21:36 . 2012-02-23 21:36 3238400 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\f3b8c2f1c9ae40884e59a1574fe7591d\Microsoft.Office.BusinessData.ni.dll
+ 2012-02-23 21:36 . 2012-02-23 21:36 4752384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\edf35c1de33ab762b66c4b03a1355cb0\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
+ 2012-02-23 22:18 . 2012-02-23 22:18 2091520 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\5433c8ce3cb3b4a17f686f0c2fa97073\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
+ 2012-02-23 21:35 . 2012-02-23 21:35 1564672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\50ed93628ca6e9c91da11dd6bc6e8e01\Microsoft.Office.BusinessApplications.Runtime.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\558d4558f0857891cf0d41d818e7b490\Microsoft.MediaCenter.UI.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\03d64144ed3ea21cbeea0c872ece14b6\Microsoft.MediaCenter.ni.dll
+ 2012-02-18 16:33 . 2012-02-18 16:33 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\09cea564f5888335ef97bd104d7e4ea6\Microsoft.JScript.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ca0dacd1a4dc23e5d7bb3e6548282b6b\Microsoft.Ink.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\e566cc5fe7ad95b0a9fca152b335b551\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2b23923536c41d0fb8ab658f6c9a95c1\Microsoft.Build.Tasks.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b8459651fae37b63ab314350a8eff8a\Microsoft.Build.Engine.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\103b0155f85ff08fc9940bd0c3aa0128\mcstore.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\c28c1427f0691e070b77b4ad97000e4c\mcepg.ni.dll
- 2011-08-27 14:25 . 2011-05-04 22:32 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-02-17 00:39 . 2011-10-31 23:16 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-01-06 04:29 . 2011-12-25 20:42 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-04-03 16:40 . 2010-11-05 01:53 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 1857400 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
- 2011-02-06 20:12 . 2011-02-06 20:12 1857400 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2012-02-23 21:34 . 2012-02-23 21:34 1689472 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.dll
- 2011-02-06 20:12 . 2011-02-06 20:12 1689472 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.dll
+ 2012-01-06 04:29 . 2011-12-25 20:40 5263360 c:\windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-01-06 04:29 . 2011-12-25 20:42 5255168 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-02-17 00:39 . 2012-01-04 08:59 12872704 c:\windows\SysWOW64\shell32.dll
+ 2012-02-18 15:33 . 2011-12-14 03:30 12282368 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-03-16 14:47 11010048 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-02-17 00:39 . 2012-01-04 10:44 14172672 c:\windows\system32\shell32.dll
+ 2012-02-18 15:33 . 2011-12-14 07:43 17790464 c:\windows\system32\mshtml.dll
+ 2009-12-27 19:59 . 2012-03-16 04:30 56297240 c:\windows\system32\MRT.exe
+ 2012-04-03 17:31 . 2012-04-03 17:31 11588768 c:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll
+ 2012-02-18 15:33 . 2011-12-14 07:16 10887168 c:\windows\system32\ieframe.dll
+ 2011-10-27 03:45 . 2011-10-27 03:45 66426368 c:\windows\Installer\84470c90.msp
+ 2011-10-27 03:47 . 2011-10-27 03:47 10328064 c:\windows\Installer\84470bf6.msp
+ 2011-10-27 03:49 . 2011-10-27 03:49 16245760 c:\windows\Installer\84470bd7.msp
+ 2011-10-27 03:49 . 2011-10-27 03:49 10427392 c:\windows\Installer\84470bc4.msp
+ 2011-11-22 05:42 . 2011-11-22 05:42 33189888 c:\windows\Installer\5221e63d.msp
+ 2011-04-29 04:28 . 2011-04-29 04:28 16972800 c:\windows\Installer\3fb2013.msp
+ 2011-04-29 04:28 . 2011-04-29 04:28 11056128 c:\windows\Installer\3fb2002.msp
+ 2011-04-29 01:34 . 2011-04-29 01:34 11155456 c:\windows\Installer\3fb1ff9.msp
+ 2011-04-29 02:47 . 2011-04-29 02:47 14900736 c:\windows\Installer\3fb1e75.msp
+ 2011-04-29 01:27 . 2011-04-29 01:27 13031936 c:\windows\Installer\3fb1e4e.msp
+ 2011-12-15 19:34 . 2011-12-15 19:34 18452480 c:\windows\Installer\29e3af.msi
+ 2012-02-18 15:37 . 2012-02-18 15:37 20333056 c:\windows\Installer\1e0a688a.msp
+ 2012-03-09 05:03 . 2012-03-09 05:03 38092800 c:\windows\Installer\1b8d8568.msi
+ 2010-03-01 10:09 . 2010-03-01 10:09 13988704 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSACCESS.EXE
+ 2012-04-03 17:10 . 2012-04-03 17:10 11880448 c:\windows\assembly\NativeImages_v4.0.30319_64\System\a9e29e892ad68ac0b88f0480746a0d0b\System.ni.dll
+ 2012-04-03 18:22 . 2012-04-03 18:22 17291264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\f850dba642b0cc845d9a7d8ac300e243\System.Windows.Forms.ni.dll
+ 2012-04-03 18:25 . 2012-04-03 18:25 24551424 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\bd433ada9b2565b666331b5b1276538a\System.ServiceModel.ni.dll
+ 2012-04-03 18:24 . 2012-04-03 18:24 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9aca7097fc620da8481516b2d4e3fede\System.Data.Entity.ni.dll
+ 2012-04-03 18:19 . 2012-04-03 18:19 10440704 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\e91a0d844afdda429e0fbd9814f41134\System.Core.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\8a4ac50c706da226242a99b871c9f981\PresentationFramework.ni.dll
+ 2012-04-03 18:21 . 2012-04-03 18:21 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\b0adff19c63ba3b4be1cae43567af15d\PresentationCore.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 19355648 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\d9d8d4f8fc868d07be41d4ffb46d7364\mscorlib.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 13138944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\33eae86e0a5d9bcc4d0e4e469e2ac36a\System.Windows.Forms.ni.dll
+ 2012-04-03 18:17 . 2012-04-03 18:17 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a526845de91a382b6ea05b02eddc6f3e\System.ServiceModel.ni.dll
+ 2012-04-03 18:16 . 2012-04-03 18:16 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\32e0d99cfda10e64d7583bb65444cab3\System.Data.Entity.ni.dll
+ 2012-04-03 17:11 . 2012-04-03 17:11 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bd3685e578c22d17625390d847973de0\PresentationFramework.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\008fbb2e42b3c2569ff58d651575ff29\PresentationCore.ni.dll
+ 2012-04-03 17:10 . 2012-04-03 17:10 14414336 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e5b31f3bb6508df0dc7c20ddc72f3191\mscorlib.ni.dll
+ 2012-02-18 16:14 . 2012-02-18 16:14 10624512 c:\windows\assembly\NativeImages_v2.0.50727_64\System\d5bc322d03a6628891b1e1232c4815af\System.ni.dll
+ 2012-02-18 16:16 . 2012-02-18 16:16 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\87a79dd88275c7e7536a0476f2ed79aa\System.Windows.Forms.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\3ea6f4cb8bba38f9d66275c36dd8825e\System.Web.ni.dll
+ 2012-02-18 16:25 . 2012-02-18 16:25 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\0b51b0626d95de7446d132c73edd77cc\System.ServiceModel.ni.dll
+ 2012-02-18 16:28 . 2012-02-18 16:28 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\e18dbed9e34d7d56cc7e2f683de12237\System.Management.Automation.ni.dll
+ 2012-02-18 16:18 . 2012-02-18 16:18 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\0ad116b6a293e4fad1add26610df466d\System.Design.ni.dll
+ 2012-02-18 16:29 . 2012-02-18 16:29 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\00b730e56986ad4f378e420fa8606395\System.Data.Entity.ni.dll
+ 2012-02-18 16:17 . 2012-02-18 16:17 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\be975224912fc63f0398ad0c969ba144\PresentationFramework.ni.dll
+ 2012-02-18 16:16 . 2012-02-18 16:16 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\0fa603af6ee814498c20f46e00e5f891\PresentationCore.ni.dll
+ 2012-02-18 16:27 . 2012-02-18 16:27 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\089d0fee0e702f9b9a611f761cb3bd8a\ehshell.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
+ 2012-02-18 16:32 . 2012-02-18 16:32 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll
+ 2012-02-18 16:21 . 2012-02-18 16:21 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f89f5d786e54381f9058656271a0aca8\System.Design.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
+ 2012-02-18 16:20 . 2012-02-18 16:20 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
+ 2011-10-16 19:38 . 2011-10-16 19:38 100966912 c:\windows\Installer\84470bb2.msp
+ 2011-04-29 01:33 . 2011-04-29 01:33 425345024 c:\windows\Installer\3fb1fe2.msp
.

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Facebook Update"="c:\users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-07-14 137536]
"MediaGet2"="c:\users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe" [2012-03-18 8109800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2009-10-04 3122440]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-07 801792]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"USB Security"="c:\program files (x86)\USB Disk Security\USBGuard.exe" [2011-10-22 623520]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
.
c:\users\Maria del Mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Recorte de pantalla y Selector de OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NanoServiceMain;NanoServiceMain;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 253600]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [x]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S1 aswSP;aswSP; [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 funfrm;funfrm; [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 17:52]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Pending Delete Icon]
@="{0847B599-9191-4A27-BD61-DE11598D3B1B}"
[HKEY_CLASSES_ROOT\CLSID\{0847B599-9191-4A27-BD61-DE11598D3B1B}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-10-04 23:25 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 235520]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mystart.incredibar.com/mb119?a=6OywHtUUIv&i=26
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://startsear.ch/?aff=1&cf=efd4301f-479d-11e1-99da-002622c7103e
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title =
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Enviar a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18776
FF - prefs.js: browser.search.selectedEngine - Plus! Network
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com/mb119?a=6OywHtUUIv&i=26
FF - prefs.js: keyword.URL - hxxp://www.plusnetwork.com/?sp=addr&q=
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OywHtUUIv&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 629418cc0000000000000026822fe388
FF - user.js: extensions.incredibar_i.instlDay - 15423
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:49
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OywHtUUIv
FF - user.js: extensions.incredibar_i.upn2n - 92261116896765783
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10606
FF - user.js: extensions.incredibar_i.ppd - 85%5F2
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-RunOnce-MessengerPlusForSkypeUninstall - c:\users\MARIAD~1\AppData\Local\Temp\MsgPlusUninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-05 12:55:09
ComboFix-quarantined-files.txt 2012-04-05 17:55
ComboFix2.txt 2011-11-19 15:10
.
Pre-Run: 98.772.168.704 bytes libres
Post-Run: 98.500.468.736 bytes libres
.
- - End Of File - - 6A5A17B0F31F290A04765A26662EA786

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:03 AM

Posted 05 April 2012 - 01:40 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 Mriiadelmar

Mriiadelmar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 05 April 2012 - 09:19 PM

Hi,

I was able to run TDSSKiller but not the other one. The touchpad doesn't let me go down the page with the left side of it (as with the scroll in a normal mouse). I checked the Touchpad properties and the scroll option is ticked. I still get Ads especially when searching in google and in youtube.

The aswMBR stopped working when searching this. I also tried to run it as an Administrator. No luck! Part of the file address: C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.

This is the TDSSKILLER log:


20:51:34.0437 4340 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
20:51:35.0342 4340 ============================================================
20:51:35.0342 4340 Current date / time: 2012/04/05 20:51:35.0342
20:51:35.0342 4340 SystemInfo:
20:51:35.0352 4340
20:51:35.0352 4340 OS Version: 6.1.7601 ServicePack: 1.0
20:51:35.0352 4340 Product type: Workstation
20:51:35.0352 4340 ComputerName: MARIADELMAR-PC
20:51:35.0352 4340 UserName: Maria del Mar
20:51:35.0352 4340 Windows directory: C:\windows
20:51:35.0352 4340 System windows directory: C:\windows
20:51:35.0352 4340 Running under WOW64
20:51:35.0352 4340 Processor architecture: Intel x64
20:51:35.0352 4340 Number of processors: 2
20:51:35.0352 4340 Page size: 0x1000
20:51:35.0352 4340 Boot type: Normal boot
20:51:35.0352 4340 ============================================================
20:51:35.0762 4340 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:51:35.0762 4340 \Device\Harddisk0\DR0:
20:51:35.0762 4340 MBR used
20:51:35.0762 4340 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
20:51:35.0762 4340 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1F9C8C00
20:51:35.0792 4340 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1FA2E400, BlocksNum 0x3C7E000
20:51:36.0012 4340 Initialize success
20:51:36.0012 4340 ============================================================
20:51:40.0321 4820 ============================================================
20:51:40.0321 4820 Scan started
20:51:40.0321 4820 Mode: Manual;
20:51:40.0321 4820 ============================================================
20:51:41.0227 4820 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
20:51:41.0227 4820 1394ohci - ok
20:51:41.0347 4820 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
20:51:41.0357 4820 ACPI - ok
20:51:41.0467 4820 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
20:51:41.0467 4820 AcpiPmi - ok
20:51:41.0567 4820 ACPIVPC (2e68544bce94de6677f700cf1d582b6d) C:\windows\system32\DRIVERS\AcpiVpc.sys
20:51:41.0577 4820 ACPIVPC - ok
20:51:41.0827 4820 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:51:41.0827 4820 AdobeFlashPlayerUpdateSvc - ok
20:51:41.0997 4820 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
20:51:42.0007 4820 adp94xx - ok
20:51:42.0147 4820 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
20:51:42.0157 4820 adpahci - ok
20:51:42.0287 4820 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
20:51:42.0287 4820 adpu320 - ok
20:51:42.0387 4820 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
20:51:42.0387 4820 AeLookupSvc - ok
20:51:42.0527 4820 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
20:51:42.0547 4820 AFD - ok
20:51:42.0687 4820 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
20:51:42.0687 4820 agp440 - ok
20:51:42.0837 4820 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
20:51:42.0847 4820 ALG - ok
20:51:42.0987 4820 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
20:51:42.0987 4820 aliide - ok
20:51:43.0127 4820 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
20:51:43.0127 4820 amdide - ok
20:51:43.0287 4820 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
20:51:43.0287 4820 AmdK8 - ok
20:51:43.0407 4820 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
20:51:43.0407 4820 AmdPPM - ok
20:51:43.0517 4820 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
20:51:43.0517 4820 amdsata - ok
20:51:43.0640 4820 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
20:51:43.0640 4820 amdsbs - ok
20:51:43.0746 4820 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
20:51:43.0746 4820 amdxata - ok
20:51:43.0826 4820 Andbus - ok
20:51:43.0846 4820 AndDiag - ok
20:51:43.0866 4820 AndGps - ok
20:51:43.0876 4820 ANDModem - ok
20:51:44.0026 4820 ApfiltrService (7f997f0f8b642edbe9919f32ce799040) C:\windows\system32\DRIVERS\Apfiltr.sys
20:51:44.0026 4820 ApfiltrService - ok
20:51:44.0146 4820 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
20:51:44.0146 4820 AppID - ok
20:51:44.0186 4820 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
20:51:44.0186 4820 AppIDSvc - ok
20:51:44.0296 4820 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
20:51:44.0306 4820 Appinfo - ok
20:51:44.0416 4820 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
20:51:44.0426 4820 arc - ok
20:51:44.0526 4820 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
20:51:44.0536 4820 arcsas - ok
20:51:44.0636 4820 aswFsBlk (e8184039d57365bee3eaa750375c44ad) C:\windows\system32\drivers\aswFsBlk.sys
20:51:44.0638 4820 aswFsBlk - ok
20:51:44.0764 4820 aswMonFlt (c671e9548d3d1b4cd15d0b164d9d01c7) C:\windows\system32\drivers\aswMonFlt.sys
20:51:44.0767 4820 aswMonFlt - ok
20:51:44.0919 4820 aswRdr (dee012d532c3f62ca099961505f41cf6) C:\windows\system32\drivers\aswRdr.sys
20:51:44.0920 4820 aswRdr - ok
20:51:45.0016 4820 aswSP (56bbd39753b9f7461c4de03c3217249d) C:\windows\system32\drivers\aswSP.sys
20:51:45.0019 4820 aswSP - ok
20:51:45.0123 4820 aswTdi (193691b35598642a328d880483dc0ed9) C:\windows\system32\drivers\aswTdi.sys
20:51:45.0125 4820 aswTdi - ok
20:51:45.0234 4820 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
20:51:45.0241 4820 AsyncMac - ok
20:51:45.0353 4820 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
20:51:45.0354 4820 atapi - ok
20:51:45.0497 4820 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:51:45.0514 4820 AudioEndpointBuilder - ok
20:51:45.0530 4820 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
20:51:45.0535 4820 AudioSrv - ok
20:51:45.0610 4820 avast! Antivirus (b2386a8e66891f7cfec9f5a03f0f1210) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:51:45.0611 4820 avast! Antivirus - ok
20:51:45.0635 4820 avast! Mail Scanner (b2386a8e66891f7cfec9f5a03f0f1210) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:51:45.0636 4820 avast! Mail Scanner - ok
20:51:45.0644 4820 avast! Web Scanner (b2386a8e66891f7cfec9f5a03f0f1210) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:51:45.0645 4820 avast! Web Scanner - ok
20:51:45.0748 4820 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
20:51:45.0753 4820 AxInstSV - ok
20:51:45.0876 4820 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
20:51:45.0883 4820 b06bdrv - ok
20:51:46.0001 4820 b57nd60a (93af5ccce5145aa3c2f0a41e7f65149a) C:\windows\system32\DRIVERS\b57nd60a.sys
20:51:46.0016 4820 b57nd60a - ok
20:51:46.0214 4820 BCM43XX (fb4fda64f2e8552eaeb5986c3f34462c) C:\windows\system32\DRIVERS\bcmwl664.sys
20:51:46.0284 4820 BCM43XX - ok
20:51:46.0374 4820 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
20:51:46.0384 4820 BDESVC - ok
20:51:46.0454 4820 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
20:51:46.0454 4820 Beep - ok
20:51:46.0623 4820 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
20:51:46.0652 4820 BFE - ok
20:51:46.0774 4820 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\system32\qmgr.dll
20:51:46.0795 4820 BITS - ok
20:51:46.0903 4820 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
20:51:46.0906 4820 blbdrive - ok
20:51:47.0054 4820 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
20:51:47.0056 4820 bowser - ok
20:51:47.0166 4820 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:51:47.0168 4820 BrFiltLo - ok
20:51:47.0217 4820 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:51:47.0219 4820 BrFiltUp - ok
20:51:47.0323 4820 Bridge0 (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys
20:51:47.0326 4820 Bridge0 - ok
20:51:47.0421 4820 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
20:51:47.0423 4820 BridgeMP - ok
20:51:47.0480 4820 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
20:51:47.0483 4820 Browser - ok
20:51:47.0593 4820 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
20:51:47.0597 4820 Brserid - ok
20:51:47.0622 4820 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
20:51:47.0623 4820 BrSerWdm - ok
20:51:47.0674 4820 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
20:51:47.0676 4820 BrUsbMdm - ok
20:51:47.0767 4820 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
20:51:47.0768 4820 BrUsbSer - ok
20:51:47.0884 4820 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
20:51:47.0885 4820 BthEnum - ok
20:51:47.0989 4820 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
20:51:47.0989 4820 BTHMODEM - ok
20:51:48.0059 4820 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
20:51:48.0059 4820 BthPan - ok
20:51:48.0199 4820 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
20:51:48.0219 4820 BTHPORT - ok
20:51:48.0342 4820 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
20:51:48.0342 4820 bthserv - ok
20:51:48.0402 4820 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
20:51:48.0402 4820 BTHUSB - ok
20:51:48.0562 4820 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\windows\system32\drivers\btwaudio.sys
20:51:48.0562 4820 btwaudio - ok
20:51:48.0742 4820 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\windows\system32\DRIVERS\btwavdt.sys
20:51:48.0746 4820 btwavdt - ok
20:51:48.0896 4820 btwdins (d65aa164acd0f6706dbcfbbcc9731584) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
20:51:48.0941 4820 btwdins - ok
20:51:49.0136 4820 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\windows\system32\DRIVERS\btwl2cap.sys
20:51:49.0139 4820 btwl2cap - ok
20:51:49.0268 4820 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\windows\system32\DRIVERS\btwrchid.sys
20:51:49.0271 4820 btwrchid - ok
20:51:49.0276 4820 catchme - ok
20:51:49.0458 4820 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
20:51:49.0462 4820 cdfs - ok
20:51:49.0592 4820 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
20:51:49.0597 4820 cdrom - ok
20:51:49.0748 4820 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:51:49.0751 4820 CertPropSvc - ok
20:51:49.0876 4820 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
20:51:49.0878 4820 circlass - ok
20:51:49.0991 4820 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
20:51:50.0001 4820 CLFS - ok
20:51:50.0128 4820 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:51:50.0128 4820 clr_optimization_v2.0.50727_32 - ok
20:51:50.0221 4820 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:51:50.0221 4820 clr_optimization_v2.0.50727_64 - ok
20:51:50.0428 4820 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:51:50.0428 4820 clr_optimization_v4.0.30319_32 - ok
20:51:50.0713 4820 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:51:50.0717 4820 clr_optimization_v4.0.30319_64 - ok
20:51:50.0816 4820 clwvd - ok
20:51:50.0970 4820 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
20:51:50.0972 4820 CmBatt - ok
20:51:51.0095 4820 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
20:51:51.0097 4820 cmdide - ok
20:51:51.0163 4820 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
20:51:51.0181 4820 CNG - ok
20:51:51.0349 4820 CnxtHdAudService (0d23c3312838eea1ed55d5f135bca613) C:\windows\system32\drivers\CHDRT64.sys
20:51:51.0370 4820 CnxtHdAudService - ok
20:51:51.0497 4820 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
20:51:51.0499 4820 Compbatt - ok
20:51:51.0549 4820 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
20:51:51.0551 4820 CompositeBus - ok
20:51:51.0622 4820 COMSysApp - ok
20:51:51.0684 4820 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
20:51:51.0686 4820 crcdisk - ok
20:51:51.0784 4820 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
20:51:51.0794 4820 CryptSvc - ok
20:51:51.0912 4820 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:51:51.0946 4820 DcomLaunch - ok
20:51:52.0073 4820 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
20:51:52.0079 4820 defragsvc - ok
20:51:52.0200 4820 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
20:51:52.0203 4820 DfsC - ok
20:51:52.0344 4820 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
20:51:52.0352 4820 Dhcp - ok
20:51:52.0440 4820 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
20:51:52.0443 4820 discache - ok
20:51:52.0569 4820 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
20:51:52.0572 4820 Disk - ok
20:51:52.0670 4820 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
20:51:52.0676 4820 Dnscache - ok
20:51:52.0774 4820 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
20:51:52.0780 4820 dot3svc - ok
20:51:52.0896 4820 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
20:51:52.0900 4820 Dot4 - ok
20:51:53.0027 4820 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\drivers\Dot4Prt.sys
20:51:53.0029 4820 Dot4Print - ok
20:51:53.0078 4820 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
20:51:53.0080 4820 dot4usb - ok
20:51:53.0181 4820 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
20:51:53.0186 4820 DPS - ok
20:51:53.0251 4820 driverhardwarev2x64 - ok
20:51:53.0364 4820 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
20:51:53.0368 4820 drmkaud - ok
20:51:53.0500 4820 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
20:51:53.0540 4820 DXGKrnl - ok
20:51:53.0666 4820 eamon (85e3ed13ec107a20d9b018328e0c9737) C:\windows\system32\DRIVERS\eamon.sys
20:51:53.0670 4820 eamon - ok
20:51:53.0754 4820 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
20:51:53.0758 4820 EapHost - ok
20:51:53.0901 4820 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
20:51:54.0004 4820 ebdrv - ok
20:51:54.0124 4820 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
20:51:54.0124 4820 EFS - ok
20:51:54.0244 4820 ehdrv (518fb66d5e21b2c246f96c1d9153cadc) C:\windows\system32\DRIVERS\ehdrv.sys
20:51:54.0254 4820 ehdrv - ok
20:51:54.0364 4820 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
20:51:54.0384 4820 ehRecvr - ok
20:51:54.0474 4820 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
20:51:54.0484 4820 ehSched - ok
20:51:54.0594 4820 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
20:51:54.0614 4820 elxstor - ok
20:51:54.0754 4820 epfwwfpr (60643217107fd0dd2d11d0936f86506f) C:\windows\system32\DRIVERS\epfwwfpr.sys
20:51:54.0764 4820 epfwwfpr - ok
20:51:54.0864 4820 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
20:51:54.0874 4820 ErrDev - ok
20:51:54.0996 4820 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
20:51:55.0013 4820 EventSystem - ok
20:51:55.0126 4820 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
20:51:55.0131 4820 exfat - ok
20:51:55.0240 4820 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
20:51:55.0246 4820 fastfat - ok
20:51:55.0379 4820 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
20:51:55.0400 4820 Fax - ok
20:51:55.0533 4820 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
20:51:55.0535 4820 fdc - ok
20:51:55.0621 4820 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
20:51:55.0624 4820 fdPHost - ok
20:51:55.0648 4820 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
20:51:55.0651 4820 FDResPub - ok
20:51:55.0750 4820 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
20:51:55.0753 4820 FileInfo - ok
20:51:55.0845 4820 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
20:51:55.0847 4820 Filetrace - ok
20:51:55.0957 4820 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
20:51:55.0959 4820 flpydisk - ok
20:51:56.0092 4820 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
20:51:56.0098 4820 FltMgr - ok
20:51:56.0227 4820 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
20:51:56.0265 4820 FontCache - ok
20:51:56.0376 4820 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:51:56.0379 4820 FontCache3.0.0.0 - ok
20:51:56.0457 4820 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
20:51:56.0459 4820 FsDepends - ok
20:51:56.0568 4820 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
20:51:56.0571 4820 Fs_Rec - ok
20:51:56.0684 4820 funfrm (318d926d96c63477bf66c8d9c04eedd8) C:\windows\system32\drivers\funfrm.sys
20:51:56.0687 4820 funfrm - ok
20:51:56.0798 4820 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
20:51:56.0804 4820 fvevol - ok
20:51:56.0932 4820 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
20:51:56.0935 4820 gagp30kx - ok
20:51:57.0059 4820 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
20:51:57.0081 4820 gpsvc - ok
20:51:57.0218 4820 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:51:57.0222 4820 gusvc - ok
20:51:57.0321 4820 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
20:51:57.0324 4820 hcw85cir - ok
20:51:57.0457 4820 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
20:51:57.0463 4820 HdAudAddService - ok
20:51:57.0562 4820 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
20:51:57.0566 4820 HDAudBus - ok
20:51:57.0613 4820 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
20:51:57.0615 4820 HidBatt - ok
20:51:57.0690 4820 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
20:51:57.0693 4820 HidBth - ok
20:51:57.0807 4820 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
20:51:57.0809 4820 HidIr - ok
20:51:57.0902 4820 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
20:51:57.0906 4820 hidserv - ok
20:51:58.0043 4820 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
20:51:58.0046 4820 HidUsb - ok
20:51:58.0088 4820 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
20:51:58.0093 4820 hkmsvc - ok
20:51:58.0159 4820 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
20:51:58.0166 4820 HomeGroupListener - ok
20:51:58.0249 4820 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
20:51:58.0256 4820 HomeGroupProvider - ok
20:51:58.0431 4820 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:51:58.0437 4820 hpqcxs08 - ok
20:51:58.0602 4820 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:51:58.0605 4820 hpqddsvc - ok
20:51:58.0742 4820 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
20:51:58.0745 4820 HpSAMD - ok
20:51:58.0879 4820 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
20:51:58.0911 4820 HTTP - ok
20:51:59.0019 4820 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
20:51:59.0021 4820 hwpolicy - ok
20:51:59.0128 4820 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
20:51:59.0132 4820 i8042prt - ok
20:51:59.0229 4820 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:51:59.0237 4820 IAANTMON - ok
20:51:59.0354 4820 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\windows\system32\DRIVERS\iaStor.sys
20:51:59.0359 4820 iaStor - ok
20:51:59.0493 4820 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
20:51:59.0512 4820 iaStorV - ok
20:51:59.0660 4820 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:51:59.0697 4820 idsvc - ok
20:51:59.0951 4820 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
20:52:00.0126 4820 igfx - ok
20:52:00.0296 4820 IGRS (d951d20153e51928f9db2227d6ff5c7a) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
20:52:00.0298 4820 IGRS - ok
20:52:00.0474 4820 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
20:52:00.0475 4820 iirsp - ok
20:52:00.0646 4820 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
20:52:00.0666 4820 IKEEXT - ok
20:52:00.0776 4820 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
20:52:00.0778 4820 intelide - ok
20:52:00.0883 4820 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
20:52:00.0886 4820 intelppm - ok
20:52:01.0015 4820 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
20:52:01.0018 4820 IPBusEnum - ok
20:52:01.0137 4820 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:52:01.0140 4820 IpFilterDriver - ok
20:52:01.0200 4820 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
20:52:01.0217 4820 iphlpsvc - ok
20:52:01.0307 4820 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
20:52:01.0310 4820 IPMIDRV - ok
20:52:01.0394 4820 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
20:52:01.0398 4820 IPNAT - ok
20:52:01.0504 4820 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
20:52:01.0506 4820 IRENUM - ok
20:52:01.0595 4820 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
20:52:01.0597 4820 isapnp - ok
20:52:01.0646 4820 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
20:52:01.0653 4820 iScsiPrt - ok
20:52:01.0785 4820 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\windows\system32\DRIVERS\k57nd60a.sys
20:52:01.0791 4820 k57nd60a - ok
20:52:01.0965 4820 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
20:52:01.0968 4820 kbdclass - ok
20:52:02.0098 4820 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
20:52:02.0108 4820 kbdhid - ok
20:52:02.0220 4820 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:52:02.0222 4820 KeyIso - ok
20:52:02.0372 4820 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
20:52:02.0375 4820 KSecDD - ok
20:52:02.0530 4820 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
20:52:02.0534 4820 KSecPkg - ok
20:52:02.0652 4820 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
20:52:02.0655 4820 ksthunk - ok
20:52:02.0749 4820 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
20:52:02.0759 4820 KtmRm - ok
20:52:02.0895 4820 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
20:52:02.0904 4820 LanmanServer - ok
20:52:03.0015 4820 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
20:52:03.0022 4820 LanmanWorkstation - ok
20:52:03.0118 4820 Lenovo ReadyComm AppSvc (4f83c51720243d6016e6ecd0f2e1b274) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
20:52:03.0138 4820 Lenovo ReadyComm AppSvc - ok
20:52:03.0239 4820 Lenovo ReadyComm ConnSvc (56688ee2c359bb14479b89a50358faa2) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
20:52:03.0258 4820 Lenovo ReadyComm ConnSvc - ok
20:52:03.0347 4820 LgBttPort - ok
20:52:03.0436 4820 lgbusenum - ok
20:52:03.0524 4820 LGVMODEM - ok
20:52:03.0643 4820 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
20:52:03.0646 4820 lltdio - ok
20:52:03.0740 4820 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
20:52:03.0749 4820 lltdsvc - ok
20:52:03.0844 4820 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
20:52:03.0846 4820 lmhosts - ok
20:52:03.0955 4820 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
20:52:03.0959 4820 LSI_FC - ok
20:52:04.0084 4820 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
20:52:04.0088 4820 LSI_SAS - ok
20:52:04.0193 4820 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:52:04.0197 4820 LSI_SAS2 - ok
20:52:04.0317 4820 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:52:04.0317 4820 LSI_SCSI - ok
20:52:04.0421 4820 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
20:52:04.0425 4820 luafv - ok
20:52:04.0458 4820 maconfservice - ok
20:52:04.0574 4820 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
20:52:04.0578 4820 Mcx2Svc - ok
20:52:04.0681 4820 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
20:52:04.0684 4820 megasas - ok
20:52:04.0803 4820 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
20:52:04.0809 4820 MegaSR - ok
20:52:04.0911 4820 Microsoft SharePoint Workspace Audit Service - ok
20:52:04.0997 4820 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:52:05.0002 4820 MMCSS - ok
20:52:05.0101 4820 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
20:52:05.0104 4820 Modem - ok
20:52:05.0193 4820 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
20:52:05.0196 4820 monitor - ok
20:52:05.0297 4820 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
20:52:05.0300 4820 mouclass - ok
20:52:05.0425 4820 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
20:52:05.0427 4820 mouhid - ok
20:52:05.0531 4820 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
20:52:05.0535 4820 mountmgr - ok
20:52:05.0638 4820 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
20:52:05.0642 4820 mpio - ok
20:52:05.0755 4820 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
20:52:05.0759 4820 mpsdrv - ok
20:52:05.0881 4820 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
20:52:05.0926 4820 MpsSvc - ok
20:52:06.0031 4820 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
20:52:06.0041 4820 MRxDAV - ok
20:52:06.0161 4820 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
20:52:06.0161 4820 mrxsmb - ok
20:52:06.0291 4820 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:52:06.0301 4820 mrxsmb10 - ok
20:52:06.0427 4820 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:52:06.0431 4820 mrxsmb20 - ok
20:52:06.0546 4820 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
20:52:06.0549 4820 msahci - ok
20:52:06.0669 4820 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
20:52:06.0673 4820 msdsm - ok
20:52:06.0779 4820 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
20:52:06.0785 4820 MSDTC - ok
20:52:06.0910 4820 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
20:52:06.0912 4820 Msfs - ok
20:52:07.0037 4820 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
20:52:07.0039 4820 mshidkmdf - ok
20:52:07.0136 4820 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
20:52:07.0138 4820 msisadrv - ok
20:52:07.0268 4820 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
20:52:07.0274 4820 MSiSCSI - ok
20:52:07.0343 4820 msiserver - ok
20:52:07.0469 4820 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
20:52:07.0471 4820 MSKSSRV - ok
20:52:07.0585 4820 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
20:52:07.0587 4820 MSPCLOCK - ok
20:52:07.0696 4820 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
20:52:07.0698 4820 MSPQM - ok
20:52:07.0824 4820 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
20:52:07.0833 4820 MsRPC - ok
20:52:07.0953 4820 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
20:52:07.0956 4820 mssmbios - ok
20:52:08.0082 4820 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
20:52:08.0085 4820 MSTEE - ok
20:52:08.0184 4820 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
20:52:08.0186 4820 MTConfig - ok
20:52:08.0299 4820 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
20:52:08.0302 4820 Mup - ok
20:52:08.0339 4820 NanoServiceMain - ok
20:52:08.0442 4820 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
20:52:08.0473 4820 napagent - ok
20:52:08.0692 4820 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
20:52:08.0700 4820 NativeWifiP - ok
20:52:08.0838 4820 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
20:52:08.0871 4820 NDIS - ok
20:52:08.0982 4820 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
20:52:08.0986 4820 NdisCap - ok
20:52:09.0112 4820 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
20:52:09.0114 4820 NdisTapi - ok
20:52:09.0265 4820 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
20:52:09.0268 4820 Ndisuio - ok
20:52:09.0380 4820 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
20:52:09.0385 4820 NdisWan - ok
20:52:09.0494 4820 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
20:52:09.0497 4820 NDProxy - ok
20:52:09.0619 4820 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
20:52:09.0623 4820 Net Driver HPZ12 - ok
20:52:09.0728 4820 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
20:52:09.0738 4820 NetBIOS - ok
20:52:09.0838 4820 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
20:52:09.0848 4820 NetBT - ok
20:52:09.0958 4820 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:52:09.0958 4820 Netlogon - ok
20:52:10.0078 4820 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
20:52:10.0088 4820 Netman - ok
20:52:10.0198 4820 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
20:52:10.0208 4820 netprofm - ok
20:52:10.0328 4820 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:52:10.0328 4820 NetTcpPortSharing - ok
20:52:10.0657 4820 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys
20:52:10.0815 4820 netw5v64 - ok
20:52:10.0937 4820 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
20:52:10.0940 4820 nfrd960 - ok
20:52:11.0060 4820 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
20:52:11.0068 4820 NlaSvc - ok
20:52:11.0165 4820 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
20:52:11.0168 4820 Npfs - ok
20:52:11.0269 4820 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
20:52:11.0273 4820 nsi - ok
20:52:11.0358 4820 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
20:52:11.0360 4820 nsiproxy - ok
20:52:11.0507 4820 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
20:52:11.0547 4820 Ntfs - ok
20:52:11.0656 4820 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
20:52:11.0658 4820 Null - ok
20:52:11.0791 4820 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\windows\system32\drivers\nvhda64v.sys
20:52:11.0793 4820 NVHDA - ok
20:52:12.0185 4820 nvlddmkm (ff02bae39d23bb74959f6f49bbd589d3) C:\windows\system32\DRIVERS\nvlddmkm.sys
20:52:12.0467 4820 nvlddmkm - ok
20:52:12.0603 4820 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
20:52:12.0607 4820 nvraid - ok
20:52:12.0651 4820 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
20:52:12.0651 4820 nvstor - ok
20:52:12.0766 4820 nvsvc (7c1ad7110624b1b546cdc752486ae9fa) C:\windows\system32\nvvsvc.exe
20:52:12.0776 4820 nvsvc - ok
20:52:12.0852 4820 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
20:52:12.0856 4820 nv_agp - ok
20:52:12.0900 4820 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
20:52:12.0903 4820 ohci1394 - ok
20:52:12.0990 4820 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:52:12.0994 4820 ose - ok
20:52:13.0174 4820 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:52:13.0308 4820 osppsvc - ok
20:52:13.0450 4820 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:52:13.0459 4820 p2pimsvc - ok
20:52:13.0534 4820 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
20:52:13.0553 4820 p2psvc - ok
20:52:13.0623 4820 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
20:52:13.0627 4820 Parport - ok
20:52:13.0678 4820 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
20:52:13.0681 4820 partmgr - ok
20:52:13.0725 4820 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
20:52:13.0732 4820 PcaSvc - ok
20:52:13.0784 4820 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
20:52:13.0789 4820 pci - ok
20:52:13.0811 4820 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
20:52:13.0813 4820 pciide - ok
20:52:13.0859 4820 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
20:52:13.0864 4820 pcmcia - ok
20:52:13.0923 4820 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
20:52:13.0926 4820 pcw - ok
20:52:13.0972 4820 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
20:52:13.0992 4820 PEAUTH - ok
20:52:14.0073 4820 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
20:52:14.0076 4820 PerfHost - ok
20:52:14.0186 4820 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
20:52:14.0230 4820 pla - ok
20:52:14.0325 4820 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
20:52:14.0335 4820 PlugPlay - ok
20:52:14.0407 4820 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
20:52:14.0410 4820 Pml Driver HPZ12 - ok
20:52:14.0467 4820 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
20:52:14.0470 4820 PNRPAutoReg - ok
20:52:14.0505 4820 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
20:52:14.0509 4820 PNRPsvc - ok
20:52:14.0564 4820 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
20:52:14.0581 4820 PolicyAgent - ok
20:52:14.0631 4820 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
20:52:14.0636 4820 Power - ok
20:52:14.0710 4820 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
20:52:14.0712 4820 PptpMiniport - ok
20:52:14.0756 4820 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
20:52:14.0758 4820 Processor - ok
20:52:14.0821 4820 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
20:52:14.0829 4820 ProfSvc - ok
20:52:14.0883 4820 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:52:14.0886 4820 ProtectedStorage - ok
20:52:14.0953 4820 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
20:52:14.0957 4820 Psched - ok
20:52:15.0034 4820 PSINAflt (7725fbe263cec9e97c6e4fde8216d347) C:\windows\system32\DRIVERS\PSINAflt.sys
20:52:15.0038 4820 PSINAflt - ok
20:52:15.0095 4820 PSINFile (74e582bbb342c638519fcc3f4c33c502) C:\windows\system32\DRIVERS\PSINFile.sys
20:52:15.0099 4820 PSINFile - ok
20:52:15.0162 4820 PSINKNC (33bce8fd3eefe03706c053b521e7f2a0) C:\windows\system32\DRIVERS\psinknc.sys
20:52:15.0167 4820 PSINKNC - ok
20:52:15.0216 4820 PSINProc (072d67c72e7c6600812da9defc89c265) C:\windows\system32\DRIVERS\PSINProc.sys
20:52:15.0219 4820 PSINProc - ok
20:52:15.0245 4820 PS_MDP - ok
20:52:15.0346 4820 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
20:52:15.0393 4820 ql2300 - ok
20:52:15.0437 4820 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
20:52:15.0439 4820 ql40xx - ok
20:52:15.0492 4820 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
20:52:15.0500 4820 QWAVE - ok
20:52:15.0540 4820 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
20:52:15.0543 4820 QWAVEdrv - ok
20:52:15.0580 4820 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
20:52:15.0582 4820 RasAcd - ok
20:52:15.0611 4820 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
20:52:15.0613 4820 RasAgileVpn - ok
20:52:15.0635 4820 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
20:52:15.0639 4820 RasAuto - ok
20:52:15.0695 4820 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
20:52:15.0698 4820 Rasl2tp - ok
20:52:15.0739 4820 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
20:52:15.0754 4820 RasMan - ok
20:52:15.0810 4820 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
20:52:15.0814 4820 RasPppoe - ok
20:52:15.0866 4820 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
20:52:15.0870 4820 RasSstp - ok
20:52:15.0935 4820 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
20:52:15.0941 4820 rdbss - ok
20:52:15.0961 4820 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
20:52:15.0963 4820 rdpbus - ok
20:52:15.0992 4820 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
20:52:15.0994 4820 RDPCDD - ok
20:52:16.0028 4820 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
20:52:16.0030 4820 RDPENCDD - ok
20:52:16.0069 4820 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
20:52:16.0071 4820 RDPREFMP - ok
20:52:16.0122 4820 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
20:52:16.0126 4820 RDPWD - ok
20:52:16.0191 4820 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
20:52:16.0196 4820 rdyboost - ok
20:52:16.0233 4820 ReadyComm.DirectRouter - ok
20:52:16.0317 4820 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
20:52:16.0322 4820 RemoteAccess - ok
20:52:16.0365 4820 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
20:52:16.0371 4820 RemoteRegistry - ok
20:52:16.0452 4820 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
20:52:16.0456 4820 RFCOMM - ok
20:52:16.0524 4820 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\windows\system32\Drivers\RimUsb_AMD64.sys
20:52:16.0526 4820 RimUsb - ok
20:52:16.0586 4820 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
20:52:16.0587 4820 RimVSerPort - ok
20:52:16.0602 4820 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\windows\system32\Drivers\RootMdm.sys
20:52:16.0604 4820 ROOTMODEM - ok
20:52:16.0657 4820 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
20:52:16.0660 4820 RpcEptMapper - ok
20:52:16.0692 4820 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
20:52:16.0694 4820 RpcLocator - ok
20:52:16.0748 4820 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
20:52:16.0754 4820 RpcSs - ok
20:52:16.0810 4820 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
20:52:16.0826 4820 rspndr - ok
20:52:16.0879 4820 RSUSBSTOR (8c22f21c924413d4e109995f748e18bb) C:\windows\system32\Drivers\RtsUStor.sys
20:52:16.0884 4820 RSUSBSTOR - ok
20:52:16.0918 4820 RtsUIR - ok
20:52:16.0971 4820 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:52:16.0974 4820 SamSs - ok
20:52:17.0047 4820 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
20:52:17.0051 4820 sbp2port - ok
20:52:17.0081 4820 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
20:52:17.0089 4820 SCardSvr - ok
20:52:17.0133 4820 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
20:52:17.0136 4820 scfilter - ok
20:52:17.0198 4820 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
20:52:17.0247 4820 Schedule - ok
20:52:17.0288 4820 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
20:52:17.0291 4820 SCPolicySvc - ok
20:52:17.0349 4820 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
20:52:17.0356 4820 SDRSVC - ok
20:52:17.0469 4820 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:52:17.0473 4820 SeaPort - ok
20:52:17.0546 4820 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
20:52:17.0549 4820 secdrv - ok
20:52:17.0602 4820 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
20:52:17.0606 4820 seclogon - ok
20:52:17.0645 4820 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
20:52:17.0650 4820 SENS - ok
20:52:17.0693 4820 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
20:52:17.0696 4820 SensrSvc - ok
20:52:17.0736 4820 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
20:52:17.0737 4820 Serenum - ok
20:52:17.0774 4820 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
20:52:17.0777 4820 Serial - ok
20:52:17.0822 4820 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
20:52:17.0824 4820 sermouse - ok
20:52:17.0879 4820 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
20:52:17.0885 4820 SessionEnv - ok
20:52:17.0936 4820 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
20:52:17.0938 4820 sffdisk - ok
20:52:17.0959 4820 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
20:52:17.0961 4820 sffp_mmc - ok
20:52:17.0984 4820 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
20:52:17.0986 4820 sffp_sd - ok
20:52:18.0027 4820 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
20:52:18.0030 4820 sfloppy - ok
20:52:18.0090 4820 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
20:52:18.0099 4820 SharedAccess - ok
20:52:18.0156 4820 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
20:52:18.0178 4820 ShellHWDetection - ok
20:52:18.0243 4820 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:52:18.0246 4820 SiSRaid2 - ok
20:52:18.0305 4820 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
20:52:18.0308 4820 SiSRaid4 - ok
20:52:18.0363 4820 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
20:52:18.0367 4820 Smb - ok
20:52:18.0464 4820 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
20:52:18.0468 4820 SNMPTRAP - ok
20:52:18.0487 4820 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
20:52:18.0489 4820 spldr - ok
20:52:18.0565 4820 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
20:52:18.0586 4820 Spooler - ok
20:52:18.0722 4820 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
20:52:18.0808 4820 sppsvc - ok
20:52:18.0847 4820 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
20:52:18.0851 4820 sppuinotify - ok
20:52:18.0925 4820 SQLWriter (d63fc56c7c3f9b576bc25f617e3f7963) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:52:18.0925 4820 SQLWriter - ok
20:52:19.0005 4820 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
20:52:19.0024 4820 srv - ok
20:52:19.0085 4820 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
20:52:19.0095 4820 srv2 - ok
20:52:19.0147 4820 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
20:52:19.0152 4820 srvnet - ok
20:52:19.0202 4820 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
20:52:19.0209 4820 SSDPSRV - ok
20:52:19.0227 4820 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
20:52:19.0230 4820 SstpSvc - ok
20:52:19.0260 4820 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
20:52:19.0262 4820 stexstor - ok
20:52:19.0328 4820 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
20:52:19.0351 4820 stisvc - ok
20:52:19.0396 4820 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
20:52:19.0399 4820 swenum - ok
20:52:19.0443 4820 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
20:52:19.0464 4820 swprv - ok
20:52:19.0565 4820 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
20:52:19.0628 4820 SysMain - ok
20:52:19.0680 4820 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
20:52:19.0684 4820 TabletInputService - ok
20:52:19.0729 4820 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
20:52:19.0736 4820 TapiSrv - ok
20:52:19.0769 4820 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
20:52:19.0773 4820 TBS - ok
20:52:19.0861 4820 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
20:52:19.0910 4820 Tcpip - ok
20:52:19.0956 4820 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
20:52:19.0968 4820 TCPIP6 - ok
20:52:20.0015 4820 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
20:52:20.0015 4820 tcpipreg - ok
20:52:20.0055 4820 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
20:52:20.0055 4820 TDPIPE - ok
20:52:20.0085 4820 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
20:52:20.0085 4820 TDTCP - ok
20:52:20.0145 4820 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
20:52:20.0145 4820 tdx - ok
20:52:20.0195 4820 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
20:52:20.0205 4820 TermDD - ok
20:52:20.0235 4820 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
20:52:20.0265 4820 TermService - ok
20:52:20.0305 4820 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
20:52:20.0305 4820 Themes - ok
20:52:20.0355 4820 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
20:52:20.0365 4820 THREADORDER - ok
20:52:20.0395 4820 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
20:52:20.0405 4820 TrkWks - ok
20:52:20.0455 4820 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
20:52:20.0455 4820 TrustedInstaller - ok
20:52:20.0555 4820 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
20:52:20.0555 4820 tssecsrv - ok
20:52:20.0615 4820 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
20:52:20.0615 4820 TsUsbFlt - ok
20:52:20.0699 4820 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
20:52:20.0703 4820 tunnel - ok
20:52:20.0744 4820 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
20:52:20.0750 4820 uagp35 - ok
20:52:20.0810 4820 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
20:52:20.0817 4820 udfs - ok
20:52:20.0855 4820 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
20:52:20.0858 4820 UI0Detect - ok
20:52:20.0914 4820 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
20:52:20.0917 4820 uliagpkx - ok
20:52:20.0972 4820 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
20:52:20.0974 4820 umbus - ok
20:52:21.0003 4820 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
20:52:21.0005 4820 UmPass - ok
20:52:21.0035 4820 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
20:52:21.0044 4820 upnphost - ok
20:52:21.0078 4820 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
20:52:21.0081 4820 usbccgp - ok
20:52:21.0091 4820 USBCCID - ok
20:52:21.0154 4820 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
20:52:21.0157 4820 usbcir - ok
20:52:21.0181 4820 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
20:52:21.0184 4820 usbehci - ok
20:52:21.0234 4820 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
20:52:21.0242 4820 usbhub - ok
20:52:21.0278 4820 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys
20:52:21.0280 4820 usbohci - ok
20:52:21.0317 4820 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
20:52:21.0319 4820 usbprint - ok
20:52:21.0371 4820 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
20:52:21.0373 4820 usbscan - ok
20:52:21.0413 4820 usbsmi (8df9a1f5c0a7c24149cbe91fc5da029a) C:\windows\system32\DRIVERS\SMIksdrv.sys
20:52:21.0419 4820 usbsmi - ok
20:52:21.0459 4820 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:52:21.0463 4820 USBSTOR - ok
20:52:21.0497 4820 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
20:52:21.0499 4820 usbuhci - ok
20:52:21.0563 4820 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
20:52:21.0568 4820 usbvideo - ok
20:52:21.0599 4820 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
20:52:21.0604 4820 UxSms - ok
20:52:21.0635 4820 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
20:52:21.0645 4820 VaultSvc - ok
20:52:21.0695 4820 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
20:52:21.0695 4820 vdrvroot - ok
20:52:21.0745 4820 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
20:52:21.0765 4820 vds - ok
20:52:21.0815 4820 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
20:52:21.0815 4820 vga - ok
20:52:21.0835 4820 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
20:52:21.0835 4820 VgaSave - ok
20:52:21.0891 4820 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
20:52:21.0897 4820 vhdmp - ok
20:52:21.0943 4820 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
20:52:21.0946 4820 viaide - ok
20:52:21.0995 4820 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
20:52:21.0998 4820 volmgr - ok
20:52:22.0047 4820 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
20:52:22.0067 4820 volmgrx - ok
20:52:22.0093 4820 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
20:52:22.0100 4820 volsnap - ok
20:52:22.0150 4820 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
20:52:22.0155 4820 vsmraid - ok
20:52:22.0251 4820 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
20:52:22.0343 4820 VSS - ok
20:52:22.0383 4820 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
20:52:22.0386 4820 vwifibus - ok
20:52:22.0424 4820 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
20:52:22.0428 4820 vwififlt - ok
20:52:22.0463 4820 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
20:52:22.0464 4820 vwifimp - ok
20:52:22.0512 4820 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
20:52:22.0520 4820 W32Time - ok
20:52:22.0565 4820 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
20:52:22.0567 4820 WacomPen - ok
20:52:22.0632 4820 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:52:22.0636 4820 WANARP - ok
20:52:22.0654 4820 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:52:22.0657 4820 Wanarpv6 - ok
20:52:22.0722 4820 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
20:52:22.0768 4820 WatAdminSvc - ok
20:52:22.0858 4820 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
20:52:22.0920 4820 wbengine - ok
20:52:22.0956 4820 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
20:52:22.0966 4820 WbioSrvc - ok
20:52:23.0023 4820 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
20:52:23.0043 4820 wcncsvc - ok
20:52:23.0061 4820 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
20:52:23.0066 4820 WcsPlugInService - ok
20:52:23.0116 4820 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
20:52:23.0118 4820 Wd - ok
20:52:23.0169 4820 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
20:52:23.0189 4820 Wdf01000 - ok
20:52:23.0218 4820 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:52:23.0224 4820 WdiServiceHost - ok
20:52:23.0229 4820 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
20:52:23.0235 4820 WdiSystemHost - ok
20:52:23.0279 4820 wdmirror (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys
20:52:23.0281 4820 wdmirror - ok
20:52:23.0338 4820 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
20:52:23.0347 4820 WebClient - ok
20:52:23.0377 4820 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
20:52:23.0382 4820 Wecsvc - ok
20:52:23.0404 4820 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
20:52:23.0408 4820 wercplsupport - ok
20:52:23.0440 4820 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
20:52:23.0443 4820 WerSvc - ok
20:52:23.0516 4820 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
20:52:23.0518 4820 WfpLwf - ok
20:52:23.0565 4820 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
20:52:23.0569 4820 WimFltr - ok
20:52:23.0588 4820 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
20:52:23.0590 4820 WIMMount - ok
20:52:23.0631 4820 WinDefend - ok
20:52:23.0640 4820 WinHttpAutoProxySvc - ok
20:52:23.0726 4820 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
20:52:23.0732 4820 Winmgmt - ok
20:52:23.0835 4820 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
20:52:23.0904 4820 WinRM - ok
20:52:24.0002 4820 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
20:52:24.0004 4820 WinUsb - ok
20:52:24.0061 4820 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
20:52:24.0095 4820 Wlansvc - ok
20:52:24.0250 4820 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:52:24.0350 4820 wlidsvc - ok
20:52:24.0458 4820 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
20:52:24.0461 4820 WmiAcpi - ok
20:52:24.0550 4820 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
20:52:24.0555 4820 wmiApSrv - ok
20:52:24.0595 4820 WMPNetworkSvc - ok
20:52:24.0640 4820 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
20:52:24.0645 4820 WPCSvc - ok
20:52:24.0694 4820 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
20:52:24.0700 4820 WPDBusEnum - ok
20:52:24.0760 4820 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
20:52:24.0763 4820 ws2ifsl - ok
20:52:24.0785 4820 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
20:52:24.0789 4820 wscsvc - ok
20:52:24.0798 4820 WSearch - ok
20:52:24.0846 4820 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
20:52:24.0850 4820 wsvd - ok
20:52:24.0951 4820 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
20:52:25.0030 4820 wuauserv - ok
20:52:25.0078 4820 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
20:52:25.0082 4820 WudfPf - ok
20:52:25.0131 4820 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
20:52:25.0136 4820 WUDFRd - ok
20:52:25.0183 4820 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
20:52:25.0187 4820 wudfsvc - ok
20:52:25.0234 4820 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
20:52:25.0241 4820 WwanSvc - ok
20:52:25.0295 4820 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:52:25.0310 4820 \Device\Harddisk0\DR0 - ok
20:52:25.0314 4820 Boot (0x1200) (4fc8fa4badc4dfce745d496ed386fe9d) \Device\Harddisk0\DR0\Partition0
20:52:25.0315 4820 \Device\Harddisk0\DR0\Partition0 - ok
20:52:25.0328 4820 Boot (0x1200) (6f35dd8c2b38f9cdecd8f8ede023d052) \Device\Harddisk0\DR0\Partition1
20:52:25.0330 4820 \Device\Harddisk0\DR0\Partition1 - ok
20:52:25.0357 4820 Boot (0x1200) (f10a07ef316da554c548d3a020153851) \Device\Harddisk0\DR0\Partition2
20:52:25.0358 4820 \Device\Harddisk0\DR0\Partition2 - ok
20:52:25.0359 4820 ============================================================
20:52:25.0359 4820 Scan finished
20:52:25.0359 4820 ============================================================
20:52:25.0370 5336 Detected object count: 0
20:52:25.0370 5336 Actual detected object count: 0

Edited by Mriiadelmar, 05 April 2012 - 09:20 PM.


#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:03 AM

Posted 05 April 2012 - 09:25 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::
KillAll::

FireFox::
FF - ProfilePath - c:\users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18776
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com/mb119?a=6OywHtUUIv&i=26
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OywHtUUIv&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 629418cc0000000000000026822fe388
FF - user.js: extensions.incredibar_i.instlDay - 15423
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:49
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef - 
FF - user.js: extensions.incredibar_i.dfltLng - 
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id - 
FF - user.js: extensions.incredibar_i.upn2 - 6OywHtUUIv
FF - user.js: extensions.incredibar_i.upn2n - 92261116896765783
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10606
FF - user.js: extensions.incredibar_i.ppd - 85%5F2

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Mriiadelmar

Mriiadelmar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 06 April 2012 - 12:16 AM

Hi,

The computer is running better as I got the scroll back. Combofix had to reboot the PC and when I tried to post the log I couldn't open any browser. I got the same message with the three of them (IE, Firefoz, Chrome): The program is associated with a Registry Key marked for elimination and asked me if I wanted to delete it. I said no and rebooted the PC again.

After the second reboot the PC continues to work well as it's not slow. I could open the three browsers but I get the cannot reach the website message a couple of times, like it couldn't stay connected to the internet. But I know it is because the network icon shows me a good connection and signal. The worst one was Firefox, I had to disable and eliminate several complements (none that I wanted to keep, like babylon bar, codec-c and zotero.)

I got two windows when I did the second reboot.
One telling me that USB Security disk couldn't load because the file MCF800.dll was missing.
The other one didn't have a name so I couldn't associate it to any program. It said: runtime error 2 at 00004AD4

I still get the Ad box when using Google in Chrome. No ad, just the white box and close button the window shows me it's waiting for ad.yieldmanager.com

I had to this report in Notepad first because of the problems with the internet connection and the browsers.

Here is the log:
ComboFix 12-04-05.06 - Maria del Mar 05/04/2012 23:17:12.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.57.3082.18.4061.2339 [GMT -5:00]
Running from: c:\users\Maria del Mar\Desktop\ComboFix.exe
Command switches used :: c:\users\Maria del Mar\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infected copy of c:\windows\SysWow64\kernel32.dll was found and disinfected
Restored copy from - c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-06 to 2012-04-06 )))))))))))))))))))))))))))))))
.
.
2012-04-06 04:24 . 2012-04-06 04:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-06 04:24 . 2012-04-06 04:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-06 04:24 . 2012-04-06 04:24 -------- d-----w- c:\users\AppData\AppData\Local\temp
2012-04-03 18:50 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{905FBBBC-93B5-4A48-AE30-0EEC09468DD0}\mpengine.dll
2012-04-03 17:52 . 2012-04-03 17:52 8767136 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-03 17:31 . 2012-04-03 17:52 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-24 01:50 . 2012-03-24 01:50 -------- d-----w- c:\programdata\Premium
2012-03-24 01:49 . 2012-03-24 01:49 453 ----a-w- C:\user.js
2012-03-24 01:48 . 2012-03-24 01:48 -------- d-----w- C:\codec-info
2012-03-24 01:48 . 2012-03-24 01:50 -------- d-----w- c:\programdata\InstallMate
2012-03-18 20:00 . 2012-03-18 20:00 -------- d-----w- c:\users\Maria del Mar\AppData\Roaming\Media Get LLC
2012-03-18 20:00 . 2012-03-18 20:00 -------- d-----w- c:\programdata\Media Get LLC
2012-03-18 19:15 . 2012-03-18 19:21 -------- d-----w- C:\LGP970H
2012-03-18 18:30 . 2012-03-18 19:57 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer
2012-03-18 18:16 . 2012-03-18 19:59 -------- d-----w- c:\users\Maria del Mar\AppData\Local\LG Electronics
2012-03-18 18:15 . 2012-03-18 18:15 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-18 17:47 . 2011-05-10 18:37 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll
2012-03-18 17:47 . 2011-05-10 18:37 568832 ----a-w- c:\windows\SysWow64\msvcp90.dll
2012-03-18 17:47 . 2011-05-10 18:37 224768 ----a-w- c:\windows\SysWow64\msvcm90.dll
2012-03-18 17:46 . 2006-05-04 13:33 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll
2012-03-18 17:46 . 2005-10-04 06:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2012-03-18 17:46 . 2012-03-18 17:47 -------- d-----w- c:\programdata\LGMOBILEAX
2012-03-18 17:40 . 2012-03-18 19:59 -------- d-----w- c:\program files (x86)\LG Electronics
2012-03-16 04:34 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-16 04:34 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-16 04:34 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 01:10 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 01:10 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 01:09 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 19:32 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 19:32 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 19:32 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 19:32 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 19:32 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 19:32 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 19:32 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-09 05:06 . 2012-03-09 05:17 -------- d-----w- c:\programdata\ADInstruments
2012-03-09 05:06 . 2012-03-09 05:06 -------- d-----w- c:\users\Maria del Mar\AppData\Roaming\ADInstruments
2012-03-09 05:06 . 2012-03-09 05:06 -------- d-----w- c:\program files (x86)\Common Files\ADInstruments
2012-03-09 05:06 . 2012-03-09 05:06 -------- d-----w- c:\program files (x86)\ADInstruments
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-03 17:52 . 2011-06-04 02:48 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 14:18 . 2010-01-18 02:52 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-05_17.52.47 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-04-05 17:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-06 04:27 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-06 04:27 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-05 17:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-05 17:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-06 04:27 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-03 05:32 . 2012-04-06 04:27 60948 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-06 04:27 56266 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-24 00:00 . 2012-04-06 04:27 15808 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4254279623-98128295-3263468077-1004_UserData.bin
+ 2012-04-06 04:25 . 2012-04-06 04:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-03 17:27 . 2012-04-03 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-06 04:25 . 2012-04-06 04:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-03 17:27 . 2012-04-03 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-24 18:28 . 2012-04-06 01:09 287964 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2012-04-06 04:24 450556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-04-03 17:26 450556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-27 14:25 . 2011-07-16 04:49 1114112 c:\windows\SysWOW64\kernel32.dll
- 2011-08-27 14:25 . 2011-07-16 04:24 1114112 c:\windows\SysWOW64\kernel32.dll
- 2010-08-12 12:25 . 2012-04-03 17:27 6010934 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-8192.dat
+ 2010-08-12 12:25 . 2012-04-06 04:24 6010934 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-8192.dat
+ 2011-07-06 20:20 . 2012-04-06 04:24 4662416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-4096.dat
- 2011-03-31 12:22 . 2012-01-12 14:56 1250284 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-12288.dat
+ 2011-03-31 12:22 . 2012-04-06 04:24 1250284 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4254279623-98128295-3263468077-1004-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Facebook Update"="c:\users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-07-14 137536]
"MediaGet2"="c:\users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe" [2012-03-18 8109800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2009-10-04 3122440]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-07 801792]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"USB Security"="c:\program files (x86)\USB Disk Security\USBGuard.exe" [2011-10-22 623520]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
.
c:\users\Maria del Mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Recorte de pantalla y Selector de OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NanoServiceMain;NanoServiceMain;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 253600]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [x]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S1 aswSP;aswSP; [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 funfrm;funfrm; [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 17:52]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Pending Delete Icon]
@="{0847B599-9191-4A27-BD61-DE11598D3B1B}"
[HKEY_CLASSES_ROOT\CLSID\{0847B599-9191-4A27-BD61-DE11598D3B1B}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-10-04 23:25 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 235520]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mystart.incredibar.com/mb119?a=6OywHtUUIv&i=26
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://startsear.ch/?aff=1&cf=efd4301f-479d-11e1-99da-002622c7103e
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title =
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Enviar a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página al dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\
FF - prefs.js: browser.search.selectedEngine - Plus! Network
FF - prefs.js: keyword.URL - hxxp://www.plusnetwork.com/?sp=addr&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2012-04-05 23:31:14 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-06 04:31
ComboFix2.txt 2012-04-05 17:55
ComboFix3.txt 2011-11-19 15:10
.
Pre-Run: 96.623.177.728 bytes libres
Post-Run: 96.680.448.000 bytes libres
.
- - End Of File - - 1648D627CF5C7BA34E503AFCAF3906A4

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:03 AM

Posted 06 April 2012 - 12:40 AM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Mriiadelmar

Mriiadelmar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 06 April 2012 - 01:53 PM

Hi,

The Ads ae back. They were just taking longer to load. Crazy thing happened to my last night. I got Windows to tell me a program wasn't installed correctly. It's a program I haven't downloaded nor tried to install. I haven't done anything to that window. It's just asking me if it was installed correctly or if it should try to repair it. The program is IMinentToolbarInstallerFF.exe

This is the log:


OTL logfile created on: 06/04/2012 13:40:10 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Maria del Mar\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: Colombia | Language: ESO | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,39% Memory free
7,93 Gb Paging File | 5,86 Gb Available in Paging File | 73,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 252,89 Gb Total Space | 88,97 Gb Free Space | 35,18% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 29,08 Gb Free Space | 96,16% Space Free | Partition Type: NTFS

Computer Name: MARIADELMAR-PC | User Name: Maria del Mar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Maria del Mar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
PRC - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
PRC - C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtWebKit4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\libvlccore.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\libvlc.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\47e25ae9163f4624a66f99ede0ea98fe\System.Configuration.Install.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a595aa31f93ed043fd02ec9d8ff40b32\System.Web.Services.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3fccda0d4dd150a217c2798e39e97a48\System.EnterpriseServices.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e8dfbd1334d30a08ce1f2df29ca9aff\System.Transactions.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll ()
MOD - C:\Program Files (x86)\Iminent\System.Data.SQLite.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Workflow.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Windows.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Services.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Booster.UI.dll ()
MOD - C:\Program Files (x86)\Iminent\es\Iminent.Booster.UI.resources.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtCore4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\imageformats\qmng4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\imageformats\qgif4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\imageformats\qjpeg4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtGui4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtNetwork4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtXml4.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_es_b77a5c561934e089\SMDiagnostics.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_es_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()
MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll ()
MOD - C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (avast! Web Scanner) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (Lenovo ReadyComm ConnSvc) -- C:\Archivos de programa\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)
SRV - (Lenovo ReadyComm AppSvc) -- C:\Archivos de programa\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)
SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)
SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)
SRV - (btwdins) -- C:\Archivos de programa\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (SQLWriter) -- c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (ALWIL Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (ALWIL Software)
DRV:64bit: - (aswRdr) -- C:\windows\SysNative\drivers\aswRdr.sys (ALWIL Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (ALWIL Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (ALWIL Software)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET)
DRV:64bit: - (PSINAflt) -- C:\Windows\SysNative\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV:64bit: - (PSINProc) -- C:\Windows\SysNative\drivers\PSINProc.sys (Panda Security, S.L.)
DRV:64bit: - (PSINKNC) -- C:\Windows\SysNative\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV:64bit: - (PSINFile) -- C:\Windows\SysNative\drivers\PSINFile.sys (Panda Security, S.L.)
DRV:64bit: - (funfrm) -- C:\windows\SysNative\drivers\funfrm.sys ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)
DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (usbsmi) -- C:\Windows\SysNative\drivers\SMIksdrv.sys (SMI)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) Broadcom NetLink ™ -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=efd4301f-479d-11e1-99da-002622c7103e
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKLM\..\SearchScopes\{03E5DDA4-BBD9-48CC-B3B5-4E41611979FC}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{03E5DDA4-BBD9-48CC-B3B5-4E41611979FC}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=efd4301f-479d-11e1-99da-002622c7103e&q={searchTerms}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18776
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.com/?sp=brw&q={searchTerms}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{570B070E-FE25-4C10-992B-E8DB5B6E8897}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcrchTerms}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6OywHtUUIv&i=26
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {a3a5c777-f583-4fef-9380-ab4add1bc2a8}:2.0.1
FF - prefs.js..keyword.URL: "http://www.plusnetwork.com/?sp=addr&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Maria del Mar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maria del Mar\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maria del Mar\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/10 16:10:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/06 01:44:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/18 15:01:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/04 23:51:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/10 16:10:42 | 000,000,000 | ---D | M]

[2011/02/07 17:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria del Mar\AppData\Roaming\mozilla\Extensions
[2012/04/06 01:52:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria del Mar\AppData\Roaming\mozilla\Firefox\Profiles\ub5ju6zi.default\extensions
[2012/03/18 14:23:11 | 000,002,244 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\Messenger Plus Smartbar Search.xml
[2012/03/23 20:49:37 | 000,002,203 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\MyStart Search.xml
[2012/04/01 10:48:57 | 000,002,770 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\Plusnetwork.xml
[2012/01/25 16:46:05 | 000,000,792 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\startsear.xml
[2011/12/20 14:30:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/12/15 14:35:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/02/21 20:07:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/11/11 12:00:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012/04/06 01:44:24 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
() (No name found) -- C:\USERS\MARIA DEL MAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UB5JU6ZI.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
[2011/09/13 13:23:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/03 04:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2011/07/08 22:55:19 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/09/13 13:23:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/13 13:23:35 | 000,003,996 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
[2011/09/13 13:23:35 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
[2011/12/23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
[2011/09/13 13:23:35 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
[2011/09/13 13:23:35 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: (Enabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmidecaaklaaadhjgbkjkigonkfbgnik\1.0\chromeNPAPI.dll
CHR - plugin: Skype Toolbars (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Maria del Mar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Maria del Mar\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Bouncy Mouse = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\
CHR - Extension: Mira Game of Thrones = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplehagehojnbajhfcoegeikbgnmeejd\2.0_0\
CHR - Extension: Mira Game of Thrones = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplehagehojnbajhfcoegeikbgnmeejd\2.0_0\.svn\props\.svn-work
CHR - Extension: Ver Pelis = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgdbmfpppnbipimciokjglgenjkilnjj\3.1_0\
CHR - Extension: Plants vs Zombies = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Moviezet - Reproductor Online = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbbibfepcgejjpfhhdaljoambheglohl\2.1_0\
CHR - Extension: AT_CharlotteRonson = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen\3\
CHR - Extension: Cuevana Stream = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj\4.1_1\
CHR - Extension: Cuevana Stream = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj\4.1_1\.svn\props\.svn-work

O1 HOSTS File: ([2012/04/05 23:25:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (no name) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe (Zbshareware Lab)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004..\Run: [Facebook Update] C:\Users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004..\Run: [MediaGet2] C:\Users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{148D7B6D-D88E-42F3-AB3F-D42D25783E46}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC7BB24D-3735-4F18-8A02-B2890B1F6E95}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/06 13:35:22 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Maria del Mar\Desktop\OTL.exe
[2012/04/06 01:48:19 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\DDMSettings
[2012/04/06 01:44:10 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\DivX
[2012/04/06 01:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/04/06 01:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/04/06 01:42:27 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{73536923-016E-46D7-A5CC-4DF8CB4B936B}
[2012/04/06 01:42:03 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{6A857D5B-F2A1-4D50-A4D2-7BF8C612EBB7}
[2012/04/06 01:41:45 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\Iminent
[2012/04/06 01:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2012/04/06 01:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2012/04/06 01:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2012/04/06 01:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012/04/06 01:38:39 | 000,927,072 | ---- | C] (DivX, LLC) -- C:\Users\Maria del Mar\Desktop\DivXInstaller.exe
[2012/04/06 01:38:39 | 000,825,312 | ---- | C] (Iminent) -- C:\Users\Maria del Mar\Desktop\IminentSetup_2-KFRPtAWP-1_.exe
[2012/04/06 00:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/04/05 23:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
[2012/04/05 23:25:51 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/04/05 20:49:55 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Maria del Mar\Desktop\aswMBR.exe
[2012/04/05 20:49:14 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Maria del Mar\Desktop\tdsskiller.exe
[2012/04/05 12:43:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/05 12:43:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/04/05 12:33:17 | 004,449,976 | R--- | C] (Swearware) -- C:\Users\Maria del Mar\Desktop\ComboFix.exe
[2012/04/03 12:52:39 | 008,767,136 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/03 12:31:23 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/04/03 12:30:37 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{2F171652-0948-4A8F-B581-A20B2DC8D215}
[2012/04/03 12:29:55 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{F43980EF-ED1E-436A-A6DF-365CB538AED6}
[2012/03/24 19:15:15 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{79577BE7-2052-4E42-AF78-A9961BD6F9E7}
[2012/03/24 19:15:04 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{1ECEE723-24C1-4DEB-92F7-0EA42069EC4B}
[2012/03/23 21:21:52 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{A9C26491-2191-47A1-B76E-20E85E9653AE}
[2012/03/23 21:21:41 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{6760B057-BA08-41B1-AD24-94E718107506}
[2012/03/23 20:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/03/23 20:48:54 | 000,000,000 | ---D | C] -- C:\codec-info
[2012/03/23 20:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/03/23 09:21:28 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{86B845EE-4BC0-45FB-B58F-02AC31DA489F}
[2012/03/22 21:17:57 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{E381DA20-E403-4D1F-B302-9BB326F50595}
[2012/03/22 21:17:34 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{78F15DBE-80A4-4784-856A-2F6E63938FFC}
[2012/03/18 15:00:51 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\Media Get LLC
[2012/03/18 15:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2012/03/18 14:15:49 | 000,000,000 | ---D | C] -- C:\LGP970H
[2012/03/18 13:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer
[2012/03/18 13:24:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{B060BE77-E38F-483B-B96A-33F2A0D485B1}
[2012/03/18 13:24:23 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{37233BB0-15FE-468A-883D-D8CA50DF9F45}
[2012/03/18 13:16:22 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\Documents\LG PC Suite IV
[2012/03/18 13:16:22 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\LG Electronics
[2012/03/18 13:15:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/03/18 12:47:02 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr90.dll
[2012/03/18 12:47:02 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp90.dll
[2012/03/18 12:47:02 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcm90.dll
[2012/03/18 12:46:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml4a.dll
[2012/03/18 12:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2012/03/18 12:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2012/03/17 23:55:58 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{7EDB78E5-1BC1-4060-8291-5227B6E978F6}
[2012/03/16 17:47:48 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{FF4DEAC3-48CF-4980-9C6E-ED3370D13F07}
[2012/03/16 17:47:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{B0729520-5E05-4120-9862-6FD906343992}
[2012/03/16 09:50:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\Documents\Blocs de notas de OneNote
[2012/03/15 23:34:04 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/03/15 23:34:03 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/03/15 23:34:03 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/03/15 23:29:58 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{38D10A2B-7705-4112-9912-FBB4AC7F6D32}
[2012/03/15 23:29:42 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{88B462BC-8EF3-4F65-B329-F4AEF7D85D6B}
[2012/03/13 20:10:00 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/03/13 14:32:28 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/03/13 14:32:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/03/13 14:32:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/03/13 14:32:27 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/03/13 14:32:26 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/03/13 14:19:53 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{AF363254-2A5D-46E6-A5C9-E243CFA83B47}
[2012/03/12 23:33:00 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{127BF962-544F-4F30-983D-DEAC41C4005A}
[2012/03/12 23:32:47 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{BD99080F-78D5-4B2B-B104-025F05EE29D7}
[2012/03/12 00:43:53 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\Documents\Fotos
[2012/03/11 21:05:58 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{22BB218C-D3CD-4D64-8B68-FB0DE576CA31}
[2012/03/11 21:05:47 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{96F48225-28B6-459D-AFAE-14EAE5EA0ABC}
[2012/03/11 09:05:21 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{E39E857B-0171-4866-832A-D34B0E2CF0B5}
[2012/03/11 09:05:10 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{B94C614A-E635-4393-83EA-249EEB744A96}
[2012/03/10 13:21:59 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{A462750F-B589-4BE0-828B-B3A805092849}
[2012/03/10 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{59F614D5-D10B-4CC8-8EF0-EFE06E700DDA}
[2012/03/10 01:21:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{6A18BCA0-8F32-4449-B5C4-167EC2277947}
[2012/03/10 01:21:25 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{85B9B03E-937D-4FD5-8AE3-72C11D7639B4}
[2012/03/09 00:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ADInstruments
[2012/03/09 00:06:20 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\ADInstruments
[2012/03/09 00:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ADInstruments
[2012/03/09 00:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ADInstruments
[2012/03/08 23:23:10 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{01F8FFC3-56AB-4930-B4EF-E2A8BC17B09F}
[2012/03/08 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{F73FA1AC-0FC0-4DD6-8516-30EBDA696651}
[2012/03/07 16:17:40 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{FF7948D5-7E13-4B4C-B045-E9C36554804B}
[2012/03/07 16:17:29 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{8674BB8F-E094-4306-89AF-F503AB4AA765}

========== Files - Modified Within 30 Days ==========

[2012/04/06 13:35:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Maria del Mar\Desktop\OTL.exe
[2012/04/06 13:34:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/04/06 12:52:01 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/04/06 01:44:26 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/04/06 01:44:26 | 000,001,623 | ---- | M] () -- C:\Users\Maria del Mar\Desktop\DivX Movies.lnk
[2012/04/06 01:44:04 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/04/06 01:41:23 | 000,000,723 | ---- | M] () -- C:\windows\SysWow64\InstallUtil.InstallLog
[2012/04/06 01:39:01 | 000,825,312 | ---- | M] (Iminent) -- C:\Users\Maria del Mar\Desktop\IminentSetup_2-KFRPtAWP-1_.exe
[2012/04/06 01:38:48 | 000,927,072 | ---- | M] (DivX, LLC) -- C:\Users\Maria del Mar\Desktop\DivXInstaller.exe
[2012/04/05 23:43:11 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/05 23:43:11 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/05 23:36:32 | 000,002,413 | ---- | M] () -- C:\windows\SysWow64\lgAxconfig.ini
[2012/04/05 23:35:31 | 3193,384,960 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/05 23:25:49 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/04/05 20:50:32 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Maria del Mar\Desktop\aswMBR.exe
[2012/04/05 20:49:31 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Maria del Mar\Desktop\tdsskiller.exe
[2012/04/05 12:34:03 | 004,449,976 | R--- | M] (Swearware) -- C:\Users\Maria del Mar\Desktop\ComboFix.exe
[2012/04/04 22:56:44 | 000,000,819 | ---- | M] () -- C:\Users\Maria del Mar\Desktop\LGMobile update.lnk
[2012/04/03 12:52:46 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/04/03 12:52:46 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/03 12:52:39 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/03 12:08:21 | 001,587,494 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/04/03 12:08:21 | 000,707,672 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
[2012/04/03 12:08:21 | 000,619,146 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/04/03 12:08:21 | 000,139,208 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
[2012/04/03 12:08:21 | 000,107,466 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/03/23 21:20:47 | 000,001,302 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk
[2012/03/23 20:49:55 | 000,000,453 | ---- | M] () -- C:\user.js
[2012/03/19 10:51:18 | 000,194,646 | ---- | M] () -- C:\Users\Maria del Mar\Documents\carne maria la del charco.pdf
[2012/03/16 09:49:58 | 000,453,352 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/03/09 00:06:22 | 000,001,052 | ---- | M] () -- C:\Users\Public\Desktop\LabChart 7 Reader.lnk

========== Files Created - No Company Name ==========

[2012/04/06 01:44:26 | 000,001,623 | ---- | C] () -- C:\Users\Maria del Mar\Desktop\DivX Movies.lnk
[2012/04/06 01:44:04 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/04/06 01:43:50 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/04/06 01:41:21 | 000,000,723 | ---- | C] () -- C:\windows\SysWow64\InstallUtil.InstallLog
[2012/04/04 22:59:18 | 000,194,646 | ---- | C] () -- C:\Users\Maria del Mar\Documents\carne maria la del charco.pdf
[2012/04/03 12:31:24 | 000,000,838 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/03/23 20:49:54 | 000,000,453 | ---- | C] () -- C:\user.js
[2012/03/18 12:47:02 | 000,000,819 | ---- | C] () -- C:\Users\Maria del Mar\Desktop\LGMobile update.lnk
[2012/03/18 12:46:58 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\CommonDL.dll
[2012/03/18 12:46:58 | 000,002,413 | ---- | C] () -- C:\windows\SysWow64\lgAxconfig.ini
[2012/03/16 09:51:02 | 000,001,302 | ---- | C] () -- C:\Users\Maria del Mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk
[2012/03/09 00:06:22 | 000,001,052 | ---- | C] () -- C:\Users\Public\Desktop\LabChart 7 Reader.lnk
[2011/11/19 09:57:02 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/11/19 09:57:01 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/11/19 09:57:01 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/11/19 09:57:01 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/11/19 09:57:01 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/10/26 21:53:08 | 000,016,896 | ---- | C] () -- C:\Users\Maria del Mar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 18:59:32 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\StarOpen.sys
[2010/08/15 17:47:23 | 000,000,450 | ---- | C] () -- C:\windows\hpomdl45.dat.temp
[2010/08/10 16:02:07 | 000,185,216 | ---- | C] () -- C:\windows\hpoins45.dat
[2010/04/08 18:39:49 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:1CE11B51

< End of report >

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:03 AM

Posted 06 April 2012 - 03:21 PM

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :OTL
    IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
    O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
    O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
    O2 - BHO: (no name) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
    O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
    O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
    O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    @Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:1CE11B51
    IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
    IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299
    IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=efd4301f-479d-11e1-99da-002622c7103e&q={searchTerms}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18776
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.com/?sp=brw&q={searchTerms}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
    IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6OywHtUUIv&i=26
    [2011/07/08 22:55:19 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2011/09/13 13:23:35 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
    [2011/12/23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
    O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO)
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Mriiadelmar

Mriiadelmar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 06 April 2012 - 09:53 PM

Hi,

I still get the Ads in Chrome. Other than that the PC is running ok.

Here is the log:


OTL logfile created on: 06/04/2012 21:45:19 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Maria del Mar\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: Colombia | Language: ESO | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,39% Memory free
7,93 Gb Paging File | 5,67 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 252,89 Gb Total Space | 87,28 Gb Free Space | 34,51% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 29,08 Gb Free Space | 96,16% Space Free | Partition Type: NTFS

Computer Name: MARIADELMAR-PC | User Name: Maria del Mar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Maria del Mar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
PRC - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
PRC - C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtWebKit4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\libvlccore.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\libvlc.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\47e25ae9163f4624a66f99ede0ea98fe\System.Configuration.Install.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a595aa31f93ed043fd02ec9d8ff40b32\System.Web.Services.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3fccda0d4dd150a217c2798e39e97a48\System.EnterpriseServices.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e8dfbd1334d30a08ce1f2df29ca9aff\System.Transactions.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll ()
MOD - C:\Program Files (x86)\Iminent\System.Data.SQLite.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Workflow.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Windows.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Services.dll ()
MOD - C:\Program Files (x86)\Iminent\Iminent.Booster.UI.dll ()
MOD - C:\Program Files (x86)\Iminent\es\Iminent.Booster.UI.resources.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtCore4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\imageformats\qmng4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\imageformats\qgif4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\imageformats\qjpeg4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtGui4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtNetwork4.dll ()
MOD - C:\Users\Maria del Mar\AppData\Local\MediaGet2\QtXml4.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_es_b77a5c561934e089\SMDiagnostics.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_es_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()
MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll ()
MOD - C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (avast! Web Scanner) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (Lenovo ReadyComm ConnSvc) -- C:\Archivos de programa\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)
SRV - (Lenovo ReadyComm AppSvc) -- C:\Archivos de programa\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)
SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)
SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)
SRV - (btwdins) -- C:\Archivos de programa\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (SQLWriter) -- c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (ALWIL Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (ALWIL Software)
DRV:64bit: - (aswRdr) -- C:\windows\SysNative\drivers\aswRdr.sys (ALWIL Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (ALWIL Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (ALWIL Software)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET)
DRV:64bit: - (PSINAflt) -- C:\Windows\SysNative\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV:64bit: - (PSINProc) -- C:\Windows\SysNative\drivers\PSINProc.sys (Panda Security, S.L.)
DRV:64bit: - (PSINKNC) -- C:\Windows\SysNative\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV:64bit: - (PSINFile) -- C:\Windows\SysNative\drivers\PSINFile.sys (Panda Security, S.L.)
DRV:64bit: - (funfrm) -- C:\windows\SysNative\drivers\funfrm.sys ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)
DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (usbsmi) -- C:\Windows\SysNative\drivers\SMIksdrv.sys (SMI)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) Broadcom NetLink ™ -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=efd4301f-479d-11e1-99da-002622c7103e
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKLM\..\SearchScopes\{03E5DDA4-BBD9-48CC-B3B5-4E41611979FC}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKCU\..\SearchScopes\{03E5DDA4-BBD9-48CC-B3B5-4E41611979FC}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=efd4301f-479d-11e1-99da-002622c7103e&q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18776
IE - HKCU\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?}
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.com/?sp=brw&q={searchTerms}
IE - HKCU\..\SearchScopes\{570B070E-FE25-4C10-992B-E8DB5B6E8897}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6OywHtUUIv&i=26
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {a3a5c777-f583-4fef-9380-ab4add1bc2a8}:2.0.1
FF - prefs.js..keyword.URL: "http://www.plusnetwork.com/?sp=addr&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Maria del Mar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maria del Mar\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maria del Mar\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/10 16:10:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/06 01:44:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/18 15:01:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/04 23:51:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/10 16:10:42 | 000,000,000 | ---D | M]

[2011/02/07 17:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria del Mar\AppData\Roaming\mozilla\Extensions
[2012/04/06 01:52:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria del Mar\AppData\Roaming\mozilla\Firefox\Profiles\ub5ju6zi.default\extensions
[2012/03/18 14:23:11 | 000,002,244 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\Messenger Plus Smartbar Search.xml
[2012/03/23 20:49:37 | 000,002,203 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\MyStart Search.xml
[2012/04/01 10:48:57 | 000,002,770 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\Plusnetwork.xml
[2012/01/25 16:46:05 | 000,000,792 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Mozilla\Firefox\Profiles\ub5ju6zi.default\searchplugins\startsear.xml
[2011/12/20 14:30:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/12/15 14:35:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/02/21 20:07:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/11/11 12:00:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012/04/06 01:44:24 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
() (No name found) -- C:\USERS\MARIA DEL MAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UB5JU6ZI.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
[2011/09/13 13:23:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/03 04:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2011/07/08 22:55:19 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/09/13 13:23:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/13 13:23:35 | 000,003,996 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
[2011/09/13 13:23:35 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
[2011/12/23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
[2011/09/13 13:23:35 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
[2011/09/13 13:23:35 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: (Enabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmidecaaklaaadhjgbkjkigonkfbgnik\1.0\chromeNPAPI.dll
CHR - plugin: Skype Toolbars (Disabled) = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Maria del Mar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Maria del Mar\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Bouncy Mouse = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\
CHR - Extension: Mira Game of Thrones = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplehagehojnbajhfcoegeikbgnmeejd\2.0_0\
CHR - Extension: Mira Game of Thrones = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplehagehojnbajhfcoegeikbgnmeejd\2.0_0\.svn\props\.svn-work
CHR - Extension: Ver Pelis = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgdbmfpppnbipimciokjglgenjkilnjj\3.1_0\
CHR - Extension: Plants vs Zombies = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Moviezet - Reproductor Online = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbbibfepcgejjpfhhdaljoambheglohl\2.1_0\
CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: AT_CharlotteRonson = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen\3\
CHR - Extension: Cuevana Stream = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj\4.1_1\
CHR - Extension: Cuevana Stream = C:\Users\Maria del Mar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj\4.1_1\.svn\props\.svn-work

O1 HOSTS File: ([2012/04/05 23:25:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (no name) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe (Zbshareware Lab)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Maria del Mar\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MediaGet2] C:\Users\Maria del Mar\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{148D7B6D-D88E-42F3-AB3F-D42D25783E46}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC7BB24D-3735-4F18-8A02-B2890B1F6E95}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/06 13:35:22 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Maria del Mar\Desktop\OTL.exe
[2012/04/06 01:48:19 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\DDMSettings
[2012/04/06 01:44:10 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\DivX
[2012/04/06 01:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/04/06 01:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/04/06 01:42:27 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{73536923-016E-46D7-A5CC-4DF8CB4B936B}
[2012/04/06 01:42:03 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{6A857D5B-F2A1-4D50-A4D2-7BF8C612EBB7}
[2012/04/06 01:41:45 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\Iminent
[2012/04/06 01:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2012/04/06 01:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2012/04/06 01:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2012/04/06 01:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012/04/06 01:38:39 | 000,927,072 | ---- | C] (DivX, LLC) -- C:\Users\Maria del Mar\Desktop\DivXInstaller.exe
[2012/04/06 01:38:39 | 000,825,312 | ---- | C] (Iminent) -- C:\Users\Maria del Mar\Desktop\IminentSetup_2-KFRPtAWP-1_.exe
[2012/04/06 00:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/04/05 23:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
[2012/04/05 23:25:51 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/04/05 20:49:55 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Maria del Mar\Desktop\aswMBR.exe
[2012/04/05 20:49:14 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Maria del Mar\Desktop\tdsskiller.exe
[2012/04/05 12:43:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/05 12:43:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/04/05 12:33:17 | 004,449,976 | R--- | C] (Swearware) -- C:\Users\Maria del Mar\Desktop\ComboFix.exe
[2012/04/03 12:52:39 | 008,767,136 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/03 12:31:23 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/04/03 12:30:37 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{2F171652-0948-4A8F-B581-A20B2DC8D215}
[2012/04/03 12:29:55 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{F43980EF-ED1E-436A-A6DF-365CB538AED6}
[2012/03/24 19:15:15 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{79577BE7-2052-4E42-AF78-A9961BD6F9E7}
[2012/03/24 19:15:04 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{1ECEE723-24C1-4DEB-92F7-0EA42069EC4B}
[2012/03/23 21:21:52 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{A9C26491-2191-47A1-B76E-20E85E9653AE}
[2012/03/23 21:21:41 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{6760B057-BA08-41B1-AD24-94E718107506}
[2012/03/23 20:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/03/23 20:48:54 | 000,000,000 | ---D | C] -- C:\codec-info
[2012/03/23 20:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/03/23 09:21:28 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{86B845EE-4BC0-45FB-B58F-02AC31DA489F}
[2012/03/22 21:17:57 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{E381DA20-E403-4D1F-B302-9BB326F50595}
[2012/03/22 21:17:34 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{78F15DBE-80A4-4784-856A-2F6E63938FFC}
[2012/03/18 15:00:51 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\Media Get LLC
[2012/03/18 15:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2012/03/18 14:15:49 | 000,000,000 | ---D | C] -- C:\LGP970H
[2012/03/18 13:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer
[2012/03/18 13:24:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{B060BE77-E38F-483B-B96A-33F2A0D485B1}
[2012/03/18 13:24:23 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{37233BB0-15FE-468A-883D-D8CA50DF9F45}
[2012/03/18 13:16:22 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\Documents\LG PC Suite IV
[2012/03/18 13:16:22 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\LG Electronics
[2012/03/18 13:15:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/03/18 12:47:02 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr90.dll
[2012/03/18 12:47:02 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp90.dll
[2012/03/18 12:47:02 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcm90.dll
[2012/03/18 12:46:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml4a.dll
[2012/03/18 12:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2012/03/18 12:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2012/03/17 23:55:58 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{7EDB78E5-1BC1-4060-8291-5227B6E978F6}
[2012/03/16 17:47:48 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{FF4DEAC3-48CF-4980-9C6E-ED3370D13F07}
[2012/03/16 17:47:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{B0729520-5E05-4120-9862-6FD906343992}
[2012/03/16 09:50:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\Documents\Blocs de notas de OneNote
[2012/03/15 23:34:04 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/03/15 23:34:03 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/03/15 23:34:03 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/03/15 23:29:58 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{38D10A2B-7705-4112-9912-FBB4AC7F6D32}
[2012/03/15 23:29:42 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{88B462BC-8EF3-4F65-B329-F4AEF7D85D6B}
[2012/03/13 20:10:00 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/03/13 14:32:28 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/03/13 14:32:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/03/13 14:32:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/03/13 14:32:27 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/03/13 14:32:26 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/03/13 14:19:53 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{AF363254-2A5D-46E6-A5C9-E243CFA83B47}
[2012/03/12 23:33:00 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{127BF962-544F-4F30-983D-DEAC41C4005A}
[2012/03/12 23:32:47 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{BD99080F-78D5-4B2B-B104-025F05EE29D7}
[2012/03/12 00:43:53 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\Documents\Fotos
[2012/03/11 21:05:58 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{22BB218C-D3CD-4D64-8B68-FB0DE576CA31}
[2012/03/11 21:05:47 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{96F48225-28B6-459D-AFAE-14EAE5EA0ABC}
[2012/03/11 09:05:21 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{E39E857B-0171-4866-832A-D34B0E2CF0B5}
[2012/03/11 09:05:10 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{B94C614A-E635-4393-83EA-249EEB744A96}
[2012/03/10 13:21:59 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{A462750F-B589-4BE0-828B-B3A805092849}
[2012/03/10 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{59F614D5-D10B-4CC8-8EF0-EFE06E700DDA}
[2012/03/10 01:21:36 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{6A18BCA0-8F32-4449-B5C4-167EC2277947}
[2012/03/10 01:21:25 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{85B9B03E-937D-4FD5-8AE3-72C11D7639B4}
[2012/03/09 00:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ADInstruments
[2012/03/09 00:06:20 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Roaming\ADInstruments
[2012/03/09 00:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ADInstruments
[2012/03/09 00:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ADInstruments
[2012/03/08 23:23:10 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{01F8FFC3-56AB-4930-B4EF-E2A8BC17B09F}
[2012/03/08 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Maria del Mar\AppData\Local\{F73FA1AC-0FC0-4DD6-8516-30EBDA696651}

========== Files - Modified Within 30 Days ==========

[2012/04/06 20:52:01 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/04/06 15:53:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/04/06 13:35:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Maria del Mar\Desktop\OTL.exe
[2012/04/06 01:44:26 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/04/06 01:44:26 | 000,001,623 | ---- | M] () -- C:\Users\Maria del Mar\Desktop\DivX Movies.lnk
[2012/04/06 01:44:04 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/04/06 01:41:23 | 000,000,723 | ---- | M] () -- C:\windows\SysWow64\InstallUtil.InstallLog
[2012/04/06 01:39:01 | 000,825,312 | ---- | M] (Iminent) -- C:\Users\Maria del Mar\Desktop\IminentSetup_2-KFRPtAWP-1_.exe
[2012/04/06 01:38:48 | 000,927,072 | ---- | M] (DivX, LLC) -- C:\Users\Maria del Mar\Desktop\DivXInstaller.exe
[2012/04/05 23:43:11 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/05 23:43:11 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/05 23:36:32 | 000,002,413 | ---- | M] () -- C:\windows\SysWow64\lgAxconfig.ini
[2012/04/05 23:35:31 | 3193,384,960 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/05 23:25:49 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/04/05 20:50:32 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Maria del Mar\Desktop\aswMBR.exe
[2012/04/05 20:49:31 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Maria del Mar\Desktop\tdsskiller.exe
[2012/04/05 12:34:03 | 004,449,976 | R--- | M] (Swearware) -- C:\Users\Maria del Mar\Desktop\ComboFix.exe
[2012/04/04 22:56:44 | 000,000,819 | ---- | M] () -- C:\Users\Maria del Mar\Desktop\LGMobile update.lnk
[2012/04/03 12:52:46 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/04/03 12:52:46 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/03 12:52:39 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/03 12:08:21 | 001,587,494 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/04/03 12:08:21 | 000,707,672 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
[2012/04/03 12:08:21 | 000,619,146 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/04/03 12:08:21 | 000,139,208 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
[2012/04/03 12:08:21 | 000,107,466 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/03/23 21:20:47 | 000,001,302 | ---- | M] () -- C:\Users\Maria del Mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk
[2012/03/23 20:49:55 | 000,000,453 | ---- | M] () -- C:\user.js
[2012/03/19 10:51:18 | 000,194,646 | ---- | M] () -- C:\Users\Maria del Mar\Documents\carne maria la del charco.pdf
[2012/03/16 09:49:58 | 000,453,352 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/03/09 00:06:22 | 000,001,052 | ---- | M] () -- C:\Users\Public\Desktop\LabChart 7 Reader.lnk

========== Files Created - No Company Name ==========

[2012/04/06 01:44:26 | 000,001,623 | ---- | C] () -- C:\Users\Maria del Mar\Desktop\DivX Movies.lnk
[2012/04/06 01:44:04 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/04/06 01:43:50 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/04/06 01:41:21 | 000,000,723 | ---- | C] () -- C:\windows\SysWow64\InstallUtil.InstallLog
[2012/04/04 22:59:18 | 000,194,646 | ---- | C] () -- C:\Users\Maria del Mar\Documents\carne maria la del charco.pdf
[2012/04/03 12:31:24 | 000,000,838 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/03/23 20:49:54 | 000,000,453 | ---- | C] () -- C:\user.js
[2012/03/18 12:47:02 | 000,000,819 | ---- | C] () -- C:\Users\Maria del Mar\Desktop\LGMobile update.lnk
[2012/03/18 12:46:58 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\CommonDL.dll
[2012/03/18 12:46:58 | 000,002,413 | ---- | C] () -- C:\windows\SysWow64\lgAxconfig.ini
[2012/03/16 09:51:02 | 000,001,302 | ---- | C] () -- C:\Users\Maria del Mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk
[2012/03/09 00:06:22 | 000,001,052 | ---- | C] () -- C:\Users\Public\Desktop\LabChart 7 Reader.lnk
[2011/11/19 09:57:02 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/11/19 09:57:01 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/11/19 09:57:01 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/11/19 09:57:01 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/11/19 09:57:01 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/10/26 21:53:08 | 000,016,896 | ---- | C] () -- C:\Users\Maria del Mar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 18:59:32 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\StarOpen.sys
[2010/08/15 17:47:23 | 000,000,450 | ---- | C] () -- C:\windows\hpomdl45.dat.temp
[2010/08/10 16:02:07 | 000,185,216 | ---- | C] () -- C:\windows\hpoins45.dat
[2010/04/08 18:39:49 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat

========== Custom Scans ==========

< :OTL >

< IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found >

< FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found >
Invalid Switch: FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found

< FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found >
Invalid Switch: GENUINE: disabled File not found

< FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll File not found >
Invalid Switch: HardwareDetection: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll File not found

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found >
Invalid Switch: GENUINE: disabled File not found

< FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found >
Invalid Switch: FBPlugin,version=1.0.1: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found

< FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found >
Invalid Switch: FBPlugin,version=1.0.3: C:\Users\Maria del Mar\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found

< O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found >

< O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found. >

< O2 - BHO: (no name) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - No CLSID value found. >

< O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. >

< O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. >

< O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found >

< O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. >

< O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. >

< O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. >

< O3 - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found >

< O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found >
Invalid Switch: 105 File not found

< O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found >
Invalid Switch: 200 File not found

< O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found >
Invalid Switch: 3000 File not found

< O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found >
Invalid Switch: 105 File not found

< O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found >
Invalid Switch: 3000 File not found

< O18:64bit: - Protocol\Handler\livecall - No CLSID value found >

< O18:64bit: - Protocol\Handler\ms-help - No CLSID value found >

< O18:64bit: - Protocol\Handler\msnim - No CLSID value found >

< O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found >

< O18:64bit: - Protocol\Handler\wlpg - No CLSID value found >

< O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found

< O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found

< @Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:1CE11B51 >

< IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} >

< IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms} >

< IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299 >

< IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms} >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes] >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=addr&q={searchTerms} >
Invalid Switch: ?sp=addr&q={searchTerms}

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?sp=addr&q={searchTerms} >
Invalid Switch: ?sp=addr&q={searchTerms}

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=addr&q={searchTerms} >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=efd4301f-479d-11e1-99da-002622c7103e&q={searchTerms} >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18776 >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?} >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.com/?sp=brw&q={searchTerms} >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535299 >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms} >

< IE - HKU\S-1-5-21-4254279623-98128295-3263468077-1004\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6OywHtUUIv&i=26 >

< [2011/07/08 22:55:19 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml >
Invalid Switch: 08 22:55:19 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

< [2011/09/13 13:23:35 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml >
Invalid Switch: 13 13:23:35 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml

< [2011/12/23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml >
Invalid Switch: 23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml

< O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO) >

< O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.) >

< :Files >

< ipconfig /flushdns /c >
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

< :Commands >

< [PURITY] >

< [emptyjava] >

< [EMPTYFLASH] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:1CE11B51

< End of report >

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:03 AM

Posted 06 April 2012 - 10:05 PM

Hello

when you ran the script you pushed the scan button - I need you to run the script again and press the run fix button


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 Mriiadelmar

Mriiadelmar
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 06 April 2012 - 10:15 PM

Oops! Here it is:

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ma-config.com/HardwareDetection\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Enviar a OneNote\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportar a Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Enviar a OneNote\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportar a Microsoft Excel\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
ADS C:\ProgramData\Temp:1CE11B51 deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-4254279623-98128295-3263468077-1004\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}\ not found.
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4327FABE-3C22-4689-8DBF-D226CF777FE9}\ not found.
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
Registry key HKEY_USERS\S-1-5-21-4254279623-98128295-3263468077-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
C:\Users\Maria del Mar\Desktop\cmd.bat deleted successfully.
C:\Users\Maria del Mar\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: AppData

User: Default

User: Default User

User: Maria del Mar
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default

User: Default User

User: Maria del Mar
->Flash cache emptied: 119892 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.39.2 log created on 04062012_221308

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:03 AM

Posted 06 April 2012 - 10:37 PM

Hello


How are things doing now


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users